search

xmidt-org / webpa-common

The collection of small common packages for the webpa project.
Apache License 2.0
25 stars 25 forks source link

Bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.40.0 to 0.47.0 #1036

Closed dependabot[bot] closed 5 months ago

dependabot[bot] commented 6 months ago

Bumps go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.40.0 to 0.47.0.

Release notes

Sourced from go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp's releases.

Release 1.22.0/0.47.0/0.16.0/0.2.0

Added

  • Add SDK.Shutdown method in "go.opentelemetry.io/contrib/config". (#4583)
  • NewSDK in go.opentelemetry.io/contrib/config now returns a configured SDK with a valid TracerProvider. (#4741)

Changed

  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/gopkg.in/macaron.v1/otelmacaron are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace/example are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/example are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpare upgraded to v1.20.0. (#4320)
  • Updated configuration schema to include schema_url for resource definition and without_type_suffix and without_units for the Prometheus exporter. (#4727)
  • The semantic conventions used by the go.opentelemetry.io/contrib/detectors/aws/ecs resource detector are upgraded to v1.24.0. (#4803)
  • The semantic conventions used by the go.opentelemetry.io/contrib/detectors/aws/lambda resource detector are upgraded to v1.24.0. (#4803)
  • The semantic conventions used by the go.opentelemetry.io/contrib/detectors/aws/ec2 resource detector are upgraded to v1.24.0. (#4803)
  • The semantic conventions used by the go.opentelemetry.io/contrib/detectors/aws/eks resource detector are upgraded to v1.24.0. (#4803)
  • The semantic conventions used by the go.opentelemetry.io/contrib/detectors/gcp resource detector are upgraded to v1.24.0. (#4803)
  • The semantic conventions used in go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-lambda-go/otellambda/test are upgraded to v1.24.0. (#4803)

Fixed

  • Fix NewServerHandler in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to correctly set the span status depending on the gRPC status. (#4587)
  • The stats.Handler from go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc now does not crash when receiving an unexpected context. (#4825)
  • Update go.opentelemetry.io/contrib/detectors/aws/ecs to fix the task ARN when it is not valid. (#3583)
  • Do not panic in go.opentelemetry.io/contrib/detectors/aws/ecs when the container ARN is not valid. (#3583)

Release v1.21.1/v0.46.1/v0.15.1/v0.1.1

Changed

Fixed

  • Fix StreamClientInterceptor in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to end the spans synchronously. (#4537)
  • Fix data race in stats handlers when processing messages received and sent metrics in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#4577)
  • The stats handlers NewClientHandler, NewServerHandler in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc now record RPC durations in ms instead of ns. (#4548)

Release v1.21.0/v0.46.0/v0.15.0/v0.1.0

Added

  • Add the new go.opentelemetry.io/contrib/instrgen package to provide auto-generated source code instrumentation. (#3068, #3108)
  • Add "go.opentelemetry.io/contrib/samplers/jaegerremote".WithSamplingStrategyFetcher which sets custom fetcher implementation. (#4045)
  • Add "go.opentelemetry.io/contrib/config" package that includes configuration models generated via go-jsonschema. (#4376)
  • Add NewSDK function to "go.opentelemetry.io/contrib/config". The initial implementation only returns noop providers. (#4414)

... (truncated)

Changelog

Sourced from go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp's changelog.

[1.22.0/0.47.0/0.16.0/0.2.0] - 2024-01-18

Added

  • Add SDK.Shutdown method in "go.opentelemetry.io/contrib/config". (#4583)
  • NewSDK in go.opentelemetry.io/contrib/config now returns a configured SDK with a valid TracerProvider. (#4741)

Changed

  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/github.com/labstack/echo/otelecho are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/gopkg.in/macaron.v1/otelmacaron are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/net/http/httptrace/otelhttptrace/example are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/example are upgraded to v1.20.0. (#4320)
  • The semantic conventions used by go.opentelemetry.io/contrib/instrumentation/net/http/otelhttpare upgraded to v1.20.0. (#4320)
  • Updated configuration schema to include schema_url for resource definition and without_type_suffix and without_units for the Prometheus exporter. (#4727)
  • The semantic conventions used by the go.opentelemetry.io/contrib/detectors/aws/ecs resource detector are upgraded to v1.24.0. (#4803)
  • The semantic conventions used by the go.opentelemetry.io/contrib/detectors/aws/lambda resource detector are upgraded to v1.24.0. (#4803)
  • The semantic conventions used by the go.opentelemetry.io/contrib/detectors/aws/ec2 resource detector are upgraded to v1.24.0. (#4803)
  • The semantic conventions used by the go.opentelemetry.io/contrib/detectors/aws/eks resource detector are upgraded to v1.24.0. (#4803)
  • The semantic conventions used by the go.opentelemetry.io/contrib/detectors/gcp resource detector are upgraded to v1.24.0. (#4803)
  • The semantic conventions used in go.opentelemetry.io/contrib/instrumentation/github.com/aws/aws-lambda-go/otellambda/test are upgraded to v1.24.0. (#4803)

Fixed

  • Fix NewServerHandler in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to correctly set the span status depending on the gRPC status. (#4587)
  • The stats.Handler from go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc now does not crash when receiving an unexpected context. (#4825)
  • Update go.opentelemetry.io/contrib/detectors/aws/ecs to fix the task ARN when it is not valid. (#3583)
  • Do not panic in go.opentelemetry.io/contrib/detectors/aws/ecs when the container ARN is not valid. (#3583)

[1.21.1/0.46.1/0.15.1/0.1.1] - 2023-11-16

Changed

Fixed

  • Fix StreamClientInterceptor in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to end the spans synchronously. (#4537)
  • Fix data race in stats handlers when processing messages received and sent metrics in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#4577)
  • The stats handlers NewClientHandler, NewServerHandler in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc now record RPC durations in ms instead of ns. (#4548)

[1.21.0/0.46.0/0.15.0/0.1.0] - 2023-11-10

Added

  • Add "go.opentelemetry.io/contrib/samplers/jaegerremote".WithSamplingStrategyFetcher which sets custom fetcher implementation. (#4045)

... (truncated)

Commits
  • 044e09a Release 1.22.0/0.47.0/0.16.0/0.2.0 (#4827)
  • 40290ea [instrumentation/google.golang.org/grpc/otelgrpc] Do not assume HandleRPC rec...
  • a28c68b otelgrpc: Remove withoutContext (#4705)
  • 96790b3 dependabot updates Tue Jan 16 18:26:09 UTC 2024 (#4823)
  • ffc47ec Bump detector semconv to v1.24.0 (#4803)
  • 0a02c5b config: NewSDK can return valid TracerProvider (#4741)
  • 3cecdcf build(deps): bump github.com/cloudflare/circl in /tools (#4800)
  • ef26c0a dependabot updates Sun Jan 7 23:23:57 UTC 2024 (#4798)
  • f16553c otelgrpc: Remove code that has no effects in stats handlers (#4773)
  • f770d88 dependabot updates Mon Jan 1 11:23:34 UTC 2024 (#4778)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
guardrails[bot] commented 6 months ago

:warning: We detected 1 security issue in this pull request:

Vulnerable Libraries (1)
Severity | Details :-: | :-- High | [pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.47.0](https://github.com/xmidt-org/webpa-common/blob/5ad73b71157dfd14232ff219385e4559f54f8227/go.mod#L31) upgrade to: *> v0.47.0* More info on how to fix Vulnerable Libraries in [Go](https://docs.guardrails.io/docs/en/vulnerabilities/go/using_vulnerable_libraries.html?utm_source=ghpr).

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

dependabot[bot] commented 5 months ago

Superseded by #1041.