Skip to content

chore(deps): bump go.opentelemetry.io/otel from 1.40.0 to 1.42.0#51

Closed
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/go_modules/develop/go.opentelemetry.io/otel-1.42.0
Closed

chore(deps): bump go.opentelemetry.io/otel from 1.40.0 to 1.42.0#51
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/go_modules/develop/go.opentelemetry.io/otel-1.42.0

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 9, 2026

Bumps go.opentelemetry.io/otel from 1.40.0 to 1.42.0.

Changelog

Sourced from go.opentelemetry.io/otel's changelog.

[1.42.0/0.64.0/0.18.0/0.0.16] 2026-03-06

Added

  • Add go.opentelemetry.io/otel/semconv/v1.40.0 package. The package contains semantic conventions from the v1.40.0 version of the OpenTelemetry Semantic Conventions. See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.39.0. (#7985)
  • Add Err and SetErr on Record in go.opentelemetry.io/otel/log to attach an error and set record exception attributes in go.opentelemetry.io/otel/log/sdk. (#7924)

Changed

  • TracerProvider.ForceFlush in go.opentelemetry.io/otel/sdk/trace joins errors together and continues iteration through SpanProcessors as opposed to returning the first encountered error without attempting exports on subsequent SpanProcessors. (#7856)

Fixed

  • Fix missing request.GetBody in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp to correctly handle HTTP2 GOAWAY frame. (#7931)
  • Fix semconv v1.39.0 generated metric helpers skipping required attributes when extra attributes were empty. (#7964)
  • Preserve W3C TraceFlags bitmask (including the random Trace ID flag) during trace context extraction and injection in go.opentelemetry.io/otel/propagation. (#7834)

Removed

  • Drop support for [Go 1.24]. (#7984)

[1.41.0/0.63.0/0.17.0/0.0.15] 2026-03-02

This release is the last to support [Go 1.24]. The next release will require at least [Go 1.25].

Added

  • Support testing of [Go 1.26]. (#7902)

Fixed

  • Update Baggage in go.opentelemetry.io/otel/propagation and Parse and New in go.opentelemetry.io/otel/baggage to comply with W3C Baggage specification limits. New and Parse now return partial baggage along with an error when limits are exceeded. Errors from baggage extraction are reported to the global error handler. (#7880)
  • Return an error when the endpoint is configured as insecure and with TLS configuration in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp. (#7914)
  • Return an error when the endpoint is configured as insecure and with TLS configuration in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp. (#7914)
  • Return an error when the endpoint is configured as insecure and with TLS configuration in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp. (#7914)
Commits
  • a3941ff Release v1.42.0/v0.64.0/v0.18.0/v0.0.16 (#8006)
  • 6059c47 chore(deps): update golang.org/x/telemetry digest to e526e8a (#8010)
  • 44c7edf chore(deps): update module github.com/mgechev/revive to v1.15.0 (#8009)
  • de5fb3a fix(deps): update module google.golang.org/grpc to v1.79.2 (#8007)
  • 0b82ded chore(deps): update codspeedhq/action action to v4.11.1 (#8001)
  • aa3660f chore(deps): update github/codeql-action action to v4.32.6 (#8004)
  • 9be8c92 chore(deps): update dependency codespell to v2.4.2 (#8003)
  • c9d2015 log: add error field to Record and make SDK to emit exception attributes (#7924)
  • fdd1320 TracerProvider ForceFlush() Error Fix (#7856)
  • 78f9904 chore(deps): update golang.org/x/telemetry digest to 18da590 (#8000)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump go.opentelemetry.io/otel from 1.40.0 to 1.42.0
503a448 
Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) from 1.40.0 to 1.42.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.40.0...v1.42.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
  dependency-version: 1.42.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 9, 2026

Labels

The following labels could not be found: lang: go. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@lerian-studio
Copy link

lerian-studio commented Mar 9, 2026

Consider updating CHANGELOG.md to document this change. If this change doesn't need a changelog entry, add the skip-changelog label.

@coderabbitai
Copy link

coderabbitai bot commented Mar 9, 2026

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: e5aec76c-2cd7-497c-a3a6-1e62e7c358d4

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

  • 🔍 Trigger review

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@lerian-studio
Copy link

lerian-studio commented Mar 9, 2026

📊 Unit Test Coverage Report: tracer

Metric Value
Overall Coverage 83.8% ⚠️ BELOW THRESHOLD
Threshold 85%

Coverage by Package

Package Coverage
tracer/internal/adapters/cel 81.9%
tracer/internal/adapters/http/in/middleware 62.0%
tracer/internal/adapters/http/in 81.8%
tracer/internal/adapters/postgres/db 0.0%
tracer/internal/adapters/postgres 75.1%
tracer/internal/services/cache 95.6%
tracer/internal/services/command 81.6%
tracer/internal/services/query 78.3%
tracer/internal/services/workers 79.7%
tracer/internal/services 40.2%
tracer/pkg/clock 100.0%
tracer/pkg/contextutil 100.0%
tracer/pkg/logging 100.0%
tracer/pkg/migration 89.0%
tracer/pkg/model 97.5%
tracer/pkg/net/http 88.3%
tracer/pkg/resilience 97.8%
tracer/pkg/sanitize 87.1%
tracer/pkg/validation 50.0%
tracer/pkg 96.6%

Generated by Go PR Analysis workflow

@github-actions
Copy link

github-actions bot commented Mar 9, 2026

🔒 Security Scan Results — tracer

Filesystem Scan

✅ No vulnerabilities or secrets found.

Docker Image Scan

⚠️ Scan artifact not found.

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 11, 2026

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot bot deleted the dependabot/go_modules/develop/go.opentelemetry.io/otel-1.42.0 branch March 11, 2026 19:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

area: dependencies size/XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lerian-studio @fredcamaral