Commit fafad3d
authored
chore(deps): update prom/prometheus docker tag to v3.12.0 (#939)
This PR contains the following updates:
| Package | Update | Change |
|---|---|---|
| [prom/prometheus](https://redirect.github.com/prometheus/prometheus) |
minor | `v3.11.3` → `v3.12.0` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](../issues/4) for more information.
---
### Release Notes
<details>
<summary>prometheus/prometheus (prom/prometheus)</summary>
###
[`v3.12.0`](https://redirect.github.com/prometheus/prometheus/releases/tag/v3.12.0):
3.12.0 / 2026-05-28
[Compare
Source](https://redirect.github.com/prometheus/prometheus/compare/v3.11.3...v3.12.0)
This release contains security fixes, new features (especially around
PromQL and Service Discovery), performance improvements in TSDB, Start
Timestamp improvements and numerous bug fixes.
Thanks to all contributors!
#### Key Highlights
- **Security**: Two security vulnerabilities have been addressed: a
denial of service in remote-write (snappy decompression limit) and a
secret exposure leak in STACKIT service discovery.
- **PromQL & Metadata**: Several features and bug fixes related to the
experimental "start timestamps" support, including updates to `rate()`,
`irate()`, `increase()`, and `resets()`. New experimental functions
`start()`, `end()`, `range()`, and `step()` are introduced.
- **TSDB Performance**: Optimizations in head chunk lookup (constant
time) and mmap operations to reduce CPU usage.
- **Service Discovery**: Added support for DigitalOcean Managed
Databases and Outscale VM, along with improvements to AWS SD (IPv6
support for EC2, external ID support).
- **UI**: Added a web interface for deleting time series and cleaning
tombstones.
#### Changelog
- \[SECURITY] Remote: Reject snappy-compressed received requests via
Remote Write whose declared decoded length exceeds the 32MB. Thanks to
[@​hibrian827](https://redirect.github.com/hibrian827) for
reporting it.
[#​18642](https://redirect.github.com/prometheus/prometheus/issues/18642)
- \[SECURITY] STACKIT SD: Fix secrets being exposed in plaintext via
`/-/config` endpoint. Thanks to
[@​August829](https://redirect.github.com/August829) and
[@​Phaxma](https://redirect.github.com/Phaxma) for reporting.
GHSA-39j6-789q-qxvh
[#​18649](https://redirect.github.com/prometheus/prometheus/issues/18649)
- \[CHANGE] TSDB/Agent: Adds Start Timestamp field to all WAL Histogram
samples in memory; used `st-storage` flag is enabled.
[#​18221](https://redirect.github.com/prometheus/prometheus/issues/18221)
- \[FEATURE] API: Add `/api/v1/status/self_metrics` endpoint returning
the current state of the Prometheus server's own metrics about itself as
JSON.
[#​18411](https://redirect.github.com/prometheus/prometheus/issues/18411)
- \[FEATURE] Discovery: Add DigitalOcean Managed Databases service
discovery
[#​18287](https://redirect.github.com/prometheus/prometheus/issues/18287)
- \[FEATURE] Prometheus: Add support for the aix/ppc64 compilation
target
[#​18321](https://redirect.github.com/prometheus/prometheus/issues/18321)
- \[FEATURE] Discovery: Add Outscale VM service discovery
(`outscale_sd_configs`) for discovering scrape targets from the Outscale
Cloud API.
[#​18139](https://redirect.github.com/prometheus/prometheus/issues/18139)
- \[FEATURE] PromQL: Emit a warning when `sort`, `sort_by_label` or
`sort_by_label_desc` is used within range (matrix) queries, as these
functions do not have effect in that context.
[#​18498](https://redirect.github.com/prometheus/prometheus/issues/18498)
- \[FEATURE] PromQL: Add `start()`, `end()`, `range()`, and `step()`
experimental functions
[#​17877](https://redirect.github.com/prometheus/prometheus/issues/17877)
- \[FEATURE] PromQL: Update `resets()` function to consider start
timestamp resets. Hidden behind `use-start-timestamps` feature flag.
[#​18627](https://redirect.github.com/prometheus/prometheus/issues/18627)
- \[FEATURE] Prometheus: Promote auto-reload-config as stable
[#​18620](https://redirect.github.com/prometheus/prometheus/issues/18620)
- \[FEATURE] TSDB/Agent: Add `CheckpointFromInMemorySeries` option to
`agent.DB` that enables checkpoint based on in-memory series.
[#​17948](https://redirect.github.com/prometheus/prometheus/issues/17948)
- \[FEATURE] UI: Add a web interface for deleting time series and
cleaning tombstones, accessible from the Status menu.
[#​18390](https://redirect.github.com/prometheus/prometheus/issues/18390)
- \[FEATURE] PromQL: Use start timestamps for `rate()`, `irate()`, and
`increase()` calculations, behind a feature flag `use-start-timestamps`.
Doesn't work together with extended range selectors `anchored` and
`smoothed`.
[#​18344](https://redirect.github.com/prometheus/prometheus/issues/18344)
- \[FEATURE] Scrape: Added a feature flag `st-synthesis` which
synthesizes unknown STs for scraped cumulative metrics. Useful when
Remote Writing 2.0 with delta or Otel-based backends.
[#​18279](https://redirect.github.com/prometheus/prometheus/issues/18279)
- \[FEATURE] promqltest: support `@st` annotation in `load` blocks to
specify per-sample start timestamps.
[#​18360](https://redirect.github.com/prometheus/prometheus/issues/18360)
- \[ENHANCEMENT] API: reject concurrent fgprof profiles.
[#​18651](https://redirect.github.com/prometheus/prometheus/issues/18651)
- \[ENHANCEMENT] AWS SD: Add optional `external_id` field to
ECS/MSK/RDS/Elasticache.
[#​18579](https://redirect.github.com/prometheus/prometheus/issues/18579)
- \[ENHANCEMENT] AWS SD: Add optional `external_id` field.
[#​17171](https://redirect.github.com/prometheus/prometheus/issues/17171)
- \[ENHANCEMENT] Discovery: Propagate SD target updates faster by
introducing dynamic backoff interval instead of static 5s interval for
throttling.
[#​18187](https://redirect.github.com/prometheus/prometheus/issues/18187)
- \[ENHANCEMENT] Promtool: Add `--header` flag to `query instant`
command, matching existing `query range` behaviour.
[#​18418](https://redirect.github.com/prometheus/prometheus/issues/18418)
- \[ENHANCEMENT]: AWS SD: Allows EC2 service discovery to discover IPv6
addresses to communicate with target endpoints. The private IPv4 address
remains the default when both IPv4 and IPv6 addresses are present.
[#​16088](https://redirect.github.com/prometheus/prometheus/issues/16088)
- \[PERF] TSDB: Make head chunk lookup in range queries constant time
instead of quadratic time
[#​18302](https://redirect.github.com/prometheus/prometheus/issues/18302)
- \[PERF] TSDB: Skip entire stripes in mmapHeadChunks when no series
need mmapping, reducing CPU utilization significantly at
production-relevant scales.
[#​18541](https://redirect.github.com/prometheus/prometheus/issues/18541)
- \[PERF] TSDB: Skip clean series during periodic head chunk mmap using
cached head chunk count
[#​18272](https://redirect.github.com/prometheus/prometheus/issues/18272)
- \[PERF] PromQL: Address FloatHistogram.KahanAdd performance regression
on Go 1.26.
[#​18568](https://redirect.github.com/prometheus/prometheus/issues/18568)
- \[BUGFIX] PromQL: Fix `info()` function incorrectly handling negated
`__name__` matchers
[#​17932](https://redirect.github.com/prometheus/prometheus/issues/17932)
- \[BUGFIX] API: Return duration expressions in `/parse_ast`.
[#​18624](https://redirect.github.com/prometheus/prometheus/issues/18624)
- \[BUGFIX] API: correctly document formats accepted for duration query
request parameters (step, timeout and lookback delta) in OpenAPI spec
[#​18305](https://redirect.github.com/prometheus/prometheus/issues/18305)
- \[BUGFIX] Scrape: AppenderV2 now tracks staleness even when
OOO/duplicate series errors happen similar to AppenderV1
[#​18567](https://redirect.github.com/prometheus/prometheus/issues/18567)
- \[BUGFIX] Config: Validate remote\_write queue\_config fields at load
time to prevent runtime panic and silent misconfiguration.
[#​18209](https://redirect.github.com/prometheus/prometheus/issues/18209)
- \[BUGFIX] Discovery/Consul: Add `health_filter` for Health API
filtering, fixing breakage when using Catalog-only fields like
`ServiceTags` in `filter`.
[#​18479](https://redirect.github.com/prometheus/prometheus/issues/18479)
[#​18499](https://redirect.github.com/prometheus/prometheus/issues/18499)
- \[BUGFIX] OTLP: limit decompressed body size for gzip-encoded OTLP
write requests.
[#​18408](https://redirect.github.com/prometheus/prometheus/issues/18408)
- \[BUGFIX] PromQL: Fix `smoothed` rate/increase returning zero instead
of no result when all data falls strictly after the query range.
[#​18523](https://redirect.github.com/prometheus/prometheus/issues/18523)
- \[BUGFIX] PromQL: Fix metric name not being dropped when
last\_over\_time or first\_over\_time is applied to subqueries
containing name-dropping functions like abs().
[#​18409](https://redirect.github.com/prometheus/prometheus/issues/18409)
- \[BUGFIX] PromQL: Fix missing warning when mixing exponential and
custom-bucket histograms in stats queries.
[#​18660](https://redirect.github.com/prometheus/prometheus/issues/18660)
- \[BUGFIX] PromQL: Fix parsing of `range()` keyword in duration
expressions such as `foo[5m+range()]`.
[#​18623](https://redirect.github.com/prometheus/prometheus/issues/18623)
- \[BUGFIX] PromQL: Fix smoothed vector selector returning no results in
binary operations when the `@` modifier is used.
[#​18531](https://redirect.github.com/prometheus/prometheus/issues/18531)
- \[BUGFIX] PromQL: Reject NaN, infinite, and out-of-range duration
expressions instead of silently producing an out-of-range time.Duration.
[#​18639](https://redirect.github.com/prometheus/prometheus/issues/18639)
- \[BUGFIX] Scrape: Fix panic when scraping malformed native histograms.
[#​18414](https://redirect.github.com/prometheus/prometheus/issues/18414)
- \[BUGFIX] Scrape: fix panic when scraping a target exposing a summary
with no quantiles via the protobuf format.
[#​18382](https://redirect.github.com/prometheus/prometheus/issues/18382)
- \[BUGFIX] Scrape: fix scrape failure log file occasionally not applied
after a configuration reload.
[#​18421](https://redirect.github.com/prometheus/prometheus/issues/18421)
- \[BUGFIX] TSDB: Allow retention percentage with new data path.
[#​18628](https://redirect.github.com/prometheus/prometheus/issues/18628)
- \[BUGFIX] TSDB: Preserve decimal precision in percentage-based
retention
[#​18374](https://redirect.github.com/prometheus/prometheus/issues/18374)
- \[BUGFIX] TSDB: fix prometheus\_tsdb\_head\_chunks going negative
after WAL replay
[#​18401](https://redirect.github.com/prometheus/prometheus/issues/18401)
- \[BUGFIX] TSDB: panic with native histograms during query of
overlapping chunks.
[#​18692](https://redirect.github.com/prometheus/prometheus/issues/18692)
- \[BUGFIX] Tracing: fix startup failure for insecure OTLP HTTP tracing
[#​18469](https://redirect.github.com/prometheus/prometheus/issues/18469)
- \[BUGFIX] UI: Escape label values offered by PromQL autocomplete.
[#​18658](https://redirect.github.com/prometheus/prometheus/issues/18658)
- \[BUGFIX] UI: Improve Y-axis tick label precision for graph values
over small ranges.
[#​18682](https://redirect.github.com/prometheus/prometheus/issues/18682)
- \[BUGFIX] `prometheus_sd_refresh*` and
`prometheus_sd_discovered_targets` metrics for specific scrape jobs are
deleted when the scrape job is removed.
[#​17614](https://redirect.github.com/prometheus/prometheus/issues/17614)
- \[BUGFIX] Remote: fixed validation for received RW2 requests when
parsing metadata unit symbols. This fixes a case when request would
cause (recovered) handler panic.
[#​18641](https://redirect.github.com/prometheus/prometheus/issues/18641)
- \[BUGFIX] TSDB/Agent: fix race in agent appender where concurrent
appends for the same label set could produce duplicate in-memory series
and duplicate WAL records.
[#​18292](https://redirect.github.com/prometheus/prometheus/issues/18292)
- \[BUGFIX] Config: Update `--enable-feature` flag description and sort
feature names.
[#​18487](https://redirect.github.com/prometheus/prometheus/issues/18487)
</details>
---
### Configuration
📅 **Schedule**: (in timezone Asia/Tokyo)
- Branch creation
- Only on Sunday and Saturday (`* * * * 0,6`)
- Automerge
- At any time (no schedule defined)
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/bootjp/elastickv).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yMDkuNCIsInVwZGF0ZWRJblZlciI6IjQzLjIwOS40IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->1 file changed
Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | | - | |
| 3 | + | |
4 | 4 | | |
5 | 5 | | |
6 | 6 | | |
| |||
0 commit comments