Skip to content

chore(deps): update all dependencies#210

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all
Open

chore(deps): update all dependencies#210
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/all

Conversation

@renovate

@renovate renovate Bot commented May 26, 2026

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package Type Update Change Age Confidence
cert-manager/cert-manager minor 1.20.21.21.0 age confidence
gcr.io/distroless/static final digest 963fa6cf7f8f72
github.com/onsi/ginkgo/v2 require minor v2.29.0v2.32.0 age confidence
github.com/onsi/gomega require minor v1.41.0v1.42.1 age confidence
github.com/open-telemetry/opentelemetry-operator require minor v0.152.0v0.156.0 age confidence
go.opentelemetry.io/collector/component require minor v1.59.0v1.62.0 age confidence
go.opentelemetry.io/collector/config/configauth require minor v1.59.0v1.62.0 age confidence
go.opentelemetry.io/collector/config/configcompression require minor v1.59.0v1.62.0 age confidence
go.opentelemetry.io/collector/config/configopaque require minor v1.59.0v1.62.0 age confidence
go.opentelemetry.io/collector/config/configtelemetry require minor v0.153.0v0.156.0 age confidence
go.opentelemetry.io/collector/otelcol require minor v0.153.0v0.156.0 age confidence
go.opentelemetry.io/collector/service require minor v0.153.0v0.156.0 age confidence
golang stage patch 1.26.3-alpine3.221.26.4-alpine3.22 age confidence
k8s.io/api require patch v0.36.1v0.36.2 age confidence
k8s.io/apimachinery require patch v0.36.1v0.36.2 age confidence
k8s.io/client-go require patch v0.36.1v0.36.2 age confidence
opentelemetry-operator (source) minor 0.113.10.119.0 age confidence

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.


Release Notes

cert-manager/cert-manager (cert-manager/cert-manager)

v1.21.0

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

cert-manager 1.21 brings ACME Renewal Information (ARI) support, AWS IAM authentication for the Vault issuer, several security hardening changes, and continued improvements to Gateway API integration and cainjector. There are three breaking changes related to Helm chart RBAC and metrics values — review them carefully before upgrading.

Known Issues

  • Log spam for non-cert-manager-labelled Secret events: the typed predicates refactoring (#​8407) causes filteredEventHandler type assertion failures ("OnAdd missing Object", "OnUpdate missing ObjectOld", "OnDelete missing Object") for every non-cert-manager-labelled Secret event, multiplied by 7 certificate sub-controllers. This is cosmetic only — the affected controllers only need events from cert-manager-labelled Secrets (which arrive via the typed informer); the metadata informer events were always filtered out by predicates in previous versions. Issuer and ClusterIssuer controllers are not affected. See #​8994 for details.

Major Themes

Default tokenrequest RBAC removed from Helm chart

⚠️ Breaking change

The Helm chart no longer creates a default Role and RoleBinding granting the cert-manager controller permission to create tokens for its own ServiceAccount (serviceaccounts/token: create). No documented workflow requires this RBAC — the Route53 docs section that motivated it was removed in 2024.

If you use serviceAccountRef.name pointing at the controller ServiceAccount, you must now either create your own Role/RoleBinding granting serviceaccounts/token: create, or migrate to a dedicated ServiceAccount (recommended — see the Vault or Route53 documentation).

Restrict Challenge and Order RBAC in cert-manager-edit ClusterRole

⚠️ Potentially breaking change

The cert-manager-edit aggregate ClusterRole no longer grants create for challenges.acme.cert-manager.io or create, patch, update for orders.acme.cert-manager.io (GHSA-8rvj-mm4h-c258). These resources are internal to cert-manager's ACME workflow. Challenge patch and update are retained because users may need them to remove stuck finalizers.

This change was already shipped in v1.20.3 and v1.19.6, so if you are running one of those versions this will not be a breaking change. If you have tooling that creates Challenge or Order resources directly, you will need to grant those permissions explicitly.

Metrics port name and path Helm values removed

⚠️ Breaking change

The Helm values prometheus.servicemonitor.targetPort, prometheus.servicemonitor.path, and prometheus.podmonitor.path have been removed. The controller Service metrics port has been renamed from tcp-prometheus-servicemonitor to http-metrics. Because the Helm values schema uses additionalProperties: false, users who still have any of the removed keys in their values overrides will see a schema validation error on upgrade — remove them before upgrading. (#​8952)

ACME and Certificate Management
  • ACME Renewal Information (ARI): experimental support for RFC 9773 behind the ACMEUseARI feature gate. When enabled, cert-manager queries the ACME server's renewalInfo endpoint for the recommended renewal window, allowing servers like Let's Encrypt to proactively prompt renewal during mass revocations or CA key rollovers. (#​8798)
  • waitInsteadOfSelfCheck solver option: skip cert-manager's own self-check and instead wait a configured duration before asking the ACME server to validate. An escape hatch for split-horizon DNS and NAT hairpin environments. See configuration details. (#​8858)
  • AWS IAM authentication for Vault: the Vault issuer now supports IRSA, EKS Pod Identity, and ambient EC2/ECS credentials, removing the need for long-lived AWS Secrets. (#​8422)
  • Certificate renewal policies: a new renewalPolicies field on the Certificate API provides more expressive control over renewal scheduling, complementing renewBefore and renewBeforePercentage. (#​8258)
  • Configurable CertificateRequest retry backoff: the new --certificate-request-maximum-backoff-duration flag (default: 32 hours) caps the exponential backoff for failed CertificateRequests, useful for environments with scheduled CA maintenance windows. (#​8893)
  • Modern2026 PKCS#12 profile: a new FIPS 140-3 compatible encoding profile using AES-256 + SHA-256 KDFs instead of legacy 3DES/RC2. (#​8841)
  • Webhook certificate renewal after system suspend: the webhook now detects missed certificate renewals after system suspend (S3/S4) or VM live migration by polling wall-clock time, recovering within one minute of resume. (#​8464)
Gateway API and cainjector
  • HTTP01 ListenerSet parentRef fallback: the acme.cert-manager.io/http01-parentreffallback: "true" annotation causes cert-manager to use the parent Gateway for solver HTTPRoutes instead of the ListenerSet, enabling TLS-only ListenerSets to use a shared HTTP listener for ACME challenges. (#​8749)
  • cert-manager.io/ignore-tls-listeners annotation: exclude specific Gateway TLS listeners from certificate management. (#​8727)
  • Additional listener protocols: configurable listener protocols beyond the default set. (#​8683)
  • enableGatewayAPI configuration restructure: enableGatewayAPI and enableGatewayAPIListenerSet are deprecated in favor of gatewayAPI.enabled / gatewayAPI.enableListenerSet. The old fields continue to work. (#​8732)
  • CAInjectorMerging promoted to GA: unconditionally enabled; will be removed in a future release. (#​8583)
  • cainjector server-side apply unconditional: the ServerSideApply feature gate is deprecated. (#​8692)
  • cainjector --ignore-namespaces flag: skip specified namespaces when watching Secrets for injection. (#​8614)
Deployment and Observability
  • Venafi OAuth token observability: a new AuthFailed Issuer condition reason distinguishes bad credentials from transient errors. PANW NGTS is now supported as a Venafi backend. (#​8808, #​8779)
  • runtimeClassName support: configurable for cert-manager components and ACME HTTP01 solver pods. (#​8791, #​8976)
  • startupapicheck.ttlSecondsAfterFinished: opt-in automatic cleanup of the startupapicheck Job. (#​8523)
  • --acme-http01-solver-extra-labels: propagate global.commonLabels to dynamically-created ACME HTTP01 solver resources. (#​8761)
Notable Bug Fixes
  • Integer overflow in renewBeforePercentage: Certificates with durations longer than approximately 3 years were incorrectly rejected or assigned incorrect renewal times. (#​8947)
  • Infinite re-issuance loop: cert-manager no longer loops when an issuer returns an already-expired certificate. (#​8610)
  • ACME transient network errors: challenges no longer permanently fail on TLS handshake timeouts, DNS resolution failures, or context cancellation during nonce fetches and authorization waits. (#​8760)
  • DNS-over-HTTPS response body cap: response body reads are now bounded at 128 KB to prevent potential OOM. (#​8803)
  • Vault path traversal: the Vault issuer webhook now rejects .. path segments, preventing path.Join from silently resolving relative segments. (#​8930)
  • DNS issuer secrets validated before ready: prevents silent misconfiguration. (#​8255)

Community

As always, we'd like to thank all of the community members who helped in this release cycle, including all below who merged a PR and anyone that helped by commenting on issues, testing, or getting involved in cert-manager meetings. We're lucky to have you involved.

A special thanks to:

for their contributions, comments and support!

Also, thanks to the cert-manager maintainer team for their help in this release:

And finally, thanks to the cert-manager steering committee for their feedback in this release cycle:

Changes since v1.20.0

Feature
  • Add Venafi OAuth token request observability and a new AuthFailed Issuer condition reason to distinguish bad credentials from transient infrastructure errors. (#​8808, @​FelixPhipps)
  • Add certificateRequestMaximumBackoffDuration controller configuration option to cap retry backoff time for failed CertificateRequests. Configurable via config file, --certificate-request-maximum-backoff-duration CLI flag, or Helm value config.certificateRequestMaximumBackoffDuration. Defaults to 32 hours for backward compatibility. (#​8893, @​lunarwhite)
  • Add an optional waitInsteadOfSelfCheck field to ACME HTTP01 and DNS01 solvers so cert-manager can skip its own self-check and ask the ACME server to validate after a configured wait. (#​8858, @​wallrj)
  • Add configurable runtimeClassName support for cert-manager components and ACME HTTP01 solver pods. (#​8791, @​jsoref)
  • Add direct configurable runtimeClassName support for ACME HTTP01 solver pods via the acmesolver.runtimeClassName Helm value. (#​8976, @​erikgb)
  • Add new controller flag --acme-http01-solver-extra-labels, allowing Helm's global.commonLabels to propagate to all dynamically-created ACME HTTP01 solver resources (Pods, Services, Ingresses, or Gateway API HTTPRoutes). (#​8761, @​lunarwhite)
  • Add opt-in startupapicheck.ttlSecondsAfterFinished Helm value to enable automatic cleanup of the startupapicheck Job via the Kubernetes TTL-after-finished controller. (#​8523, @​dap0am)
  • Added ARI support through the ACMEUseARI feature gate. (#​8798, @​hjoshi123)
  • Added AWS IAM authentication support for Vault issuer, including IRSA (IAM Roles for Service Accounts) and ambient credentials (EC2/ECS). (#​8422, @​bitloi)
  • Added cert-manager.io/ignore-tls-listeners annotation for ignoring gwapi listeners. (#​8727, @​hjoshi123)
  • Added option to specify additional listener protocols the GatewayAPI integration will consider when creating certificates. (#​8683, @​ThatsMrTalbot)
  • Adds support for the Modern2026 go-pkcs12 profile and FIPS 140-3 (#​8841, @​seanorama)
  • Cainjector: A new flag --ignore-namespaces was added to the cainjector binary. It can be used to filter out namespaces from being watched for secrets to use for injectables. (#​8614, @​figaw)
  • Disabled client side rate-limiting if AP&F is enabled. (#​8757, @​hjoshi123)
  • Extend the Venafi/CyberArk integration to also support PANW NGTS. (#​8779, @​FelixPhipps)
  • Adding certificate renewal policies (#​8258, @​hjoshi123)
  • Make cainjector use SSA unconditionally and deprecate the ServerSideApply feature gate (#​8692, @​erikgb)
  • Processed annotations cert-manager.io/alt-names, cert-manager.io/ip-sans to Certificates generated from ingress like objects in cert-shim controllers. (#​8927, @​jabbrwcky)
  • Promote the CAInjectorMerging feature gate to GA (#​8583, @​Copilot)
  • When using ACME HTTP-01 with a ListenerSet, setting the annotation acme.cert-manager.io/http01-parentreffallback: "true" causes cert-manager to use the parent Gateway as the solver HTTPRoute parentRef instead of the ListenerSet. This enables TLS-only ListenerSets to rely on a shared Gateway HTTP listener for ACME challenges. (#​8749, @​apkatsikas)
Bug or Regression
  • BREAKING: The Helm chart no longer ships a default Role and RoleBinding granting the cert-manager controller ServiceAccount permission to create tokens for itself (serviceaccounts/token: create). This RBAC was added in v1.16 (#​7213) but no documented workflow requires it, and the motivating Route53 docs section was removed in Oct 2024. If you rely on serviceAccountRef.name pointing at the controller ServiceAccount (an undocumented pattern), you must now create your own Role and RoleBinding granting serviceaccounts/token: create on that ServiceAccount, or migrate to one of the documented patterns (IRSA ambient, or a dedicated ServiceAccount with its own RBAC). (#​8931, @​wallrj-cyberark)
  • ACME challenges no longer terminally fail on transient network errors (TLS handshake timeouts, DNS failures, context cancellation) during nonce fetches and authorization waits. The challenge controller returns the error and lets the workqueue retry with backoff. (#​8760, @​texasich)
  • Add dns issuer secrets validation before marking it as ready (#​8255, @​Peac36)
  • Add missing issuer finalizer RBAC to the order controller to support owner references (#​8654, @​erikgb)
  • ClusterIssuer metrics collector now correctly respects the enabled-controllers configuration, avoiding a redundant startup when only operating within a namespace. (#​8822, @​lunarwhite)
  • Fix Venafi TPP issuer setup and signing regression on master: restore authentication of the vcert connector in the client constructor, which was removed in #​8808. (#​8843, @​wallrj-cyberark)
  • Fix a performance issue in the certificateRequestApproval webhook where CertificateRequests referencing a GroupKind whose CRD is not yet installed would trigger repeated API server discovery queries on every admission request. Negative results are now cached for 30 seconds. (#​8651, @​mateenali66)
  • Fix webhook serving certificate not being renewed after system suspend. (#​8464, @​Peac36)
  • Fixed a rare panic in the trigger controller when a Certificate is deleted from the informer cache while a reconcile is in progress (e.g. during namespace teardown). (#​8962, @​hjoshi123)
  • Fixed an integer overflow in renewBeforePercentage calculations that caused Certificates with durations longer than approximately 3 years to be incorrectly rejected by validation or assigned incorrect renewal times. (#​8947, @​ThatsMrTalbot)
  • Fixed duplicate parentRef bug when both issuer config and annotations are present. (#​8619, @​hjoshi123)
  • Fixed infinite re-issuance loop when issuer returns an already expired certificate (#​8610, @​onurmicoogullari)
  • Fixed local e2e-setup-samplewebhook installation to use the samplewebhook image repository and tag from the saved image tarball manifest. (#​8821, @​wallrj)
  • Fixed potential OOM in DNS-over-HTTPS client by bounding response body read with io.LimitReader (128 KB cap). (#​8803, @​SebTardif)
  • Fixed validation of timezone-prefixed renewal window cron specs without a schedule. (#​8813, @​immanuwell)
  • Helm chart bugfix: rename image helper to avoid umbrella chart conflicts (#​8753, @​FelixPhipps)
  • Helm: Fix invalid YAML generated when both webhook.config and webhook.volumes are defined. (#​8664, @​jnohlgard)
  • Remove ACME Challenge create and Order create/patch/update from the cert-manager-edit aggregate ClusterRole to prevent direct manipulation of these internal resources (GHSA-8rvj-mm4h-c258). (#​8958, @​wallrj-cyberark)
  • Remove issuer owner reference from challenges blocking challenge garbage collection (#​8743, @​erikgb)
  • Update logic to identify and preserve the secret matching nextPrivateKeySecretName (#​8577, @​putongyong)
  • Vault Issuer webhook validation now rejects .. path segments in spec.vault.path and auth mount path fields, preventing path.Join from silently resolving relative segments before constructing the Vault API request. (#​8930, @​wallrj-cyberark)
Other (Cleanup or Flake)
  • API cleanup: removed deprecated ObjectReference (#​8625, @​inteon)
  • Remove Helm values prometheus.servicemonitor.targetPort, prometheus.servicemonitor.path, and prometheus.podmonitor.path. The metrics path is always /metrics and the target port is always http-metrics. Rename the controller service metrics port from tcp-prometheus-servicemonitor to http-metrics for consistency with other workloads. Users must remove these keys from their value overrides before upgrading. (#​8952, @​erikgb)
  • The enableGatewayAPI and enableGatewayAPIListenerSet fields on ControllerConfiguration are deprecated and moved into the gatewayAPI sub-struct as gatewayAPI.enabled and gatewayAPI.enableListenerSet. The old fields continue to work. (#​8732, @​ThatsMrTalbot)
  • Update base images to Debian 13 (#​8849, @​ltwongaa)

v1.20.3

Compare Source

cert-manager is the easiest way to automatically manage certificates in Kubernetes and OpenShift clusters.

This patch release fixes a security issue (GHSA-8rvj-mm4h-c258, HIGH) where the default cert-manager-edit aggregate ClusterRole granted namespace users permission to create ACME Challenge and Order resources directly. A user who could create a Challenge referencing a ClusterIssuer could supply attacker-controlled solver configuration while cert-manager loaded credentials from the ClusterIssuer's namespace, bypassing Issuer solver selectors (dnsZones, dnsNames, matchLabels). With the acme-dns provider specifically, this could disclose DNS credentials to an attacker-controlled endpoint.

This release also removes the issuer owner reference from Challenges which was blocking Challenge garbage collection, and updates Go to fix reported CVEs.

All users should upgrade.

[!WARNING]
Potentially breaking change: The cert-manager-edit aggregate ClusterRole no longer grants create for challenges.acme.cert-manager.io or create, patch, update for orders.acme.cert-manager.io. These resources are internal to cert-manager's ACME workflow and are not intended to be created or modified directly by users. If you have tooling or workflows that create Challenge or Order resources directly (outside of the normal Certificate → CertificateRequest → Order → Challenge flow), you will need to grant those permissions explicitly.

Changes by Kind

Bug or Regression
Other (Cleanup or Flake)
onsi/ginkgo (github.com/onsi/ginkgo/v2)

v2.32.0

Compare Source

2.32.0

-fd generate RSpec-style documentation output. Thank @​woodie !
--sleep-on-failure pauses a failed spec before teardown. Thanks @​qinqon !

v2.31.0

Compare Source

2.31.0

Add a bunch of Claude Skills via the marketplace:

/plugin marketplace add onsi/ginkgo
/plugin install ginkgo@ginkgo

v2.30.0

Compare Source

2.30.0

Features

Ginkgo now allows extentions/global.Reset to support running multiple suites from within a single process. This may take some massaging on your part (see 1672) but can dramatically speed up codebases with O(hundreds) of test suites.

Thanks @​lawrencejones !

Fixes
  • Fix nested --github-output group for progress report nested inside timeline [4f62d7a]
onsi/gomega (github.com/onsi/gomega)

v1.42.1

Compare Source

1.42.1

Bump Dependencies

v1.42.0

Compare Source

1.42.0

Add a set of Claude skill as a marketplace plugin

open-telemetry/opentelemetry-operator (github.com/open-telemetry/opentelemetry-operator)

v0.156.0

Compare Source

0.156.0

🧰 Bug fixes 🧰
  • collector: Honor spec.observability.metrics.disablePrometheusAnnotations: true on update by removing the operator-stamped prometheus.io annotations from the pod template, not just stopping new ones from being added. (#​5043)
    Previously the pod-template mutate path preserved any annotation that
    existed on the current resource but was absent from the desired render,
    so toggling disablePrometheusAnnotations from false to true on an
    existing OpenTelemetryCollector left the prometheus.io/scrape, port,
    and path annotations stuck on the rolled pods. The operator now stamps
    an ownership marker (operator.opentelemetry.io/prometheus-annotations-added)
    whenever it adds one of the default prometheus.io/* annotations, and
    the mutate path strips those annotations only when the marker is
    present on the existing pod template. This preserves prometheus.io/*
    annotations the user set out of band on the same collector.
Components

v0.155.0

Compare Source

0.155.0

🧰 Bug fixes 🧰
  • operator: Fix NetworkPolicy and operand network policy defaulting when webhooks run in a separate deployment. (#​5288)
  • collector: Collectors with persistent storage no longer fail with "permission denied" on OpenShift when running under a permissive SCC such as anyuid. (#​5224)
    On OpenShift, the restricted SCC injects fsGroup from the namespace range, but
    permissive SCCs (e.g. anyuid) do not. The controller now defaults
    podSecurityContext.fsGroup from the namespace's supplemental-groups or UID range
    annotation when no explicit fsGroup is configured. An explicitly set fsGroup is
    never overwritten.
Components

v0.154.0

Compare Source

0.154.0

🛑 Breaking changes 🛑
  • collector: Promote the operator.collector.usedefaulttelemetryshape feature gate to beta. The operator-injected Prometheus telemetry reader now uses collector defaults by default — metric names from operator-managed collectors no longer carry type suffixes, units, or scope_info. (#​5075)
    Users wanting the pre-v0.154.0 metric name shape can disable the gate via --feature-gates=-operator.collector.usedefaulttelemetryshape, or pin without_type_suffix/without_units/without_scope_info to false explicitly under spec.config.service.telemetry. The gate will be promoted to stable and removed in a future release.
💡 Enhancements 💡
  • collector: Add status.observedGeneration and status.conditions support for OpenTelemetryCollector resources. (#​4312)

  • operator: Add pod-webhook subcommand for running a standalone pod mutation webhook (#​5010)
    The operator binary now supports a pod-webhook subcommand that runs only the pod mutation
    webhook (auto-instrumentation and sidecar injection) without the controllers. This enables
    deploying the webhook separately.

  • opampbridge: Add TLS configuration support to the OpAMP Bridge, including options to disable TLS or skip certificate verification. (#​4921)

  • opamp: Allow standalone OpAMP bridge agents to configure per-agent non-identifying attributes. (#​5245)

  • opamp-bridge: Make standalone OpAMP Bridge manifests and runtime permissions friendlier for OpenShift and namespaced RBAC. (#​5277)

  • operator: Add standalone pod webhook deployment for High Availability on OpenShift (#​5010)
    On OpenShift with OLM, the pod mutation webhook (auto-instrumentation and sidecar injection)
    is now deployed as a standalone Deployment with 2 replicas by default, enabling HA.

    OpenShift with OLM:

    • The standalone webhook deployment is managed by OLM via the CSV
    • Default: 2 replicas for HA
    • Pod anti-affinity spreads replicas across different nodes
    • PodDisruptionBudget with maxUnavailable: 1 ensures availability during node maintenance
    • Only scaling down is supported via OPENSHIFT_WEBHOOK_REPLICAS env var in the Subscription (0 or 1)
    • TLS certificates are automatically provisioned by OLM
    • Automatic cleanup when operator is uninstalled (OLM garbage collection)

    Kubernetes (community bundle):

    • No change - pod webhook continues to run as part of the operator deployment
  • opamp-bridge: OpAMP Bridge standalone mode (#​4913)
    Standalone mode for OpAMP Bridge allows users to manage collector configuration from a remote
    OpAMP server without the need to deploy full Otel Operator.

  • operator: Move all webhooks to the dedicated webhook deployment. (#​5010)
    This change moves remaining webhooks (defaulting, validating for: Collector, TargetAllocator, Instrumentation, OpAMPBridge) to the dedicated webhook deployment.
    Previously, only the pod mutation webhook was served by the webhook deployment, while the other webhooks were served by the controller-manager.
    The dedicated webhook deployment is opt-in and enabled by default only on OpenShift with OLM.

🧰 Bug fixes 🧰
  • target allocator: Fix silent target loss when group labels are present in static_configs by sorting labels globally in processTargetGroups. (#​4967)
    ScratchBuilder.Labels() serializes labels in insertion order. When group labels sort
    alphabetically after target labels (e.g. vendor > address), Labels.Get() early
    termination returns empty, causing hash collisions that silently drop targets.

  • auto-instrumentation: Use MergeFrom patch for Instrumentation blocked-versions status to avoid overwriting unrelated status fields. (#​5243)

  • target allocator: Accept a prometheus receiver that only declares target_allocator: without a config: block. (#​2998)
    When the prometheus receiver is configured with only a target_allocator: block and no config:,
    reconciliation previously failed with no prometheusConfig available as part of the configuration.
    The target allocator supplies scrape configuration externally in this mode (e.g. via discovered
    PrometheusCR objects), so the operator now skips the scrape_configs cleanup when no config:
    block is present. The webhook validator likewise permits this shape.

Components

v0.153.0

Compare Source

0.153.0

🛑 Breaking changes 🛑
  • api: Move apis package to a separate sub-module (#​4362)

    • Yaml standalone functions in internal/otelconfig is moved to a methods on *Config (package apis/v1beta1)
    • Move CheckTargetAllocatorPrometheusCRPolicyRules from apis/v1beta1/targetallocator_rbac.go to internal/webhook/targetallocator_rbac.go + rename it to checkTargetAllocatorPrometheusCRPolicyRules.
    • OpenTelemetryCollector is not implementing the Convertible interface from sigs.k8s.io/controller-runtime/pkg/conversion, but implements 2 helper function the achieve the same functionality:
      • OtelColConvertTo(otc *OpenTelemetryCollector, dstRaw any) error
      • OtelColConvertFrom(otc *OpenTelemetryCollector, srcRaw any) error
    • Move apis package to a dedicated sub-module.
  • target allocator: The operator.targetallocator.mtls feature gate has been removed. mTLS is now configured per-CR via spec.mtls.enabled on the TargetAllocator or Collector resource. (#​5136)
    Set spec.mtls.useCertManager: false to provide your own TLS secrets instead of having cert-manager provision them.

💡 Enhancements 💡
  • collector: Add optional spec.command to OpenTelemetryCollector to override the collector container entrypoint (#​3188)
    spec.command is a []string matching Pod.spec.containers[].command.

  • target allocator: Add allowInsecureAuthSecrets option to serve auth secret values over plain HTTP without mTLS (#​3746)
    Adds a new allowInsecureAuthSecrets field to both the TargetAllocator CRD and the
    embedded TargetAllocator in the OpenTelemetryCollector CRD. When enabled, auth secret
    values (e.g. basicAuth passwords) are served over plain HTTP instead of being masked.
    This is useful when transport security is handled by a service mesh or equivalent.

🧰 Bug fixes 🧰
  • must-gather: Fix must-gather output to produce omc-compatible directory layout and correct YAML serialization (#​4965)
    Previously collected files used a per-collector directory with kind-prefixed filenames (e.g. namespaces/<ns>/<collector-name>/deployment-<name>.yaml),
    which omc cannot parse. Output now follows the standard omc layout (namespaces/<ns>/<api-group>/<resource-plural>/<name>.yaml).
    Also fixes missing apiVersion/kind fields in serialized YAML, incorrect default output directory, and adds collection of CRDs and OpAMPBridge resources.

  • opamp: Skip OpenTelemetryCollector instances with a non-nil DeletionTimestamp when building EffectiveConfig (#​5170)
    ListInstances returns objects with DeletionTimestamp set until finalizers complete.
    Reporting them as effective races with the bridge's own Delete calls in applyRemoteConfig.

  • collector: Fix Service reconciliation to propagate trafficDistribution, internalTrafficPolicy, ipFamilies, and ipFamilyPolicy changes (#​5141)

Components
open-telemetry/opentelemetry-collector (go.opentelemetry.io/collector/component)

v1.62.0

💡 Enhancements 💡
  • cmd/mdatagen: Add support for defining stability levels for resource attributes (#​15312)
  • cmd/mdatagen: Add semantic convention reference to resource attributes (#​15313)
  • processor/memory_limiter: Adding health events for the memorylimiter (#​14700)
    Publish health event from memorylimiter using componentstatus.ReportStatus
🧰 Bug fixes 🧰
  • cmd/mdatagen: Removes the extra line in the documentation.md between extended description and table (#​15458)

  • exporter/otlp_http: Treat errors parsing successful (2xx) HTTP response bodies as permanent errors to prevent retrying already-accepted data. (#​15386)
    When a server returns a 2xx status but the response body exceeds the 64kB read limit,
    the body is truncated and proto unmarshaling fails. Previously this was treated as a
    retryable error, causing duplicate data to be exported. Now it is marked as a permanent
    error so the retry logic will not re-send data that was already accepted by the server.

  • pkg/config/configretry: Always validate BackOffConfig fields regardless of the Enabled flag. (#​15437)

  • pkg/service: Ensure receivers always start after all other components (#​15495)
    There was previously a race condition where multiple receivers using a shared internal implementation,
    such as the OTLP receiver, could start sending telemetry into a pipeline before all its components had fully started.

  • processor/memory_limiter: Fix degenerate collector per

Note

PR body was truncated to here.


Configuration

📅 Schedule: (in timezone Etc/UTC)

  • Branch creation
    • Between 12:00 AM and 03:59 AM (* 0-3 * * *)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot added the dependencies Pull requests that update a dependency file label May 26, 2026
@renovate

renovate Bot commented May 26, 2026

Copy link
Copy Markdown
Contributor Author

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 63 additional dependencies were updated

Details:

Package Change
github.com/grpc-ecosystem/grpc-gateway/v2 v2.28.0 -> v2.29.0
github.com/knadh/koanf/v2 v2.3.4 -> v2.3.5
github.com/prometheus/common v0.67.5 -> v0.68.0
github.com/shirou/gopsutil/v4 v4.26.4 -> v4.26.5
go.opentelemetry.io/collector/component/componentstatus v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/component/componenttest v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/confmap v1.59.0 -> v1.60.0
go.opentelemetry.io/collector/confmap/xconfmap v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/connector v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/connector/connectortest v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/connector/xconnector v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/consumer v1.59.0 -> v1.60.0
go.opentelemetry.io/collector/consumer/consumererror v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/consumer/consumertest v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/consumer/xconsumer v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/exporter v1.59.0 -> v1.60.0
go.opentelemetry.io/collector/exporter/exportertest v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/exporter/xexporter v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/extension v1.59.0 -> v1.60.0
go.opentelemetry.io/collector/extension/extensionauth v1.59.0 -> v1.60.0
go.opentelemetry.io/collector/extension/extensioncapabilities v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/extension/extensiontest v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/featuregate v1.59.0 -> v1.60.0
go.opentelemetry.io/collector/internal/componentalias v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/internal/fanoutconsumer v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/internal/telemetry v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/pdata v1.59.0 -> v1.60.0
go.opentelemetry.io/collector/pdata/pprofile v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/pdata/testdata v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/pdata/xpdata v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/pipeline/xpipeline v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/processor v1.59.0 -> v1.60.0
go.opentelemetry.io/collector/processor/processortest v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/processor/xprocessor v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/receiver v1.59.0 -> v1.60.0
go.opentelemetry.io/collector/receiver/receivertest v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/receiver/xreceiver v0.153.0 -> v0.154.0
go.opentelemetry.io/collector/service/hostcapabilities v0.153.0 -> v0.154.0
go.opentelemetry.io/contrib/bridges/otelzap v0.18.0 -> v0.19.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.68.0 -> v0.69.0
go.opentelemetry.io/contrib/otelconf v0.23.0 -> v0.24.0
go.opentelemetry.io/contrib/propagators/b3 v1.43.0 -> v1.44.0
go.opentelemetry.io/otel v1.43.0 -> v1.44.0
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.19.0 -> v0.20.0
go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.19.0 -> v0.20.0
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.43.0 -> v1.44.0
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.43.0 -> v1.44.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.43.0 -> v1.44.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.43.0 -> v1.44.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.43.0 -> v1.44.0
go.opentelemetry.io/otel/exporters/prometheus v0.65.0 -> v0.66.0
go.opentelemetry.io/otel/exporters/stdout/stdoutlog v0.19.0 -> v0.20.0
go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.43.0 -> v1.44.0
go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.43.0 -> v1.44.0
go.opentelemetry.io/otel/log v0.19.0 -> v0.20.0
go.opentelemetry.io/otel/metric v1.43.0 -> v1.44.0
go.opentelemetry.io/otel/sdk v1.43.0 -> v1.44.0
go.opentelemetry.io/otel/sdk/log v0.19.0 -> v0.20.0
go.opentelemetry.io/otel/sdk/metric v1.43.0 -> v1.44.0
go.opentelemetry.io/otel/trace v1.43.0 -> v1.44.0
golang.org/x/exp v0.0.0-20260312153236-7ab1446f8b90 -> v0.0.0-20260527015227-08cc5374adb3
google.golang.org/genproto/googleapis/api v0.0.0-20260406210006-6f92a3bedf2d -> v0.0.0-20260526163538-3dc84a4a5aaa
google.golang.org/genproto/googleapis/rpc v0.0.0-20260511170946-3700d4141b60 -> v0.0.0-20260526163538-3dc84a4a5aaa

@renovate renovate Bot force-pushed the renovate/all branch from ba4266f to 59ed765 Compare May 26, 2026 20:57
@renovate renovate Bot changed the title chore(deps): update module github.com/open-telemetry/opentelemetry-operator to v0.152.0 chore(deps): update all dependencies May 26, 2026
@renovate renovate Bot force-pushed the renovate/all branch 4 times, most recently from f97dc64 to fbc450c Compare June 3, 2026 06:10
@renovate renovate Bot force-pushed the renovate/all branch 4 times, most recently from 8a5a702 to 02d7293 Compare June 11, 2026 08:18
@renovate

renovate Bot commented Jun 11, 2026

Copy link
Copy Markdown
Contributor Author

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

  • any of the package files in this branch needs updating, or
  • the branch becomes conflicted, or
  • you click the rebase/retry checkbox if found above, or
  • you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum
Command failed: go get -t ./...
go: module github.com/open-telemetry/opentelemetry-operator@v0.156.0 requires go >= 1.26.3; switching to go1.26.5
go: downloading go1.26.5 (linux/amd64)
go: downloading github.com/open-telemetry/opentelemetry-operator v0.156.0
go: downloading github.com/open-telemetry/opentelemetry-operator/apis v0.0.0-unpublished
go: downloading go.opentelemetry.io/collector/component v1.62.0
go: downloading go.opentelemetry.io/collector/config/configcompression v1.62.0
go: downloading go.opentelemetry.io/collector/config/configopaque v1.62.0
go: downloading k8s.io/api v0.36.2
go: downloading k8s.io/apimachinery v0.36.2
go: downloading k8s.io/client-go v0.36.2
go: downloading sigs.k8s.io/controller-runtime v0.24.1
go: downloading emperror.dev/errors v0.8.1
go: downloading github.com/cisco-open/operator-tools v0.38.0
go: downloading github.com/onsi/ginkgo/v2 v2.32.0
go: downloading github.com/onsi/gomega v1.42.1
go: downloading github.com/go-logr/logr v1.4.3
go: downloading github.com/hashicorp/go-multierror v1.1.1
go: downloading github.com/stretchr/testify v1.11.1
go: downloading github.com/google/go-cmp v0.7.0
go: downloading sigs.k8s.io/yaml v1.6.0
go: downloading github.com/prometheus/client_golang v1.23.2
go: downloading go.opentelemetry.io/collector/config/configauth v1.62.0
go: downloading github.com/mitchellh/mapstructure v1.5.0
go: downloading go.opentelemetry.io/collector/config/configtelemetry v0.156.0
go: downloading go.opentelemetry.io/collector/otelcol v0.156.0
go: downloading go.opentelemetry.io/collector/pipeline v1.62.0
go: downloading go.opentelemetry.io/collector/service v0.156.0
go: downloading go.uber.org/zap v1.28.0
go: downloading go.opentelemetry.io/collector/pdata v1.62.0
go: downloading go.opentelemetry.io/otel/metric v1.44.0
go: downloading go.opentelemetry.io/otel v1.44.0
go: downloading go.opentelemetry.io/otel/trace v1.44.0
go: downloading go.opentelemetry.io/collector/confmap v1.62.0
go: downloading k8s.io/klog/v2 v2.140.0
go: downloading gopkg.in/inf.v0 v0.9.1
go: downloading k8s.io/utils v0.0.0-20260626114624-be93311217bd
go: downloading sigs.k8s.io/randfill v1.0.0
go: downloading k8s.io/kube-openapi v0.0.0-20260603220949-865597e52e25
go: downloading sigs.k8s.io/structured-merge-diff/v6 v6.4.0
go: downloading github.com/go-logr/zapr v1.3.0
go: downloading k8s.io/apiserver v0.36.2
go: downloading gomodules.xyz/jsonpatch/v2 v2.5.0
go: downloading github.com/pkg/errors v0.9.1
go: downloading go.uber.org/multierr v1.11.0
go: downloading github.com/cisco-open/k8s-objectmatcher v1.10.0
go: downloading github.com/json-iterator/go v1.1.12
go: downloading k8s.io/apiextensions-apiserver v0.36.2
go: downloading github.com/evanphx/json-patch/v5 v5.9.11
go: downloading github.com/evanphx/json-patch v5.9.11+incompatible
go: downloading github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822
go: downloading golang.org/x/net v0.56.0
go: downloading github.com/hashicorp/errwrap v1.1.0
go: downloading github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
go: downloading github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2
go: downloading go.yaml.in/yaml/v2 v2.4.4
go: downloading github.com/beorn7/perks v1.0.1
go: downloading github.com/cespare/xxhash/v2 v2.3.0
go: downloading github.com/prometheus/client_model v0.6.2
go: downloading github.com/prometheus/common v0.69.0
go: downloading github.com/prometheus/procfs v0.20.1
go: downloading golang.org/x/sys v0.46.0
go: downloading google.golang.org/protobuf v1.36.12-0.20260120151049-f2248ac996af
go: downloading go.opentelemetry.io/collector/extension/extensionauth v1.62.0
go: downloading go.opentelemetry.io/collector/extension v1.62.0
go: downloading github.com/spf13/cobra v1.10.2
go: downloading go.opentelemetry.io/collector/confmap/xconfmap v0.156.0
go: downloading go.opentelemetry.io/collector/connector v0.156.0
go: downloading go.opentelemetry.io/collector/exporter v1.62.0
go: downloading go.opentelemetry.io/collector/extension/extensioncapabilities v0.156.0
go: downloading go.opentelemetry.io/collector/featuregate v1.62.0
go: downloading go.opentelemetry.io/collector/internal/componentalias v0.156.0
go: downloading go.opentelemetry.io/collector/processor v1.62.0
go: downloading go.opentelemetry.io/collector/receiver v1.62.0
go: downloading go.yaml.in/yaml/v3 v3.0.4
go: downloading go.opentelemetry.io/collector/component/componentstatus v0.156.0
go: downloading gonum.org/v1/gonum v0.17.0
go: downloading go.opentelemetry.io/collector/pipeline/xpipeline v0.156.0
go: downloading github.com/google/uuid v1.6.0
go: downloading go.opentelemetry.io/contrib/bridges/otelzap v0.19.0
go: downloading go.opentelemetry.io/contrib/otelconf v0.24.0
go: downloading go.opentelemetry.io/contrib/propagators/b3 v1.44.0
go: downloading go.opentelemetry.io/otel/log v0.20.0
go: downloading sigs.k8s.io/json v0.0.0-20250730193827-2d320260d730
go: downloading golang.org/x/oauth2 v0.36.0
go: downloading k8s.io/component-base v0.36.2
go: downloading github.com/fsnotify/fsnotify v1.10.1
go: downloading github.com/cppforlife/go-patch v0.2.0
go: downloading gopkg.in/yaml.v2 v2.4.0
go: downloading github.com/iancoleman/orderedmap v0.3.0
go: downloading github.com/spf13/cast v1.10.0
go: downloading github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd
go: downloading github.com/modern-go/reflect2 v1.0.3-0.20250322232337-35a7c28c31ee
go: downloading golang.org/x/time v0.15.0
go: downloading github.com/Masterminds/semver/v3 v3.5.0
go: downloading github.com/fxamacker/cbor/v2 v2.9.2
go: downloading golang.org/x/term v0.44.0
go: downloading gopkg.in/yaml.v3 v3.0.1
go: downloading google.golang.org/grpc v1.82.0
go: downloading github.com/inconshreveable/mousetrap v1.1.0
go: downloading github.com/spf13/pflag v1.0.10
go: downloading go.opentelemetry.io/collector/consumer v1.62.0
go: downloading go.opentelemetry.io/collector/internal/fanoutconsumer v0.156.0
go: downloading github.com/hashicorp/go-version v1.9.0
go: downloading golang.org/x/exp v0.0.0-20260611194520-c48552f49976
go: downloading go.opentelemetry.io/collector/connector/connectortest v0.156.0
go: downloading go.opentelemetry.io/collector/connector/xconnector v0.156.0
go: downloading go.opentelemetry.io/collector/consumer/xconsumer v0.156.0
go: downloading go.opentelemetry.io/collector/exporter/exportertest v0.156.0
go: downloading go.opentelemetry.io/collector/exporter/xexporter v0.156.0
go: downloading go.opentelemetry.io/collector/extension/extensiontest v0.156.0
go: downloading go.opentelemetry.io/collector/processor/processortest v0.156.0
go: downloading go.opentelemetry.io/collector/processor/xprocessor v0.156.0
go: downloading go.opentelemetry.io/collector/receiver/receivertest v0.156.0
go: downloading go.opentelemetry.io/collector/receiver/xreceiver v0.156.0
go: downloading go.opentelemetry.io/collector/service/hostcapabilities v0.156.0
go: downloading github.com/shirou/gopsutil/v4 v4.26.6
go: downloading go.opentelemetry.io/collector/internal/telemetry v0.156.0
go: downloading github.com/prometheus/otlptranslator v1.0.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc v0.20.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp v0.20.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc v1.44.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v1.44.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.44.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.44.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.44.0
go: downloading go.opentelemetry.io/otel/exporters/prometheus v0.66.0
go: downloading go.opentelemetry.io/otel/exporters/stdout/stdoutlog v0.20.0
go: downloading go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.44.0
go: downloading go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.44.0
go: downloading go.opentelemetry.io/otel/sdk v1.44.0
go: downloading go.opentelemetry.io/otel/sdk/log v0.20.0
go: downloading go.opentelemetry.io/otel/sdk/metric v1.44.0
go: downloading github.com/go-viper/mapstructure/v2 v2.5.0
go: downloading github.com/gobwas/glob v0.2.3
go: downloading github.com/knadh/koanf/maps v0.1.2
go: downloading github.com/knadh/koanf/providers/confmap v1.0.0
go: downloading github.com/knadh/koanf/v2 v2.3.5
go: downloading k8s.io/streaming v0.36.2
go: downloading golang.org/x/sync v0.21.0
go: downloading github.com/blang/semver/v4 v4.0.0
go: downloading github.com/go-openapi/jsonreference v0.21.6
go: downloading github.com/go-openapi/swag v0.26.1
go: downloading github.com/google/gnostic-models v0.7.1
go: downloading github.com/google/cel-go v0.28.1
go: downloading gopkg.in/evanphx/json-patch.v4 v4.13.0
go: downloading github.com/briandowns/spinner v1.23.2
go: downloading github.com/fatih/color v1.19.0
go: downloading github.com/wayneashleyberry/terminal-dimensions v1.1.0
go: downloading github.com/go-task/slim-sprig/v3 v3.0.0
go: downloading golang.org/x/tools v0.46.0
go: downloading golang.org/x/text v0.38.0
go: downloading github.com/x448/float16 v0.8.4
go: downloading go.opentelemetry.io/collector/pdata/pprofile v0.156.0
go: downloading go.opentelemetry.io/collector/component/componenttest v0.156.0
go: downloading go.opentelemetry.io/collector/consumer/consumertest v0.156.0
go: downloading go.opentelemetry.io/collector/consumer/consumererror v0.156.0
go: downloading go.opentelemetry.io/collector/pdata/testdata v0.156.0
go: downloading go.opentelemetry.io/collector/pdata/xpdata v0.156.0
go: downloading github.com/tklauser/go-sysconf v0.3.16
go: downloading go.opentelemetry.io/proto/otlp v1.10.0
go: downloading google.golang.org/genproto/googleapis/rpc v0.0.0-20260610212136-7ab31c22f7ad
go: downloading github.com/go-logr/stdr v1.2.2
go: downloading go.opentelemetry.io/auto/sdk v1.2.1
go: downloading github.com/mitchellh/copystructure v1.2.0
go: downloading github.com/go-openapi/jsonpointer v0.23.1
go: downloading github.com/go-openapi/swag/cmdutils v0.26.1
go: downloading github.com/go-openapi/swag/conv v0.26.1
go: downloading github.com/go-openapi/swag/fileutils v0.26.1
go: downloading github.com/go-openapi/swag/jsonname v0.26.1
go: downloading github.com/go-openapi/swag/jsonutils v0.26.1
go: downloading github.com/go-openapi/swag/loading v0.26.1
go: downloading github.com/go-openapi/swag/mangling v0.26.1
go: downloading github.com/go-openapi/swag/netutils v0.26.1
go: downloading github.com/go-openapi/swag/stringutils v0.26.1
go: downloading github.com/go-openapi/swag/typeutils v0.26.1
go: downloading github.com/go-openapi/swag/yamlutils v0.26.1
go: downloading cel.dev/expr v0.25.1
go: downloading google.golang.org/genproto/googleapis/api v0.0.0-20260610212136-7ab31c22f7ad
go: downloading github.com/mattn/go-colorable v0.1.14
go: downloading github.com/mattn/go-isatty v0.0.22
go: downloading github.com/google/pprof v0.0.0-20260402051712-545e8a4df936
go: downloading github.com/lufia/plan9stats v0.0.0-20251013123823-9fd1530e3ec3
go: downloading github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55
go: downloading github.com/ebitengine/purego v0.10.0
go: downloading github.com/yusufpapurcu/wmi v1.2.4
go: downloading github.com/tklauser/numcpus v0.11.0
go: downloading github.com/cenkalti/backoff/v5 v5.0.3
go: downloading github.com/grpc-ecosystem/grpc-gateway/v2 v2.29.0
go: downloading github.com/mitchellh/reflectwalk v1.0.2
go: downloading sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.34.0
go: downloading go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.69.0
go: downloading github.com/antlr4-go/antlr/v4 v4.13.1
go: downloading golang.org/x/mod v0.37.0
go: downloading github.com/go-ole/go-ole v1.2.6
go: downloading github.com/felixge/httpsnoop v1.1.0
go: downloading github.com/emicklei/go-restful/v3 v3.13.0
go: github.com/kube-logging/telemetry-controller/api/telemetry/v1alpha1 imports
	github.com/open-telemetry/opentelemetry-operator/apis/v1beta1: reading github.com/open-telemetry/opentelemetry-operator/apis/go.mod at revision apis/v0.0.0-unpublished: unknown revision apis/v0.0.0-unpublished

@renovate renovate Bot force-pushed the renovate/all branch 10 times, most recently from 0a3fd99 to 8f4dde5 Compare June 18, 2026 18:14
@renovate renovate Bot force-pushed the renovate/all branch 7 times, most recently from 36727bc to e8b6012 Compare June 22, 2026 18:57
@renovate renovate Bot force-pushed the renovate/all branch 6 times, most recently from 6c65913 to e303f34 Compare June 30, 2026 20:59
@renovate renovate Bot force-pushed the renovate/all branch 14 times, most recently from b35305a to 8ebe850 Compare July 8, 2026 23:00
@renovate renovate Bot force-pushed the renovate/all branch 8 times, most recently from 6ea6d46 to fd85540 Compare July 14, 2026 20:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants