chore(deps): bump actions/upload-artifact from 3 to 4 #444

dependabot · 2023-12-15T05:17:40Z

Bumps actions/upload-artifact from 3 to 4.

Release notes

Sourced from actions/upload-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

For more information, see the @actions/artifact documentation.

New Contributors

@vmjoseph made their first contribution in actions/upload-artifact#464

Full Changelog: actions/upload-artifact@v3...v4.0.0

v3.1.3

What's Changed

chore(github): remove trailing whitespaces by @ljmf00 in actions/upload-artifact#313

Bump @actions/artifact version to v1.1.2 by @bethanyj28 in actions/upload-artifact#436

Full Changelog: actions/upload-artifact@v3...v3.1.3

v3.1.2

Update all @actions/* NPM packages to their latest versions- #374

Update all dev dependencies to their most recent versions - #375

v3.1.1

Update actions/core package to latest version to remove set-output deprecation warning #351

v3.1.0

What's Changed

Bump @actions/artifact to v1.1.0 (actions/upload-artifact#327)

Adds checksum headers on artifact upload (actions/toolkit#1095) (actions/toolkit#1063)

Commits

c7d193f Merge pull request #466 from actions/v4-beta
13131bb licensed cache
4a6c273 Merge branch 'main' into v4-beta
f391bb9 Merge pull request #465 from actions/robherley/v4-documentation
9653d03 Apply suggestions from code review
875b630 add limitations section
ecb2146 add compression example
5e7604f trim some repeated info
d6437d0 naming
1b56155 s/v4-beta/v4/g
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v3...v4) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action) | action | minor | `v5.0.0` -> `v5.1.0` | --- ### Release Notes <details> <summary>goreleaser/goreleaser-action (goreleaser/goreleaser-action)</summary> ### [`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0) [Compare Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0) #### Important This version changes the default behavior of `latest` to `~> v1`. The next major of this action (v6), will change this to `~> v2`, and will be launched together with GoReleaser v2. #### What's Changed - docs: bump actions to latest major by [@crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#435 - chore(deps): bump docker/bake-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#436 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#437 - chore(deps): bump actions/setup-go from 4 to 5 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#443 - chore(deps): bump actions/upload-artifact from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#444 - Delete .kodiak.toml by [@vedantmgoyal9](https://togithub.com/vedantmgoyal9) in [goreleaser/goreleaser-action#446 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#448 - chore(deps): bump ip from 2.0.0 to 2.0.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#450 - Upgrade setup-go action version in README by [@kishaningithub](https://togithub.com/kishaningithub) in [goreleaser/goreleaser-action#455 - chore(deps): bump tar from 6.1.14 to 6.2.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#456 - chore: use corepack to install yarn by [@crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#458 - feat: lock this major version of the action to use '~> v1' as 'latest' by [@caarlos0](https://togithub.com/caarlos0) in [goreleaser/goreleaser-action#461 - chore(deps): bump semver from 7.6.0 to 7.6.2 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#462 - chore(deps): bump [@actions/http-client](https://togithub.com/actions/http-client) from 2.2.0 to 2.2.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#451 #### New Contributors - [@vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their first contribution in [goreleaser/goreleaser-action#446 **Full Changelog**: goreleaser/goreleaser-action@v5.0.0...v5.1.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 10pm every weekday,before 5am every weekday,every weekend" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/nobl9/terraform-provider-nobl9).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.4` -> `v4.1.5` | | [codecov/codecov-action](https://togithub.com/codecov/codecov-action) | action | minor | `4.3.1` -> `4.4.0` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.3` -> `v3.25.5` | | [goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action) | action | minor | `v5.0.0` -> `v5.1.0` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1703 - Bump github/codeql-action from 2 to 3 by [@dependabot](https://togithub.com/dependabot) in [actions/checkout#1694 - Bump actions/setup-node from 1 to 4 by [@dependabot](https://togithub.com/dependabot) in [actions/checkout#1696 - Bump actions/upload-artifact from 2 to 4 by [@dependabot](https://togithub.com/dependabot) in [actions/checkout#1695 - README: Suggest `user.email` to be `41898282+github-actions[bot]@users.noreply.github.com` by [@cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1707 **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 </details> <details> <summary>codecov/codecov-action (codecov/codecov-action)</summary> ### [`v4.4.0`](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0) [Compare Source](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0) </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) </details> <details> <summary>goreleaser/goreleaser-action (goreleaser/goreleaser-action)</summary> ### [`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0) [Compare Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0) #### Important This version changes the default behavior of `latest` to `~> v1`. The next major of this action (v6), will change this to `~> v2`, and will be launched together with GoReleaser v2. #### What's Changed - docs: bump actions to latest major by [@crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#435 - chore(deps): bump docker/bake-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#436 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#437 - chore(deps): bump actions/setup-go from 4 to 5 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#443 - chore(deps): bump actions/upload-artifact from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#444 - Delete .kodiak.toml by [@vedantmgoyal9](https://togithub.com/vedantmgoyal9) in [goreleaser/goreleaser-action#446 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#448 - chore(deps): bump ip from 2.0.0 to 2.0.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#450 - Upgrade setup-go action version in README by [@kishaningithub](https://togithub.com/kishaningithub) in [goreleaser/goreleaser-action#455 - chore(deps): bump tar from 6.1.14 to 6.2.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#456 - chore: use corepack to install yarn by [@crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#458 - feat: lock this major version of the action to use '~> v1' as 'latest' by [@caarlos0](https://togithub.com/caarlos0) in [goreleaser/goreleaser-action#461 - chore(deps): bump semver from 7.6.0 to 7.6.2 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#462 - chore(deps): bump [@actions/http-client](https://togithub.com/actions/http-client) from 2.2.0 to 2.2.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#451 #### New Contributors - [@vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their first contribution in [goreleaser/goreleaser-action#446 **Full Changelog**: goreleaser/goreleaser-action@v5.0.0...v5.1.0 </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.4` -> `v4.1.6` | | [codecov/codecov-action](https://togithub.com/codecov/codecov-action) | action | minor | `v4.3.1` -> `v4.4.1` | | gaurav-nelson/github-action-markdown-link-check | action | digest | `25b2c43` -> `7d83e59` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.3` -> `v3.25.6` | | [goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action) | action | minor | `v5.0.0` -> `v5.1.0` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6) - Check platform to set archive extension appropriately by [@cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1732 ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1703 - Bump github/codeql-action from 2 to 3 by [@dependabot](https://togithub.com/dependabot) in [actions/checkout#1694 - Bump actions/setup-node from 1 to 4 by [@dependabot](https://togithub.com/dependabot) in [actions/checkout#1696 - Bump actions/upload-artifact from 2 to 4 by [@dependabot](https://togithub.com/dependabot) in [actions/checkout#1695 - README: Suggest `user.email` to be `41898282+github-actions[bot]@users.noreply.github.com` by [@cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1707 **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 </details> <details> <summary>codecov/codecov-action (codecov/codecov-action)</summary> ### [`v4.4.1`](https://togithub.com/codecov/codecov-action/compare/v4.4.0...v4.4.1) [Compare Source](https://togithub.com/codecov/codecov-action/compare/v4.4.0...v4.4.1) ### [`v4.4.0`](https://togithub.com/codecov/codecov-action/releases/tag/v4.4.0) [Compare Source](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0) #### What's Changed - chore: Clarify isPullRequestFromFork by [@jsoref](https://togithub.com/jsoref) in [codecov/codecov-action#1411 - build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by [@dependabot](https://togithub.com/dependabot) in [codecov/codecov-action#1423 - build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by [@dependabot](https://togithub.com/dependabot) in [codecov/codecov-action#1421 - build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by [@dependabot](https://togithub.com/dependabot) in [codecov/codecov-action#1420 - feat: remove GPG and run on spawn by [@thomasrockhu-codecov](https://togithub.com/thomasrockhu-codecov) in [codecov/codecov-action#1426 - build(deps-dev): bump [@typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 7.8.0 to 7.9.0 by [@dependabot](https://togithub.com/dependabot) in [codecov/codecov-action#1428 - chore(release): 4.4.0 by [@thomasrockhu-codecov](https://togithub.com/thomasrockhu-codecov) in [codecov/codecov-action#1430 **Full Changelog**: codecov/codecov-action@v4.3.1...v4.4.0 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.6`](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) ### [`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) </details> <details> <summary>goreleaser/goreleaser-action (goreleaser/goreleaser-action)</summary> ### [`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0) [Compare Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0) #### Important This version changes the default behavior of `latest` to `~> v1`. The next major of this action (v6), will change this to `~> v2`, and will be launched together with GoReleaser v2. #### What's Changed - docs: bump actions to latest major by [@crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#435 - chore(deps): bump docker/bake-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#436 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#437 - chore(deps): bump actions/setup-go from 4 to 5 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#443 - chore(deps): bump actions/upload-artifact from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#444 - Delete .kodiak.toml by [@vedantmgoyal9](https://togithub.com/vedantmgoyal9) in [goreleaser/goreleaser-action#446 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#448 - chore(deps): bump ip from 2.0.0 to 2.0.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#450 - Upgrade setup-go action version in README by [@kishaningithub](https://togithub.com/kishaningithub) in [goreleaser/goreleaser-action#455 - chore(deps): bump tar from 6.1.14 to 6.2.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#456 - chore: use corepack to install yarn by [@crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#458 - feat: lock this major version of the action to use '~> v1' as 'latest' by [@caarlos0](https://togithub.com/caarlos0) in [goreleaser/goreleaser-action#461 - chore(deps): bump semver from 7.6.0 to 7.6.2 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#462 - chore(deps): bump [@actions/http-client](https://togithub.com/actions/http-client) from 2.2.0 to 2.2.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#451 #### New Contributors - [@vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their first contribution in [goreleaser/goreleaser-action#446 **Full Changelog**: goreleaser/goreleaser-action@v5.0.0...v5.1.0 </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) > \[!NOTE]\ > There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by [@spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1366 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by [@spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1374 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by [@spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1377 For a full changelist of what these include, see the [v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1) and [v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2) release notes. ##### Documentation - 📖 Move token discussion out of main README. by [@spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1279 - 📖 link to `ossf/scorecard` workflow instead of maintaining an example by [@spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1352 - 📖 update api links to new scorecard.dev site by [@spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1376 **Full Changelog**: ossf/scorecard-action@v2.3.1...v2.3.3 ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 6am on monday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/google/osv-scanner).  Co-authored-by: Xueqin Cui <72771658+cuixq@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.4` -> `v4.1.5` | | [codecov/codecov-action](https://togithub.com/codecov/codecov-action) | action | minor | `4.3.1` -> `4.4.0` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.3` -> `v3.25.5` | | [goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action) | action | minor | `v5.0.0` -> `v5.1.0` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@&open-telemetry#8203;cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1703 - Bump github/codeql-action from 2 to 3 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [actions/checkout#1694 - Bump actions/setup-node from 1 to 4 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [actions/checkout#1696 - Bump actions/upload-artifact from 2 to 4 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [actions/checkout#1695 - README: Suggest `user.email` to be `41898282+github-actions[bot]@&open-telemetry#8203;users.noreply.github.com` by [@&open-telemetry#8203;cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1707 **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 </details> <details> <summary>codecov/codecov-action (codecov/codecov-action)</summary> ### [`v4.4.0`](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0) [Compare Source](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0) </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) </details> <details> <summary>goreleaser/goreleaser-action (goreleaser/goreleaser-action)</summary> ### [`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0) [Compare Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0) #### Important This version changes the default behavior of `latest` to `~> v1`. The next major of this action (v6), will change this to `~> v2`, and will be launched together with GoReleaser v2. #### What's Changed - docs: bump actions to latest major by [@&open-telemetry#8203;crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#435 - chore(deps): bump docker/bake-action from 3 to 4 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#436 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#437 - chore(deps): bump actions/setup-go from 4 to 5 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#443 - chore(deps): bump actions/upload-artifact from 3 to 4 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#444 - Delete .kodiak.toml by [@&open-telemetry#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in [goreleaser/goreleaser-action#446 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#448 - chore(deps): bump ip from 2.0.0 to 2.0.1 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#450 - Upgrade setup-go action version in README by [@&open-telemetry#8203;kishaningithub](https://togithub.com/kishaningithub) in [goreleaser/goreleaser-action#455 - chore(deps): bump tar from 6.1.14 to 6.2.1 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#456 - chore: use corepack to install yarn by [@&open-telemetry#8203;crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#458 - feat: lock this major version of the action to use '~> v1' as 'latest' by [@&open-telemetry#8203;caarlos0](https://togithub.com/caarlos0) in [goreleaser/goreleaser-action#461 - chore(deps): bump semver from 7.6.0 to 7.6.2 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#462 - chore(deps): bump [@&open-telemetry#8203;actions/http-client](https://togithub.com/actions/http-client) from 2.2.0 to 2.2.1 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#451 #### New Contributors - [@&open-telemetry#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their first contribution in [goreleaser/goreleaser-action#446 **Full Changelog**: goreleaser/goreleaser-action@v5.0.0...v5.1.0 </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.4` -> `v4.1.6` | | [codecov/codecov-action](https://togithub.com/codecov/codecov-action) | action | minor | `v4.3.1` -> `v4.4.1` | | gaurav-nelson/github-action-markdown-link-check | action | digest | `25b2c43` -> `7d83e59` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.3` -> `v3.25.6` | | [goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action) | action | minor | `v5.0.0` -> `v5.1.0` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6) - Check platform to set archive extension appropriately by [@cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1732 ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1703 - Bump github/codeql-action from 2 to 3 by [@dependabot](https://togithub.com/dependabot) in [actions/checkout#1694 - Bump actions/setup-node from 1 to 4 by [@dependabot](https://togithub.com/dependabot) in [actions/checkout#1696 - Bump actions/upload-artifact from 2 to 4 by [@dependabot](https://togithub.com/dependabot) in [actions/checkout#1695 - README: Suggest `user.email` to be `41898282+github-actions[bot]@users.noreply.github.com` by [@cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1707 **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 </details> <details> <summary>codecov/codecov-action (codecov/codecov-action)</summary> ### [`v4.4.1`](https://togithub.com/codecov/codecov-action/compare/v4.4.0...v4.4.1) [Compare Source](https://togithub.com/codecov/codecov-action/compare/v4.4.0...v4.4.1) ### [`v4.4.0`](https://togithub.com/codecov/codecov-action/releases/tag/v4.4.0) [Compare Source](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0) #### What's Changed - chore: Clarify isPullRequestFromFork by [@jsoref](https://togithub.com/jsoref) in [codecov/codecov-action#1411 - build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by [@dependabot](https://togithub.com/dependabot) in [codecov/codecov-action#1423 - build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by [@dependabot](https://togithub.com/dependabot) in [codecov/codecov-action#1421 - build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by [@dependabot](https://togithub.com/dependabot) in [codecov/codecov-action#1420 - feat: remove GPG and run on spawn by [@thomasrockhu-codecov](https://togithub.com/thomasrockhu-codecov) in [codecov/codecov-action#1426 - build(deps-dev): bump [@typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 7.8.0 to 7.9.0 by [@dependabot](https://togithub.com/dependabot) in [codecov/codecov-action#1428 - chore(release): 4.4.0 by [@thomasrockhu-codecov](https://togithub.com/thomasrockhu-codecov) in [codecov/codecov-action#1430 **Full Changelog**: codecov/codecov-action@v4.3.1...v4.4.0 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.6`](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) ### [`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) </details> <details> <summary>goreleaser/goreleaser-action (goreleaser/goreleaser-action)</summary> ### [`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0) [Compare Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0) #### Important This version changes the default behavior of `latest` to `~> v1`. The next major of this action (v6), will change this to `~> v2`, and will be launched together with GoReleaser v2. #### What's Changed - docs: bump actions to latest major by [@crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#435 - chore(deps): bump docker/bake-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#436 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#437 - chore(deps): bump actions/setup-go from 4 to 5 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#443 - chore(deps): bump actions/upload-artifact from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#444 - Delete .kodiak.toml by [@vedantmgoyal9](https://togithub.com/vedantmgoyal9) in [goreleaser/goreleaser-action#446 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#448 - chore(deps): bump ip from 2.0.0 to 2.0.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#450 - Upgrade setup-go action version in README by [@kishaningithub](https://togithub.com/kishaningithub) in [goreleaser/goreleaser-action#455 - chore(deps): bump tar from 6.1.14 to 6.2.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#456 - chore: use corepack to install yarn by [@crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#458 - feat: lock this major version of the action to use '~> v1' as 'latest' by [@caarlos0](https://togithub.com/caarlos0) in [goreleaser/goreleaser-action#461 - chore(deps): bump semver from 7.6.0 to 7.6.2 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#462 - chore(deps): bump [@actions/http-client](https://togithub.com/actions/http-client) from 2.2.0 to 2.2.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#451 #### New Contributors - [@vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their first contribution in [goreleaser/goreleaser-action#446 **Full Changelog**: goreleaser/goreleaser-action@v5.0.0...v5.1.0 </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) > \[!NOTE]\ > There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by [@spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1366 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by [@spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1374 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by [@spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1377 For a full changelist of what these include, see the [v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1) and [v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2) release notes. ##### Documentation - 📖 Move token discussion out of main README. by [@spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1279 - 📖 link to `ossf/scorecard` workflow instead of maintaining an example by [@spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1352 - 📖 update api links to new scorecard.dev site by [@spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1376 **Full Changelog**: ossf/scorecard-action@v2.3.1...v2.3.3 ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 6am on monday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/google/osv-scanner).  Co-authored-by: Xueqin Cui <72771658+cuixq@users.noreply.github.com>

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.4` -> `v4.1.5` | | [codecov/codecov-action](https://togithub.com/codecov/codecov-action) | action | minor | `4.3.1` -> `4.4.0` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.3` -> `v3.25.5` | | [goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action) | action | minor | `v5.0.0` -> `v5.1.0` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@&open-telemetry#8203;cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1703 - Bump github/codeql-action from 2 to 3 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [actions/checkout#1694 - Bump actions/setup-node from 1 to 4 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [actions/checkout#1696 - Bump actions/upload-artifact from 2 to 4 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [actions/checkout#1695 - README: Suggest `user.email` to be `41898282+github-actions[bot]@&open-telemetry#8203;users.noreply.github.com` by [@&open-telemetry#8203;cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1707 **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 </details> <details> <summary>codecov/codecov-action (codecov/codecov-action)</summary> ### [`v4.4.0`](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0) [Compare Source](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0) </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) </details> <details> <summary>goreleaser/goreleaser-action (goreleaser/goreleaser-action)</summary> ### [`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0) [Compare Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0) #### Important This version changes the default behavior of `latest` to `~> v1`. The next major of this action (v6), will change this to `~> v2`, and will be launched together with GoReleaser v2. #### What's Changed - docs: bump actions to latest major by [@&open-telemetry#8203;crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#435 - chore(deps): bump docker/bake-action from 3 to 4 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#436 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#437 - chore(deps): bump actions/setup-go from 4 to 5 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#443 - chore(deps): bump actions/upload-artifact from 3 to 4 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#444 - Delete .kodiak.toml by [@&open-telemetry#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in [goreleaser/goreleaser-action#446 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#448 - chore(deps): bump ip from 2.0.0 to 2.0.1 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#450 - Upgrade setup-go action version in README by [@&open-telemetry#8203;kishaningithub](https://togithub.com/kishaningithub) in [goreleaser/goreleaser-action#455 - chore(deps): bump tar from 6.1.14 to 6.2.1 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#456 - chore: use corepack to install yarn by [@&open-telemetry#8203;crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#458 - feat: lock this major version of the action to use '~> v1' as 'latest' by [@&open-telemetry#8203;caarlos0](https://togithub.com/caarlos0) in [goreleaser/goreleaser-action#461 - chore(deps): bump semver from 7.6.0 to 7.6.2 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#462 - chore(deps): bump [@&open-telemetry#8203;actions/http-client](https://togithub.com/actions/http-client) from 2.2.0 to 2.2.1 by [@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#451 #### New Contributors - [@&open-telemetry#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their first contribution in [goreleaser/goreleaser-action#446 **Full Changelog**: goreleaser/goreleaser-action@v5.0.0...v5.1.0 </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* [mdatagen] use mdatagen to produce component internal telemetry (#10054) #### Description This updates mdatagen to generate internal telemetry for components based on metadata.yaml configuration. #### Testing Added tests to mdatagen and updated the batch processor to use this as well for synchronous counters and histogram --------- Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> (cherry picked from commit d73235fc9104fdc10f930c36bcf122c7a5bd162c) * [chore] Update release schedule after release 0.100.0 (#10092) Signed-off-by: Bogdan Drutu <bogdandrutu@gmail.com> (cherry picked from commit 430369240f7fc2b640cab48f233cf7d8b39796a4) * [chore] add unit test for histogram in mdatagen (#10089) Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> (cherry picked from commit 7855bf2ababecdddfea82e4b1a15fd81be2d2d66) * Update module github.com/shirou/gopsutil/v3 to v3.24.4 (#10097) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [github.com/shirou/gopsutil/v3](https://togithub.com/shirou/gopsutil) | `v3.24.3` -> `v3.24.4` | [![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fshirou%2fgopsutil%2fv3/v3.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fshirou%2fgopsutil%2fv3/v3.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fshirou%2fgopsutil%2fv3/v3.24.3/v3.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fshirou%2fgopsutil%2fv3/v3.24.3/v3.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>shirou/gopsutil (github.com/shirou/gopsutil/v3)</summary> ### [`v3.24.4`](https://togithub.com/shirou/gopsutil/releases/tag/v3.24.4) [Compare Source](https://togithub.com/shirou/gopsutil/compare/v3.24.3...v3.24.4)  ##### What's Changed ##### net - Update net_openbsd.go to correctly parse netstat output on obsd by [@amarinderca](https://togithub.com/amarinderca) in [https://github.com/shirou/gopsutil/pull/1621](https://togithub.com/shirou/gopsutil/pull/1621) - chore: fix some typos in comments by [@camcui](https://togithub.com/camcui) in [https://github.com/shirou/gopsutil/pull/1624](https://togithub.com/shirou/gopsutil/pull/1624) ##### New Contributors - [@amarinderca](https://togithub.com/amarinderca) made their first contribution in [https://github.com/shirou/gopsutil/pull/1621](https://togithub.com/shirou/gopsutil/pull/1621) - [@camcui](https://togithub.com/camcui) made their first contribution in [https://github.com/shirou/gopsutil/pull/1624](https://togithub.com/shirou/gopsutil/pull/1624) **Full Changelog**: https://github.com/shirou/gopsutil/compare/v3.24.3...v3.24.4 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com> (cherry picked from commit 9bee0cafcae752ee3701c106ede7060ed3470a00) * Update module go.opentelemetry.io/collector/exporter/otlphttpexporter to v0.100.0 (#10104) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [go.opentelemetry.io/collector/exporter/otlphttpexporter](https://togithub.com/open-telemetry/opentelemetry-collector) | `v0.99.0` -> `v0.100.0` | [![age](https://developer.mend.io/api/mc/badges/age/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlphttpexporter/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlphttpexporter/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlphttpexporter/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlphttpexporter/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>open-telemetry/opentelemetry-collector (go.opentelemetry.io/collector/exporter/otlphttpexporter)</summary> ### [`v0.100.0`](https://togithub.com/open-telemetry/opentelemetry-collector/blob/HEAD/CHANGELOG.md#v170v01000) [Compare Source](https://togithub.com/open-telemetry/opentelemetry-collector/compare/v0.99.0...v0.100.0) ##### 🛑 Breaking changes 🛑 - `service`: The `validate` sub-command no longer validates that each pipeline's type is the same as its component types ([#10031](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10031)) ##### 💡 Enhancements 💡 - `semconv`: Add support for v1.25.0 semantic convention ([#10072](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10072)) - `builder`: remove the need to go get a module to address ambiguous import paths ([#10015](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10015)) - `pmetric`: Support parsing metric.metadata from OTLP JSON. ([#10026](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10026)) ##### 🧰 Bug fixes 🧰 - `exporterhelper`: Fix enabled config option for batch sender ([#10076](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10076)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> (cherry picked from commit 5605528fbdbe37662891f19a3948c1774740b9c8) * [chore] split arm builds into their own workflow (#10113) This is the same as was done in contrib. Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> (cherry picked from commit 93901cd2b767b555b46fce2bf6d72704adbb8b11) * [chore] group more dependencies (#10112) Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> (cherry picked from commit 067ac03a57b1b7e85e9d76ecfbbbfe0932aa47e2) * [chore] fix package prefix (#10116) should not have included `https` (cherry picked from commit f23316625776a917dbf625c5e1640330fa3d022a) * Update All go.opentelemetry.io/collector packages to v0.100.0 (#10115) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [go.opentelemetry.io/collector/exporter/otlpexporter](https://togithub.com/open-telemetry/opentelemetry-collector) | `v0.99.0` -> `v0.100.0` | [![age](https://developer.mend.io/api/mc/badges/age/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlpexporter/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlpexporter/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlpexporter/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlpexporter/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | [go.opentelemetry.io/collector/receiver/otlpreceiver](https://togithub.com/open-telemetry/opentelemetry-collector) | `v0.99.0` -> `v0.100.0` | [![age](https://developer.mend.io/api/mc/badges/age/go/go.opentelemetry.io%2fcollector%2freceiver%2fotlpreceiver/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/go.opentelemetry.io%2fcollector%2freceiver%2fotlpreceiver/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/go.opentelemetry.io%2fcollector%2freceiver%2fotlpreceiver/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/go.opentelemetry.io%2fcollector%2freceiver%2fotlpreceiver/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>open-telemetry/opentelemetry-collector (go.opentelemetry.io/collector/exporter/otlpexporter)</summary> ### [`v0.100.0`](https://togithub.com/open-telemetry/opentelemetry-collector/blob/HEAD/CHANGELOG.md#v170v01000) [Compare Source](https://togithub.com/open-telemetry/opentelemetry-collector/compare/v0.99.0...v0.100.0) ##### 🛑 Breaking changes 🛑 - `service`: The `validate` sub-command no longer validates that each pipeline's type is the same as its component types ([#10031](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10031)) ##### 💡 Enhancements 💡 - `semconv`: Add support for v1.25.0 semantic convention ([#10072](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10072)) - `builder`: remove the need to go get a module to address ambiguous import paths ([#10015](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10015)) - `pmetric`: Support parsing metric.metadata from OTLP JSON. ([#10026](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10026)) ##### 🧰 Bug fixes 🧰 - `exporterhelper`: Fix enabled config option for batch sender ([#10076](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10076)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> (cherry picked from commit 2e289b64bbed115d186c8cf944ba054dbb8e4b63) * Update All golang.org/x packages (#10117) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | golang.org/x/exp | `v0.0.0-20231110203233-9a3e6036ecaa` -> `v0.0.0-20240506185415-9bf2ced13842` | [![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fexp/v0.0.0-20231110203233-9a3e6036ecaa/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fexp/v0.0.0-20231110203233-9a3e6036ecaa/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | golang.org/x/exp | `v0.0.0-20240119083558-1b970713d09a` -> `v0.0.0-20240506185415-9bf2ced13842` | [![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fexp/v0.0.0-20240119083558-1b970713d09a/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fexp/v0.0.0-20240119083558-1b970713d09a/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | golang.org/x/net | `v0.24.0` -> `v0.25.0` | [![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fnet/v0.25.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fnet/v0.25.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fnet/v0.24.0/v0.25.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fnet/v0.24.0/v0.25.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | golang.org/x/sys | `v0.19.0` -> `v0.20.0` | [![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fsys/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fsys/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fsys/v0.19.0/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fsys/v0.19.0/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | golang.org/x/text | `v0.14.0` -> `v0.15.0` | [![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2ftext/v0.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2ftext/v0.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2ftext/v0.14.0/v0.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2ftext/v0.14.0/v0.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | | golang.org/x/tools | `v0.20.0` -> `v0.21.0` | [![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2ftools/v0.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2ftools/v0.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2ftools/v0.20.0/v0.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2ftools/v0.20.0/v0.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com> (cherry picked from commit 3c5bca5097da4585f3a50ebefdbb6403a0038948) * Update module google.golang.org/protobuf to v1.34.1 (#10101) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [google.golang.org/protobuf](https://togithub.com/protocolbuffers/protobuf-go) | `v1.34.0` -> `v1.34.1` | [![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fprotobuf/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fprotobuf/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fprotobuf/v1.34.0/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fprotobuf/v1.34.0/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>protocolbuffers/protobuf-go (google.golang.org/protobuf)</summary> ### [`v1.34.1`](https://togithub.com/protocolbuffers/protobuf-go/releases/tag/v1.34.1) [Compare Source](https://togithub.com/protocolbuffers/protobuf-go/compare/v1.34.0...v1.34.1) Minor fixes for editions compliance: - [CL/582635](https://go.dev/cl/582635): all: update to protobuf 27.0-rc1 and regenerate protos - [CL/582755](https://go.dev/cl/582755): encoding/proto\[json|text]: accept lower case names for group-like fields </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com> Co-authored-by: Alex Boten <223565+codeboten@users.noreply.github.com> (cherry picked from commit c5ee52b133725ce07a0d5b2ed76f1d1462fd6633) * Update module github.com/golangci/golangci-lint to v1.58.0 (#10102) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [github.com/golangci/golangci-lint](https://togithub.com/golangci/golangci-lint) | `v1.57.2` -> `v1.58.0` | [![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fgolangci%2fgolangci-lint/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fgolangci%2fgolangci-lint/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fgolangci%2fgolangci-lint/v1.57.2/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fgolangci%2fgolangci-lint/v1.57.2/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>golangci/golangci-lint (github.com/golangci/golangci-lint)</summary> ### [`v1.58.0`](https://togithub.com/golangci/golangci-lint/compare/v1.57.2...v1.58.0) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.57.2...v1.58.0) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com> (cherry picked from commit 90ddbcb666e3a415ef83120c5d828e44422b35c8) * Update actions/setup-go action to v5.0.1 (#10096) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/setup-go](https://togithub.com/actions/setup-go) | action | patch | `v5.0.0` -> `v5.0.1` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>actions/setup-go (actions/setup-go)</summary> ### [`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1) [Compare Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1) #### What's Changed - Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by [@dependabot](https://togithub.com/dependabot) , [@HarithaVattikuti](https://togithub.com/HarithaVattikuti) in [https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465) - Update documentation with latest V5 release notes by [@ab](https://togithub.com/ab) in [https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459) - Update version documentation by [@178inaba](https://togithub.com/178inaba) in [https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458) - Documentation update of `actions/setup-go` to v5 by [@chenrui333](https://togithub.com/chenrui333) in [https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449) #### New Contributors - [@ab](https://togithub.com/ab) made their first contribution in [https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459) **Full Changelog**: https://github.com/actions/setup-go/compare/v5.0.0...v5.0.1 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Yang Song <songy23@users.noreply.github.com> (cherry picked from commit 9bc32498ce5edc12222ced1db46378e26dbd3cce) * [chore] Update go versions in CI (#10119) (cherry picked from commit 7b63bfc9a46b692451c838bb7acd2e3692580bf4) * Move Aneurysm9 to emeritus status (#10120) I have been unable to provide this position the bandwidth that it deserves and it is time to formalize recognition of that fact. Signed-off-by: Anthony J Mirabella <a9@aneurysm9.com> Co-authored-by: Alex Boten <223565+codeboten@users.noreply.github.com> (cherry picked from commit c6b70a7ec794d1a296f82863032def0848f870e0) * [chore] use mdatagen for exporterhelper metrics (#10094) Uses the new mdatagen capabilities to generate internal telemetry details for exporterhelper. --------- Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> (cherry picked from commit 5c72c5d2a035c811fc60e6608320986ec85e4110) * [chore] use mdatagen scraperhelper (#10095) Follows https://github.com/open-telemetry/opentelemetry-collector/pull/10094 --------- Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> * [chore] use mdatagen for processorhelper (#10122) This updates the processor helper to use mdatagen for its internal telemetry. --------- Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> * [chore][cmd/builder] Test for unreleased versions (#10030)  #### Description Add a test to help prevent our replace statements from going out of date and causing situations like https://github.com/open-telemetry/opentelemetry-collector/issues/10014. This is also probably just a decent test case to have since it's a syntactically valid but nonexistent version. --------- Co-authored-by: Evan Bradley <evan-bradley@users.noreply.github.com> Co-authored-by: Juraci Paixão Kröhling <juraci.github@kroehling.de> * [mdatagen] Run tests when skipping goleak (#10126) #### Description Tests are currently not being run when `goleak` checks are skipped. This is because `TestMain` is called in the generated file, and needs to call `m.Run()` to properly run the package's tests. This call was missing. #### Link to tracking issue Fixes #10125 #### Testing There aren't any `goleak` checks currently being skipped in core from the generated package tests, but there are quite a few in `contrib`. This will fix the skipped tests in `contrib`. * [chore] use mdatagen for receiverhelper metrics (#10123) Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> * [mdatagen] use main as package for cmd types (#10130) This allows us to enabled package test generation for mdatagen itself (and for telemetrygen in contrib) Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> * [mdatagen] only generate telemetry as needed (#10129) This prevent unnecessary files from being generated if metadata.yaml doesn't include any internal telemetry for a component. Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> * ExporterHelper tests - switch to DataType instead of Type (#10127)  #### Description `newBaseExporter` needs a `DataType` - up until now we've been passing in a `Type`. In preparation of splitting `DataType` and `Type`, pass in a real `DataType`.  #### Link to tracking issue related to https://github.com/open-telemetry/opentelemetry-collector/issues/9429 In preparation for https://github.com/open-telemetry/opentelemetry-collector/pull/10069 * MemoryLimiterProcessor - switch to MustNewID instead of zero value ID (#10128)  #### Description In an upcoming PR, I change Type to be an interface. This means the zero value of Type will be nil - which will cause this test to fail. Initializing ID instead of relying on the zero value fixes this  #### Link to tracking issue related to https://github.com/open-telemetry/opentelemetry-collector/issues/9429  In preparation for https://github.com/open-telemetry/opentelemetry-collector/pull/10069 * [otelcol] Add a custom zapcore.Core for confmap logging (#10056)  #### Description Provides a logger to confmap that buffers logs in memory until the primary logger can be used. Once the primary logger exists, places that used the original logger are given the updated Core. If an error occurs that would shut down the collector before the primary logger could be created, the logs are written to stdout/err using a fallback logger. Alternative to https://github.com/open-telemetry/opentelemetry-collector/pull/10008 I've pushed the testing I did to show how the logger successfully updates. Before config resolution the debug log in confmap is not printed, but afterwards it is. test config: ```yaml receivers: nop: exporters: otlphttp: endpoint: http://0.0.0.0:4317 headers: # Not set x-test: ${env:TEMP3} debug: # set to "detailed" verbosity: $TEMP service: telemetry: logs: level: debug pipelines: traces: receivers: - nop exporters: - debug ``` ![image](https://github.com/open-telemetry/opentelemetry-collector/assets/12352919/6a17993f-1f97-4c54-9165-5c34dd58d108)  #### Link to tracking issue Related to https://github.com/open-telemetry/opentelemetry-collector/issues/9162 Related to https://github.com/open-telemetry/opentelemetry-collector/issues/5615  #### Testing If we like this approach I'll add tests  #### Documentation --------- Co-authored-by: Dan Jaglowski <jaglows3@gmail.com> Co-authored-by: Pablo Baeyens <pbaeyens31+github@gmail.com> * [confmap] Deprecate `NewWithSettings` and `New` (#10134) #### Description Each of these was deprecated in v0.99.0, so I think removing them in v0.101.0 is a safe deprecation period for an API that is likely only used by vendor distros built without ocb. If we would like to extend the deprecation period or break this change into PRs for each module, let me know and I'll make the necessary changes. * [confmap] Add logger to ConverterSettings (#10135) #### Description Adds a Logger to ConverterSettings to enable logging from within converters. Also update the expand converter to log a warning if the env var is empty or missing. #### Link to tracking issue Closes https://github.com/open-telemetry/opentelemetry-collector/issues/9162 Closes https://github.com/open-telemetry/opentelemetry-collector/issues/5615 #### Testing Unit tests and local testing ![image](https://github.com/open-telemetry/opentelemetry-collector/assets/12352919/af5dd1e2-62f9-4272-97c7-da57166ef07e) ```yaml receivers: nop: exporters: otlphttp: endpoint: http://0.0.0.0:4317 headers: # Not set x-test: $TEMP3 debug: # set to "detailed" verbosity: $TEMP service: telemetry: logs: level: info pipelines: traces: receivers: - nop exporters: - otlphttp - debug ``` #### Documentation Added godoc comments * [confighttp] Remove deprecated functions (#10138) Closes https://github.com/open-telemetry/opentelemetry-collector/issues/9807 * Update module github.com/prometheus/client_golang to v1.19.1 (#10147) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [github.com/prometheus/client_golang](https://togithub.com/prometheus/client_golang) | `v1.19.0` -> `v1.19.1` | [![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fprometheus%2fclient_golang/v1.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fprometheus%2fclient_golang/v1.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fprometheus%2fclient_golang/v1.19.0/v1.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fprometheus%2fclient_golang/v1.19.0/v1.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>prometheus/client_golang (github.com/prometheus/client_golang)</summary> ### [`v1.19.1`](https://togithub.com/prometheus/client_golang/releases/tag/v1.19.1) [Compare Source](https://togithub.com/prometheus/client_golang/compare/v1.19.0...v1.19.1) #### What's Changed - Security patches for `golang.org/x/sys` and `google.golang.org/protobuf` #### New Contributors - [@lukasauk](https://togithub.com/lukasauk) made their first contribution in [https://github.com/prometheus/client_golang/pull/1494](https://togithub.com/prometheus/client_golang/pull/1494) **Full Changelog**: https://github.com/prometheus/client_golang/compare/v1.19.0...v1.19.1 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com> * Update module github.com/golangci/golangci-lint to v1.58.1 (#10146) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [github.com/golangci/golangci-lint](https://togithub.com/golangci/golangci-lint) | `v1.58.0` -> `v1.58.1` | [![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fgolangci%2fgolangci-lint/v1.58.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fgolangci%2fgolangci-lint/v1.58.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fgolangci%2fgolangci-lint/v1.58.0/v1.58.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fgolangci%2fgolangci-lint/v1.58.0/v1.58.1?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>golangci/golangci-lint (github.com/golangci/golangci-lint)</summary> ### [`v1.58.1`](https://togithub.com/golangci/golangci-lint/compare/v1.58.0...v1.58.1) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.0...v1.58.1) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com> * Update github-actions deps (#10145) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.4` -> `v4.1.5` | | [codecov/codecov-action](https://togithub.com/codecov/codecov-action) | action | minor | `4.3.1` -> `4.4.0` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.3` -> `v3.25.5` | | [goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action) | action | minor | `v5.0.0` -> `v5.1.0` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703) - Bump github/codeql-action from 2 to 3 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694) - Bump actions/setup-node from 1 to 4 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696) - Bump actions/upload-artifact from 2 to 4 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695) - README: Suggest `user.email` to be `41898282+github-actions[bot]@users.noreply.github.com` by [@cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707) **Full Changelog**: https://github.com/actions/checkout/compare/v4.1.4...v4.1.5 </details> <details> <summary>codecov/codecov-action (codecov/codecov-action)</summary> ### [`v4.4.0`](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0) [Compare Source](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0) </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) </details> <details> <summary>goreleaser/goreleaser-action (goreleaser/goreleaser-action)</summary> ### [`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0) [Compare Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0) #### Important This version changes the default behavior of `latest` to `~> v1`. The next major of this action (v6), will change this to `~> v2`, and will be launched together with GoReleaser v2. #### What's Changed - docs: bump actions to latest major by [@crazy-max](https://togithub.com/crazy-max) in [https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435) - chore(deps): bump docker/bake-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436) - chore(deps): bump codecov/codecov-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437) - chore(deps): bump actions/setup-go from 4 to 5 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443) - chore(deps): bump actions/upload-artifact from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444) - Delete .kodiak.toml by [@vedantmgoyal9](https://togithub.com/vedantmgoyal9) in [https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446) - chore(deps): bump codecov/codecov-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448) - chore(deps): bump ip from 2.0.0 to 2.0.1 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450) - Upgrade setup-go action version in README by [@kishaningithub](https://togithub.com/kishaningithub) in [https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455) - chore(deps): bump tar from 6.1.14 to 6.2.1 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456) - chore: use corepack to install yarn by [@crazy-max](https://togithub.com/crazy-max) in [https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458) - feat: lock this major version of the action to use '~> v1' as 'latest' by [@caarlos0](https://togithub.com/caarlos0) in [https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461) - chore(deps): bump semver from 7.6.0 to 7.6.2 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462) - chore(deps): bump [@actions/http-client](https://togithub.com/actions/http-client) from 2.2.0 to 2.2.1 by [@dependabot](https://togithub.com/dependabot) in [https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451) #### New Contributors - [@vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their first contribution in [https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446) **Full Changelog**: https://github.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0 </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore: fix function name in comment (#10150)  Signed-off-by: petercover <raowanxiang@outlook.com> * Update module google.golang.org/genproto/googleapis/rpc to v0.0.0-20240506185236-b8a5c65736ae (#10100) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [google.golang.org/genproto/googleapis/rpc](https://togithub.com/googleapis/go-genproto) | `v0.0.0-20240401170217-c3f982113cda` -> `v0.0.0-20240506185236-b8a5c65736ae` | [![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240506185236-b8a5c65736ae?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240506185236-b8a5c65736ae?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240401170217-c3f982113cda/v0.0.0-20240506185236-b8a5c65736ae?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240401170217-c3f982113cda/v0.0.0-20240506185236-b8a5c65736ae?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com> Co-authored-by: Yang Song <songy23@users.noreply.github.com> Co-authored-by: Alex Boten <223565+codeboten@users.noreply.github.com> * fix(deps): update module google.golang.org/genproto/googleapis/rpc to v0.0.0-20240513163218-0867130af1f8 (#10153) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [google.golang.org/genproto/googleapis/rpc](https://togithub.com/googleapis/go-genproto) | `v0.0.0-20240506185236-b8a5c65736ae` -> `v0.0.0-20240513163218-0867130af1f8` | [![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240513163218-0867130af1f8?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240513163218-0867130af1f8?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240506185236-b8a5c65736ae/v0.0.0-20240513163218-0867130af1f8?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240506185236-b8a5c65736ae/v0.0.0-20240513163218-0867130af1f8?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com> * [chore] update Andrzej's affiliation (#10156) * Add origin field name option to base fields (#10149)  #### Description This adds an `originFieldName` option to `sliceField`, `messageValueField` and `primitiveField`. This option already exists for `primitiveTypedField`, `oneOfField`, `oneOfPrimitiveValue` and `oneOfMessageValue`. #### Link to tracking issue This is needed for #10109.  #### Testing This is unit tested. cc @mx-psi * [confmap] Encode string-like map keys (#10137)  #### Description Our check for determining whether a map key can be encoded as a string is too restrictive and doesn't into account types which are essentially aliases for the string type and don't implement `UnmarshalText`. I encountered this while trying to call `(confmap.Conf).Marshal(*otelcol.Config)` when the config includes a Prometheus receiver, which includes the [LabelName type](https://github.com/prometheus/common/blob/main/model/labels.go#L98) that does not implement an unmarshaling method. We can't guarantee that all types will implement this, and [Go's print formatters check](https://github.com/golang/go/blob/master/src/fmt/print.go#L803) whether `(reflect.Value).Kind()` equals `reflect.String`, so I think this will be an overall more robust approach.  #### Testing I added two test cases to demonstrate when we will hit this case. --------- Co-authored-by: Pablo Baeyens <pbaeyens31+github@gmail.com> * [otelcol] Add mapstructure tags to main Config struct (#10152)  #### Description Adds `mapstructure` tags to main `Config` struct. cc @mackjmr * Upgrade proto and generate profiles (#10155)  #### Description This upgrades the proto to their latest version, and generates the profiles.  #### Link to tracking issue Part of #10109 cc @mx-psi * Upgrade the used otlp version in readme (#10167)  #### Description We upgraded the proto version, so we need to upgrade it in the readme as well.  #### Link to tracking issue * https://github.com/open-telemetry/opentelemetry-collector/pull/10109#pullrequestreview-2058708683 * https://github.com/open-telemetry/opentelemetry-collector/pull/10155 * [chore] appease versioning warnings (#10163) as per dependabot security recommendations Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> * [chore] set permissions to read explicitly (#10164) This is as recommended by dependabot security warnings. Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> * [mdatagen] add support for async instruments (#10159) This PR adds the ability to configure asynchronous (observable) instruments via mdatagen. This requires providing a mechanism to set options to pass in the callbacks that will be called at the time of the observation. --------- Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> * [mdatagen] update mdatagen to document internal telemetry (#10170) This allows end users to see what telemetry each component should be emitting. --------- Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> * [chore] make gogenerate (#10171) documentation needed to be regenerated Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com> * [chore]: fix the dead link in mdatagen (#10142) #### Description Fixed the deadlink in mdatagen that would cause existing functionality to not work as expected.  #### Link to tracking issue Fixes #10071 * [confmap] Remove deprecated ResolverSettings fields (#10173)  #### Description These fields were deprecated in v0.99.0 and aren't used in any upstream repositories. These appear to still be used in downstream distributions. If we want to lengthen the deprecation period for these fields, I'll open a PR to instead set a timeline for their removal. * Documentation improvements - Internal Architecture Doc + Package level comments (#10068)  #### Documentation Creates an internal architecture file. In it is a diagram of the startup flow of the collector as well as links to key files / packages. I also added package level comments to some key packages. I wrote some other documentation in https://github.com/open-telemetry/opentelemetry-collector/pull/10029 but split the PRs up. --------- Co-authored-by: Pablo Baeyens <pbaeyens31+github@gmail.com> * [chore] Remove unused package test file from otelcorecol (#10178) * [chore] Remove required toolchain version from nopexporter (#10179) * fix(deps): update module github.com/golangci/golangci-lint to v1.58.2 (#10185) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [github.com/golangci/golangci-lint](https://togithub.com/golangci/golangci-lint) | `v1.58.1` -> `v1.58.2` | [![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fgolangci%2fgolangci-lint/v1.58.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fgolangci%2fgolangci-lint/v1.58.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fgolangci%2fgolangci-lint/v1.58.1/v1.58.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fgolangci%2fgolangci-lint/v1.58.1/v1.58.2?slim=true)](https://docs.renovatebot.com/merge-confidence/) | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>golangci/golangci-lint (github.com/golangci/golangci-lint)</summary> ### [`v1.58.2`](https://togithub.com/golangci/golangci-lint/compare/v1.58.1...v1.58.2) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.1...v1.58.2) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).  --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com> * [chore] Prepare release v1.8.0/v0.101.0 (#10190) This replaces #10188, by fixing a relatively new test case that blocked the release. Signed-off-by: Juraci Paixão Kröhling <juraci@kroehling.de> --------- Signed-off-by: Juraci Paixão Kröhling <juraci@kroehling.de> Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com> * chore(deps): update github-actions deps (#10184) [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/ch…

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action) | action | major | `v5.0.0` -> `v6.0.0` | --- ### Release Notes <details> <summary>goreleaser/goreleaser-action (goreleaser/goreleaser-action)</summary> ### [`v6.0.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v6.0.0) [Compare Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.1.0...v6.0.0) > \[!WARNING] > **This is a breaking change!** > > Follow the instructions [here](https://goreleaser.com/blog/goreleaser-v2/#upgrading) to upgrade! #### What's Changed - feat!: use "~> v2" as default by [@caarlos0](https://togithub.com/caarlos0) in [goreleaser/goreleaser-action#463 **Full Changelog**: goreleaser/goreleaser-action@v5...v6.0.0 ### [`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0) [Compare Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0) #### Important This version changes the default behavior of `latest` to `~> v1`. The next major of this action (v6), will change this to `~> v2`, and will be launched together with GoReleaser v2. #### What's Changed - docs: bump actions to latest major by [@crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#435 - chore(deps): bump docker/bake-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#436 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#437 - chore(deps): bump actions/setup-go from 4 to 5 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#443 - chore(deps): bump actions/upload-artifact from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#444 - Delete .kodiak.toml by [@vedantmgoyal9](https://togithub.com/vedantmgoyal9) in [goreleaser/goreleaser-action#446 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#448 - chore(deps): bump ip from 2.0.0 to 2.0.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#450 - Upgrade setup-go action version in README by [@kishaningithub](https://togithub.com/kishaningithub) in [goreleaser/goreleaser-action#455 - chore(deps): bump tar from 6.1.14 to 6.2.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#456 - chore: use corepack to install yarn by [@crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#458 - feat: lock this major version of the action to use '~> v1' as 'latest' by [@caarlos0](https://togithub.com/caarlos0) in [goreleaser/goreleaser-action#461 - chore(deps): bump semver from 7.6.0 to 7.6.2 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#462 - chore(deps): bump [@actions/http-client](https://togithub.com/actions/http-client) from 2.2.0 to 2.2.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#451 #### New Contributors - [@vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their first contribution in [goreleaser/goreleaser-action#446 **Full Changelog**: goreleaser/goreleaser-action@v5.0.0...v5.1.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/metal-toolbox/vogelkop).

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action) | action | major | `v5.0.0` -> `v6.0.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>goreleaser/goreleaser-action (goreleaser/goreleaser-action)</summary> ### [`v6.0.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v6.0.0) [Compare Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.1.0...v6.0.0) > \[!WARNING] > **This is a breaking change!** > > Follow the instructions [here](https://goreleaser.com/blog/goreleaser-v2/#upgrading) to upgrade! ##### What's Changed - feat!: use "~> v2" as default by [@caarlos0](https://togithub.com/caarlos0) in [goreleaser/goreleaser-action#463 **Full Changelog**: goreleaser/goreleaser-action@v5...v6.0.0 ### [`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0) [Compare Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0) #### Important This version changes the default behavior of `latest` to `~> v1`. The next major of this action (v6), will change this to `~> v2`, and will be launched together with GoReleaser v2. #### What's Changed - docs: bump actions to latest major by [@crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#435 - chore(deps): bump docker/bake-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#436 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#437 - chore(deps): bump actions/setup-go from 4 to 5 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#443 - chore(deps): bump actions/upload-artifact from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#444 - Delete .kodiak.toml by [@vedantmgoyal9](https://togithub.com/vedantmgoyal9) in [goreleaser/goreleaser-action#446 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#448 - chore(deps): bump ip from 2.0.0 to 2.0.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#450 - Upgrade setup-go action version in README by [@kishaningithub](https://togithub.com/kishaningithub) in [goreleaser/goreleaser-action#455 - chore(deps): bump tar from 6.1.14 to 6.2.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#456 - chore: use corepack to install yarn by [@crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#458 - feat: lock this major version of the action to use '~> v1' as 'latest' by [@caarlos0](https://togithub.com/caarlos0) in [goreleaser/goreleaser-action#461 - chore(deps): bump semver from 7.6.0 to 7.6.2 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#462 - chore(deps): bump [@actions/http-client](https://togithub.com/actions/http-client) from 2.2.0 to 2.2.1 by [@dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#451 #### New Contributors - [@vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their first contribution in [goreleaser/goreleaser-action#446 **Full Changelog**: goreleaser/goreleaser-action@v5.0.0...v5.1.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/zarf).  --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Lucas Rodriguez <lucas.rodriguez@defenseunicorns.com> Co-authored-by: Austin Abro <AustinAbro321@gmail.com>

dependabot bot requested review from crazy-max and caarlos0 as code owners December 15, 2023 05:17

dependabot bot added the dependencies Pull requests that update a dependency file label Dec 15, 2023

caarlos0 merged commit e0e636a into master Dec 15, 2023
30 of 31 checks passed

caarlos0 deleted the dependabot/github_actions/actions/upload-artifact-4 branch December 15, 2023 12:43

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump actions/upload-artifact from 3 to 4 #444

chore(deps): bump actions/upload-artifact from 3 to 4 #444

dependabot bot commented on behalf of github Dec 15, 2023

chore(deps): bump actions/upload-artifact from 3 to 4 #444

chore(deps): bump actions/upload-artifact from 3 to 4 #444

Conversation

dependabot bot commented on behalf of github Dec 15, 2023

v4.0.0

What's Changed

New Contributors

v3.1.3

What's Changed

v3.1.2

v3.1.1

v3.1.0

What's Changed