Skip to content

build(deps): bump the go_modules group across 1 directory with 5 updates#82

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go_modules-f396227269
Open

build(deps): bump the go_modules group across 1 directory with 5 updates#82
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go_modules-f396227269

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 2, 2026
edited
Loading

Bumps the go_modules group with 5 updates in the / directory:

Package From To
k8s.io/kubernetes 1.32.8 1.32.10
filippo.io/edwards25519 1.1.0 1.1.1
github.com/go-viper/mapstructure/v2 2.2.1 2.4.0
go.opentelemetry.io/otel/sdk 1.35.0 1.40.0
golang.org/x/crypto 0.38.0 0.45.0

Updates k8s.io/kubernetes from 1.32.8 to 1.32.10

Release notes

Sourced from k8s.io/kubernetes's releases.

Kubernetes v1.32.10

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Kubernetes v1.32.9

See kubernetes-announce@. Additional binary downloads are linked in the CHANGELOG.

See the CHANGELOG for more details.

Commits

Updates filippo.io/edwards25519 from 1.1.0 to 1.1.1

Commits

Updates github.com/go-viper/mapstructure/v2 from 2.2.1 to 2.4.0

Release notes

Sourced from github.com/go-viper/mapstructure/v2's releases.

v2.4.0

What's Changed

New Contributors

Full Changelog: go-viper/mapstructure@v2.3.0...v2.4.0

v2.3.0

What's Changed

New Contributors

Full Changelog: go-viper/mapstructure@v2.2.1...v2.3.0

Commits

Updates go.opentelemetry.io/otel/sdk from 1.35.0 to 1.40.0

Changelog

Sourced from go.opentelemetry.io/otel/sdk's changelog.

[1.40.0/0.62.0/0.16.0] 2026-02-02

Added

  • Add AlwaysRecord sampler in go.opentelemetry.io/otel/sdk/trace. (#7724)
  • Add Enabled method to all synchronous instrument interfaces (Float64Counter, Float64UpDownCounter, Float64Histogram, Float64Gauge, Int64Counter, Int64UpDownCounter, Int64Histogram, Int64Gauge,) in go.opentelemetry.io/otel/metric. This stabilizes the synchronous instrument enabled feature, allowing users to check if an instrument will process measurements before performing computationally expensive operations. (#7763)
  • Add go.opentelemetry.io/otel/semconv/v1.39.0 package. The package contains semantic conventions from the v1.39.0 version of the OpenTelemetry Semantic Conventions. See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.38.0. (#7783, #7789)

Changed

  • Improve the concurrent performance of HistogramReservoir in go.opentelemetry.io/otel/sdk/metric/exemplar by 4x. (#7443)
  • Improve the concurrent performance of FixedSizeReservoir in go.opentelemetry.io/otel/sdk/metric/exemplar. (#7447)
  • Improve performance of concurrent histogram measurements in go.opentelemetry.io/otel/sdk/metric. (#7474)
  • Improve performance of concurrent synchronous gauge measurements in go.opentelemetry.io/otel/sdk/metric. (#7478)
  • Add experimental observability metrics in go.opentelemetry.io/otel/exporters/stdout/stdoutmetric. (#7492)
  • Exporter in go.opentelemetry.io/otel/exporters/prometheus ignores metrics with the scope go.opentelemetry.io/contrib/bridges/prometheus. This prevents scrape failures when the Prometheus exporter is misconfigured to get data from the Prometheus bridge. (#7688)
  • Improve performance of concurrent exponential histogram measurements in go.opentelemetry.io/otel/sdk/metric. (#7702)
  • The rpc.grpc.status_code attribute in the experimental metrics emitted from go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc is replaced with the rpc.response.status_code attribute to align with the semantic conventions. (#7854)
  • The rpc.grpc.status_code attribute in the experimental metrics emitted from go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc is replaced with the rpc.response.status_code attribute to align with the semantic conventions. (#7854)

Fixed

  • Fix bad log message when key-value pairs are dropped because of key duplication in go.opentelemetry.io/otel/sdk/log. (#7662)
  • Fix DroppedAttributes on Record in go.opentelemetry.io/otel/sdk/log to not count the non-attribute key-value pairs dropped because of key duplication. (#7662)
  • Fix SetAttributes on Record in go.opentelemetry.io/otel/sdk/log to not log that attributes are dropped when they are actually not dropped. (#7662)
  • Fix missing request.GetBody in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp to correctly handle HTTP/2 GOAWAY frame. (#7794)
  • WithHostID detector in go.opentelemetry.io/otel/sdk/resource to use full path for ioreg command on Darwin (macOS). (#7818)

Deprecated

[1.39.0/0.61.0/0.15.0/0.0.14] 2025-12-05

Added

  • Greatly reduce the cost of recording metrics in go.opentelemetry.io/otel/sdk/metric using hashing for map keys. (#7175)
  • Add WithInstrumentationAttributeSet option to go.opentelemetry.io/otel/log, go.opentelemetry.io/otel/metric, and go.opentelemetry.io/otel/trace packages. This provides a concurrent-safe and performant alternative to WithInstrumentationAttributes by accepting a pre-constructed attribute.Set. (#7287)
  • Add experimental observability for the Prometheus exporter in go.opentelemetry.io/otel/exporters/prometheus. Check the go.opentelemetry.io/otel/exporters/prometheus/internal/x package documentation for more information. (#7345)
  • Add experimental observability metrics in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc. (#7353)
  • Add temporality selector functions DeltaTemporalitySelector, CumulativeTemporalitySelector, LowMemoryTemporalitySelector to go.opentelemetry.io/otel/sdk/metric. (#7434)
  • Add experimental observability metrics for simple log processor in go.opentelemetry.io/otel/sdk/log. (#7548)
  • Add experimental observability metrics in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc. (#7459)

... (truncated)

Commits
  • a3a5317 Release v1.40.0 (#7859)
  • 77785da chore(deps): update github/codeql-action action to v4.32.1 (#7858)
  • 56fa1c2 chore(deps): update module github.com/clipperhouse/uax29/v2 to v2.5.0 (#7857)
  • 298cbed Upgrade semconv use to v1.39.0 (#7854)
  • 3264bf1 refactor: modernize code (#7850)
  • fd5d030 chore(deps): update module github.com/grpc-ecosystem/grpc-gateway/v2 to v2.27...
  • 8d3b4cb chore(deps): update actions/cache action to v5.0.3 (#7847)
  • 91f7cad chore(deps): update github.com/timakin/bodyclose digest to 73d1f95 (#7845)
  • fdad1eb chore(deps): update module github.com/grpc-ecosystem/grpc-gateway/v2 to v2.27...
  • c46d3ba chore(deps): update golang.org/x/telemetry digest to fcf36f6 (#7843)
  • Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.38.0 to 0.45.0

Commits
  • 4e0068c go.mod: update golang.org/x dependencies
  • e79546e ssh: curb GSSAPI DoS risk by limiting number of specified OIDs
  • f91f7a7 ssh/agent: prevent panic on malformed constraint
  • 2df4153 acme/autocert: let automatic renewal work with short lifetime certs
  • bcf6a84 acme: pass context to request
  • b4f2b62 ssh: fix error message on unsupported cipher
  • 79ec3a5 ssh: allow to bind to a hostname in remote forwarding
  • 122a78f go.mod: update golang.org/x dependencies
  • c0531f9 all: eliminate vet diagnostics
  • 0997000 all: fix some comments
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
build(deps): bump the go_modules group across 1 directory with 5 updates
2a227a3 
Bumps the go_modules group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [k8s.io/kubernetes](https://github.com/kubernetes/kubernetes) | `1.32.8` | `1.32.10` |
| [filippo.io/edwards25519](https://github.com/FiloSottile/edwards25519) | `1.1.0` | `1.1.1` |
| [github.com/go-viper/mapstructure/v2](https://github.com/go-viper/mapstructure) | `2.2.1` | `2.4.0` |
| [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) | `1.35.0` | `1.40.0` |
| [golang.org/x/crypto](https://github.com/golang/crypto) | `0.38.0` | `0.45.0` |



Updates `k8s.io/kubernetes` from 1.32.8 to 1.32.10
- [Release notes](https://github.com/kubernetes/kubernetes/releases)
- [Commits](kubernetes/kubernetes@v1.32.8...v1.32.10)

Updates `filippo.io/edwards25519` from 1.1.0 to 1.1.1
- [Commits](FiloSottile/edwards25519@v1.1.0...v1.1.1)

Updates `github.com/go-viper/mapstructure/v2` from 2.2.1 to 2.4.0
- [Release notes](https://github.com/go-viper/mapstructure/releases)
- [Changelog](https://github.com/go-viper/mapstructure/blob/main/CHANGELOG.md)
- [Commits](go-viper/mapstructure@v2.2.1...v2.4.0)

Updates `go.opentelemetry.io/otel/sdk` from 1.35.0 to 1.40.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.35.0...v1.40.0)

Updates `golang.org/x/crypto` from 0.38.0 to 0.45.0
- [Commits](golang/crypto@v0.38.0...v0.45.0)

---
updated-dependencies:
- dependency-name: k8s.io/kubernetes
  dependency-version: 1.32.10
  dependency-type: direct:production
  dependency-group: go_modules
- dependency-name: filippo.io/edwards25519
  dependency-version: 1.1.1
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: github.com/go-viper/mapstructure/v2
  dependency-version: 2.4.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-version: 1.40.0
  dependency-type: indirect
  dependency-group: go_modules
- dependency-name: golang.org/x/crypto
  dependency-version: 0.45.0
  dependency-type: indirect
  dependency-group: go_modules
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Mar 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants