Skip to content

chore(deps): bump the security group across 1 directory with 8 updates #1971

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump the security group across 1 directory with 8 updates #1971

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 10, 2026

Bumps the security group with 6 updates in the / directory:

Package From To
github.com/shirou/gopsutil/v4 4.25.12 4.26.1
go.opentelemetry.io/otel 1.39.0 1.40.0
go.opentelemetry.io/otel/sdk 1.39.0 1.40.0
go.podman.io/image/v5 5.38.0 5.39.1
golang.org/x/mod 0.32.0 0.33.0
golang.org/x/net 0.49.0 0.50.0

Updates github.com/shirou/gopsutil/v4 from 4.25.12 to 4.26.1

Release notes

Sourced from github.com/shirou/gopsutil/v4's releases.

v4.26.1

What's Changed

disk

host

mem

process

sensor

New Contributors

Full Changelog: shirou/gopsutil@v4.25.12...v4.26.1

Commits
  • b2abf60 Merge pull request #1997 from Aoang/fix/kelvin-to-celsius
  • 20de7d5 Merge pull request #1994 from shirou/fix/get_terminal_map_bug
  • 01bdbba fix(sensors): kelvin to Celsius
  • e699d49 Merge pull request #1996 from shirou/dependabot/github_actions/actions/checko...
  • 01bd7b4 Merge pull request #1987 from shirou/dependabot/go_modules/golang.org/x/sys-0...
  • 7f96671 Merge pull request #1979 from Dylan-M/dylanmyers/aix_foundation
  • 2f99176 [process][posix]: fix getTerminalMap path construction bug
  • 8db834f Merge pull request #1995 from pgimalac/pgimalac/fix-empty-read-proc-pid-stat-...
  • 23555bf chore(deps): bump actions/checkout from 5.0.0 to 6.0.2
  • 62a181c fix: return an error on reading empty proc pid stat file
  • Additional commits viewable in compare view

Updates go.opentelemetry.io/otel from 1.39.0 to 1.40.0

Changelog

Sourced from go.opentelemetry.io/otel's changelog.

[1.40.0/0.62.0/0.16.0] 2026-02-02

Added

  • Add AlwaysRecord sampler in go.opentelemetry.io/otel/sdk/trace. (#7724)
  • Add Enabled method to all synchronous instrument interfaces (Float64Counter, Float64UpDownCounter, Float64Histogram, Float64Gauge, Int64Counter, Int64UpDownCounter, Int64Histogram, Int64Gauge,) in go.opentelemetry.io/otel/metric. This stabilizes the synchronous instrument enabled feature, allowing users to check if an instrument will process measurements before performing computationally expensive operations. (#7763)
  • Add go.opentelemetry.io/otel/semconv/v1.39.0 package. The package contains semantic conventions from the v1.39.0 version of the OpenTelemetry Semantic Conventions. See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.38.0. (#7783, #7789)

Changed

  • Improve the concurrent performance of HistogramReservoir in go.opentelemetry.io/otel/sdk/metric/exemplar by 4x. (#7443)
  • Improve the concurrent performance of FixedSizeReservoir in go.opentelemetry.io/otel/sdk/metric/exemplar. (#7447)
  • Improve performance of concurrent histogram measurements in go.opentelemetry.io/otel/sdk/metric. (#7474)
  • Improve performance of concurrent synchronous gauge measurements in go.opentelemetry.io/otel/sdk/metric. (#7478)
  • Add experimental observability metrics in go.opentelemetry.io/otel/exporters/stdout/stdoutmetric. (#7492)
  • Exporter in go.opentelemetry.io/otel/exporters/prometheus ignores metrics with the scope go.opentelemetry.io/contrib/bridges/prometheus. This prevents scrape failures when the Prometheus exporter is misconfigured to get data from the Prometheus bridge. (#7688)
  • Improve performance of concurrent exponential histogram measurements in go.opentelemetry.io/otel/sdk/metric. (#7702)
  • The rpc.grpc.status_code attribute in the experimental metrics emitted from go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc is replaced with the rpc.response.status_code attribute to align with the semantic conventions. (#7854)
  • The rpc.grpc.status_code attribute in the experimental metrics emitted from go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc is replaced with the rpc.response.status_code attribute to align with the semantic conventions. (#7854)

Fixed

  • Fix bad log message when key-value pairs are dropped because of key duplication in go.opentelemetry.io/otel/sdk/log. (#7662)
  • Fix DroppedAttributes on Record in go.opentelemetry.io/otel/sdk/log to not count the non-attribute key-value pairs dropped because of key duplication. (#7662)
  • Fix SetAttributes on Record in go.opentelemetry.io/otel/sdk/log to not log that attributes are dropped when they are actually not dropped. (#7662)
  • Fix missing request.GetBody in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp to correctly handle HTTP/2 GOAWAY frame. (#7794)
  • WithHostID detector in go.opentelemetry.io/otel/sdk/resource to use full path for ioreg command on Darwin (macOS). (#7818)

Deprecated

Commits
  • a3a5317 Release v1.40.0 (#7859)
  • 77785da chore(deps): update github/codeql-action action to v4.32.1 (#7858)
  • 56fa1c2 chore(deps): update module github.com/clipperhouse/uax29/v2 to v2.5.0 (#7857)
  • 298cbed Upgrade semconv use to v1.39.0 (#7854)
  • 3264bf1 refactor: modernize code (#7850)
  • fd5d030 chore(deps): update module github.com/grpc-ecosystem/grpc-gateway/v2 to v2.27...
  • 8d3b4cb chore(deps): update actions/cache action to v5.0.3 (#7847)
  • 91f7cad chore(deps): update github.com/timakin/bodyclose digest to 73d1f95 (#7845)
  • fdad1eb chore(deps): update module github.com/grpc-ecosystem/grpc-gateway/v2 to v2.27...
  • c46d3ba chore(deps): update golang.org/x/telemetry digest to fcf36f6 (#7843)
  • Additional commits viewable in compare view

Updates go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0

Changelog

Sourced from go.opentelemetry.io/otel/sdk's changelog.

[1.40.0/0.62.0/0.16.0] 2026-02-02

Added

  • Add AlwaysRecord sampler in go.opentelemetry.io/otel/sdk/trace. (#7724)
  • Add Enabled method to all synchronous instrument interfaces (Float64Counter, Float64UpDownCounter, Float64Histogram, Float64Gauge, Int64Counter, Int64UpDownCounter, Int64Histogram, Int64Gauge,) in go.opentelemetry.io/otel/metric. This stabilizes the synchronous instrument enabled feature, allowing users to check if an instrument will process measurements before performing computationally expensive operations. (#7763)
  • Add go.opentelemetry.io/otel/semconv/v1.39.0 package. The package contains semantic conventions from the v1.39.0 version of the OpenTelemetry Semantic Conventions. See the migration documentation for information on how to upgrade from go.opentelemetry.io/otel/semconv/v1.38.0. (#7783, #7789)

Changed

  • Improve the concurrent performance of HistogramReservoir in go.opentelemetry.io/otel/sdk/metric/exemplar by 4x. (#7443)
  • Improve the concurrent performance of FixedSizeReservoir in go.opentelemetry.io/otel/sdk/metric/exemplar. (#7447)
  • Improve performance of concurrent histogram measurements in go.opentelemetry.io/otel/sdk/metric. (#7474)
  • Improve performance of concurrent synchronous gauge measurements in go.opentelemetry.io/otel/sdk/metric. (#7478)
  • Add experimental observability metrics in go.opentelemetry.io/otel/exporters/stdout/stdoutmetric. (#7492)
  • Exporter in go.opentelemetry.io/otel/exporters/prometheus ignores metrics with the scope go.opentelemetry.io/contrib/bridges/prometheus. This prevents scrape failures when the Prometheus exporter is misconfigured to get data from the Prometheus bridge. (#7688)
  • Improve performance of concurrent exponential histogram measurements in go.opentelemetry.io/otel/sdk/metric. (#7702)
  • The rpc.grpc.status_code attribute in the experimental metrics emitted from go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc is replaced with the rpc.response.status_code attribute to align with the semantic conventions. (#7854)
  • The rpc.grpc.status_code attribute in the experimental metrics emitted from go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc is replaced with the rpc.response.status_code attribute to align with the semantic conventions. (#7854)

Fixed

  • Fix bad log message when key-value pairs are dropped because of key duplication in go.opentelemetry.io/otel/sdk/log. (#7662)
  • Fix DroppedAttributes on Record in go.opentelemetry.io/otel/sdk/log to not count the non-attribute key-value pairs dropped because of key duplication. (#7662)
  • Fix SetAttributes on Record in go.opentelemetry.io/otel/sdk/log to not log that attributes are dropped when they are actually not dropped. (#7662)
  • Fix missing request.GetBody in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp to correctly handle HTTP/2 GOAWAY frame. (#7794)
  • WithHostID detector in go.opentelemetry.io/otel/sdk/resource to use full path for ioreg command on Darwin (macOS). (#7818)

Deprecated

Commits
  • a3a5317 Release v1.40.0 (#7859)
  • 77785da chore(deps): update github/codeql-action action to v4.32.1 (#7858)
  • 56fa1c2 chore(deps): update module github.com/clipperhouse/uax29/v2 to v2.5.0 (#7857)
  • 298cbed Upgrade semconv use to v1.39.0 (#7854)
  • 3264bf1 refactor: modernize code (#7850)
  • fd5d030 chore(deps): update module github.com/grpc-ecosystem/grpc-gateway/v2 to v2.27...
  • 8d3b4cb chore(deps): update actions/cache action to v5.0.3 (#7847)
  • 91f7cad chore(deps): update github.com/timakin/bodyclose digest to 73d1f95 (#7845)
  • fdad1eb chore(deps): update module github.com/grpc-ecosystem/grpc-gateway/v2 to v2.27...
  • c46d3ba chore(deps): update golang.org/x/telemetry digest to fcf36f6 (#7843)
  • Additional commits viewable in compare view

Updates go.podman.io/image/v5 from 5.38.0 to 5.39.1

Commits
  • 80fb329 [podman-5.8] Bump to image 5.39.1
  • c41710e [podman-5.8] Add missing image go.sum
  • a1da33b [podman-5.8] Bump image to v5.39.0
  • d5d959a [podman-5.8] Bump storage to 1.62.0 in image
  • b4ff26e Merge pull request #626 from TomSweeneyRedHat/dev/tsweeney/dance-5.8-1
  • bb290dc [podman-5.8] Bump storage to v1.62.0
  • a79d33c Merge pull request #616 from l0rd/pr-612-to-5.8
  • 90383df common: safer use of filepath.EvalSymlinks() in findBindir()
  • 89d4270 Merge pull request #601 from Luap99/podman-5.8
  • d1241f8 fix debug log for #579
  • Additional commits viewable in compare view

Updates golang.org/x/mod from 0.32.0 to 0.33.0

Commits

Updates golang.org/x/net from 0.49.0 to 0.50.0

Commits
  • ebddb99 go.mod: update golang.org/x dependencies
  • 4a490d4 internal/http3: add Expect: 100-continue support to ClientConn
  • 73fe701 internal/http3: add Expect: 100-continue support to Server
  • af0c9df html: add NodeType.String() method
  • e02fb33 internal/http3: make responseWriter.Flush write headers if not done yet
  • da558ff internal/http3: ensure bodyReader cannot be read after being closed
  • d7c76fa internal/http3: make responseWriter behave closer to other http.ResponseWriter
  • 64b3af9 http2: prevent transport deadlock due to WINDOW_UPDATE that exceeds limit
  • 1973e8d internal/http3: add Server support for handling HEAD requests
  • 57ea86d icmp, internal/socket, ipv4, ipv6: use binary.NativeEndian
  • Additional commits viewable in compare view

Updates golang.org/x/sys from 0.40.0 to 0.41.0

Commits
  • fc646e4 cpu: use IsProcessorFeaturePresent to calculate ARM64 on windows
  • f11c7bb windows: add IsProcessorFeaturePresent and processor feature consts
  • d25a7aa unix: add IoctlSetString on all platforms
  • 6fb913b unix: return early on error in Recvmsg
  • See full diff in compare view

Updates golang.org/x/text from 0.33.0 to 0.34.0

Commits
  • 817fba9 go.mod: update golang.org/x dependencies
  • 3264de9 all: clean up old Go hacks
  • 74af298 all: fix tags in remaining Unicode tables
  • 117e03b all: delete old Unicode tables
  • 9463ea4 all: update to Unicode 17
  • 7278b25 internal/export/idna: update for post-Unicode 10 idna changes
  • f964ad8 internal/export/idna: delete old code
  • 678d34e unicode/norm: preserve QC Maybe bit in packed forminfo
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the security group across 1 directory with 8 updates
a14a2a5 
Bumps the security group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/shirou/gopsutil/v4](https://github.com/shirou/gopsutil) | `4.25.12` | `4.26.1` |
| [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) | `1.39.0` | `1.40.0` |
| [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) | `1.39.0` | `1.40.0` |
| [go.podman.io/image/v5](https://github.com/containers/container-libs) | `5.38.0` | `5.39.1` |
| [golang.org/x/mod](https://github.com/golang/mod) | `0.32.0` | `0.33.0` |
| [golang.org/x/net](https://github.com/golang/net) | `0.49.0` | `0.50.0` |



Updates `github.com/shirou/gopsutil/v4` from 4.25.12 to 4.26.1
- [Release notes](https://github.com/shirou/gopsutil/releases)
- [Commits](shirou/gopsutil@v4.25.12...v4.26.1)

Updates `go.opentelemetry.io/otel` from 1.39.0 to 1.40.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.39.0...v1.40.0)

Updates `go.opentelemetry.io/otel/sdk` from 1.39.0 to 1.40.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.39.0...v1.40.0)

Updates `go.podman.io/image/v5` from 5.38.0 to 5.39.1
- [Commits](containers/container-libs@image/v5.38.0...image/v5.39.1)

Updates `golang.org/x/mod` from 0.32.0 to 0.33.0
- [Commits](golang/mod@v0.32.0...v0.33.0)

Updates `golang.org/x/net` from 0.49.0 to 0.50.0
- [Commits](golang/net@v0.49.0...v0.50.0)

Updates `golang.org/x/sys` from 0.40.0 to 0.41.0
- [Commits](golang/sys@v0.40.0...v0.41.0)

Updates `golang.org/x/text` from 0.33.0 to 0.34.0
- [Release notes](https://github.com/golang/text/releases)
- [Commits](golang/text@v0.33.0...v0.34.0)

---
updated-dependencies:
- dependency-name: github.com/shirou/gopsutil/v4
  dependency-version: 4.26.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: go.opentelemetry.io/otel
  dependency-version: 1.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-version: 1.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: go.podman.io/image/v5
  dependency-version: 5.39.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: golang.org/x/mod
  dependency-version: 0.33.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: golang.org/x/net
  dependency-version: 0.50.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: golang.org/x/sys
  dependency-version: 0.41.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
- dependency-name: golang.org/x/text
  dependency-version: 0.34.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: security
...

Signed-off-by: dependabot[bot] <support@github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies go type::security

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants