Bump the go-deps group across 1 directory with 10 updates

[dependabot]

Bumps the go-deps group with 7 updates in the / directory:

Package	From	To
github.com/hashicorp/vault/api	1.20.0	1.21.0
github.com/prometheus/client_golang	1.23.0	1.23.2
github.com/spf13/cast	1.9.2	1.10.0
github.com/spf13/cobra	1.9.1	1.10.1
go.opentelemetry.io/otel	1.37.0	1.38.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc	1.37.0	1.38.0
golang.org/x/crypto	0.41.0	0.42.0

Updates github.com/hashicorp/vault/api from 1.20.0 to 1.21.0

Release notes

Sourced from github.com/hashicorp/vault/api's releases.

v1.20.3

No release notes provided.

v1.20.2

August 06, 2025

SECURITY:

• auth/ldap: fix MFA/TOTP enforcement bypass when username_as_alias is enabled [GH-31427,HCSEC-2025-20].

BUG FIXES:

• agent/template: Fixed issue where templates would not render correctly if namespaces was provided by config, and the namespace and mount path of the secret were the same. [GH-31392]
• identity/mfa: revert cache entry change from #31217 and document cache entry values [GH-31421]

v1.20.1

No release notes provided.

Changelog

Sourced from github.com/hashicorp/vault/api's changelog.

Previous versions

• v1.10.0 - v1.15.16
• v1.0.0 - v1.9.10
• v0.11.6 and earlier

1.20.3

August 28, 2025

FEATURES:

• IBM RACF Static Role Password Phrase Management (Enterprise): Add support for static role password phrase management to the LDAP secrets engine. (hashicorp/vault-plugin-secrets-openldap#184)

SECURITY:

• core: Update github.com/hashicorp/go-getter to fix security vulnerability GHSA-wjrx-6529-hcj3. (8b3a9ce1)

CHANGES:

• core: Bump Go version to 1.24.6. (ce56e14e)
• http: Add JSON configurable limits to HTTP handling for JSON payloads: max_json_depth, max_json_string_value_length, max_json_object_entry_count, max_json_array_element_count. [GH-31069]
• sdk: Upgrade to go-secure-stdlib/plugincontainer@v0.4.2, which also bumps github.com/docker/docker to v28.3.3+incompatible (8f172169)
• secrets/openldap (enterprise): update plugin to v0.16.1

IMPROVEMENTS:

• auth/ldap: add explicit logging to rotations in ldap [GH-31401]
• core (enterprise): improve rotation manager logging to include specific lines for rotation success and failure
• secrets/database: log password rotation success (info) and failure (error). Some relevant log lines have been updated to include "path" fields. [GH-31402]
• secrets/transit: add logging on both success and failure of key rotation [GH-31420]
• ui: Use the Helios Design System Code Block component for all readonly code editors and use its Code Editor component for all other code editors [GH-30188]

BUG FIXES:

• core (enterprise): fix a bug where issuing a token in a namespace used root auth configuration instead of namespace auth configuration
• core/metrics: Add service name prefix for core HA metrics to avoid duplicate, zero-value metrics. (91e5f443)
• core/seal: When Seal-HA is enabled, make it an error to persist the barrier keyring when not all seals are healthy. This prevents the possibility of failing to unseal when a different subset of seals are healthy than were healthy at last write. (bbe64227)
• raft (enterprise): auto-join will now work in regions that do not support dual-stack (c66baf5e)
• raft/autopilot: Fixes an issue with enterprise redundancy zones where, if the leader was in a redundancy zone and that leader becomes unavailable, the node would become an unzoned voter. This can artificially inflate the required number of nodes for quorum, leading to a situation where the cluster cannot recover if another leader subsequently becomes unavailable. Vault will now keep an unavailable node in its last known redundancy zone as a non-voter. [GH-31443]
• replication (enterprise): Fix bug where group updates fail when processed on a standby node in a PR secondary cluster.
• secrets-sync (enterprise): GCP locational KMS keys are no longer incorrectly removed when the location name is all lowercase.
• secrets/database/postgresql: Support for multiline statements in the rotation_statements field. [GH-31442]
• ui: Fix DR secondary view from not loading/transitioning. [GH-31478]

1.20.2

August 06, 2025

... (truncated)

Commits

• e40eca1 VAULT-39294: Deprecate recover_snapshot_id query param and use a header inste...
• c9605c7 VAULT-36947: Support force unloading a snapshot (#8740) (#9036)
• 5d632ef [VAULT-38600] Create TOTP Login MFA credential self-enrollment API endpoint (...
• eaf949c VAULT-37633: Database static role recover operations (#8922) (#8982)
• 3c459f7 [VAULT-39267] actions(slack): migrate to v2 action (#8964) (#8990)
• 50af559 VAULT-38796, VAULT-38889 reformat observation schema to version 2 (#9006) (#9...
• a820af0 Backport [VAULT-38600] Fix the name of the CE stub for mfaLoginEnterprisePath...
• 37bd994 VAULT-38463: Fix ldap failure (#8996) (#9001)
• 3edbb13 changelog: fix commit URL in CE generated template (#9010) (#9013)
• bfd2e54 UI: Moving settings/mount-backend-form to secrets/mounts (#8975) (#8998)
• Additional commits viewable in compare view

Updates github.com/prometheus/client_golang from 1.23.0 to 1.23.2

Release notes

Sourced from github.com/prometheus/client_golang's releases.

v1.23.2 - 2025-09-05

This release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement). There are no functional changes.

• [release-1.23] Upgrade to prometheus/common@v0.66.1 by @​aknuds1 in prometheus/client_golang#1869
• [release-1.23] Cut v1.23.2 by @​aknuds1 in prometheus/client_golang#1870

Full Changelog: prometheus/client_golang@v1.23.1...v1.23.2

v1.23.1 - 2025-09-04

This release is made to be compatible with a backwards incompatible API change in prometheus/common v0.66.0. There are no functional changes.

• [release-1.23] Upgrade to prometheus/common v0.66 by @​aknuds1 in prometheus/client_golang#1866
• [release-1.23] Cut v1.23.1 by @​aknuds1 in prometheus/client_golang#1867

Full Changelog: prometheus/client_golang@v1.23.0...v1.23.1

Changelog

Sourced from github.com/prometheus/client_golang's changelog.

1.23.2 / 2025-09-05

This release is made to upgrade to prometheus/common v0.66.1, which drops the dependencies github.com/grafana/regexp and go.uber.org/atomic and replaces gopkg.in/yaml.v2 with go.yaml.in/yaml/v2 (a drop-in replacement). There are no functional changes.

1.23.1 / 2025-09-04

This release is made to be compatible with a backwards incompatible API change in prometheus/common v0.66.0. There are no functional changes.

Commits

• 8179a56 Cut v1.23.2 (#1870)
• 4142b59 Merge pull request #1869 from prometheus/arve/upgrade-common
• 4ff40f0 Cut v1.23.1 (#1867)
• 989b029 Upgrade to prometheus/common v0.66 (#1866)
• See full diff in compare view

Updates github.com/spf13/cast from 1.9.2 to 1.10.0

Release notes

Sourced from github.com/spf13/cast's releases.

v1.10.0

What's Changed

• build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @​dependabot[bot] in spf13/cast#275
• build(deps): bump github/codeql-action from 3.28.18 to 3.28.19 by @​dependabot[bot] in spf13/cast#277
• build(deps): bump github/codeql-action from 3.28.19 to 3.29.5 by @​dependabot[bot] in spf13/cast#289
• build(deps): bump github/codeql-action from 3.29.7 to 3.29.10 by @​dependabot[bot] in spf13/cast#296
• build(deps): bump actions/dependency-review-action from 4.7.1 to 4.7.2 by @​dependabot[bot] in spf13/cast#295
• build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @​dependabot[bot] in spf13/cast#293
• build(deps): bump github/codeql-action from 3.29.10 to 3.30.1 by @​dependabot[bot] in spf13/cast#301
• build(deps): bump actions/setup-go from 5.5.0 to 6.0.0 by @​dependabot[bot] in spf13/cast#300
• build(deps): bump actions/dependency-review-action from 4.7.2 to 4.7.3 by @​dependabot[bot] in spf13/cast#298
• Always return empty map instead of nil when conversion fails by @​andig in spf13/cast#283

New Contributors

• @​andig made their first contribution in spf13/cast#283

Full Changelog: spf13/cast@v1.9.2...v1.10.0

Commits

• fc73346 Merge pull request #283 from andig/patch-1
• 6002cff Merge pull request #298 from spf13/dependabot/github_actions/actions/dependen...
• c1c153d Merge pull request #300 from spf13/dependabot/github_actions/actions/setup-go...
• 39beeac Merge pull request #301 from spf13/dependabot/github_actions/github/codeql-ac...
• 365e80c build(deps): bump github/codeql-action from 3.29.10 to 3.30.1
• 9f0f68b build(deps): bump actions/setup-go from 5.5.0 to 6.0.0
• d45dead build(deps): bump actions/dependency-review-action from 4.7.2 to 4.7.3
• 004f51d Merge pull request #293 from spf13/dependabot/github_actions/actions/checkout...
• 6458e07 Merge pull request #295 from spf13/dependabot/github_actions/actions/dependen...
• 970d9ea Merge pull request #296 from spf13/dependabot/github_actions/github/codeql-ac...
• Additional commits viewable in compare view

Updates github.com/spf13/cobra from 1.9.1 to 1.10.1

Release notes

Sourced from github.com/spf13/cobra's releases.

v1.10.1

🐛 Fix

• chore: upgrade pflags v1.0.9 by @​jpmcb in spf13/cobra#2305

v1.0.9 of pflags brought back ParseErrorsWhitelist and marked it as deprecated

Full Changelog: spf13/cobra@v1.10.0...v1.10.1

v1.10.0

What's Changed

🚨 Attention!

• Bump pflag to 1.0.8 by @​tomasaschan in spf13/cobra#2303

This version of pflag carried a breaking change: it renamed ParseErrorsWhitelist to ParseErrorsAllowlist which can break builds if both pflag and cobra are dependencies in your project.

• If you use both pflag and cobra, upgrade pflagto 1.0.8 andcobrato1.10.0`
• or use the newer, fixed version of pflag v1.0.9 which keeps the deprecated ParseErrorsWhitelist

More details can be found here: spf13/cobra#2303

✨ Features

• Flow context to command in SetHelpFunc by @​Frassle in spf13/cobra#2241
• The default ShellCompDirective can be customized for a command and its subcommands by @​albers in spf13/cobra#2238

🐛 Fix

• Upgrade golangci-lint to v2, address findings by @​scop in spf13/cobra#2279

🪠 Testing

• Test with Go 1.24 by @​harryzcy in spf13/cobra#2236
• chore: Rm GitHub Action PR size labeler by @​jpmcb in spf13/cobra#2256

📝 Docs

• Remove traling curlybrace by @​yedayak in spf13/cobra#2237
• Update command.go by @​styee in spf13/cobra#2248
• feat: Add security policy by @​jpmcb in spf13/cobra#2253
• Update Readme (Warp) by @​ericdachen in spf13/cobra#2267
• Add Periscope to the list of projects using Cobra by @​anishathalye in spf13/cobra#2299

New Contributors

• @​harryzcy made their first contribution in spf13/cobra#2236
• @​yedayak made their first contribution in spf13/cobra#2237
• @​Frassle made their first contribution in spf13/cobra#2241

... (truncated)

Commits

• 7da941c chore: Bump pflag to v1.0.9 (#2305)
• 51d6751 Bump pflag to 1.0.8 (#2303)
• 3f3b818 Update README.md with new logo
• dcaf42e Add Periscope to the list of projects using Cobra (#2299)
• 6dec1ae The default ShellCompDirective can be customized for a command and its subcom...
• c8289c1 chore(golangci-lint): add some exclusion presets
• 4af7b64 refactor: apply golangci-lint autofixes, work around false positives
• 75790e4 chore(golangci-lint): upgrade to v2
• db3ddb5 Adding sponsorship to README.md
• 67171d6 putting sponsorship below header
• Additional commits viewable in compare view

Updates github.com/stretchr/testify from 1.10.0 to 1.11.1

Release notes

Sourced from github.com/stretchr/testify's releases.

v1.11.1

This release fixes #1785 introduced in v1.11.0 where expected argument values implementing the stringer interface (String() string) with a method which mutates their value, when passed to mock.Mock.On (m.On("Method", <expected>).Return()) or actual argument values passed to mock.Mock.Called may no longer match one another where they previously did match. The behaviour prior to v1.11.0 where the stringer is always called is restored. Future testify releases may not call the stringer method at all in this case.

What's Changed

• Backport #1786 to release/1.11: mock: revert to pre-v1.11.0 argument matching behavior for mutating stringers by @​brackendawson in stretchr/testify#1788

Full Changelog: stretchr/testify@v1.11.0...v1.11.1

v1.11.0

What's Changed

Functional Changes

v1.11.0 Includes a number of performance improvements.

• Call stack perf change for CallerInfo by @​mikeauclair in stretchr/testify#1614
• Lazily render mock diff output on successful match by @​mikeauclair in stretchr/testify#1615
• assert: check early in Eventually, EventuallyWithT, and Never by @​cszczepaniak in stretchr/testify#1427
• assert: add IsNotType by @​bartventer in stretchr/testify#1730
• assert.JSONEq: shortcut if same strings by @​dolmen in stretchr/testify#1754
• assert.YAMLEq: shortcut if same strings by @​dolmen in stretchr/testify#1755
• assert: faster and simpler isEmpty using reflect.Value.IsZero by @​dolmen in stretchr/testify#1761
• suite: faster methods filtering (internal refactor) by @​dolmen in stretchr/testify#1758

Fixes

• assert.ErrorAs: log target type by @​craig65535 in stretchr/testify#1345
• Fix failure message formatting for Positive and Negative asserts in stretchr/testify#1062
• Improve ErrorIs message when error is nil but an error was expected by @​tsioftas in stretchr/testify#1681
• fix Subset/NotSubset when calling with mixed input types by @​siliconbrain in stretchr/testify#1729
• Improve ErrorAs failure message when error is nil by @​ccoVeille in stretchr/testify#1734
• mock.AssertNumberOfCalls: improve error msg by @​3scalation in stretchr/testify#1743

Documentation, Build & CI

• docs: Fix typo in README by @​alexandear in stretchr/testify#1688
• Replace deprecated io/ioutil with io and os by @​alexandear in stretchr/testify#1684
• Document consequences of calling t.FailNow() by @​greg0ire in stretchr/testify#1710
• chore: update docs for Unset #1621 by @​techfg in stretchr/testify#1709
• README: apply gofmt to examples by @​alexandear in stretchr/testify#1687
• refactor: use %q and %T to simplify fmt.Sprintf by @​alexandear in stretchr/testify#1674
• Propose Christophe Colombier (ccoVeille) as approver by @​brackendawson in stretchr/testify#1716
• Update documentation for the Error function in assert or require package by @​architagr in stretchr/testify#1675
• assert: remove deprecated build constraints by @​alexandear in stretchr/testify#1671
• assert: apply gofumpt to internal test suite by @​ccoVeille in stretchr/testify#1739
• CI: fix shebang in .ci.*.sh scripts by @​dolmen in stretchr/testify#1746
• assert,require: enable parallel testing on (almost) all top tests by @​dolmen in stretchr/testify#1747
• suite.Passed: add one more status test report by @​Ararsa-Derese in stretchr/testify#1706
• Add Helper() method in internal mocks and assert.CollectT by @​dolmen in stretchr/testify#1423
• assert.Same/NotSame: improve usage of Sprintf by @​ccoVeille in stretchr/testify#1742
• mock: enable parallel testing on internal testsuite by @​dolmen in stretchr/testify#1756
• suite: cleanup use of 'testing' internals at runtime by @​dolmen in stretchr/testify#1751
• assert: check test failure message for Empty and NotEmpty by @​ccoVeille in stretchr/testify#1745

... (truncated)

Commits

• 2a57335 Merge pull request #1788 from brackendawson/1785-backport-1.11
• af8c912 Backport #1786 to release/1.11
• b7801fb Merge pull request #1778 from stretchr/dependabot/github_actions/actions/chec...
• 69831f3 build(deps): bump actions/checkout from 4 to 5
• a53be35 Improve captureTestingT helper
• aafb604 mock: improve formatting of error message
• 7218e03 improve error msg
• 929a212 Merge pull request #1758 from stretchr/dolmen/suite-faster-method-filtering
• bc7459e suite: faster filtering of methods (-testify.m)
• 7d37b5c suite: refactor methodFilter
• Additional commits viewable in compare view

Updates go.opentelemetry.io/otel from 1.37.0 to 1.38.0

Changelog

Sourced from go.opentelemetry.io/otel's changelog.

[1.38.0/0.60.0/0.14.0/0.0.13] 2025-08-29

This release is the last to support [Go 1.23]. The next release will require at least [Go 1.24].

Added

• Add native histogram exemplar support in go.opentelemetry.io/otel/exporters/prometheus. (#6772)
• Add template attribute functions to the go.opentelmetry.io/otel/semconv/v1.34.0 package. (#6939)
  • ContainerLabel
  • DBOperationParameter
  • DBSystemParameter
  • HTTPRequestHeader
  • HTTPResponseHeader
  • K8SCronJobAnnotation
  • K8SCronJobLabel
  • K8SDaemonSetAnnotation
  • K8SDaemonSetLabel
  • K8SDeploymentAnnotation
  • K8SDeploymentLabel
  • K8SJobAnnotation
  • K8SJobLabel
  • K8SNamespaceAnnotation
  • K8SNamespaceLabel
  • K8SNodeAnnotation
  • K8SNodeLabel
  • K8SPodAnnotation
  • K8SPodLabel
  • K8SReplicaSetAnnotation
  • K8SReplicaSetLabel
  • K8SStatefulSetAnnotation
  • K8SStatefulSetLabel
  • ProcessEnvironmentVariable
  • RPCConnectRPCRequestMetadata
  • RPCConnectRPCResponseMetadata
  • RPCGRPCRequestMetadata
  • RPCGRPCResponseMetadata
• Add ErrorType attribute helper function to the go.opentelmetry.io/otel/semconv/v1.34.0 package. (#6962)
• Add WithAllowKeyDuplication in go.opentelemetry.io/otel/sdk/log which can be used to disable deduplication for log records. (#6968)
• Add WithCardinalityLimit option to configure the cardinality limit in go.opentelemetry.io/otel/sdk/metric. (#6996, #7065, #7081, #7164, #7165, #7179)
• Add Clone method to Record in go.opentelemetry.io/otel/log that returns a copy of the record with no shared state. (#7001)
• Add experimental self-observability span and batch span processor metrics in go.opentelemetry.io/otel/sdk/trace. Check the go.opentelemetry.io/otel/sdk/trace/internal/x package documentation for more information. (#7027, #6393, #7209)
• The go.opentelemetry.io/otel/semconv/v1.36.0 package. The package contains semantic conventions from the v1.36.0 version of the OpenTelemetry Semantic Conventions. See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.34.0.(#7032, #7041)
• Add support for configuring Prometheus name translation using WithTranslationStrategy option in go.opentelemetry.io/otel/exporters/prometheus. The current default translation strategy when UTF-8 mode is enabled is NoUTF8EscapingWithSuffixes, but a future release will change the default strategy to UnderscoreEscapingWithSuffixes for compliance with the specification. (#7111)
• Add experimental self-observability log metrics in go.opentelemetry.io/otel/sdk/log. Check the go.opentelemetry.io/otel/sdk/log/internal/x package documentation for more information. (#7121)
• Add experimental self-observability trace exporter metrics in go.opentelemetry.io/otel/exporters/stdout/stdouttrace.

... (truncated)

Commits

• 84e3f3a Release v1.38.0 (#7271)
• 18424a4 Add tests for attribute JSON marshalling (#7268)
• 9798759 Statically define trace observability attributes (#7263)
• be1e57f Refactor BSP observability setup (#7264)
• d99c68c chore(deps): update module github.com/mgechev/revive to v1.12.0 (#7269)
• 0724539 Add benchmark for set equality (#7262)
• 5358fd7 Upgrade semconv dependencies to v1.37.0 (#7260)
• 25d0274 fix(deps): update module github.com/stretchr/testify to v1.11.1 (#7261)
• d0cab86 prometheus: Add support for setting Translation Strategy config option (#7111)
• 3342341 Generate the semconv/v1.37.0 packages (#7254)
• Additional commits viewable in compare view

Updates go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc from 1.37.0 to 1.38.0

Changelog

Sourced from go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc's changelog.

[1.38.0/0.60.0/0.14.0/0.0.13] 2025-08-29

This release is the last to support [Go 1.23]. The next release will require at least [Go 1.24].

Added

• Add native histogram exemplar support in go.opentelemetry.io/otel/exporters/prometheus. (#6772)
• Add template attribute functions to the go.opentelmetry.io/otel/semconv/v1.34.0 package. (#6939)
  • ContainerLabel
  • DBOperationParameter
  • DBSystemParameter
  • HTTPRequestHeader
  • HTTPResponseHeader
  • K8SCronJobAnnotation
  • K8SCronJobLabel
  • K8SDaemonSetAnnotation
  • K8SDaemonSetLabel
  • K8SDeploymentAnnotation
  • K8SDeploymentLabel
  • K8SJobAnnotation
  • K8SJobLabel
  • K8SNamespaceAnnotation
  • K8SNamespaceLabel
  • K8SNodeAnnotation
  • K8SNodeLabel
  • K8SPodAnnotation
  • K8SPodLabel
  • K8SReplicaSetAnnotation
  • K8SReplicaSetLabel
  • K8SStatefulSetAnnotation
  • K8SStatefulSetLabel
  • ProcessEnvironmentVariable
  • RPCConnectRPCRequestMetadata
  • RPCConnectRPCResponseMetadata
  • RPCGRPCRequestMetadata
  • RPCGRPCResponseMetadata
• Add ErrorType attribute helper function to the go.opentelmetry.io/otel/semconv/v1.34.0 package. (#6962)
• Add WithAllowKeyDuplication in go.opentelemetry.io/otel/sdk/log which can be used to disable deduplication for log records. (#6968)
• Add WithCardinalityLimit option to configure the cardinality limit in go.opentelemetry.io/otel/sdk/metric. (#6996, #7065, #7081, #7164, #7165, #7179)
• Add Clone method to Record in go.opentelemetry.io/otel/log that returns a copy of the record with no shared state. (#7001)
• Add experimental self-observability span and batch span processor metrics in go.opentelemetry.io/otel/sdk/trace. Check the go.opentelemetry.io/otel/sdk/trace/internal/x package documentation for more information. (#7027, #6393, #7209)
• The go.opentelemetry.io/otel/semconv/v1.36.0 package. The package contains semantic conventions from the v1.36.0 version of the OpenTelemetry Semantic Conventions. See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.34.0.(#7032, #7041)
• Add support for configuring Prometheus name translation using WithTranslationStrategy option in go.opentelemetry.io/otel/exporters/prometheus. The current default translation strategy when UTF-8 mode is enabled is NoUTF8EscapingWithSuffixes, but a future release will change the default strategy to UnderscoreEscapingWithSuffixes for compliance with the specification. (#7111)
• Add experimental self-observability log metrics in go.opentelemetry.io/otel/sdk/log. Check the go.opentelemetry.io/otel/sdk/log/internal/x package documentation for more information. (#7121)
• Add experimental self-observability trace exporter metrics in go.opentelemetry.io/otel/exporters/stdout/stdouttrace.

... (truncated)

Commits

• 84e3f3a Release v1.38.0 (#7271)
• 18424a4 Add tests for attribute JSON marshalling (#7268)
• 9798759 Statically define trace observability attributes (#7263)
• be1e57f Refactor BSP observability setup (#7264)
• d99c68c chore(deps): update module github.com/mgechev/revive to v1.12.0 (#7269)
• 0724539 Add benchmark for set equality (#7262)
• 5358fd7 Upgrade semconv dependencies to v1.37.0 (#7260)
• 25d0274 fix(deps): update module github.com/stretchr/testify to v1.11.1 (#7261)
• d0cab86 prometheus: Add support for setting Translation Strategy config option (#7111)
• 3342341 Generate the semconv/v1.37.0 packages (#7254)
• Additional commits viewable in compare view

Updates go.opentelemetry.io/otel/sdk from 1.37.0 to 1.38.0

Changelog

Sourced from go.opentelemetry.io/otel/sdk's changelog.

[1.38.0/0.60.0/0.14.0/0.0.13] 2025-08-29

This release is the last to support [Go 1.23]. The next release will require at least [Go 1.24].

Added

• Add native histogram exemplar support in go.opentelemetry.io/otel/exporters/prometheus. (#6772)
• Add template attribute functions to the go.opentelmetry.io/otel/semconv/v1.34.0 package. (#6939)
  • ContainerLabel
  • DBOperationParameter
  • DBSystemParameter
  • HTTPRequestHeader
  • HTTPResponseHeader
  • K8SCronJobAnnotation
  • K8SCronJobLabel
  • K8SDaemonSetAnnotation
  • K8SDaemonSetLabel
  • K8SDeploymentAnnotation
  • K8SDeploymentLabel
  • K8SJobAnnotation
  • K8SJobLabel
  • K8SNamespaceAnnotation
  • K8SNamespaceLabel
  • K8SNodeAnnotation
  • K8SNodeLabel
  • K8SPodAnnotation
  • K8SPodLabel
  • K8SReplicaSetAnnotation
  • K8SReplicaSetLabel
  • K8SStatefulSetAnnotation
  • K8SStatefulSetLabel
  • ProcessEnvironmentVariable
  • RPCConnectRPCRequestMetadata
  • RPCConnectRPCResponseMetadata
  • RPCGRPCRequestMetadata
  • RPCGRPCResponseMetadata
• Add ErrorType attribute helper function to the go.opentelmetry.io/otel/semconv/v1.34.0 package. (#6962)
• Add WithAllowKeyDuplication in go.opentelemetry.io/otel/sdk/log which can be used to disable deduplication for log records. (#6968)
• Add WithCardinalityLimit option to configure the cardinality limit in go.opentelemetry.io/otel/sdk/metric. (#6996, #7065, #7081, #7164, #7165, #7179)
• Add Clone method to Record in go.opentelemetry.io/otel/log that returns a copy of the record with no shared state. (#7001)
• Add experimental self-observability span and batch span processor metrics in go.opentelemetry.io/otel/sdk/trace. Check the go.opentelemetry.io/otel/sdk/trace/internal/x package documentation for more information. (#7027, #6393, #7209)
• The go.opentelemetry.io/otel/semconv/v1.36.0 package. The package contains semantic conventions from the v1.36.0 version of the OpenTelemetry Semantic Conventions. See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.34.0.(#7032, #7041)
• Add support for configuring Prometheus name translation using WithTranslationStrategy option in go.opentelemetry.io/otel/exporters/prometheus. The current default translation strategy when UTF-8 mode is enabled is NoUTF8EscapingWithSuffixes, but a future release will change the default strategy to UnderscoreEscapingWithSuffixes for compliance with the specification. (#7111)
• Add experimental self-observability log metrics in go.opentelemetry.io/otel/sdk/log. Check the go.opentelemetry.io/otel/sdk/log/internal/x package documentation for more information. (#7121)
• Add experimental self-observability trace exporter metrics in go.opentelemetry.io/otel/exporters/stdout/stdouttrace.

... (truncated)

Commits

• 84e3f3a Release v1.38.0 (#7271)
• 18424a4 Add tests for attribute JSON marshalling (#7268)
• 9798759 Statically define trace observability attributes (#7263)
• be1e57f Refactor BSP observability setup (#7264)
• d99c68c chore(deps): update module github.com/mgechev/revive to v1.12.0 (#7269)
• 0724539 Add benchmark for set equality (#7262)
• 5358fd7 Upgrade semconv dependencies to v1.37.0 (#7260)
• 25d0274 fix(deps): update module github.com/stretchr/testify to v1.11.1 (#7261)
• d0cab86 prometheus: Add support for setting Translation Strategy config option (#7111)
• 3342341 Generate the semconv/v1.37.0 packages (#7254)
• Additional commits viewable in compare view

Updates go.opentelemetry.io/otel/trace from 1.37.0 to 1.38.0

Changelog

Sourced from go.opentelemetry.io/otel/trace's changelog.

[1.38.0/0.60.0/0.14.0/0.0.13] 2025-08-29

This release is the last to support [Go 1.23]. The next release will require at least [Go 1.24].

Added

• Add native histogram exemplar support in go.opentelemetry.io/otel/exporters/prometheus. (#6772)
• Add template attribute functions to the go.opentelmetry.io/otel/semconv/v1.34.0 package. (#6939)
  • ContainerLabel
  • DBOperationParameter
  • DBSystemParameter
  • HTTPRequestHeader
  • HTTPResponseHeader
  • K8SCronJobAnnotation
  • K8SCronJobLabel
  • K8SDaemonSetAnnotation
  • K8SDaemonSetLabel
  • K8SDeploymentAnnotation
  • K8SDeploymentLabel
  • K8SJobAnnotation
  • K8SJobLabel
  • K8SNamespaceAnnotation
  • K8SNamespaceLabel
  • K8SNodeAnnotation
  • K8SNodeLabel
  • K8SPodAnnotation
  • K8SPodLabel
  • K8SReplicaSetAnnotation
  • K8SReplicaSetLa...

    Description has been truncated

[github-actions]

⚠️ (this preview might not be accurate if the PR is not rebased on current master branch)

MCK 1.4.1 Release Notes