Skip to content

Bump the all group across 1 directory with 6 updates#1978

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/all-f45ca28c06
Closed

Bump the all group across 1 directory with 6 updates#1978
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/all-f45ca28c06

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 23, 2026
edited
Loading

Bumps the all group with 5 updates in the / directory:

Package From To
go.opentelemetry.io/otel 1.40.0 1.42.0
golang.org/x/oauth2 0.35.0 0.36.0
golang.org/x/sync 0.19.0 0.20.0
google.golang.org/grpc 1.79.1 1.79.3
k8s.io/apimachinery 0.33.9 0.33.10

Updates go.opentelemetry.io/otel from 1.40.0 to 1.42.0

Changelog

Sourced from go.opentelemetry.io/otel's changelog.

[1.42.0/0.64.0/0.18.0/0.0.16] 2026-03-06

Added

  • Add go.opentelemetry.io/otel/semconv/v1.40.0 package. The package contains semantic conventions from the v1.40.0 version of the OpenTelemetry Semantic Conventions. See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.39.0. (#7985)
  • Add Err and SetErr on Record in go.opentelemetry.io/otel/log to attach an error and set record exception attributes in go.opentelemetry.io/otel/log/sdk. (#7924)

Changed

  • TracerProvider.ForceFlush in go.opentelemetry.io/otel/sdk/trace joins errors together and continues iteration through SpanProcessors as opposed to returning the first encountered error without attempting exports on subsequent SpanProcessors. (#7856)

Fixed

  • Fix missing request.GetBody in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp to correctly handle HTTP2 GOAWAY frame. (#7931)
  • Fix semconv v1.39.0 generated metric helpers skipping required attributes when extra attributes were empty. (#7964)
  • Preserve W3C TraceFlags bitmask (including the random Trace ID flag) during trace context extraction and injection in go.opentelemetry.io/otel/propagation. (#7834)

Removed

  • Drop support for [Go 1.24]. (#7984)

[1.41.0/0.63.0/0.17.0/0.0.15] 2026-03-02

This release is the last to support [Go 1.24]. The next release will require at least [Go 1.25].

Added

  • Support testing of [Go 1.26]. (#7902)

Fixed

  • Update Baggage in go.opentelemetry.io/otel/propagation and Parse and New in go.opentelemetry.io/otel/baggage to comply with W3C Baggage specification limits. New and Parse now return partial baggage along with an error when limits are exceeded. Errors from baggage extraction are reported to the global error handler. (#7880)
  • Return an error when the endpoint is configured as insecure and with TLS configuration in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp. (#7914)
  • Return an error when the endpoint is configured as insecure and with TLS configuration in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp. (#7914)
  • Return an error when the endpoint is configured as insecure and with TLS configuration in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp. (#7914)
Commits
  • a3941ff Release v1.42.0/v0.64.0/v0.18.0/v0.0.16 (#8006)
  • 6059c47 chore(deps): update golang.org/x/telemetry digest to e526e8a (#8010)
  • 44c7edf chore(deps): update module github.com/mgechev/revive to v1.15.0 (#8009)
  • de5fb3a fix(deps): update module google.golang.org/grpc to v1.79.2 (#8007)
  • 0b82ded chore(deps): update codspeedhq/action action to v4.11.1 (#8001)
  • aa3660f chore(deps): update github/codeql-action action to v4.32.6 (#8004)
  • 9be8c92 chore(deps): update dependency codespell to v2.4.2 (#8003)
  • c9d2015 log: add error field to Record and make SDK to emit exception attributes (#7924)
  • fdd1320 TracerProvider ForceFlush() Error Fix (#7856)
  • 78f9904 chore(deps): update golang.org/x/telemetry digest to 18da590 (#8000)
  • Additional commits viewable in compare view

Updates go.opentelemetry.io/otel/metric from 1.40.0 to 1.42.0

Changelog

Sourced from go.opentelemetry.io/otel/metric's changelog.

[1.42.0/0.64.0/0.18.0/0.0.16] 2026-03-06

Added

  • Add go.opentelemetry.io/otel/semconv/v1.40.0 package. The package contains semantic conventions from the v1.40.0 version of the OpenTelemetry Semantic Conventions. See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.39.0. (#7985)
  • Add Err and SetErr on Record in go.opentelemetry.io/otel/log to attach an error and set record exception attributes in go.opentelemetry.io/otel/log/sdk. (#7924)

Changed

  • TracerProvider.ForceFlush in go.opentelemetry.io/otel/sdk/trace joins errors together and continues iteration through SpanProcessors as opposed to returning the first encountered error without attempting exports on subsequent SpanProcessors. (#7856)

Fixed

  • Fix missing request.GetBody in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp to correctly handle HTTP2 GOAWAY frame. (#7931)
  • Fix semconv v1.39.0 generated metric helpers skipping required attributes when extra attributes were empty. (#7964)
  • Preserve W3C TraceFlags bitmask (including the random Trace ID flag) during trace context extraction and injection in go.opentelemetry.io/otel/propagation. (#7834)

Removed

  • Drop support for [Go 1.24]. (#7984)

[1.41.0/0.63.0/0.17.0/0.0.15] 2026-03-02

This release is the last to support [Go 1.24]. The next release will require at least [Go 1.25].

Added

  • Support testing of [Go 1.26]. (#7902)

Fixed

  • Update Baggage in go.opentelemetry.io/otel/propagation and Parse and New in go.opentelemetry.io/otel/baggage to comply with W3C Baggage specification limits. New and Parse now return partial baggage along with an error when limits are exceeded. Errors from baggage extraction are reported to the global error handler. (#7880)
  • Return an error when the endpoint is configured as insecure and with TLS configuration in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp. (#7914)
  • Return an error when the endpoint is configured as insecure and with TLS configuration in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp. (#7914)
  • Return an error when the endpoint is configured as insecure and with TLS configuration in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp. (#7914)
Commits
  • a3941ff Release v1.42.0/v0.64.0/v0.18.0/v0.0.16 (#8006)
  • 6059c47 chore(deps): update golang.org/x/telemetry digest to e526e8a (#8010)
  • 44c7edf chore(deps): update module github.com/mgechev/revive to v1.15.0 (#8009)
  • de5fb3a fix(deps): update module google.golang.org/grpc to v1.79.2 (#8007)
  • 0b82ded chore(deps): update codspeedhq/action action to v4.11.1 (#8001)
  • aa3660f chore(deps): update github/codeql-action action to v4.32.6 (#8004)
  • 9be8c92 chore(deps): update dependency codespell to v2.4.2 (#8003)
  • c9d2015 log: add error field to Record and make SDK to emit exception attributes (#7924)
  • fdd1320 TracerProvider ForceFlush() Error Fix (#7856)
  • 78f9904 chore(deps): update golang.org/x/telemetry digest to 18da590 (#8000)
  • Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.35.0 to 0.36.0

Commits
  • 4d954e6 all: upgrade go directive to at least 1.25.0 [generated]
  • See full diff in compare view

Updates golang.org/x/sync from 0.19.0 to 0.20.0

Commits
  • ec11c4a errgroup: fix a typo in the documentation
  • 1a58307 all: modernize interface{} -> any
  • 3172ca5 all: upgrade go directive to at least 1.25.0 [generated]
  • See full diff in compare view

Updates google.golang.org/grpc from 1.79.1 to 1.79.3

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.79.3

Security

  • server: fix an authorization bypass where malformed :path headers (missing the leading slash) could bypass path-based restricted "deny" rules in interceptors like grpc/authz. Any request with a non-canonical path is now immediately rejected with an Unimplemented error. (#8981)

Release 1.79.2

Bug Fixes

  • stats: Prevent redundant error logging in health/ORCA producers by skipping stats/tracing processing when no stats handler is configured. (grpc/grpc-go#8874)
Commits

Updates k8s.io/apimachinery from 0.33.9 to 0.33.10

Commits

@dependabot dependabot Bot added dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. labels Mar 23, 2026
@tekton-robot
Copy link
Copy Markdown

tekton-robot commented Mar 23, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please assign savitaashture after the PR has been reviewed.
You can assign the PR to them by writing /assign @savitaashture in a comment when ready.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added the size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files. label Mar 23, 2026
@dependabot dependabot Bot force-pushed the dependabot/go_modules/all-f45ca28c06 branch from 7200ce1 to 9c2988f Compare March 30, 2026 11:28
@khrm
Copy link
Copy Markdown
Contributor

khrm commented Mar 30, 2026

@dependabot rebase

@dependabot
Bump the all group across 1 directory with 6 updates
da7db27 
Bumps the all group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) | `1.40.0` | `1.42.0` |
| [golang.org/x/oauth2](https://github.com/golang/oauth2) | `0.35.0` | `0.36.0` |
| [golang.org/x/sync](https://github.com/golang/sync) | `0.19.0` | `0.20.0` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.79.1` | `1.79.3` |
| [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery) | `0.33.9` | `0.33.10` |



Updates `go.opentelemetry.io/otel` from 1.40.0 to 1.42.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.40.0...v1.42.0)

Updates `go.opentelemetry.io/otel/metric` from 1.40.0 to 1.42.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.40.0...v1.42.0)

Updates `golang.org/x/oauth2` from 0.35.0 to 0.36.0
- [Commits](golang/oauth2@v0.35.0...v0.36.0)

Updates `golang.org/x/sync` from 0.19.0 to 0.20.0
- [Commits](golang/sync@v0.19.0...v0.20.0)

Updates `google.golang.org/grpc` from 1.79.1 to 1.79.3
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.79.1...v1.79.3)

Updates `k8s.io/apimachinery` from 0.33.9 to 0.33.10
- [Commits](kubernetes/apimachinery@v0.33.9...v0.33.10)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
  dependency-version: 1.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: go.opentelemetry.io/otel/metric
  dependency-version: 1.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: golang.org/x/sync
  dependency-version: 0.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all
- dependency-name: google.golang.org/grpc
  dependency-version: 1.79.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: k8s.io/apimachinery
  dependency-version: 0.33.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/all-f45ca28c06 branch from 9c2988f to da7db27 Compare March 30, 2026 14:04
@tekton-robot tekton-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 31, 2026
@tekton-robot
Copy link
Copy Markdown

tekton-robot commented Mar 31, 2026

@dependabot: PR needs rebase.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Mar 31, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Mar 31, 2026
@dependabot dependabot Bot deleted the dependabot/go_modules/all-f45ca28c06 branch March 31, 2026 17:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@khrm khrm Awaiting requested review from khrm

@savitaashture savitaashture Awaiting requested review from savitaashture

Assignees

No one assigned

Labels

dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. size/XXL Denotes a PR that changes 1000+ lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tekton-robot @khrm