Update dependent Prometheus library versions

[shawnm14]

Is your feature request related to a problem? Please describe. Hi there! An issue I noticed is that Vault is using fairly outdated github.com/prometheus/client_golang and github.com/prometheus/common versions. In the latest Vault v1.16.2 go.mod, I noticed that the versions used are:

github.com/prometheus/client_golang v1.14.0 (Nov 8, 2022) github.com/prometheus/common v0.37.0 (Jul 14, 2022)

Whereas the newest versions for these prometheus libraries are:

github.com/prometheus/client_golang v1.19.0 (Feb 27, 2024) github.com/prometheus/common v0.53.0 (Apr 18, 2024)

And because of this, Vault is conflicting with other components that are using newer prometheus libraries in our product. The incompatibility occurs because for github.com/prometheus/common v0.48.0 or newer, they unexported format strings which Vault has been using, specifically expfmt.FmtText. It appears that Vault side code change will be needed in metricsutil.go to update these dependency versions:

e := expfmt.NewEncoder(buf, expfmt.FmtText) ...... resp.Data[logical.HTTPContentType] = string(expfmt.FmtText)

Describe the solution you'd like The best solution is probably to update to the new dependency versions, and make implementation tweaks in Vault to be compatible. It would be greatly appreciated if you could please consider this request! If needed I can create a PR for this as well. :)

Describe alternatives you've considered N/A. I think for quality and security reasons, Vault should use these newer versions eventually.

Explain any additional use-cases N/A.

Additional context N/A.

Thanks again!

[ggilley]

Seconded :-)