Skip to content

Commit 1058115

Browse files
renovate-sh-app[bot]renovate-sh-app[bot]
authored
chore(deps): update module go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp to v1.43.0 [security] (main) (#14966)
This PR contains the following updates: | Package | Change | [Age](https://docs.renovatebot.com/merge-confidence/) | [Confidence](https://docs.renovatebot.com/merge-confidence/) | |---|---|---|---| | [go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp](https://redirect.github.com/open-telemetry/opentelemetry-go) | `v1.42.0` → `v1.43.0` | ![age](https://developer.mend.io/api/mc/badges/age/go/go.opentelemetry.io%2fotel%2fexporters%2fotlp%2fotlpmetric%2fotlpmetrichttp/v1.43.0?slim=true) | ![confidence](https://developer.mend.io/api/mc/badges/confidence/go/go.opentelemetry.io%2fotel%2fexporters%2fotlp%2fotlpmetric%2fotlpmetrichttp/v1.42.0/v1.43.0?slim=true) | --- > [!WARNING] > Some dependencies could not be looked up. Check the warning logs for more information. ### GitHub Vulnerability Alerts #### [CVE-2026-39882](https://redirect.github.com/open-telemetry/opentelemetry-go/security/advisories/GHSA-w8rr-5gcm-pp58) overview: this report shows that the otlp HTTP exporters (traces/metrics/logs) read the full HTTP response body into an in-memory `bytes.Buffer` without a size cap. this is exploitable for memory exhaustion when the configured collector endpoint is attacker-controlled (or a network attacker can mitm the exporter connection). severity HIGH not claiming: this is a remote dos against every default deployment. claiming: if the exporter sends traces to an untrusted collector endpoint (or over a network segment where mitm is realistic), that endpoint can crash the process via a large response body. callsite (pinned): - exporters/otlp/otlptrace/otlptracehttp/client.go:199 - exporters/otlp/otlptrace/otlptracehttp/client.go:230 - exporters/otlp/otlpmetric/otlpmetrichttp/client.go:170 - exporters/otlp/otlpmetric/otlpmetrichttp/client.go:201 - exporters/otlp/otlplog/otlploghttp/client.go:190 - exporters/otlp/otlplog/otlploghttp/client.go:221 permalinks (pinned): - https://github.com/open-telemetry/opentelemetry-go/blob/248da958375e4dfb4a1105645107be3ef04b1c59/exporters/otlp/otlptrace/otlptracehttp/client.go#L199 - https://github.com/open-telemetry/opentelemetry-go/blob/248da958375e4dfb4a1105645107be3ef04b1c59/exporters/otlp/otlptrace/otlptracehttp/client.go#L230 - https://github.com/open-telemetry/opentelemetry-go/blob/248da958375e4dfb4a1105645107be3ef04b1c59/exporters/otlp/otlpmetric/otlpmetrichttp/client.go#L170 - https://github.com/open-telemetry/opentelemetry-go/blob/248da958375e4dfb4a1105645107be3ef04b1c59/exporters/otlp/otlpmetric/otlpmetrichttp/client.go#L201 - https://github.com/open-telemetry/opentelemetry-go/blob/248da958375e4dfb4a1105645107be3ef04b1c59/exporters/otlp/otlplog/otlploghttp/client.go#L190 - https://github.com/open-telemetry/opentelemetry-go/blob/248da958375e4dfb4a1105645107be3ef04b1c59/exporters/otlp/otlplog/otlploghttp/client.go#L221 root cause: each exporter client reads `resp.Body` using `io.Copy(&respData, resp.Body)` into a `bytes.Buffer` on both success and error paths, with no upper bound. impact: a malicious collector can force large transient heap allocations during export (peak memory scales with attacker-chosen response size) and can potentially crash the instrumented process (oom). affected component: - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp - go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp repro (local-only): ```bash unzip poc.zip -d poc cd poc make canonical resp_bytes=33554432 chunk_delay_ms=0 ``` expected output contains: ``` [CALLSITE_HIT]: otlptracehttp.UploadTraces::io.Copy(resp.Body) [PROOF_MARKER]: resp_bytes=33554432 peak_alloc_bytes=118050512 ``` control (same env, patched target): ```bash unzip poc.zip -d poc cd poc make control resp_bytes=33554432 chunk_delay_ms=0 ``` expected control output contains: ``` [CALLSITE_HIT]: otlptracehttp.UploadTraces::io.Copy(resp.Body) [NC_MARKER]: resp_bytes=33554432 peak_alloc_bytes=512232 ``` attachments: poc.zip (attached) [PR_DESCRIPTION.md](https://redirect.github.com/user-attachments/files/25564272/PR_DESCRIPTION.md) [attack_scenario.md](https://redirect.github.com/user-attachments/files/25564273/attack_scenario.md) [poc.zip](https://redirect.github.com/user-attachments/files/25564271/poc.zip) Fixed in: [https://github.com/open-telemetry/opentelemetry-go/pull/8108](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8108) --- ### opentelemetry-go: OTLP HTTP exporters read unbounded HTTP response bodies [CVE-2026-39882](https://nvd.nist.gov/vuln/detail/CVE-2026-39882) / [GHSA-w8rr-5gcm-pp58](https://redirect.github.com/advisories/GHSA-w8rr-5gcm-pp58) <details> <summary>More information</summary> #### Details overview: this report shows that the otlp HTTP exporters (traces/metrics/logs) read the full HTTP response body into an in-memory `bytes.Buffer` without a size cap. this is exploitable for memory exhaustion when the configured collector endpoint is attacker-controlled (or a network attacker can mitm the exporter connection). severity HIGH not claiming: this is a remote dos against every default deployment. claiming: if the exporter sends traces to an untrusted collector endpoint (or over a network segment where mitm is realistic), that endpoint can crash the process via a large response body. callsite (pinned): - exporters/otlp/otlptrace/otlptracehttp/client.go:199 - exporters/otlp/otlptrace/otlptracehttp/client.go:230 - exporters/otlp/otlpmetric/otlpmetrichttp/client.go:170 - exporters/otlp/otlpmetric/otlpmetrichttp/client.go:201 - exporters/otlp/otlplog/otlploghttp/client.go:190 - exporters/otlp/otlplog/otlploghttp/client.go:221 permalinks (pinned): - https://github.com/open-telemetry/opentelemetry-go/blob/248da958375e4dfb4a1105645107be3ef04b1c59/exporters/otlp/otlptrace/otlptracehttp/client.go#L199 - https://github.com/open-telemetry/opentelemetry-go/blob/248da958375e4dfb4a1105645107be3ef04b1c59/exporters/otlp/otlptrace/otlptracehttp/client.go#L230 - https://github.com/open-telemetry/opentelemetry-go/blob/248da958375e4dfb4a1105645107be3ef04b1c59/exporters/otlp/otlpmetric/otlpmetrichttp/client.go#L170 - https://github.com/open-telemetry/opentelemetry-go/blob/248da958375e4dfb4a1105645107be3ef04b1c59/exporters/otlp/otlpmetric/otlpmetrichttp/client.go#L201 - https://github.com/open-telemetry/opentelemetry-go/blob/248da958375e4dfb4a1105645107be3ef04b1c59/exporters/otlp/otlplog/otlploghttp/client.go#L190 - https://github.com/open-telemetry/opentelemetry-go/blob/248da958375e4dfb4a1105645107be3ef04b1c59/exporters/otlp/otlplog/otlploghttp/client.go#L221 root cause: each exporter client reads `resp.Body` using `io.Copy(&respData, resp.Body)` into a `bytes.Buffer` on both success and error paths, with no upper bound. impact: a malicious collector can force large transient heap allocations during export (peak memory scales with attacker-chosen response size) and can potentially crash the instrumented process (oom). affected component: - go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp - go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp - go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp repro (local-only): ```bash unzip poc.zip -d poc cd poc make canonical resp_bytes=33554432 chunk_delay_ms=0 ``` expected output contains: ``` [CALLSITE_HIT]: otlptracehttp.UploadTraces::io.Copy(resp.Body) [PROOF_MARKER]: resp_bytes=33554432 peak_alloc_bytes=118050512 ``` control (same env, patched target): ```bash unzip poc.zip -d poc cd poc make control resp_bytes=33554432 chunk_delay_ms=0 ``` expected control output contains: ``` [CALLSITE_HIT]: otlptracehttp.UploadTraces::io.Copy(resp.Body) [NC_MARKER]: resp_bytes=33554432 peak_alloc_bytes=512232 ``` attachments: poc.zip (attached) [PR_DESCRIPTION.md](https://redirect.github.com/user-attachments/files/25564272/PR_DESCRIPTION.md) [attack_scenario.md](https://redirect.github.com/user-attachments/files/25564273/attack_scenario.md) [poc.zip](https://redirect.github.com/user-attachments/files/25564271/poc.zip) Fixed in: [https://github.com/open-telemetry/opentelemetry-go/pull/8108](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8108) #### Severity - CVSS Score: 5.3 / 10 (Medium) - Vector String: `CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H` #### References - [https://github.com/open-telemetry/opentelemetry-go/security/advisories/GHSA-w8rr-5gcm-pp58](https://redirect.github.com/open-telemetry/opentelemetry-go/security/advisories/GHSA-w8rr-5gcm-pp58) - [https://nvd.nist.gov/vuln/detail/CVE-2026-39882](https://nvd.nist.gov/vuln/detail/CVE-2026-39882) - [https://github.com/open-telemetry/opentelemetry-go/pull/8108](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8108) - [https://github.com/open-telemetry/opentelemetry-go](https://redirect.github.com/open-telemetry/opentelemetry-go) - [http://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.43.0](http://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.43.0) This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-w8rr-5gcm-pp58) and the [GitHub Advisory Database](https://redirect.github.com/github/advisory-database) ([CC-BY 4.0](https://redirect.github.com/github/advisory-database/blob/main/LICENSE.md)). </details> --- ### Release Notes <details> <summary>open-telemetry/opentelemetry-go (go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp)</summary> ### [`v1.43.0`](https://redirect.github.com/open-telemetry/opentelemetry-go/releases/tag/v1.43.0): /v0.65.0/v0.19.0 [Compare Source](https://redirect.github.com/open-telemetry/opentelemetry-go/compare/v1.42.0...v1.43.0) ##### Added - Add `IsRandom` and `WithRandom` on `TraceFlags`, and `IsRandom` on `SpanContext` in `go.opentelemetry.io/otel/trace` for [W3C Trace Context Level 2 Random Trace ID Flag](https://www.w3.org/TR/trace-context-2/#random-trace-id-flag) support. ([#&#8203;8012](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8012)) - Add service detection with `WithService` in `go.opentelemetry.io/otel/sdk/resource`. ([#&#8203;7642](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/7642)) - Add `DefaultWithContext` and `EnvironmentWithContext` in `go.opentelemetry.io/otel/sdk/resource` to support plumbing `context.Context` through default and environment detectors. ([#&#8203;8051](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8051)) - Support attributes with empty value (`attribute.EMPTY`) in `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc`. ([#&#8203;8038](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8038)) - Support attributes with empty value (`attribute.EMPTY`) in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc`. ([#&#8203;8038](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8038)) - Support attributes with empty value (`attribute.EMPTY`) in `go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc`. ([#&#8203;8038](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8038)) - Support attributes with empty value (`attribute.EMPTY`) in `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp`. ([#&#8203;8038](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8038)) - Support attributes with empty value (`attribute.EMPTY`) in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp`. ([#&#8203;8038](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8038)) - Support attributes with empty value (`attribute.EMPTY`) in `go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp`. ([#&#8203;8038](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8038)) - Support attributes with empty value (`attribute.EMPTY`) in `go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest`. ([#&#8203;8038](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8038)) - Add support for per-series start time tracking for cumulative metrics in `go.opentelemetry.io/otel/sdk/metric`. Set `OTEL_GO_X_PER_SERIES_START_TIMESTAMPS=true` to enable. ([#&#8203;8060](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8060)) - Add `WithCardinalityLimitSelector` for metric reader for configuring cardinality limits specific to the instrument kind. ([#&#8203;7855](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/7855)) ##### Changed - Introduce the `EMPTY` Type in `go.opentelemetry.io/otel/attribute` to reflect that an empty value is now a valid value, with `INVALID` remaining as a deprecated alias of `EMPTY`. ([#&#8203;8038](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8038)) - Refactor slice handling in `go.opentelemetry.io/otel/attribute` to optimize short slice values with fixed-size fast paths. ([#&#8203;8039](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8039)) - Improve performance of span metric recording in `go.opentelemetry.io/otel/sdk/trace` by returning early if self-observability is not enabled. ([#&#8203;8067](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8067)) - Improve formatting of metric data diffs in `go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest`. ([#&#8203;8073](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8073)) ##### Deprecated - Deprecate `INVALID` in `go.opentelemetry.io/otel/attribute`. Use `EMPTY` instead. ([#&#8203;8038](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8038)) ##### Fixed - Return spec-compliant `TraceIdRatioBased` description. This is a breaking behavioral change, but it is necessary to make the implementation [spec-compliant](https://opentelemetry.io/docs/specs/otel/trace/sdk/#traceidratiobased). ([#&#8203;8027](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8027)) - Fix a race condition in `go.opentelemetry.io/otel/sdk/metric` where the lastvalue aggregation could collect the value 0 even when no zero-value measurements were recorded. ([#&#8203;8056](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8056)) - Limit HTTP response body to 4 MiB in `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp` to mitigate excessive memory usage caused by a misconfigured or malicious server. Responses exceeding the limit are treated as non-retryable errors. ([#&#8203;8108](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8108)) - Limit HTTP response body to 4 MiB in `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp` to mitigate excessive memory usage caused by a misconfigured or malicious server. Responses exceeding the limit are treated as non-retryable errors. ([#&#8203;8108](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8108)) - Limit HTTP response body to 4 MiB in `go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp` to mitigate excessive memory usage caused by a misconfigured or malicious server. Responses exceeding the limit are treated as non-retryable errors. ([#&#8203;8108](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8108)) - `WithHostID` detector in `go.opentelemetry.io/otel/sdk/resource` to use full path for `kenv` command on BSD. ([#&#8203;8113](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8113)) - Fix missing `request.GetBody` in `go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp` to correctly handle HTTP2 GOAWAY frame. ([#&#8203;8096](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/8096)) ##### What's Changed - chore(deps): update module github.com/jgautheron/goconst to v1.9.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8014](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8014) - fix(deps): update github.com/opentracing-contrib/go-grpc/test digest to [`190d7d4`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/190d7d4) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8013](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8013) - chore(deps): update module go.yaml.in/yaml/v2 to v2.4.4 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8016](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8016) - fix(deps): update module github.com/golangci/golangci-lint/v2 to v2.11.1 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8011](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8011) - fix(deps): update golang.org/x by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8023](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8023) - fix(deps): update module github.com/golangci/golangci-lint/v2 to v2.11.2 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8020](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8020) - chore(deps): update module github.com/mattn/go-runewidth to v0.0.21 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8017](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8017) - chore(deps): update module codeberg.org/chavacava/garif to v0.2.1 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8019](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8019) - Add doc on how to upgrade to new semconv by [@&#8203;jmmcorreia](https://redirect.github.com/jmmcorreia) in [#&#8203;7807](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/7807) - fix(deps): update module go.opentelemetry.io/proto/otlp to v1.10.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8028](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8028) - resource: add WithService detector option by [@&#8203;codeboten](https://redirect.github.com/codeboten) in [#&#8203;7642](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/7642) - fix(deps): update googleapis to [`a57be14`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/a57be14) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8031](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8031) - fix(deps): update module github.com/golangci/golangci-lint/v2 to v2.11.3 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8032](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8032) - chore(deps): update module github.com/prometheus/procfs to v0.20.1 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8034](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8034) - chore(deps): update github.com/securego/gosec/v2 digest to [`8895462`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/8895462) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8036](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8036) - chore(deps): update module github.com/sonatard/noctx to v0.5.1 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8040](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8040) - chore(deps): update github.com/securego/gosec/v2 digest to [`6e66a94`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/6e66a94) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8043](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8043) - docs(otlp): document HTTP/protobuf insecure env vars by [@&#8203;marcschaeferger](https://redirect.github.com/marcschaeferger) in [#&#8203;8037](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8037) - Rebuild semconvkit and verifyreadmes on changes by [@&#8203;MrAlias](https://redirect.github.com/MrAlias) in [#&#8203;7995](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/7995) - chore(sdk/trace): join errors properly by [@&#8203;ash2k](https://redirect.github.com/ash2k) in [#&#8203;8030](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8030) - fix(deps): update googleapis to [`84a4fc4`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/84a4fc4) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8048](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8048) - attribute: change INVALID Type to EMPTY and mark INVALID as deprecated by [@&#8203;pellared](https://redirect.github.com/pellared) in [#&#8203;8038](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8038) - fix(sdk/trace): return spec-compliant TraceIdRatioBased description by [@&#8203;ash2k](https://redirect.github.com/ash2k) in [#&#8203;8027](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8027) - linting: add depguard rule to enforce semconv version by [@&#8203;ajuijas](https://redirect.github.com/ajuijas) in [#&#8203;8041](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8041) - chore(deps): update actions/download-artifact action to v8.0.1 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8046](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8046) - chore(deps): update github.com/securego/gosec/v2 digest to [`b7b2c7b`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/b7b2c7b) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8044](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8044) - fix(deps): update golang.org/x by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8045](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8045) - Optimize attribute slice conversion by [@&#8203;MrAlias](https://redirect.github.com/MrAlias) in [#&#8203;8039](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8039) - Add benchmarks for end-to-end metrics SDK usage by [@&#8203;dashpole](https://redirect.github.com/dashpole) in [#&#8203;7768](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/7768) - fix(deps): update golang.org/x by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8052](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8052) - chore(deps): update github.com/securego/gosec/v2 digest to [`befce8d`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/befce8d) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8053](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8053) - trace: add Random Trace ID Flag by [@&#8203;yuanyuanzhao3](https://redirect.github.com/yuanyuanzhao3) in [#&#8203;8012](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8012) - Improve aggregation concurrent safe tests by [@&#8203;dashpole](https://redirect.github.com/dashpole) in [#&#8203;8021](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8021) - Add tests for exponential histogram concurrent-safety edge-cases by [@&#8203;dashpole](https://redirect.github.com/dashpole) in [#&#8203;8024](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8024) - exphist: replace min, max, sum, and count with atomics by [@&#8203;dashpole](https://redirect.github.com/dashpole) in [#&#8203;8025](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8025) - chore(deps): update github.com/securego/gosec/v2 digest to [`c2dfcec`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/c2dfcec) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8055](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8055) - chore(deps): update otel/weaver docker tag to v0.22.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8058](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8058) - chore(deps): update github.com/securego/gosec/v2 digest to [`dec52c4`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/dec52c4) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8063](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8063) - chore(deps): update otel/weaver docker tag to v0.22.1 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8061](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8061) - chore(deps): update github/codeql-action action to v4.33.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8065](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8065) - Fix race in the lastvalue aggregation where 0 could be observed by [@&#8203;dashpole](https://redirect.github.com/dashpole) in [#&#8203;8056](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8056) - chore(deps): update github.com/securego/gosec/v2 digest to [`744bfb5`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/744bfb5) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8064](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8064) - Migrate to new bare metal runner (Ubuntu 24) by [@&#8203;trask](https://redirect.github.com/trask) in [#&#8203;8068](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8068) - sdk/resource: add WithContext variants for Default and Environment ([#&#8203;7808](https://redirect.github.com/open-telemetry/opentelemetry-go/issues/7808)) by [@&#8203;ajuijas](https://redirect.github.com/ajuijas) in [#&#8203;8051](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8051) - Use atomics for exponential histogram buckets by [@&#8203;dashpole](https://redirect.github.com/dashpole) in [#&#8203;8057](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8057) - Added the `internal/observ` package to stdoutlog by [@&#8203;yumosx](https://redirect.github.com/yumosx) in [#&#8203;7735](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/7735) - Add support for the development per-series starttime feature by [@&#8203;dashpole](https://redirect.github.com/dashpole) in [#&#8203;8060](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8060) - sdk/trace/internal/observ: guard SpanStarted and spanLive with Enabled by [@&#8203;kouji-yoshimura](https://redirect.github.com/kouji-yoshimura) in [#&#8203;8067](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8067) - Cleanup exemplar featuregate readme by [@&#8203;dashpole](https://redirect.github.com/dashpole) in [#&#8203;8072](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8072) - chore(deps): update codecov/codecov-action action to v5.5.3 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8080](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8080) - chore(deps): update module github.com/ryanrolds/sqlclosecheck to v0.6.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8083](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8083) - fix(deps): update github.com/opentracing-contrib/go-grpc/test digest to [`de6f1cc`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/de6f1cc) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8082](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8082) - chore(deps): update module go.opentelemetry.io/collector/featuregate to v1.54.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8085](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8085) - chore(deps): update module github.com/securego/gosec/v2 to v2.25.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8084](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8084) - chore(deps): update module github.com/protonmail/go-crypto to v1.4.1 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8081](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8081) - fix(deps): update module go.opentelemetry.io/collector/pdata to v1.54.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8086](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8086) - chore(deps): update actions/cache action to v5.0.4 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8079](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8079) - chore(deps): update module github.com/fatih/color to v1.19.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8087](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8087) - fix(deps): update googleapis to [`d00831a`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/d00831a) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8078](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8078) - chore(deps): update golang.org/x/telemetry digest to [`b6b0c46`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/b6b0c46) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8076](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8076) - fix(deps): update module google.golang.org/grpc to v1.79.3 \[security] by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8075](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8075) - sdk/metric: Support specifying cardinality limits per instrument kinds by [@&#8203;petern48](https://redirect.github.com/petern48) in [#&#8203;7855](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/7855) - chore(deps): update github/codeql-action action to v4.34.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8088](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8088) - chore(deps): update codspeedhq/action action to v4.12.1 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8089](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8089) - chore(deps): update github/codeql-action action to v4.34.1 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8090](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8090) - fix(deps): update module github.com/golangci/golangci-lint/v2 to v2.11.4 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8092](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8092) - chore: fix noctx issues by [@&#8203;mmorel-35](https://redirect.github.com/mmorel-35) in [#&#8203;8008](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8008) - chore(deps): update module github.com/pelletier/go-toml/v2 to v2.3.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8095](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8095) - chore(deps): update codecov/codecov-action action to v5.5.4 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8097](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8097) - chore(deps): update codecov/codecov-action action to v6 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8098](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8098) - chore(deps): update module github.com/tetafro/godot to v1.5.6 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8099](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8099) - chore(deps): update module github.com/butuzov/ireturn to v0.4.1 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8100](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8100) - chore(deps): update github/codeql-action action to v4.35.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8101](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8101) - chore(deps): update actions/setup-go action to v6.4.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8107](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8107) - chore(deps): update module github.com/go-git/go-git/v5 to v5.17.1 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8106](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8106) - chore(deps): update module github.com/lucasb-eyer/go-colorful to v1.4.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8103](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8103) - chore(deps): update github/codeql-action action to v4.35.1 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8102](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8102) - chore(deps): update module github.com/hashicorp/go-version to v1.9.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8109](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8109) - metricdatatest: Improve printing of diffs by [@&#8203;dashpole](https://redirect.github.com/dashpole) in [#&#8203;8073](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8073) - fix(deps): update googleapis to [`d5a96ad`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/d5a96ad) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8112](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8112) - chore(deps): update codspeedhq/action action to v4.13.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8114](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8114) - fix(deps): update module go.opentelemetry.io/collector/pdata to v1.55.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8119](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8119) - chore(deps): update fossas/fossa-action action to v1.9.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8118](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8118) - chore(deps): update module github.com/go-git/go-git/v5 to v5.17.2 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8115](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8115) - fix(deps): update googleapis to [`9d38bb4`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/9d38bb4) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8117](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8117) - fix: support getBody in otelploghttp by [@&#8203;Tpuljak](https://redirect.github.com/Tpuljak) in [#&#8203;8096](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8096) - fix(deps): update module google.golang.org/grpc to v1.80.0 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8121](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8121) - Use an absolute path when calling bsd kenv by [@&#8203;dmathieu](https://redirect.github.com/dmathieu) in [#&#8203;8113](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8113) - limit response body size for OTLP HTTP exporters by [@&#8203;pellared](https://redirect.github.com/pellared) in [#&#8203;8108](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8108) - chore(deps): update github.com/golangci/dupl digest to [`c99c5cf`](https://redirect.github.com/open-telemetry/opentelemetry-go/commit/c99c5cf) by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8122](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8122) - chore(deps): update module github.com/mattn/go-runewidth to v0.0.22 by [@&#8203;renovate](https://redirect.github.com/renovate)\[bot] in [#&#8203;8131](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8131) - Release v1.43.0 / v0.65.0 / v0.19.0 by [@&#8203;dmathieu](https://redirect.github.com/dmathieu) in [#&#8203;8128](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8128) ##### New Contributors - [@&#8203;jmmcorreia](https://redirect.github.com/jmmcorreia) made their first contribution in [#&#8203;7807](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/7807) - [@&#8203;marcschaeferger](https://redirect.github.com/marcschaeferger) made their first contribution in [#&#8203;8037](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8037) - [@&#8203;ajuijas](https://redirect.github.com/ajuijas) made their first contribution in [#&#8203;8041](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8041) - [@&#8203;yuanyuanzhao3](https://redirect.github.com/yuanyuanzhao3) made their first contribution in [#&#8203;8012](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8012) - [@&#8203;kouji-yoshimura](https://redirect.github.com/kouji-yoshimura) made their first contribution in [#&#8203;8067](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8067) - [@&#8203;Tpuljak](https://redirect.github.com/Tpuljak) made their first contribution in [#&#8203;8096](https://redirect.github.com/open-telemetry/opentelemetry-go/pull/8096) **Full Changelog**: <open-telemetry/opentelemetry-go@v1.42.0...v1.43.0> </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- ## Need help? You can ask for more help in the following Slack channel: #proj-renovate-self-hosted. In that channel you can also find ADR and FAQ docs in the Resources section. <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My45Mi4xIiwidXBkYXRlZEluVmVyIjoiNDMuOTIuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsic2VjdXJpdHktdXBkYXRlIiwidXBkYXRlLW1pbm9yIl19--> <!-- CURSOR_SUMMARY --> --- > [!NOTE] > **Medium Risk** > Updates vendored OpenTelemetry OTLP HTTP metric/trace exporters with new response-body size limits and request creation changes, which could alter telemetry export failure/retry behavior in edge cases. While primarily a security hardening, it affects runtime networking paths for observability. > > **Overview** > Bumps vendored OpenTelemetry OTLP HTTP exporters (`otlpmetrichttp`, `otlptracehttp`) from `v1.42.0` to `v1.43.0` (plus `go.mod`/`go.sum` and `vendor/modules.txt` updates). > > **Security hardening:** caps exporter HTTP response bodies at *4 MiB* via `http.MaxBytesReader`, returning a non-retryable error when exceeded, mitigating potential memory exhaustion from misconfigured/malicious collectors. > > Includes minor behavioral adjustments: request creation now uses `http.NewRequestWithContext(context.Background(), ...)`, `attribute.EMPTY` is treated as a valid attribute type in OTLP transforms, and exporter docs/version strings are updated. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit 238f087. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup> <!-- /CURSOR_SUMMARY --> --------- Signed-off-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com> Co-authored-by: renovate-sh-app[bot] <219655108+renovate-sh-app[bot]@users.noreply.github.com>
1 parent 17aebb4 commit 1058115

File tree

12 files changed

+63
-21
lines changed

12 files changed

+63
-21
lines changed

go.mod

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -208,10 +208,10 @@ require (
208208
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.18.0 // indirect
209209
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.19.0 // indirect
210210
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.42.0 // indirect
211-
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.42.0 // indirect
212-
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.42.0 // indirect
211+
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.43.0 // indirect
212+
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.43.0 // indirect
213213
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.42.0 // indirect
214-
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.42.0 // indirect
214+
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.43.0 // indirect
215215
go.opentelemetry.io/otel/exporters/prometheus v0.64.0 // indirect
216216
go.opentelemetry.io/otel/exporters/stdout/stdoutlog v0.18.0 // indirect
217217
go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.42.0 // indirect

go.sum

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1155,14 +1155,14 @@ go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.19.0 h1:HIBTQ3VO5
11551155
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.19.0/go.mod h1:ji9vId85hMxqfvICA0Jt8JqEdrXaAkcpkI9HPXya0ro=
11561156
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.42.0 h1:MdKucPl/HbzckWWEisiNqMPhRrAOQX8r4jTuGr636gk=
11571157
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.42.0/go.mod h1:RolT8tWtfHcjajEH5wFIZ4Dgh5jpPdFXYV9pTAk/qjc=
1158-
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.42.0 h1:H7O6RlGOMTizyl3R08Kn5pdM06bnH8oscSj7o11tmLA=
1159-
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.42.0/go.mod h1:mBFWu/WOVDkWWsR7Tx7h6EpQB8wsv7P0Yrh0Pb7othc=
1160-
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.42.0 h1:THuZiwpQZuHPul65w4WcwEnkX2QIuMT+UFoOrygtoJw=
1161-
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.42.0/go.mod h1:J2pvYM5NGHofZ2/Ru6zw/TNWnEQp5crgyDeSrYpXkAw=
1158+
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.43.0 h1:w1K+pCJoPpQifuVpsKamUdn9U0zM3xUziVOqsGksUrY=
1159+
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.43.0/go.mod h1:HBy4BjzgVE8139ieRI75oXm3EcDN+6GhD88JT1Kjvxg=
1160+
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.43.0 h1:88Y4s2C8oTui1LGM6bTWkw0ICGcOLCAI5l6zsD1j20k=
1161+
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.43.0/go.mod h1:Vl1/iaggsuRlrHf/hfPJPvVag77kKyvrLeD10kpMl+A=
11621162
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.42.0 h1:zWWrB1U6nqhS/k6zYB74CjRpuiitRtLLi68VcgmOEto=
11631163
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.42.0/go.mod h1:2qXPNBX1OVRC0IwOnfo1ljoid+RD0QK3443EaqVlsOU=
1164-
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.42.0 h1:uLXP+3mghfMf7XmV4PkGfFhFKuNWoCvvx5wP/wOXo0o=
1165-
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.42.0/go.mod h1:v0Tj04armyT59mnURNUJf7RCKcKzq+lgJs6QSjHjaTc=
1164+
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.43.0 h1:3iZJKlCZufyRzPzlQhUIWVmfltrXuGyfjREgGP3UUjc=
1165+
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.43.0/go.mod h1:/G+nUPfhq2e+qiXMGxMwumDrP5jtzU+mWN7/sjT2rak=
11661166
go.opentelemetry.io/otel/exporters/prometheus v0.64.0 h1:g0LRDXMX/G1SEZtK8zl8Chm4K6GBwRkjPKE36LxiTYs=
11671167
go.opentelemetry.io/otel/exporters/prometheus v0.64.0/go.mod h1:UrgcjnarfdlBDP3GjDIJWe6HTprwSazNjwsI+Ru6hro=
11681168
go.opentelemetry.io/otel/exporters/stdout/stdoutlog v0.18.0 h1:KJVjPD3rcPb98rIs3HznyJlrfx9ge5oJvxxlGR+P/7s=

vendor/go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp/client.go

Lines changed: 18 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp/doc.go

Lines changed: 5 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp/internal/transform/attribute.go

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp/version.go

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/tracetransform/attribute.go

Lines changed: 1 addition & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp/client.go

Lines changed: 18 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp/doc.go

Lines changed: 5 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp/internal/version.go

Lines changed: 1 addition & 1 deletion
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)