Bump the go_modules group across 1 directory with 11 updates

[dependabot]

Bumps the go_modules group with 5 updates in the / directory:

Package	From	To
github.com/btcsuite/btcd	0.22.0-beta.0.20211005184431-e3449998be39	0.24.0
github.com/docker/docker	20.10.22+incompatible	24.0.9+incompatible
github.com/lightningnetwork/lnd	0.14.2-beta	0.17.0-beta
github.com/docker/distribution	2.8.1+incompatible	2.8.2+incompatible
github.com/hashicorp/go-retryablehttp	0.7.1	0.7.7

Updates github.com/btcsuite/btcd from 0.22.0-beta.0.20211005184431-e3449998be39 to 0.24.0

Release notes

Sourced from github.com/btcsuite/btcd's releases.

btcd v0.24.0

This release is a major release that includes several general bug fixes, security bug fixes (please update!), and also a series of performance improvements that dramatically reduce the time for initial block download from ~45 hours+ to around 6 hours! With this release,btcd now also supports BIP 155 and has gained support for pruning (--prune=MiB).

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/lightningnetwork/lnd/master/scripts/keys/roasbeef.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-roasbeef-v0.24.0.sig and manifest-v0.24.0.txt are in the current directory) with:

gpg --verify manifest-roasbeef-v0.24.0.sig manifest-v0.24.0.txt

You should see the following if the verification was successful:

gpg: Signature made Sat Dec 30 17:11:22 2023 PST
gpg:                using RSA key 60A1FA7DA5BFF08BDCBBE7903BBD59E99B280306
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

What's Changed

• Musig2: Update to 1.0.0.rc2 by @​sputn1ck in btcsuite/btcd#1913
• btcec/schnorr/musig2: fix BenchmarkPartialVerify by @​Roasbeef in btcsuite/btcd#1920
• base58: fix decoding issue by @​guggero in btcsuite/btcd#1923
• Update Docker documentation towards building your own image by @​guiand888 in btcsuite/btcd#1925
• chainhash: JSON marshal hash as string by @​ffranr in btcsuite/btcd#1932
• Update Dockerfile to Alpine 3.16 by @​guiand888 in btcsuite/btcd#1924
• Fix memory leak in connmanager by @​hxw in btcsuite/btcd#1576
• Update mining.md by @​jagottsicher in btcsuite/btcd#1938
• Sighash taproot keyspend bug fix by @​Roasbeef in btcsuite/btcd#1941
• btcutil/psbt: export helper functions, fix/add encoding of unknown fields by @​guggero in btcsuite/btcd#1942
• docs: Update Go version as per the Readme. by @​hristog in btcsuite/btcd#1944
• txscript: Fix typo in IsUnspendable() comment by @​kcalvinalvin in btcsuite/btcd#1945
• txscript: allow script builder capacity to be specified by @​guggero in btcsuite/btcd#1954
• Export MakeScritpNum, AsSmallInt, and IsSmallInt by @​martonp in btcsuite/btcd#1956
• chainhash: JSON Unmarshal hash from appropriate string. by @​LindenWang01 in btcsuite/btcd#1952
• psbt: add verification method for utxo data by @​ziggie1984 in btcsuite/btcd#1964
• txscript: fix typos by @​hieblmi in btcsuite/btcd#1957
• chaincfg: Update checkpoints by @​kcalvinalvin in btcsuite/btcd#1968
• btcd: Add memory profiling flag by @​kcalvinalvin in btcsuite/btcd#1953
• blockchain: Use slices when fetching utxos by @​kcalvinalvin in btcsuite/btcd#1972
• main: Update README.md's minimum go version by @​kcalvinalvin in btcsuite/btcd#1977

... (truncated)

Commits

• See full diff in compare view

Updates github.com/docker/docker from 20.10.22+incompatible to 24.0.9+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v24.0.9

24.0.9

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 24.0.9 milestone
• moby/moby, 24.0.9 milestone

Security

This release contains security fixes for the following CVEs affecting Docker Engine and its components.

CVE	Component	Fix version	Severity
CVE-2024-21626	runc	1.1.12	High, CVSS 8.6
CVE-2024-24557	Docker Engine	24.0.9	Medium, CVSS 6.9

Important ⚠️

Note that this release of Docker Engine doesn't include fixes for the following known vulnerabilities in BuildKit:

• CVE-2024-23651
• CVE-2024-23652
• CVE-2024-23653
• CVE-2024-23650

To address these vulnerabilities, upgrade to Docker Engine v25.0.2.

For more information about the security issues addressed in this release, and the unaddressed vulnerabilities in BuildKit, refer to the blog post. For details about each vulnerability, see the relevant security advisory:

• CVE-2024-21626
• CVE-2024-24557

Packaging updates

• Upgrade runc to v1.1.12. moby/moby#47269
• Upgrade containerd to v1.7.13 (static binaries only). moby/moby#47280

v24.0.8

24.0.8

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 24.0.8 milestone
• moby/moby, 24.0.8 milestone

Bug fixes and enhancements

• Live restore: Containers with auto remove (docker run --rm) are no longer forcibly removed on engine restart. moby/moby#46857

... (truncated)

Commits

• fca702d Merge pull request from GHSA-xw73-rw38-6vjc
• f78a772 Merge pull request #47281 from thaJeztah/24.0_backport_bump_containerd_binary...
• 61afffe Merge pull request #47270 from thaJeztah/24.0_backport_bump_runc_binary_1.1.12
• b38e74c Merge pull request #47276 from thaJeztah/24.0_backport_bump_runc_1.1.12
• dac5663 update containerd binary to v1.7.13
• 20e1af3 vendor: github.com/opencontainers/runc v1.1.12
• 858919d update runc binary to v1.1.12
• 141ad39 Merge pull request #47266 from vvoland/ci-fix-makeps1-templatefail-24
• db968c6 hack/make.ps1: Fix go list pattern
• 61c51fb Merge pull request #47221 from vvoland/pkg-pools-close-noop-24
• Additional commits viewable in compare view

Updates github.com/lightningnetwork/lnd from 0.14.2-beta to 0.17.0-beta

Release notes

Sourced from github.com/lightningnetwork/lnd's releases.

lnd v0.17.0-beta

Database Migrations

There is a single database migration in this release. This migration deletes some space on disk that previously stored the last sweep transaction in the sweeper.

Verifying the Release

In order to verify the release, you'll need to have gpg or gpg2 installed on your system. Once you've obtained a copy (and hopefully verified that as well), you'll first need to import the keys that have signed this release if you haven't done so already:

curl https://raw.githubusercontent.com/lightningnetwork/lnd/master/scripts/keys/roasbeef.asc | gpg --import

Once you have the required PGP keys, you can verify the release (assuming manifest-roasbeef-v0.17.0-beta.sig and manifest-v0.17.0-beta.txt are in the current directory) with:

gpg --verify manifest-roasbeef-v0.17.0-beta.sig manifest-v0.17.0-beta.txt

You should see the following if the verification was successful:

gpg: Signature made Tue Oct  3 11:03:53 2023 PDT
gpg:                using RSA key 60A1FA7DA5BFF08BDCBBE7903BBD59E99B280306
gpg: Good signature from "Olaoluwa Osuntokun <[email protected]>" [ultimate]

That will verify the signature of the manifest file, which ensures integrity and authenticity of the archive you've downloaded locally containing the binaries. Next, depending on your operating system, you should then re-compute the sha256 hash of the archive with shasum -a 256 <filename>, compare it with the corresponding one in the manifest file, and ensure they match exactly.

Verifying the Release Timestamp

From this new version onwards, in addition time-stamping the git tag with OpenTimestamps, we'll also now timestamp the manifest file along with its signature. Two new files are now included along with the rest of our release artifacts: manifest-roasbeef-v0.17.0-beta.txt.asc.ots.

Assuming you have the opentimestamps client installed locally, the timestamps can be verified with the following commands:

ots verify manifest-roasbeef-v0.17.0-beta.sig.ots -f manifest-roasbeef-v0.17.0-beta.sig

Alternatively, the OpenTimestamps website can be used to verify timestamps if one doesn't have a bitcoind instance accessible locally.

These timestamps should give users confidence in the integrity of this release even after the key that signed the release expires.

Verifying the Release Binaries

Our release binaries are fully reproducible. Third parties are able to verify that the release binaries were produced properly without having to trust the release manager(s). See our reproducible builds guide for how this can be achieved. The release binaries are compiled with go1.21.0, which is required by verifiers to arrive at the same ones. They include the following build tags: autopilotrpc, signrpc, walletrpc, chainrpc, invoicesrpc, neutrinorpc, routerrpc, watchtowerrpc, monitoring, peersrpc, kvdb_postrgres, kvdb_etcd and kvdb_sqlite. Note that these are already included in the release script, so they do not need to be provided.

The make release command can be used to ensure one rebuilds with all the same flags used for the release. If one wishes to build for only a single platform, then make release sys=<OS-ARCH> tag=<tag> can be used.

... (truncated)

Commits

• 2fb150c build: bump version to v0.17.0
• caa9bf9 Merge pull request #8043 from Roasbeef/0-17-rc6
• 4e6bb71 build: bump version to v0.17.0 rc6
• bb7a257 Merge pull request #8037 from yyforyongyu/fix-weight-calc
• edeb0d7 Merge pull request #8041 from Roasbeef/background-peer-prune
• 5225189 lnwallet+rpcserver: fix weight calculation for taproot channels
• 62d240b itest: add testSendDirectPayment
• eae9dd0 peer: launch persistent peer pruning in background goroutine
• 1ebfe95 Merge pull request #8035 from Roasbeef/0-17-rc5
• f63a2b9 build: bump version to v0.17.0 rc5
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.44.0 to 1.53.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.53.0

API Changes

• balancer: support injection of per-call metadata from LB policies (#5853)
• resolver: remove deprecated field resolver.Target.Endpoint and replace with resolver.Target.Endpoint() (#5852)
  • Special Thanks: @​kylejb

New Features

• xds/ringhash: introduce GRPC_RING_HASH_CAP environment variable to override the maximum ring size. (#5884)
• rls: propagate headers received in RLS response to backends (#5883)

Bug Fixes

• transport: drain client transport when streamID approaches MaxStreamID (#5889)
• server: after GracefulStop, ensure connections are closed when final RPC completes (#5968)
• server: fix a few issues where grpc server uses RST_STREAM for non-HTTP/2 errors (#5893)
• xdsclient: fix race which can happen when multiple load reporting calls are made at the same time. (#5927)
• rls: fix a data race involving the LRU cache (#5925)
• xds: fix panic involving double close of channel in xDS transport (#5959)
• gcp/observability: update method name validation (#5951)

Documentation

• credentials/oauth: mark NewOauthAccess as deprecated (#5882)
  • Special Thanks: @​buzzsurfr

Release 1.52.3

Bug Fixes

• Fix user-agent version

Release 1.52.2

Bug Fixes

• xds: fix panic involving double close of channel in xDS transport (#5959)

Release 1.52.1

Bug Fixes

• grpclb: rename grpclbstate package back to state (#5963)

Release 1.52.0

New Features

• xdsclient: log node ID with verbosity INFO (#5860)
• ringhash: impose cap on max_ring_size to reduce possibility of OOMs (#5801)

Behavior Changes

... (truncated)

Commits

• dba26e1 Change version to 1.53.0 (#5983)
• 2a1e934 server: after GracefulStop, ensure connections are closed when final RPC comp...
• e2d69aa tests: fix spelling of variable (#5966)
• a6376c9 xds/resolver: cleanup tests to use real xDS client 3/n (#5953)
• bf8fc46 xds/resolver: cleanup tests to use real xDS client 5/n (#5955)
• 3930549 resolver: replace resolver.Target.Endpoint field with Endpoint() method (#5852)
• 894816c grpclb: rename grpclbstate package back to state (#5962)
• e5a0237 encoding: fix duplicate compressor names (#5958)
• 4adb2a7 xds/resolver: cleanup tests to use real xDS client 2/n (#5952)
• 52a8392 gcp/observability: update method name validation (#5951)
• Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.28.0 to 1.30.0

Updates github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible

Release notes

Sourced from github.com/docker/distribution's releases.

v2.8.2

What's Changed

• Revert registry/client: set Accept: identity header when getting layers by @​ndeloof in distribution/distribution#3783
• Parse http forbidden as denied by @​vvoland in distribution/distribution#3914
• Fix CVE-2022-28391 by bumping alpine from 3.14 to 3.16 by @​thaJeztah (#3650)
• Fix CVE-2023-2253 runaway allocation on /v2/_catalog by @​josegomezr 521ea3d9
• Fix panic in inmemory driver by @​wy65701436 in distribution/distribution#3815
• bump up golang version (alternative) by @​thaJeztah in distribution/distribution#3903
• Dockerfile: update xx to v1.2.1 by @​thaJeztah in distribution/distribution#3907
• update to go1.19.9 by @​thaJeztah in distribution/distribution#3908
• Add code to handle pagination of parts. Fixes max layer size of 10GB bug by @​DavidSpek in distribution/distribution#3893
• Dockerfile: fix filenames of artifacts by @​thaJeztah in distribution/distribution#3911

Full Changelog: distribution/distribution@v2.8.1...v2.8.2

v2.8.2-beta.2

What's Changed

• Fix CVE-2022-28391 by bumping alpine from 3.14 to 3.16 by @​thaJeztah (#3650)
• Fix CVE-2023-2253 runaway allocation on /v2/_catalog by @​josegomezr 521ea3d9
• Fix panic in inmemory driver by @​wy65701436 in distribution/distribution#3815
• bump up golang version (alternative) by @​thaJeztah in distribution/distribution#3903
• Dockerfile: update xx to v1.2.1 by @​thaJeztah in distribution/distribution#3907
• update to go1.19.9 by @​thaJeztah in distribution/distribution#3908
• Add code to handle pagination of parts. Fixes max layer size of 10GB bug by @​DavidSpek in distribution/distribution#3893
• Dockerfile: fix filenames of artifacts by @​thaJeztah in distribution/distribution#3911

Full Changelog: distribution/distribution@v2.8.1...v2.8.2-beta.2

v2.8.2-beta.1

NOTE: This is a pre-release that does not contain any artifacts!

What's Changed

• Fix runaway allocation on /v2/_catalog by @​josegomezr 521ea3d9
• Fix CVE-2022-28391 by bumping alpine from 3.14 to 3.16 by @​thaJeztah in distribution/distribution#3650
• Fix panic in inmemory driver by @​wy65701436 in distribution/distribution#3815
• bump up golang version (alternative) by @​thaJeztah in distribution/distribution#3903
• Dockerfile: update xx to v1.2.1 by @​thaJeztah in distribution/distribution#3907
• update to go1.19.9 by @​thaJeztah in distribution/distribution#3908
• Add code to handle pagination of parts. Fixes max layer size of 10GB bug by @​DavidSpek in distribution/distribution#3893

Full Changelog: distribution/distribution@v2.8.1...v2.8.2-beta.1

Commits

• 7c354a4 Merge pull request #3915 from distribution/2.8.2-release-notes
• a173a9c Add v2.8.2 release notes
• 4894d35 Merge pull request #3914 from vvoland/handle-forbidden-28
• f067f66 Merge pull request #3783 from ndeloof/accept-encoding-28
• 483ad69 registry/errors: Parse http forbidden as denied
• 2b0f84d Revert "registry/client: set Accept: identity header when getting layers"
• 320d6a1 Merge pull request #3912 from distribution/2.8.2-beta.2-release-notes
• 5f3ca1b Add release notes for 2.8.2-beta.2 release
• cb840f6 Merge pull request #3911 from thaJeztah/2.8_backport_fix_releaser_filenames
• e884644 Dockerfile: fix filenames of artifacts
• Additional commits viewable in compare view

Updates github.com/hashicorp/go-retryablehttp from 0.7.1 to 0.7.7

Changelog

Sourced from github.com/hashicorp/go-retryablehttp's changelog.

0.7.7 (May 30, 2024)

BUG FIXES:

• client: avoid potentially leaking URL-embedded basic authentication credentials in logs (#158)

0.7.6 (May 9, 2024)

ENHANCEMENTS:

• client: support a RetryPrepare function for modifying the request before retrying (#216)
• client: support HTTP-date values for Retry-After header value (#138)
• client: avoid reading entire body when the body is a *bytes.Reader (#197)

BUG FIXES:

• client: fix a broken check for invalid server certificate in go 1.20+ (#210)

0.7.5 (Nov 8, 2023)

BUG FIXES:

• client: fixes an issue where the request body is not preserved on temporary redirects or re-established HTTP/2 connections (#207)

0.7.4 (Jun 6, 2023)

BUG FIXES:

• client: fixing an issue where the Content-Type header wouldn't be sent with an empty payload when using HTTP/2 (#194)

0.7.3 (May 15, 2023)

Initial release

Commits

• 1542b31 v0.7.7
• defb9f4 v0.7.7
• a99f07b Merge pull request #158 from dany74q/danny/redacted-url-in-logs
• 8a28c57 Merge branch 'main' into danny/redacted-url-in-logs
• 86e852d Merge pull request #227 from hashicorp/dependabot/github_actions/actions/chec...
• 47fe99e Bump actions/checkout from 4.1.5 to 4.1.6
• 490fc06 Merge pull request #226 from testwill/ioutil
• f3e9417 chore: remove refs to deprecated io/ioutil
• d969eaa Merge pull request #225 from hashicorp/manicminer-patch-2
• 2ad8ed4 v0.7.6
• Additional commits viewable in compare view

Updates github.com/jackc/pgproto3/v2 from 2.1.1 to 2.3.2

Commits

• 0c0f7b0 Add pgx v5 note
• f59ff94 UnmarshalJSON: removing hex decode
• fd427c0 Don't panic when receiving zero bytes with "slice bounds out of range"
• 175856f add GSS authentication to pgproto3
• c6ccb4b Addressing feedback
• e145003 Addressing feedback
• 1d7886b Adding UTs
• fa2b096 fix: Adding overall format before appending ColumnFormatCodes
• 40ecac4 Remove unimplemented JSON marshalling for FunctionCall type.
• 3d9a54f Fix unit test, it should return after any error is returned from Decode
• Additional commits viewable in compare view

Updates github.com/jackc/pgx/v4 from 4.13.0 to 4.18.1

Changelog

Sourced from github.com/jackc/pgx/v4's changelog.

4.18.1 (February 27, 2023)

• Fix: Support pgx v4 and v5 stdlib in same program (Tomáš Procházka)

4.18.0 (February 11, 2023)

• Upgrade pgconn to v1.14.0
• Upgrade pgproto3 to v2.3.2
• Upgrade pgtype to v1.14.0
• Fix query sanitizer when query text contains Unicode replacement character
• Fix context with value in BeforeConnect (David Harju)
• Support pgx v4 and v5 stdlib in same program (Vitalii Solodilov)

4.17.2 (September 3, 2022)

• Fix panic when logging batch error (Tom Möller)

4.17.1 (August 27, 2022)

• Upgrade puddle to v1.3.0 - fixes context failing to cancel Acquire when acquire is creating resource which was introduced in v4.17.0 (James Hartig)
• Fix atomic alignment on 32-bit platforms

4.17.0 (August 6, 2022)

• Upgrade pgconn to v1.13.0
• Upgrade pgproto3 to v2.3.1
• Upgrade pgtype to v1.12.0
• Allow background pool connections to continue even if cause is canceled (James Hartig)
• Add LoggerFunc (Gabor Szabad)
• pgxpool: health check should avoid going below minConns (James Hartig)
• Add pgxpool.Conn.Hijack()
• Logging improvements (Stepan Rabotkin)

4.16.1 (May 7, 2022)

• Upgrade pgconn to v1.12.1
• Fix explicitly prepared statements with describe statement cache mode

4.16.0 (April 21, 2022)

• Upgrade pgconn to v1.12.0
• Upgrade pgproto3 to v2.3.0
• Upgrade pgtype to v1.11.0
• Fix: Do not panic when context cancelled while getting statement from cache.
• Fix: Less memory pinning from old Rows.
• Fix: Support '\r' line ending when sanitizing SQL comment.
• Add pluggable GSSAPI support (Oliver Tan)

4.15.0 (February 7, 2022)

... (truncated)

Commits

• 13468eb Release v4.18.1
• 7fed69b simplify duplicate pgx registration guard
• 1e68b39 Update CHANGELOG.md for v4.18.0
• dfaa30d Release v4.18.0
• b14a5e6 Register pgx driver using major version
• d15cc95 Add fix for using a context with a value in BeforeConnect
• 3edc1b5 Fix query sanitizer
• f2b3210 Backport better Conn.Query docs
• eb3f696 Note that v5 is released
• d42b399 Update changelog
• Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.11.0 to 1.11.1

Release notes

Sourced from github.com/prometheus/client_golang's releases.

1.11.1 / 2022-02-15

• [SECURITY FIX] promhttp: Check validity of method and code label values prometheus/client_golang#987 (Addressed CVE-2022-21698)

What's Changed

• promhttp: Check validity of method and code label values by @​bwplotka and @​kakkoyun in prometheus/client_golang#987

Full Changelog: prometheus/client_golang@v1.11.0...v1.11.1

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

Unreleased

1.19.0 / 2023-02-27

The module prometheus/common v0.48.0 introduced an incompatibility when used together with client_golang (See prometheus/client_golang#1448 for more details). If your project uses client_golang and you want to use prometheus/common v0.48.0 or higher, please update client_golang to v1.19.0.

• [CHANGE] Minimum required go version is now 1.20 (we also test client_golang against new 1.22 version). #1445 #1449
• [FEATURE] collectors: Add version collector. #1422 #1427

1.18.0 / 2023-12-22

• [FEATURE] promlint: Allow creation of custom metric validations. #1311
• [FEATURE] Go programs using client_golang can be built in wasip1 OS. #1350
• [BUGFIX] histograms: Add timer to reset ASAP after bucket limiting has happened. #1367
• [BUGFIX] testutil: Fix comparison of metrics with empty Help strings. #1378
• [ENHANCEMENT] Improved performance of MetricVec.WithLabelValues(...). #1360

1.17.0 / 2023-09-27

• [CHANGE] Minimum required go version is now 1.19 (we also test client_golang against new 1.21 version). #1325
• [FEATURE] Add support for Created Timestamps in Counters, Summaries and Historams. #1313
• [ENHANCEMENT] Enable detection of a native histogram without observations. #1314

1.16.0 / 2023-06-15

• [BUGFIX] api: Switch to POST for LabelNames, Series, and QueryExemplars. #1252
• [BUGFIX] api: Fix undefined execution order in return statements. #1260
• [BUGFIX] native histograms: Fix bug in bucket key calculation. #1279
• [ENHANCEMENT] Reduce constrainLabels allocations for all metrics. #1272
• [ENHANCEMENT] promhttp: Add process start time header for scrape efficiency. #1278
• [ENHANCEMENT] promlint: Improve metricUnits runtime. #1286

1.15.1 / 2023-05-3

• [BUGFIX] Fixed promhttp.Instrument* handlers wrongly trying to attach exemplar to unsupported metrics (e.g. summary),
  causing panics. #1253

1.15.0 / 2023-04-13

• [BUGFIX] Fix issue with atomic variables on ppc64le. #1171
• [BUGFIX] Support for multiple samples within same metric. #1181
• [BUGFIX] Bump golang.org/x/text to v0.3.8 to mitigate CVE-2022-32149. #1187
• [ENHANCEMENT] Add exemplars and middleware examples. #1173
• [ENHANCEMENT] Add more context to "duplicate label names" error to enable debugging. #1177
• [ENHANCEMENT] Add constrained labels and constrained variant for all MetricVecs. #1151
• [ENHANCEMENT] Moved away from deprecated github.com/golang/protobuf package. #1183
• [ENHANCEMENT] Add possibility to dynamically get label values for http instrumentation. #1066
• [ENHANCEMENT] Add ability to Pusher to add custom headers. #1218
• [ENHANCEMENT] api: Extend and improve efficiency of json-iterator usage. #1225
• [ENHANCEMENT] Added (official) support for go 1.20. #1234

... (truncated)

Commits

• 989baa3 promhttp: Check validity of method and code label values (#962) (#987)
• See full diff in compare view

Updates go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.20.0 to 0.25.0

Release notes

Sourced from go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc's releases.

Release v0.24.0

0.24.0 - 2021-09-21

Update dependency on the go.opentelemetry.io/otel project to v1.0.0.

v0.23.0

0.23.0 - 2021-09-09

Added

• Add WithoutSubSpans, WithRedactedHeaders, WithoutHeaders, and WithInsecureHeaders options for otelhttptrace.NewClientTrace. (#879)

Changed

• Split go.opentelemetry.io/contrib/propagators module into b3, jaeger, ot modules. (#985)
• otelmongodb span attributes, name and span status now conform to specification. (#769)
• Migrated EC2 resource detector support from root module go.opentelemetry.io/contrib/detectors/aws to a separate EC2 resource detector module go.opentelemetry.io/contrib/detectors/aws/ec2 (#1017)
• Add cloud.provider and cloud.platform to AWS detectors. (#1043)
• otelhttptrace.NewClientTrace now redacts known sensitive headers by default. (#879)

Fixed

• Fix span not marked as error in otelhttp.Transport when RoundTrip fails with an error. (#950)

Release v0.22.0

Added

• Add the zpages span processor. (#894)

Changed

• The b3.B3 type has been removed. b3.New() and b3.WithInjectEncoding(encoding) are added to replace it. (#868)

Fixed

• Fix deadlocks and race conditions in otelsarama.WrapAsyncProducer. The messaging.message_id and messaging.kafka.partition attributes are now not set if a message was not processed. (#754) (#755) (#881)
• Fix otelsarama.WrapAsyncProducer so that the messages from the Errors channel contain the original Metadata. (#754)

Release v0.21.0

0.21.0 - 2021-06-18

Fixed

• Dockerfile based examples for otelgin and otelmacaron. (#767)

Changed

• Supported minimum version of Go bumped from 1.14 to 1.15. (#787)

... (truncated)

Changelog

Sourced from go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc's changelog.

[1.26.0/0.51.0/0.20.0/0.6.0/0.1.0] - 2024-04-24

Added

• NewSDK in go.opentelemetry.io/contrib/config now returns a configured SDK with a valid MeterProvider. (#4804)

Changed

• Change the scope name for the prometheus bridge to go.opentelemetry.io/contrib/bridges/prometheus to match the package. (#5396)
• Add support for settings additional properties for resource configuration in go.opentelemetry.io/contrib/config. (#4832)

Fixed

• Fix bug where an empty exemplar was added to counters in go.opentelemetry.io/contrib/bridges/prometheus. (#5395)
• Fix bug where the last histogram bucket was missing in go.opentelemetry.io/contrib/bridges/prometheus. (#5395)

[1.25.0/0.50.0/0.19.0/0.5.0/0.0.1] - 2024-04-05

Added

• Implemented setting the cloud.resource_id resource attribute in go.opentelemetry.io/detectors/aws/ecs based on the ECS Metadata v4 endpoint. (#5091)
• The go.opentelemetry.io/contrib/bridges/otelslog module. This module provides an OpenTelemetry logging bridge for "log/slog". (#5335)

Fixed

• Update all dependencies to address [GO-2024-2687]. (#5359)

Removed

• Drop support for [Go 1.20]. (#5163)

[1.24.0/0.49.0/0.18.0/0.4.0] - 2024-02-23

This release is the last to support [Go 1.20]. The next release will require at least [Go 1.21].

Added

• Support [Go 1.22]. (#5082)
• Add support for Summary metrics to go.opentelemetry.io/contrib/bridges/prometheus. (#5089)
• Add support for Exponential (native) Histograms in go.opentelemetry.io/contrib/bridges/prometheus. (#5093)

Removed

• The deprecated RequestCount constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
• The deprecated RequestContentLength constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
• The deprecated ResponseContentLength constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
• The deprecated ServerLatency constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)

... (truncated)

Commits

• 1412a89 OTel-Go-Contrib 0.24 release (#1144)
• 8e44f3f Prerelease v0.24.0 (#1125)
• f6c2b15 added guard for nil option around setting the provider (#1107)
• eb0df76 Added guard to prevent Options from setting nil Propagators (#1124)
• b6b185d added aws instrumentation package to README (#1106)
• 76dbf66 Update dependencies (#1101)
• 4fa9762 Release prep (#1093)
• 430ecb2 Added NewResourceDetector API for EC2 resource detector init (#1030)
• b2a1760 Upgrade to release v1.0.0-RC3 (trace) and v0.23 (metrics) (#1091)
• f650585 Update stable modules from core repo (#1048)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't a...

Description has been truncated

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml