Bump the centralized-integration-deps group across 1 directory with 4 updates

[dependabot[bot]]

Bumps the centralized-integration-deps group with 4 updates in the /centralized-sampling-tests/integration-tests directory: io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom-alpha, io.opentelemetry.contrib:opentelemetry-aws-xray, com.jayway.jsonpath:json-path and io.spring.dependency-management.

Updates io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom-alpha from 1.32.0-alpha to 2.4.0-alpha

Release notes

Sourced from io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom-alpha's releases.

Version 2.3.0

This release targets the OpenTelemetry SDK 1.37.0.

Note that many artifacts have the -alpha suffix attached to their version number, reflecting that they are still alpha quality and will continue to have breaking changes. Please see the VERSIONING.md for more details.

📈 Enhancements

• Handle async requests in spring mvc library instrumentation (#10868)
• Support statement sanitizer enabled flag in lettuce 5.1 instrumentation (#10922)
• Remove AWS Active Tracing span linking (#10930)
• Make spring boot honor the standard environment variables for maps (#11000)
• Pulsar: use span links when receive telemetry is enabled (#10650)
• Rename messaging.kafka.destination.partition to messaging.destination.partition.id (#11086)
• Support service.instance.id in spring starter (#11071)
• Add library instrumentation for RestTemplateBuilder (#11054)
• Add cloud resource providers in spring starter (#11014)

🛠️ Bug fixes

• Fix disabling virtual thread context propagation (#10881)
• Fix virtual thread instrumentation for jdk 21 ea versions (#10887)
• Fix spring kafka interceptor wrappers not delegating some methods (#10935)
• AWS Lambda Runtime legacy internal handlers need to be ignored from being instrumented and so traced … (#10942)
• Metro: ignore UnsupportedOperationException when updating span name (#10996)
• Fix jedis plugin for 2.7.2 (#10982)
• Fix idle in druid instrumentation (#11079)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​123liuziming @​AlchemyDing @​breedx-splk @​cleverchuk @​damienburke @​huange7 @​itsmykairos @​jack-berg @​jaydeluca @​jeanbisutti @​johnbley @​JonasKunz @​laurit @​Moscagus @​phillipdriver @​rapphil @​robberphex @​serkan-ozal @​srinivas-bode

... (truncated)

Changelog

Sourced from io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom-alpha's changelog.

Changelog

Unreleased

Version 1.33.3 (2024-05-21)

📈 Enhancements

• Backport: Fix the logic to get container.id resource attribute (#11333)
• Backport: Update the OpenTelemetry SDK version to 1.38.0 (#11386)
• Backport: Fix a bug in undertow instrumentation related to HTTP/2 (#11387)
• Backport: Fix container.id issue in some crio scenarios (#11405)

Version 2.4.0 (2024-05-18)

🌟 New javaagent instrumentation

• InfluxDB (#10850)
• Armeria gRPC (#11351)
• Apache ShenYu (#11260)

📈 Enhancements

• Instrument ConnectionSource in Akka/Pekko HTTP Servers (#11103)
• Use constant span name when using Spring AMQP AnonymousQueues (#11141)
• Add support for RestClient in Spring starter (#11038)
• Add support for WebFlux server in Spring starter (#11185)
• Add async operation end strategy for Kotlin coroutines flow (#11168)
• Add automatic JDBC instrumentation to the Spring starter (#11258)
• Add StructuredTaskScope instrumentation (#11202)
• Allow reading OTel context from reactor ContextView (#11235)
• Add spring starter r2dbc support (#11221)
• Enable instrumentation of Spring EJB clients (#11104)

... (truncated)

Commits

• See full diff in compare view

Updates io.opentelemetry.contrib:opentelemetry-aws-xray from 1.32.0 to 1.36.0

Release notes

Sourced from io.opentelemetry.contrib:opentelemetry-aws-xray's releases.

Version 1.36.0

This release targets the OpenTelemetry SDK 1.36.0.

AWS resources

• Optimization: don't attempt detection if a cloud provider has already been detected (#1225)

Baggage processor - New 🌟

This module provides a SpanProcessor that stamps baggage onto spans as attributes on start.

Consistent sampling

• Assume random trace ID and set th-field only for sampled spans (#1278)

GCP Resources

• Optimization: don't attempt detection if a cloud provider has already been detected (#1225)
• Update guidance for manual instrumentation usage (#1250)

JMX metrics

• Remove slf4j-simple dependency (#1283)

Maven extension

• Disable metrics and logs by default (#1276)
• Migrate to current semconv (#1299)
• Migrate from Plexus to JSR 330 dependency injection APIs (#1320)

Span stack trace

• Enable publishing to maven central (#1297)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​akats7 @​breedx-splk @​cijothomas @​cyrille-leclerc @​jack-berg @​jackshirazi @​jmacd @​JonasKunz @​jsuereth @​kenfinnigan @​laurit @​LikeTheSalad

... (truncated)

Changelog

Sourced from io.opentelemetry.contrib:opentelemetry-aws-xray's changelog.

Version 1.36.0 (2024-05-29)

AWS resources

• Optimization: don't attempt detection if a cloud provider has already been detected (#1225)

Baggage processor - New 🌟

This module provides a SpanProcessor that stamps baggage onto spans as attributes on start.

Consistent sampling

• Assume random trace ID and set th-field only for sampled spans (#1278)

GCP Resources

• Optimization: don't attempt detection if a cloud provider has already been detected (#1225)
• Update guidance for manual instrumentation usage (#1250)

JMX metrics

• Remove slf4j-simple dependency (#1283)

Maven extension

• Disable metrics and logs by default (#1276)
• Migrate to current semconv (#1299)
• Migrate from Plexus to JSR 330 dependency injection APIs (#1320)

Span stack trace

• Enable publishing to maven central (#1297)

Version 1.35.0 (2024-04-16)

JMX metrics

• Add support for newly named Tomcat MBean with Spring (#1269)

Span stack traces - New 🌟

... (truncated)

Commits

• 386a7ef [release/v1.36.x] Prepare release 1.36.0 (#1327)
• 2e9d881 Change log for upcoming release (#1325)
• aa5b65a Inline incubating attributes + central semconv-incubating dependency (#1298)
• 516aed9 [Maven Extension] Migrate from Plexus to JSR 330 dependency injection APIs (#...
• 14c385e Update micrometer packages to v1.13.0 (#1315)
• 72d7976 Add baggage span processor component (#1290)
• 71e5417 Update dependency io.opentelemetry.instrumentation:opentelemetry-instrumentat...
• 3e27e2b Update gradle enterprise packages to v3.17.4 (#1318)
• 34b505e Update dependency org.assertj:assertj-core to v3.26.0 (#1324)
• d91dfc6 Update dependency com.google.cloud.opentelemetry:detector-resources-support t...
• Additional commits viewable in compare view

Updates com.jayway.jsonpath:json-path from 2.8.0 to 2.9.0

Release notes

Sourced from com.jayway.jsonpath:json-path's releases.

json-path-2.9.0

What's Changed

• Fix for CVE-2023-51074.
• update dependencies by @​SingingBush in json-path/JsonPath#965
• JPMS: define Automatic-Module-Name as json.path by @​SingingBush in json-path/JsonPath#966
• Bump json-smart version from 2.4.10 to 2.5.0 by @​shoothzj in json-path/JsonPath#945
• Fixed rendering error on $..book[?(@.price <= $['expensive'])] in README.md by @​lulunac27a in json-path/JsonPath#967
• [build] Remove deprecated gradle convetion usage by @​shoothzj in json-path/JsonPath#946
• Check for the existence of the next significant bracket by @​twobiers in json-path/JsonPath#985
• Update versions by @​kallestenflo in json-path/JsonPath#987

New Contributors

• @​lulunac27a made their first contribution in json-path/JsonPath#967
• @​twobiers made their first contribution in json-path/JsonPath#985

Full Changelog: https://github.com/json-path/JsonPath/compare/json-path-2.8.0...json-path-2.9.0

Commits

• af7e516 Release 2.9.0
• af4dfcc Make PropertyPathToken public, closes #955
• 49b1151 Update versions (#987)
• 71a09c1 Check for the existence of the next significant bracket (#985)
• 900ebfe Remove deprecated gradle usage (#946)
• 946274d Fixed rendering error on $..book[?(@.price <= $['expensive'])] in README.md...
• 425bcb1 Bump json-smart version from 2.4.10 to 2.5.0 (#945)
• 2d57ab3 JPMS: define Automatic-Module-Name as json.path (#966)
• 1a57f78 update dependencies (#965)
• 21de620 Prepare next version
• See full diff in compare view

Updates io.spring.dependency-management from 1.1.4 to 1.1.5

Release notes

Sourced from io.spring.dependency-management's releases.

v1.1.5

:lady_beetle: Bug Fixes

• When a dependency has been substituted by changing its target, its version is managed based on its original group and artifact IDs #383
• Plugin triggers a deprecation warning for LenientConfiguration#getArtifacts(Spec) with Gradle 8.8 #381
• Exclusions are calculated unnecessarily for non-transitive configurations #372

:heart: Contributors

Thank you to all the contributors who worked on this release:

@​fp7

Commits

• b3f62a0 Release v1.1.5
• 70f3e08 Release from GitHub Actions
• b5ed22b Correct the value of build-name when deploying to Artifactory
• 029d266 Specify the shell for build and publish step
• 2ddde6f Prepare snapshot workflow for addition of release workflow
• 6cc618e Enable linting and treat warnings as errors
• 7a56eaa Broaden Gradle version compatibility testing
• 63c2738 Upgrade to Gradle 7.6.4
• 2ed89ef Upgrade to Gradle Enterprise Conventions 0.0.17
• 0676dc0 Merge pull request #372 from fp7
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

[dependabot[bot]]

Superseded by #1097.