fix(deps): vuln major upgrades — 12 packages (major: 1 · minor: 11) [src/checkoutservice] by gh-worker-campaigns-3e9aa4[bot] · Pull Request #78 · DataDog/opentelemetry-demo

gh-worker-campaigns-3e9aa4 · 2026-04-23T09:32:08Z

Summary: Critical-severity security update — 12 packages upgraded (MAJOR changes included)

Manifests changed:

src/checkoutservice (go)

✅ Action Required: Please review the changes below. If they look good, approve and merge this PR.

Updates

Package	From	To	Type	Dep Type	Vulnerabilities Fixed
google.golang.org/grpc	v1.59.0	v1.80.0	minor	Direct	3 CRITICAL
go.opentelemetry.io/otel/sdk	v1.20.0	v1.43.0	minor	Direct	1 HIGH
google.golang.org/protobuf	v1.31.0	v1.36.11	minor	Direct	2 MODERATE
go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc	v0.43.0	v1.43.0	major	Direct	-
github.com/go-logr/logr	v1.3.0	v1.4.3	minor	Transitive	-
github.com/google/uuid	v1.4.0	v1.6.0	minor	Direct	-
github.com/grpc-ecosystem/grpc-gateway/v2	v2.17.1	v2.29.0	minor	Transitive	-
go.opentelemetry.io/otel	v1.20.0	v1.43.0	minor	Direct	-
go.opentelemetry.io/otel/metric	v1.20.0	v1.43.0	minor	Transitive	-
go.opentelemetry.io/otel/sdk/metric	v1.20.0	v1.43.0	minor	Direct	-
go.opentelemetry.io/otel/trace	v1.20.0	v1.43.0	minor	Direct	-
go.opentelemetry.io/proto/otlp	v1.0.0	v1.10.0	minor	Transitive	-

Packages marked with "-" are updated due to dependency constraints.

Warning

Major Version Upgrade

This update includes major version changes that may contain breaking changes. Please:

Review the changelog/release notes for breaking changes
Test thoroughly in a staging environment
Update any code that depends on changed APIs
Ensure all tests pass before merging

Security Details

🚨 Critical & High Severity (4 fixed)

Package	CVE	Severity	Summary	Unsafe Version	Fixed In
google.golang.org/grpc	GO-2026-4762	critical	Authorization bypass in gRPC-Go via missing leading slash in :path in google.golang.org/grpc	v1.59.0	1.79.3
google.golang.org/grpc	GHSA-p77j-4mvh-x3m3	CRITICAL	gRPC-Go has an authorization bypass via missing leading slash in :path	v1.59.0	1.79.3
google.golang.org/grpc	CVE-2026-33186	critical	gRPC-Go has an authorization bypass via missing leading slash in :path	v1.59.0	-
go.opentelemetry.io/otel/sdk	GHSA-hfvc-g4fc-pqhx	HIGH	opentelemetry-go: BSD kenv command not using absolute path enables PATH hijacking	v1.20.0	1.43.0

ℹ️ Other Vulnerabilities (2)

Package	CVE	Severity	Summary	Unsafe Version	Fixed In
google.golang.org/protobuf	GHSA-8r3f-844c-mc37	MODERATE	Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON	v1.31.0	1.33.0
google.golang.org/protobuf	GO-2024-2611	MODERATE	Infinite loop in JSON unmarshaling in google.golang.org/protobuf	v1.31.0	1.33.0

Review Checklist

Extra review is recommended for this update:

Review changes for compatibility with your code
Check release notes for breaking changes
Run integration tests to verify service behavior
Test in staging environment before production
Monitor key metrics after deployment
Approve and merge this PR

Update Mode: Vulnerability Remediation (Critical/High)

🤖 Generated by DataDog Automated Dependency Management System

campaigner-prod · 2026-04-23T09:33:14Z

Release Notes

google.golang.org/grpc (v1.59.0 → v1.80.0) — GitHub Release

v1.80.0

Behavior Changes

balancer: log a warning if a balancer is registered with uppercase letters, as balancer names should be lowercase. In a future release, balancer names will be treated as case-insensitive; see balancer: use case-sensitive balancer registries grpc/grpc-go#5288 for details. (balancer: introduce env flag for case-sensitive registry grpc/grpc-go#8837)
xds: update resource error handling and re-resolution logic (xds: change cdsbalancer to use update from dependency manager grpc/grpc-go#8907)
- Re-resolve all LOGICAL_DNS clusters simultaneously when re-resolution is requested.
- Fail all in-flight RPCs immediately upon receipt of listener or route resource errors, instead of allowing them to complete.

Bug Fixes

xds: support the LB policy configured in LOGICAL_DNS cluster resources instead of defaulting to pick_first. (xds/clusterresolver: implement gRFC A61 changes for LOGICAL_DNS clusters grpc/grpc-go#8733)
credentials/tls: perform per-RPC authority validation against the leaf certificate instead of the entire peer certificate chain. (credentials/tls: verify overwritten authority against only leaf certificate grpc/grpc-go#8831)
xds: enabling A76 ring hash endpoint keys no longer causes EDS resources with invalid proxy metadata to be NACKed when HTTP CONNECT (gRFC A86) is disabled. (xds: decouple A76 and A86 EDS metadata parsing grpc/grpc-go#8875)
xds: validate that the sum of endpoint weights in a locality does not exceed the maximum uint32 value. (xds/xdsclient: add EDS sum of endpoint weights does not exceed MaxUint32 grpc/grpc-go#8899)
- Special Thanks: @RAVEYUS
xds: fix incorrect proto field access in the weighted round robin (WRR) configuration where blackout_period was used instead of weight_expiration_period. (xds: fix copy-paste bug in WeightExpirationPeriod config grpc/grpc-go#8915)
- Special Thanks: @gregbarasch
xds/rbac: handle addresses with ports in IP matchers. (xds/rbac: add additional handling for addresses with ports grpc/grpc-go#8990)

New Features

ringhash: enable gRFC A76 (endpoint hash keys and request hash headers) by default. (ringhash: enable behaviors of A76 by default grpc/grpc-go#8922)

Performance Improvements

credentials/alts: pool write buffers to reduce memory allocations and usage. (credentials/alts: Pool write buffers grpc/grpc-go#8919)
grpc: enable the use of pooled write buffers for buffering HTTP/2 frame writes by default. This reduces memory usage when connections are idle. Use the WithSharedWriteBuffer dial option or the SharedWriteBuffer server

(truncated)

v1.79.3

Security

server: fix an authorization bypass where malformed :path headers (missing the leading slash) could bypass path-based restricted "deny" rules in interceptors like grpc/authz. Any request with a non-canonical path is now immediately rejected with an Unimplemented error. (grpc: enforce strict path checking for incoming requests on the server grpc/grpc-go#8981)

v1.79.2

Bug Fixes

stats: Prevent redundant error logging in health/ORCA producers by skipping stats/tracing processing when no stats handler is configured. (client: process RPC stats/tracing only when a handler is configured grpc/grpc-go#8874)

v1.79.1

Bug Fixes

grpc: Remove the -dev suffix from the User-Agent header. (Change version to 1.79.1 grpc/grpc-go#8902)

v1.79.0

API Changes

mem: Add experimental API SetDefaultBufferPool to change the default buffer pool. (mem: Allow overriding the default buffer pool. grpc/grpc-go#8806)
- Special Thanks: @vanja-p
experimental/stats: Update MetricsRecorder to require embedding the new UnimplementedMetricsRecorder (a no-op struct) in all implementations for forward compatibility. (stats/otel: a79 scaffolding to register an async gauge metric and api to record it- part 3 grpc/grpc-go#8780)

Behavior Changes

balancer/weightedtarget: Remove handling of Addresses and only handle Endpoints in resolver updates. (xds: remove references to ResolverState.Addresses grpc/grpc-go#8841)

New Features

experimental/stats: Add support for asynchronous gauge metrics through the new AsyncMetricReporter and RegisterAsyncReporter APIs. (stats/otel: a79 scaffolding to register an async gauge metric and api to record it- part 3 grpc/grpc-go#8780)
pickfirst: Add support for weighted random shuffling of endpoints, as described in gRFC A113.
- This is enabled by default, and can be turned off using the environment variable GRPC_EXPERIMENTAL_PF_WEIGHTED_SHUFFLING. (*: Implementation of weighted random shuffling (A113) grpc/grpc-go#8864)
xds: Implement :authority rewriting, as specified in gRFC A81. (xds: implement :authority header rewriting in xds_cluster_impl LB policy (gRFC A81) grpc/grpc-go#8779)
balancer/randomsubsetting: Implement the random_subsetting LB policy, as specified in gRFC A68. (balancer/randomsubsetting: Implementation of the random_subsetting LB policy grpc/grpc-go#8650)
- Special Thanks: @marek-szews

Bug Fixes

credentials/tls: Fix a bug where the port was not stripped from the authority override before validation. (credentials/tls: Strip port before validating authority override grpc/grpc-go#8726)
- Special Thanks: @Atul1710

(truncated — see source for full notes)

go.opentelemetry.io/otel/sdk (v1.20.0 → v1.43.0) — GitHub Release

v1.43.0

Added

Add IsRandom and WithRandom on TraceFlags, and IsRandom on SpanContext in go.opentelemetry.io/otel/trace
for W3C Trace Context Level 2 Random Trace ID Flag support. (trace: add Random Trace ID Flag open-telemetry/opentelemetry-go#8012)
Add service detection with WithService in go.opentelemetry.io/otel/sdk/resource. (resource: add WithService detector option open-telemetry/opentelemetry-go#7642)
Add DefaultWithContext and EnvironmentWithContext in go.opentelemetry.io/otel/sdk/resource to support plumbing context.Context through default and environment detectors. (sdk/resource: add WithContext variants for Default and Environment (#7808) open-telemetry/opentelemetry-go#8051)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Add support for per-series start time tracking for cumulative metrics in go.opentelemetry.io/otel/sdk/metric.
Set OTEL_GO_X_PER_SERIES_START_TIMESTAMPS=true to enable. (Add support for the development per-series starttime feature open-telemetry/opentelemetry-go#8060)
Add WithCardinalityLimitSelector for metric reader for configuring cardinality limits specific to the instrument kind. (sdk/metric: Support specifying cardinality limits per instrument kinds open-telemetry/opentelemetry-go#7855)

Changed

Introduce the EMPTY Type in go.opentelemetry.io/otel/attribute to reflect that an empty value is now a valid value, with INVALID remaining as a deprecated

(truncated)

v1.42.0

Added

Add go.opentelemetry.io/otel/semconv/v1.40.0 package.
The package contains semantic conventions from the v1.40.0 version of the OpenTelemetry Semantic Conventions.
See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.39.0. (Revert "Revert "Generate semconv/v1.40.0"" open-telemetry/opentelemetry-go#7985)
Add Err and SetErr on Record in go.opentelemetry.io/otel/log to attach an error and set record exception attributes in go.opentelemetry.io/otel/log/sdk. (log: add error field to Record and make SDK to emit exception attributes open-telemetry/opentelemetry-go#7924)

Changed

TracerProvider.ForceFlush in go.opentelemetry.io/otel/sdk/trace joins errors together and continues iteration through SpanProcessors as opposed to returning the first encountered error without attempting exports on subsequent SpanProcessors. (TracerProvider ForceFlush() Error Fix open-telemetry/opentelemetry-go#7856)

Fixed

Fix missing request.GetBody in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp to correctly handle HTTP2 GOAWAY frame. (support stdlib request.GetBody on metrics open-telemetry/opentelemetry-go#7931)
Fix semconv v1.39.0 generated metric helpers skipping required attributes when extra attributes were empty. (fix: generated semconv helpers skipping attributes open-telemetry/opentelemetry-go#7964)
Preserve W3C TraceFlags bitmask (including the random Trace ID flag) during trace context extraction and injection in go.opentelemetry.io/otel/propagation. (Feat: Have SpanContext support the new W3C random flag. open-telemetry/opentelemetry-go#7834)

Removed

Drop support for [Go 1.24]. (Drop support for Go 1.24 open-telemetry/opentelemetry-go#7984)

What's Changed

fix changelog protection marker by @pellared in fix changelog protection marker open-telemetry/opentelemetry-go#7986
Drop support for Go 1.24 by @MrAlias in Drop support for Go 1.24 open-telemetry/opentelemetry-go#7984
fix(deps): update golang.org/x by @renovate[bot] in fix(deps): update golang.org/x open-telemetry/opentelemetry-go#7907
chore(deps): update module go.opentelemetry.io/collector/featuregate to v1.53.0 by @renovate[bot] in chore(deps): update module go.opentelemetry.io/collector/featuregate to v1.53.0 open-telemetry/opentelemetry-go#7981

(truncated — see source for full notes)

google.golang.org/protobuf (v1.31.0 → v1.36.11) — GitHub Release

v1.36.11

Full Changelog: protocolbuffers/protobuf-go@v1.36.10...v1.36.11

User-visible changes:
CL/726780: encoding/prototext: Support URL chars in type URLs in text-format.

Bug fixes:
CL/728680: internal/impl: check recursion limit in lazy decoding validation
CL/711015: reflect/protodesc: fix handling of import options in dynamic builds

Maintenance:
CL/728681: reflect/protodesc: add support for edition unstable
CL/727960: all: add EDITION_UNSTABLE support
CL/727940: types: regenerate using latest protobuf v33.2 release
CL/727140: internal/testprotos/lazy: convert .proto files to editions
CL/723440: cmd/protoc-gen-go: add missing annotations for few generated protobuf symbols.
CL/720980: internal/filedesc: remove duplicative Message.unmarshalOptions
CL/716360: internal/encoding/tag: use proto3 defaults if proto3
CL/716520: proto: un-flake TestHasExtensionNoAlloc
CL/713342: compiler/protogen: properly filter option dependencies in go-protobuf plugin.
CL/711200: proto: add test for oneofs containing messages with required fields
CL/710855: proto: add explicit test for a non-nil but empty byte slice

v1.36.10

Full Changelog: protocolbuffers/protobuf-go@v1.36.9...v1.36.10

Bug fixes:
CL/704415: reflect/protodesc: edition-2024-specific properties should not be lost when converting FileDescriptorProto to protoreflect.FileDescriptor

Maintenance:
CL/708555: internal/race_test: add missing impl.LazyEnabled() t.Skip
CL/703295: proto: add more invalid group encoding test cases
CL/703276: internal/impl: verify lazy unmarshal on Deterministic encoding
CL/703275: internal/impl: stop using deprecated .Field in lazy_test.go
CL/702795: all: update to latest github.com/google/go-cmp

v1.36.9

Full Changelog: protocolbuffers/protobuf-go@v1.36.8...v1.36.9

User-visible changes:
CL/699715: cmd/protoc-gen-go: add test for "import option" directive
CL/699115: internal/editionssupport: declare support for edition 2024
CL/697595: editions: Fix spelling mistake in panic message

v1.36.8

Maintenance:

CL/696316: all: set Go language version to Go 1.23
CL/696315: types: regenerate using latest protobuf v32 release

v1.36.7

Maintenance / optimizations:

CL/683955: encoding/protowire: micro-optimize SizeVarint (-20% on Intel)
CL/674055: internal/impl: remove unnecessary atomic access for non-lazy lists
CL/674015: impl: remove unnecessary nil check from presence.Present
CL/673495: types/descriptorpb: regenerate using latest protobuf v31 release
CL/670516: cmd/protoc-gen-go: centralize presence and lazy logic into filedesc
CL/670515: internal: move usePresenceForField to internal/filedesc
CL/670275: internal/impl: clean up usePresenceForField() (no-op)

v1.36.6

Full Changelog: protocolbuffers/protobuf-go@v1.36.5...v1.36.6

User-visible changes:
CL/657895: internal_gengo: generate a const string literal for the raw descriptor

(truncated — see source for full notes)

go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc (v0.43.0 → v1.43.0) — GitHub Release

v1.43.0

Added

Add IsRandom and WithRandom on TraceFlags, and IsRandom on SpanContext in go.opentelemetry.io/otel/trace
for W3C Trace Context Level 2 Random Trace ID Flag support. (trace: add Random Trace ID Flag open-telemetry/opentelemetry-go#8012)
Add service detection with WithService in go.opentelemetry.io/otel/sdk/resource. (resource: add WithService detector option open-telemetry/opentelemetry-go#7642)
Add DefaultWithContext and EnvironmentWithContext in go.opentelemetry.io/otel/sdk/resource to support plumbing context.Context through default and environment detectors. (sdk/resource: add WithContext variants for Default and Environment (#7808) open-telemetry/opentelemetry-go#8051)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Add support for per-series start time tracking for cumulative metrics in go.opentelemetry.io/otel/sdk/metric.
Set OTEL_GO_X_PER_SERIES_START_TIMESTAMPS=true to enable. (Add support for the development per-series starttime feature open-telemetry/opentelemetry-go#8060)
Add WithCardinalityLimitSelector for metric reader for configuring cardinality limits specific to the instrument kind. (sdk/metric: Support specifying cardinality limits per instrument kinds open-telemetry/opentelemetry-go#7855)

Changed

Introduce the EMPTY Type in go.opentelemetry.io/otel/attribute to reflect that an empty value is now a valid value, with INVALID remaining as a deprecated

(truncated)

v1.42.0

Added

Add go.opentelemetry.io/otel/semconv/v1.40.0 package.
The package contains semantic conventions from the v1.40.0 version of the OpenTelemetry Semantic Conventions.
See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.39.0. (Revert "Revert "Generate semconv/v1.40.0"" open-telemetry/opentelemetry-go#7985)
Add Err and SetErr on Record in go.opentelemetry.io/otel/log to attach an error and set record exception attributes in go.opentelemetry.io/otel/log/sdk. (log: add error field to Record and make SDK to emit exception attributes open-telemetry/opentelemetry-go#7924)

Changed

TracerProvider.ForceFlush in go.opentelemetry.io/otel/sdk/trace joins errors together and continues iteration through SpanProcessors as opposed to returning the first encountered error without attempting exports on subsequent SpanProcessors. (TracerProvider ForceFlush() Error Fix open-telemetry/opentelemetry-go#7856)

Fixed

Fix missing request.GetBody in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp to correctly handle HTTP2 GOAWAY frame. (support stdlib request.GetBody on metrics open-telemetry/opentelemetry-go#7931)
Fix semconv v1.39.0 generated metric helpers skipping required attributes when extra attributes were empty. (fix: generated semconv helpers skipping attributes open-telemetry/opentelemetry-go#7964)
Preserve W3C TraceFlags bitmask (including the random Trace ID flag) during trace context extraction and injection in go.opentelemetry.io/otel/propagation. (Feat: Have SpanContext support the new W3C random flag. open-telemetry/opentelemetry-go#7834)

Removed

Drop support for [Go 1.24]. (Drop support for Go 1.24 open-telemetry/opentelemetry-go#7984)

What's Changed

fix changelog protection marker by @pellared in fix changelog protection marker open-telemetry/opentelemetry-go#7986
Drop support for Go 1.24 by @MrAlias in Drop support for Go 1.24 open-telemetry/opentelemetry-go#7984
fix(deps): update golang.org/x by @renovate[bot] in fix(deps): update golang.org/x open-telemetry/opentelemetry-go#7907
chore(deps): update module go.opentelemetry.io/collector/featuregate to v1.53.0 by @renovate[bot] in chore(deps): update module go.opentelemetry.io/collector/featuregate to v1.53.0 open-telemetry/opentelemetry-go#7981

(truncated — see source for full notes)

github.com/grpc-ecosystem/grpc-gateway/v2 (v2.17.1 → v2.29.0) — GitHub Release

v2.29.0

What's Changed

fix: use proto.Merge to avoid copylocks with use_opaque_api=true by @emahiro in fix: use proto.Merge to avoid copylocks with use_opaque_api=true grpc-ecosystem/grpc-gateway#6383
fix: allow proto3 optional fields in path parameters by @susanachl in fix: allow proto3 optional fields in path parameters grpc-ecosystem/grpc-gateway#6416
Add option to disable HTTP method override by @achew22 in Add option to disable HTTP method override grpc-ecosystem/grpc-gateway#6447
Add Go documentation badge to README by @achew22 in Add Go documentation badge to README grpc-ecosystem/grpc-gateway#6448
fix: add missing return statements in error handler paths by @jet-go in fix: add missing return statements in error handler paths grpc-ecosystem/grpc-gateway#6561
Deprecate fields and methods if file is deprecated by @aidandj in Deprecate fields and methods if file is deprecated grpc-ecosystem/grpc-gateway#6613
Add edition 2024 support by @printfn in Add edition 2024 support grpc-ecosystem/grpc-gateway#6622

New Contributors

@emahiro made their first contribution in fix: use proto.Merge to avoid copylocks with use_opaque_api=true grpc-ecosystem/grpc-gateway#6383
@susanachl made their first contribution in fix: allow proto3 optional fields in path parameters grpc-ecosystem/grpc-gateway#6416
@jet-go made their first contribution in fix: add missing return statements in error handler paths grpc-ecosystem/grpc-gateway#6561
@aidandj made their first contribution in Deprecate fields and methods if file is deprecated grpc-ecosystem/grpc-gateway#6613
@printfn made their first contribution in Add edition 2024 support grpc-ecosystem/grpc-gateway#6622

Full Changelog: grpc-ecosystem/grpc-gateway@v2.28.0...v2.29.0

v2.28.0

What's Changed

feat: add option to disable chunked headers by @irenarindos in feat: add option to disable chunked headers grpc-ecosystem/grpc-gateway#6354
fix(protoc-gen-openapiv2): fix panic on enum resolution in nested messages by @franchb in fix(protoc-gen-openapiv2): fix panic on enum resolution in nested messages grpc-ecosystem/grpc-gateway#6367

New Contributors

@irenarindos made their first contribution in feat: add option to disable chunked headers grpc-ecosystem/grpc-gateway#6354

Full Changelog: grpc-ecosystem/grpc-gateway@v2.27.8...v2.28.0

v2.27.8

What's Changed

Fix opaque missing imports casing by @kellen-miller in Fix opaque missing imports casing grpc-ecosystem/grpc-gateway#6304
Revert "fix(protoc-gen-openapiv2): prevent panic when generating OpenAPI for multiple files" by @johanbrandhorst in Revert "fix(protoc-gen-openapiv2): prevent panic when generating OpenAPI for multiple files" grpc-ecosystem/grpc-gateway#6309
fix(protoc-gen-openapiv2): fix naming cache for multi-file generation by @franchb in fix(protoc-gen-openapiv2): fix naming cache for multi-file generation grpc-ecosystem/grpc-gateway#6315
fix(openapiv2): exclude oneof fields from required with proto3 field semantics by @sessa in fix(openapiv2): exclude oneof fields from required with proto3 field semantics grpc-ecosystem/grpc-gateway#6335

New Contributors

@sessa made their first contribution in fix(openapiv2): exclude oneof fields from required with proto3 field semantics grpc-ecosystem/grpc-gateway#6335

Full Changelog: grpc-ecosystem/grpc-gateway@v2.27.7...v2.27.8

v2.27.7

Re-release of v2.26.7 as v2.27.7 for correct semver ordering.

v2.26.7

What's Changed

Revert "feat(generator): harden opaque imports and fix snake case to go casing" by @johanbrandhorst in Revert "feat(generator): harden opaque imports and fix snake case to go casing" grpc-ecosystem/grpc-gateway#6299

Full Changelog: grpc-ecosystem/grpc-gateway@v2.27.6...v2.26.7

v2.27.6

What's Changed

feat(generator): harden opaque imports and fix snake case to go casing by @kellen-miller in feat(generator): harden opaque imports and fix snake case to go casing grpc-ecosystem/grpc-gateway#6279
fix(protoc-gen-openapiv2): prevent panic when generating OpenAPI for multiple files by @franchb in fix(protoc-gen-openapiv2): prevent panic when generating OpenAPI for multiple files grpc-ecosystem/grpc-gateway#6275

New Contributors

@franchb made their first contribution in fix(protoc-gen-openapiv2): prevent panic when generating OpenAPI for multiple files grpc-ecosystem/grpc-gateway#6275

Full Changelog: grpc-ecosystem/grpc-gateway@v2.27.5...v2.27.6

v2.27.5

What's Changed

Issue5799 by @rohitlohar45 in Issue5799 grpc-ecosystem/grpc-gateway#6123
fix: Add example repo in Java to README by @majiayu000 in fix: Add example repo in Java to README grpc-ecosystem/grpc-gateway#6199
fix: Use summary/description instead of title for field comments in openapi gen by @iamrajiv in fix: Use summary/description instead of title for field comments in openapi gen grpc-ecosystem/grpc-gateway#6223
fix(gengateway): use pointer for bodyData in OpaqueAPI PATCH requests by @kop in fix(gengateway): use pointer for bodyData in OpaqueAPI PATCH requests grpc-ecosystem/grpc-gateway#6246
fix(gengateway): use opaque chain for setting path params by @kellen-miller in fix(gengateway): use opaque chain for setting path params grpc-ecosystem/grpc-gateway#6215

New Contributors

@majiayu000 made their first contribution in fix: Add example repo in Java to README grpc-ecosystem/grpc-gateway#6199
@kellen-miller made their first contribution in fix(gengateway): use opaque chain for setting path params grpc-ecosystem/grpc-gateway#6215

Full Changelog: grpc-ecosystem/grpc-gateway@v2.27.4...v2.27.5

v2.27.4

What's Changed

(truncated — see source for full notes)

go.opentelemetry.io/otel (v1.20.0 → v1.43.0) — GitHub Release

v1.43.0

Added

Add IsRandom and WithRandom on TraceFlags, and IsRandom on SpanContext in go.opentelemetry.io/otel/trace
for W3C Trace Context Level 2 Random Trace ID Flag support. (trace: add Random Trace ID Flag open-telemetry/opentelemetry-go#8012)
Add service detection with WithService in go.opentelemetry.io/otel/sdk/resource. (resource: add WithService detector option open-telemetry/opentelemetry-go#7642)
Add DefaultWithContext and EnvironmentWithContext in go.opentelemetry.io/otel/sdk/resource to support plumbing context.Context through default and environment detectors. (sdk/resource: add WithContext variants for Default and Environment (#7808) open-telemetry/opentelemetry-go#8051)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Add support for per-series start time tracking for cumulative metrics in go.opentelemetry.io/otel/sdk/metric.
Set OTEL_GO_X_PER_SERIES_START_TIMESTAMPS=true to enable. (Add support for the development per-series starttime feature open-telemetry/opentelemetry-go#8060)
Add WithCardinalityLimitSelector for metric reader for configuring cardinality limits specific to the instrument kind. (sdk/metric: Support specifying cardinality limits per instrument kinds open-telemetry/opentelemetry-go#7855)

Changed

Introduce the EMPTY Type in go.opentelemetry.io/otel/attribute to reflect that an empty value is now a valid value, with INVALID remaining as a deprecated

(truncated)

v1.42.0

Added

Add go.opentelemetry.io/otel/semconv/v1.40.0 package.
The package contains semantic conventions from the v1.40.0 version of the OpenTelemetry Semantic Conventions.
See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.39.0. (Revert "Revert "Generate semconv/v1.40.0"" open-telemetry/opentelemetry-go#7985)
Add Err and SetErr on Record in go.opentelemetry.io/otel/log to attach an error and set record exception attributes in go.opentelemetry.io/otel/log/sdk. (log: add error field to Record and make SDK to emit exception attributes open-telemetry/opentelemetry-go#7924)

Changed

TracerProvider.ForceFlush in go.opentelemetry.io/otel/sdk/trace joins errors together and continues iteration through SpanProcessors as opposed to returning the first encountered error without attempting exports on subsequent SpanProcessors. (TracerProvider ForceFlush() Error Fix open-telemetry/opentelemetry-go#7856)

Fixed

Fix missing request.GetBody in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp to correctly handle HTTP2 GOAWAY frame. (support stdlib request.GetBody on metrics open-telemetry/opentelemetry-go#7931)
Fix semconv v1.39.0 generated metric helpers skipping required attributes when extra attributes were empty. (fix: generated semconv helpers skipping attributes open-telemetry/opentelemetry-go#7964)
Preserve W3C TraceFlags bitmask (including the random Trace ID flag) during trace context extraction and injection in go.opentelemetry.io/otel/propagation. (Feat: Have SpanContext support the new W3C random flag. open-telemetry/opentelemetry-go#7834)

Removed

Drop support for [Go 1.24]. (Drop support for Go 1.24 open-telemetry/opentelemetry-go#7984)

What's Changed

fix changelog protection marker by @pellared in fix changelog protection marker open-telemetry/opentelemetry-go#7986
Drop support for Go 1.24 by @MrAlias in Drop support for Go 1.24 open-telemetry/opentelemetry-go#7984
fix(deps): update golang.org/x by @renovate[bot] in fix(deps): update golang.org/x open-telemetry/opentelemetry-go#7907
chore(deps): update module go.opentelemetry.io/collector/featuregate to v1.53.0 by @renovate[bot] in chore(deps): update module go.opentelemetry.io/collector/featuregate to v1.53.0 open-telemetry/opentelemetry-go#7981

(truncated — see source for full notes)

go.opentelemetry.io/otel/metric (v1.20.0 → v1.43.0) — GitHub Release

v1.43.0

Added

Add IsRandom and WithRandom on TraceFlags, and IsRandom on SpanContext in go.opentelemetry.io/otel/trace
for W3C Trace Context Level 2 Random Trace ID Flag support. (trace: add Random Trace ID Flag open-telemetry/opentelemetry-go#8012)
Add service detection with WithService in go.opentelemetry.io/otel/sdk/resource. (resource: add WithService detector option open-telemetry/opentelemetry-go#7642)
Add DefaultWithContext and EnvironmentWithContext in go.opentelemetry.io/otel/sdk/resource to support plumbing context.Context through default and environment detectors. (sdk/resource: add WithContext variants for Default and Environment (#7808) open-telemetry/opentelemetry-go#8051)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Add support for per-series start time tracking for cumulative metrics in go.opentelemetry.io/otel/sdk/metric.
Set OTEL_GO_X_PER_SERIES_START_TIMESTAMPS=true to enable. (Add support for the development per-series starttime feature open-telemetry/opentelemetry-go#8060)
Add WithCardinalityLimitSelector for metric reader for configuring cardinality limits specific to the instrument kind. (sdk/metric: Support specifying cardinality limits per instrument kinds open-telemetry/opentelemetry-go#7855)

Changed

Introduce the EMPTY Type in go.opentelemetry.io/otel/attribute to reflect that an empty value is now a valid value, with INVALID remaining as a deprecated

(truncated)

v1.42.0

Added

Add go.opentelemetry.io/otel/semconv/v1.40.0 package.
The package contains semantic conventions from the v1.40.0 version of the OpenTelemetry Semantic Conventions.
See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.39.0. (Revert "Revert "Generate semconv/v1.40.0"" open-telemetry/opentelemetry-go#7985)
Add Err and SetErr on Record in go.opentelemetry.io/otel/log to attach an error and set record exception attributes in go.opentelemetry.io/otel/log/sdk. (log: add error field to Record and make SDK to emit exception attributes open-telemetry/opentelemetry-go#7924)

Changed

TracerProvider.ForceFlush in go.opentelemetry.io/otel/sdk/trace joins errors together and continues iteration through SpanProcessors as opposed to returning the first encountered error without attempting exports on subsequent SpanProcessors. (TracerProvider ForceFlush() Error Fix open-telemetry/opentelemetry-go#7856)

Fixed

Fix missing request.GetBody in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp to correctly handle HTTP2 GOAWAY frame. (support stdlib request.GetBody on metrics open-telemetry/opentelemetry-go#7931)
Fix semconv v1.39.0 generated metric helpers skipping required attributes when extra attributes were empty. (fix: generated semconv helpers skipping attributes open-telemetry/opentelemetry-go#7964)
Preserve W3C TraceFlags bitmask (including the random Trace ID flag) during trace context extraction and injection in go.opentelemetry.io/otel/propagation. (Feat: Have SpanContext support the new W3C random flag. open-telemetry/opentelemetry-go#7834)

Removed

Drop support for [Go 1.24]. (Drop support for Go 1.24 open-telemetry/opentelemetry-go#7984)

What's Changed

fix changelog protection marker by @pellared in fix changelog protection marker open-telemetry/opentelemetry-go#7986
Drop support for Go 1.24 by @MrAlias in Drop support for Go 1.24 open-telemetry/opentelemetry-go#7984
fix(deps): update golang.org/x by @renovate[bot] in fix(deps): update golang.org/x open-telemetry/opentelemetry-go#7907
chore(deps): update module go.opentelemetry.io/collector/featuregate to v1.53.0 by @renovate[bot] in chore(deps): update module go.opentelemetry.io/collector/featuregate to v1.53.0 open-telemetry/opentelemetry-go#7981

(truncated — see source for full notes)

go.opentelemetry.io/otel/sdk/metric (v1.20.0 → v1.43.0) — GitHub Release

v1.43.0

Added

Add IsRandom and WithRandom on TraceFlags, and IsRandom on SpanContext in go.opentelemetry.io/otel/trace
for W3C Trace Context Level 2 Random Trace ID Flag support. (trace: add Random Trace ID Flag open-telemetry/opentelemetry-go#8012)
Add service detection with WithService in go.opentelemetry.io/otel/sdk/resource. (resource: add WithService detector option open-telemetry/opentelemetry-go#7642)
Add DefaultWithContext and EnvironmentWithContext in go.opentelemetry.io/otel/sdk/resource to support plumbing context.Context through default and environment detectors. (sdk/resource: add WithContext variants for Default and Environment (#7808) open-telemetry/opentelemetry-go#8051)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Add support for per-series start time tracking for cumulative metrics in go.opentelemetry.io/otel/sdk/metric.
Set OTEL_GO_X_PER_SERIES_START_TIMESTAMPS=true to enable. (Add support for the development per-series starttime feature open-telemetry/opentelemetry-go#8060)
Add WithCardinalityLimitSelector for metric reader for configuring cardinality limits specific to the instrument kind. (sdk/metric: Support specifying cardinality limits per instrument kinds open-telemetry/opentelemetry-go#7855)

Changed

Introduce the EMPTY Type in go.opentelemetry.io/otel/attribute to reflect that an empty value is now a valid value, with INVALID remaining as a deprecated

(truncated)

v1.42.0

Added

Add go.opentelemetry.io/otel/semconv/v1.40.0 package.
The package contains semantic conventions from the v1.40.0 version of the OpenTelemetry Semantic Conventions.
See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.39.0. (Revert "Revert "Generate semconv/v1.40.0"" open-telemetry/opentelemetry-go#7985)
Add Err and SetErr on Record in go.opentelemetry.io/otel/log to attach an error and set record exception attributes in go.opentelemetry.io/otel/log/sdk. (log: add error field to Record and make SDK to emit exception attributes open-telemetry/opentelemetry-go#7924)

Changed

TracerProvider.ForceFlush in go.opentelemetry.io/otel/sdk/trace joins errors together and continues iteration through SpanProcessors as opposed to returning the first encountered error without attempting exports on subsequent SpanProcessors. (TracerProvider ForceFlush() Error Fix open-telemetry/opentelemetry-go#7856)

Fixed

Fix missing request.GetBody in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp to correctly handle HTTP2 GOAWAY frame. (support stdlib request.GetBody on metrics open-telemetry/opentelemetry-go#7931)
Fix semconv v1.39.0 generated metric helpers skipping required attributes when extra attributes were empty. (fix: generated semconv helpers skipping attributes open-telemetry/opentelemetry-go#7964)
Preserve W3C TraceFlags bitmask (including the random Trace ID flag) during trace context extraction and injection in go.opentelemetry.io/otel/propagation. (Feat: Have SpanContext support the new W3C random flag. open-telemetry/opentelemetry-go#7834)

Removed

Drop support for [Go 1.24]. (Drop support for Go 1.24 open-telemetry/opentelemetry-go#7984)

What's Changed

fix changelog protection marker by @pellared in fix changelog protection marker open-telemetry/opentelemetry-go#7986
Drop support for Go 1.24 by @MrAlias in Drop support for Go 1.24 open-telemetry/opentelemetry-go#7984
fix(deps): update golang.org/x by @renovate[bot] in fix(deps): update golang.org/x open-telemetry/opentelemetry-go#7907
chore(deps): update module go.opentelemetry.io/collector/featuregate to v1.53.0 by @renovate[bot] in chore(deps): update module go.opentelemetry.io/collector/featuregate to v1.53.0 open-telemetry/opentelemetry-go#7981

(truncated — see source for full notes)

go.opentelemetry.io/otel/trace (v1.20.0 → v1.43.0) — GitHub Release

v1.43.0

Added

Add IsRandom and WithRandom on TraceFlags, and IsRandom on SpanContext in go.opentelemetry.io/otel/trace
for W3C Trace Context Level 2 Random Trace ID Flag support. (trace: add Random Trace ID Flag open-telemetry/opentelemetry-go#8012)
Add service detection with WithService in go.opentelemetry.io/otel/sdk/resource. (resource: add WithService detector option open-telemetry/opentelemetry-go#7642)
Add DefaultWithContext and EnvironmentWithContext in go.opentelemetry.io/otel/sdk/resource to support plumbing context.Context through default and environment detectors. (sdk/resource: add WithContext variants for Default and Environment (#7808) open-telemetry/opentelemetry-go#8051)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest. (attribute: change INVALID Type to EMPTY and mark INVALID as deprecated open-telemetry/opentelemetry-go#8038)
Add support for per-series start time tracking for cumulative metrics in go.opentelemetry.io/otel/sdk/metric.
Set OTEL_GO_X_PER_SERIES_START_TIMESTAMPS=true to enable. (Add support for the development per-series starttime feature open-telemetry/opentelemetry-go#8060)
Add WithCardinalityLimitSelector for metric reader for configuring cardinality limits specific to the instrument kind. (sdk/metric: Support specifying cardinality limits per instrument kinds open-telemetry/opentelemetry-go#7855)

Changed

Introduce the EMPTY Type in go.opentelemetry.io/otel/attribute to reflect that an empty value is now a valid value, with INVALID remaining as a deprecated

(truncated)

v1.42.0

Added

Add go.opentelemetry.io/otel/semconv/v1.40.0 package.
The package contains semantic conventions from the v1.40.0 version of the OpenTelemetry Semantic Conventions.
See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.39.0. (Revert "Revert "Generate semconv/v1.40.0"" open-telemetry/opentelemetry-go#7985)
Add Err and SetErr on Record in go.opentelemetry.io/otel/log to attach an error and set record exception attributes in go.opentelemetry.io/otel/log/sdk. (log: add error field to Record and make SDK to emit exception attributes open-telemetry/opentelemetry-go#7924)

Changed

TracerProvider.ForceFlush in go.opentelemetry.io/otel/sdk/trace joins errors together and continues iteration through SpanProcessors as opposed to returning the first encountered error without attempting exports on subsequent SpanProcessors. (TracerProvider ForceFlush() Error Fix open-telemetry/opentelemetry-go#7856)

Fixed

Fix missing request.GetBody in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp to correctly handle HTTP2 GOAWAY frame. (support stdlib request.GetBody on metrics open-telemetry/opentelemetry-go#7931)
Fix semconv v1.39.0 generated metric helpers skipping required attributes when extra attributes were empty. (fix: generated semconv helpers skipping attributes open-telemetry/opentelemetry-go#7964)
Preserve W3C TraceFlags bitmask (including the random Trace ID flag) during trace context extraction and injection in go.opentelemetry.io/otel/propagation. (Feat: Have SpanContext support the new W3C random flag. open-telemetry/opentelemetry-go#7834)

Removed

Drop support for [Go 1.24]. (Drop support for Go 1.24 open-telemetry/opentelemetry-go#7984)

What's Changed

fix changelog protection marker by @pellared in fix changelog protection marker open-telemetry/opentelemetry-go#7986
Drop support for Go 1.24 by @MrAlias in Drop support for Go 1.24 open-telemetry/opentelemetry-go#7984
fix(deps): update golang.org/x by @renovate[bot] in fix(deps): update golang.org/x open-telemetry/opentelemetry-go#7907
chore(deps): update module go.opentelemetry.io/collector/featuregate to v1.53.0 by @renovate[bot] in chore(deps): update module go.opentelemetry.io/collector/featuregate to v1.53.0 open-telemetry/opentelemetry-go#7981

(truncated — see source for full notes)

go.opentelemetry.io/proto/otlp (v1.0.0 → v1.10.0) — GitHub Release

v1.10.0

Release of the v1.10.0 version of the OTLP.

[!NOTE]
This is the last version that will support Go 1.24. Subsequent minor releases will require Go >= 1.25.

What's Changed

Drop support for Go 1.23 by @MrAlias in Drop support for Go 1.23 open-telemetry/opentelemetry-proto-go#467
chore(deps): update all golang.org/x packages by @renovate[bot] in chore(deps): update all golang.org/x packages open-telemetry/opentelemetry-proto-go#420
fix(deps): update module go.opentelemetry.io/proto/otlp to v1.9.0 by @renovate[bot] in fix(deps): update module go.opentelemetry.io/proto/otlp to v1.9.0 open-telemetry/opentelemetry-proto-go#468
fix(deps): update module go.opentelemetry.io/proto/slim/otlp to v1.9.0 by @renovate[bot] in fix(deps): update module go.opentelemetry.io/proto/slim/otlp to v1.9.0 open-telemetry/opentelemetry-proto-go#469
fix(deps): update module go.opentelemetry.io/build-tools/multimod to v0.29.0 by @renovate[bot] in fix(deps): update module go.opentelemetry.io/build-tools/multimod to v0.29.0 open-telemetry/opentelemetry-proto-go#475
fix(deps): update module google.golang.org/grpc to v1.76.0 by @renovate[bot] in fix(deps): update module google.golang.org/grpc to v1.76.0 open-telemetry/opentelemetry-proto-go#476
chore(deps): update googleapis to ab9386a by @renovate[bot] in chore(deps): update googleapis to ab9386a open-telemetry/opentelemetry-proto-go#472
chore(deps): update googleapis to f26f940 by @renovate[bot] in chore(deps): update googleapis to f26f940 open-telemetry/opentelemetry-proto-go#477
Update releasing process by @MrAlias in Update releasing process open-telemetry/opentelemetry-proto-go#471
Fix find command error by @MrAlias in Fix find command error open-telemetry/opentelemetry-proto-go#470
chore(deps): update all golang.org/x packages by @renovate[bot] in chore(deps): update all golang.org/x packages open-telemetry/opentelemetry-proto-go#478
chore(deps): update googleapis to 83f4791 by @renovate[bot] in chore(deps): update googleapis to 83f4791 open-telemetry/opentelemetry-proto-go#479
chore(deps): update all golang.org/x packages by @renovate[bot] in https://github.com/o

(truncated)

v1.9.0

Release of the v1.9.0 version of the OTLP.

[!NOTE]
This is the last version that will support Go 1.23. Subsequent minor releases will require Go >= 1.24.

What's Changed

fix(deps): update module go.opentelemetry.io/proto/slim/otlp to v1.8.0 by @renovate[bot] in fix(deps): update module go.opentelemetry.io/proto/slim/otlp to v1.8.0 open-telemetry/opentelemetry-proto-go#415
fix(deps): update module go.opentelemetry.io/proto/otlp to v1.8.0 by @renovate[bot] in fix(deps): update module go.opentelemetry.io/proto/otlp to v1.8.0 open-telemetry/opentelemetry-proto-go#414
chore(deps): update actions/setup-go action to v6 by @renovate[bot] in chore(deps): update actions/setup-go action to v6 open-telemetry/opentelemetry-proto-go#416
chore(deps): update github/codeql-action action to v3.30.1 by @renovate[bot] in chore(deps): update github/codeql-action action to v3.30.1 open-telemetry/opentelemetry-proto-go#417
chore(deps): update module github.com/pjbgf/sha1cd to v0.5.0 by @renovate[bot] in chore(deps): update module github.com/pjbgf/sha1cd to v0.5.0 open-telemetry/opentelemetry-proto-go#418
Add support for Go 1.25 by @dmathieu in Add support for Go 1.25 open-telemetry/opentelemetry-proto-go#421
chore(deps): update module github.com/sagikazarmark/locafero to v0.11.0 by @renovate[bot] in chore(deps): update module github.com/sagikazarmark/locafero to v0.11.0 open-telemetry/opentelemetry-proto-go#422
chore(deps): update module github.com/spf13/viper to v1.21.0 by @renovate[bot] in chore(deps): update module github.com/spf13/viper to v1.21.0 open-telemetry/opentelemetry-proto-go#426
chore(deps): update module github.com/spf13/cast to v1.10.0 by @renovate[bot] in chore(deps): update module github.com/spf13/cast to v1.10.0 open-telemetry/opentelemetry-proto-go#425
fix(deps): update module google.golang.org/protobuf to v1.36.9 by @renovate[bot] in fix(deps): update module google.golang.org/protobuf to v1.36.9 open-telemetry/opentelemetry-proto-go#428
chore(deps): update github/codeql-action action to v3.30.2 by @renovate[bot] in chore(deps): update github/codeql-action action to v3.30.2 open-telemetry/opentelemetry-proto-go#427
fix(deps): update module google.golang.org/grpc to v1.75.1 by @renovate[bot] in https:

(truncated)

v1.8.0

What's Changed

[!IMPORTANT]
See the OTLP changes for the actual protobuf changes.
https://github.com/open-telemetry/opentelemetry-proto/releases/tag/v1.8.0

Push both the stable and unstable modules in push-tags by @dmathieu in Push both the stable and unstable modules in push-tags open-telemetry/opentelemetry-proto-go#377
fix(deps): update module go.opentelemetry.io/proto/slim/otlp to v1.7.1 by @renovate[bot] in fix(deps): update module go.opentelemetry.io/proto/slim/otlp to v1.7.1 open-telemetry/opentelemetry-proto-go#379
fix(deps): update module go.opentelemetry.io/proto/otlp to v1.7.1 by @renovate[bot] in fix(deps): update module go.opentelemetry.io/proto/otlp to v1.7.1 open-telemetry/opentelemetry-proto-go#378
chore(deps): update googleapis to a7a43d2 by @renovate[bot] in chore(deps): update googleapis to a7a43d2 open-telemetry/opentelemetry-proto-go#380
fix(deps): update module google.golang.org/protobuf to v1.36.7 by @renovate[bot] in fix(deps): update module google.golang.org/protobuf to v1.36.7 open-telemetry/opentelemetry-proto-go#381

(truncated — see source for full notes)

Generated by ADMS Sources: 10 GitHub Releases, 2 not available.

seberm-6 · 2026-04-23T11:01:14Z

Hey, sorry for the noise. This was caused by a bug in our automated dependency update system that incorrectly included upstream changelog content in PR comments, triggering notifications to external contributors. The feature flag has been turned off and we're working on a fix. Sorry about that again.

Executing automated changes

e40a5e5

gh-worker-campaigns-3e9aa4 Bot added campaigner-automated-change adms-critical-severity adms-go adms-high-severity adms-major-update adms-medium-severity adms-mode-all-updates adms-dependency-update labels Apr 23, 2026

seberm-6 closed this Apr 23, 2026

Conversation

gh-worker-campaigns-3e9aa4 Bot commented Apr 23, 2026

Updates

Security Details

Review Checklist

Uh oh!

campaigner-prod Bot commented Apr 23, 2026

Release Notes

v1.80.0

Behavior Changes

Bug Fixes

New Features

Performance Improvements

v1.79.3

Security

v1.79.2

Bug Fixes

v1.79.1

Bug Fixes

v1.79.0

API Changes

Behavior Changes

New Features

Bug Fixes

v1.43.0

Added

Changed

v1.42.0

Added

Changed

Fixed

Removed

What's Changed

v1.36.11

v1.36.10

v1.36.9

v1.36.8

v1.36.7

v1.36.6

v1.43.0

Added

Changed

v1.42.0

Added

Changed

Fixed

Removed

What's Changed

v2.29.0

What's Changed

New Contributors

v2.28.0

What's Changed

New Contributors

v2.27.8

What's Changed

New Contributors

v2.27.7

v2.26.7

What's Changed

v2.27.6

What's Changed

New Contributors

v2.27.5

What's Changed

New Contributors

v2.27.4

What's Changed

v1.43.0

Added

Changed

v1.42.0

Added

Changed

Fixed

Removed

What's Changed

v1.43.0

Added

Changed