Skip to content

fix(deps): bump the go-minor group across 2 directories with 16 updates#10

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go-minor-21b406f923
Open

fix(deps): bump the go-minor group across 2 directories with 16 updates#10
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go-minor-21b406f923

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown

Bumps the go-minor group with 12 updates in the / directory:

Package From To
github.com/andybalholm/brotli 1.2.1 1.2.2
github.com/docker/go-connections 0.6.0 0.7.0
github.com/fsnotify/fsnotify 1.9.0 1.10.1
github.com/getsentry/sentry-go 0.44.1 0.47.0
github.com/go-git/go-git/v5 5.17.2 5.19.1
github.com/go-playground/validator/v10 10.30.2 10.30.3
github.com/oapi-codegen/nullable 1.1.0 1.2.0
github.com/posthog/posthog-go 1.11.2 1.17.5
github.com/stripe/pg-schema-diff 1.0.5 1.0.7
github.com/volcengine/volcengine-go-sdk 1.2.36 1.2.42
go.opentelemetry.io/otel 1.43.0 1.44.0
google.golang.org/grpc 1.80.0 1.82.0

Bumps the go-minor group with 5 updates in the /pkg directory:

Package From To
github.com/andybalholm/brotli 1.2.1 1.2.2
github.com/oapi-codegen/nullable 1.1.0 1.2.0
golang.org/x/mod 0.34.0 0.38.0
google.golang.org/grpc 1.80.0 1.82.0
github.com/oapi-codegen/runtime 1.3.1 1.4.2

Updates github.com/andybalholm/brotli from 1.2.1 to 1.2.2

Commits

Updates github.com/docker/go-connections from 0.6.0 to 0.7.0

Commits
  • 7997b0f Merge pull request #156 from thaJeztah/bump_go_winio
  • 329724a chore(deps): bump github.com/Microsoft/go-winio v0.6.2
  • 161dc9b Merge pull request #155 from thaJeztah/pin_actions
  • b115e42 Merge pull request #154 from thaJeztah/fix_non_linux_tests
  • 4c35b2a ci: pin actions to sha
  • b4454a6 tlsconfig: make root pool tests deterministic across platforms
  • 0819711 tlsconfig: certPool: pass options as argument
  • 0329635 tlsconfig: rename some vars that shadowed
  • 894d811 Merge pull request #150 from thaJeztah/deprecate_SystemCertPool
  • 0a1293a Merge pull request #153 from thaJeztah/chachacha
  • Additional commits viewable in compare view

Updates github.com/fsnotify/fsnotify from 1.9.0 to 1.10.1

Release notes

Sourced from github.com/fsnotify/fsnotify's releases.

v1.10.1

Changes and fixes

  • inotify: don't remove sibling watches sharing a path prefix (#754)

  • inotify, windows: don't rename sibling watches sharing a path prefix (#755)

#754: fsnotify/fsnotify#754 #755: fsnotify/fsnotify#755

v1.10.0

This version of fsnotify needs Go 1.23.

Changes and fixes

  • inotify: improve initialization error message (#731)

  • inotify: send Rename event if recursive watch is renamed (#696)

  • inotify: avoid copying event buffers when reading names (#741)

  • kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#748)

  • kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#740)

  • windows: fix nil pointer dereference in remWatch (#736)

  • windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#709, #749)

#696: fsnotify/fsnotify#696 #709: fsnotify/fsnotify#709 #731: fsnotify/fsnotify#731 #736: fsnotify/fsnotify#736 #740: fsnotify/fsnotify#740 #741: fsnotify/fsnotify#741 #748: fsnotify/fsnotify#748 #749: fsnotify/fsnotify#749

Changelog

Sourced from github.com/fsnotify/fsnotify's changelog.

1.10.1 2026-05-04

Changes and fixes

  • inotify: don't remove sibling watches sharing a path prefix (#754)

  • inotify, windows: don't rename sibling watches sharing a path prefix (#755)

#754: fsnotify/fsnotify#754 #755: fsnotify/fsnotify#755

1.10.0 2026-04-30

This version of fsnotify needs Go 1.23.

Changes and fixes

  • inotify: improve initialization error message (#731)

  • inotify: send Rename event if recursive watch is renamed (#696)

  • inotify: avoid copying event buffers when reading names (#741)

  • kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#748)

  • kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#740)

  • windows: fix nil pointer dereference in remWatch (#736)

  • windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#709, #749)

#696: fsnotify/fsnotify#696 #709: fsnotify/fsnotify#709 #731: fsnotify/fsnotify#731 #736: fsnotify/fsnotify#736 #740: fsnotify/fsnotify#740 #741: fsnotify/fsnotify#741 #748: fsnotify/fsnotify#748 #749: fsnotify/fsnotify#749

Commits
  • 76b01a6 Release 1.10.1
  • fec150b Update changelog
  • 162b421 inotify, windows: don't rename sibling watches sharing a path prefix (#755)
  • 224257f inotify: don't remove sibling watches sharing a path prefix (#754)
  • e0c956c windows: document directory Write events and stabilize tests (#745)
  • 8d01d7b Release 1.10.0
  • 602284e Update changelog
  • 7f03e59 kqueue: skip ENOENT entries in watchDirectoryFiles (#748)
  • dab9dde windows: lock watch field updates against concurrent WatchList (#709) (#749)
  • eadf267 kqueue: drop watches directly in Close() instead of going through remove() (#...
  • Additional commits viewable in compare view

Updates github.com/getsentry/sentry-go from 0.44.1 to 0.47.0

Release notes

Sourced from github.com/getsentry/sentry-go's releases.

0.47.0

Breaking Changes 🛠

  • Fix transaction_info source getting set incorrectly across HTTP middleware integrations (http, fasthttp, fiber). Users should now expect traces to properly get grouped with their parameterized path. Transactions in affected integrations may regroup after upgrading. by @​giortzisg in #1325
  • remove deprecatedotel.NewSentrySpanProcessor. Users should now use the sentryotlp.NewTraceExporter instead by @​giortzisg in #1307
    // Before
    sentry.Init(sentry.ClientOptions{Dsn: dsn, EnableTracing: true, TracesSampleRate: 1.0})
    tp := sdktrace.NewTracerProvider(
    sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()),
    )
    otel.SetTextMapPropagator(sentryotel.NewSentryPropagator())
    otel.SetTracerProvider(tp)
    // After:
    sentry.Init(sentry.ClientOptions{
    Dsn: dsn, EnableTracing: true, TracesSampleRate: 1.0,
    Integrations: func(i []sentry.Integration) []sentry.Integration {
    return append(i, sentryotel.NewOtelIntegration())
    },
    })
    exporter, _ := sentryotlp.NewTraceExporter(ctx, dsn)
    tp := sdktrace.NewTracerProvider(sdktrace.WithBatcher(exporter))
    otel.SetTracerProvider(tp)

  • Enable logs by default to skip double allow behavior. Enabling logs now happens once when setting up either sentry.NewLogger or any supported integration. Also the EnableLogs flag changes to DisableLogs for a global override switch by @​giortzisg in #1306
  • Remove the ContextifyFrames integration. The recommended way to add source context is SCM by @​giortzisg in #1302

New Features ✨

  • Add fiber v3 integration by @​giortzisg in #1324
  • Bump fasthttp from 1.51.0 to 1.71.0 by @​giortzisg in #1324
  • Add sentrysql SQL tracing integration by @​giortzisg in #1305
    • Supports multiple integration paths depending on how your app opens database connections: sentrysql.Open(...), sentrysql.OpenDB(...), and wrapped drivers/connectors for custom setups.
    • Database metadata is not inferred in every setup. If the database name is not discoverable automatically, pass sentrysql.WithDatabaseName(...) so spans are populated correctly.
    • Example:
     // Simple driver-based setup
     db, err := sentrysql.Open("sqlite", ":memory:",
         sentrysql.WithDatabaseSystem(sentrysql.SystemSQLite),
         sentrysql.WithDatabaseName("main"),
     )

Internal Changes 🔧

Deps

... (truncated)

Changelog

Sourced from github.com/getsentry/sentry-go's changelog.

0.47.0

Breaking Changes 🛠

  • Fix transaction_info source getting set incorrectly across HTTP middleware integrations (http, fasthttp, fiber). Users should now expect traces to properly get grouped with their parameterized path. Transactions in affected integrations may regroup after upgrading. by @​giortzisg in #1325
  • remove deprecatedotel.NewSentrySpanProcessor. Users should now use the sentryotlp.NewTraceExporter instead by @​giortzisg in #1307
    // Before
    sentry.Init(sentry.ClientOptions{Dsn: dsn, EnableTracing: true, TracesSampleRate: 1.0})
    tp := sdktrace.NewTracerProvider(
    sdktrace.WithSpanProcessor(sentryotel.NewSentrySpanProcessor()),
    )
    otel.SetTextMapPropagator(sentryotel.NewSentryPropagator())
    otel.SetTracerProvider(tp)
    // After:
    sentry.Init(sentry.ClientOptions{
    Dsn: dsn, EnableTracing: true, TracesSampleRate: 1.0,
    Integrations: func(i []sentry.Integration) []sentry.Integration {
    return append(i, sentryotel.NewOtelIntegration())
    },
    })
    exporter, _ := sentryotlp.NewTraceExporter(ctx, dsn)
    tp := sdktrace.NewTracerProvider(sdktrace.WithBatcher(exporter))
    otel.SetTracerProvider(tp)

  • Enable logs by default to skip double allow behavior. Enabling logs now happens once when setting up either sentry.NewLogger or any supported integration. Also the EnableLogs flag changes to DisableLogs for a global override switch by @​giortzisg in #1306
  • Remove the ContextifyFrames integration. The recommended way to add source context is SCM by @​giortzisg in #1302

New Features ✨

  • Add fiber v3 integration by @​giortzisg in #1324
  • Bump fasthttp from 1.51.0 to 1.71.0 by @​giortzisg in #1324
  • Add sentrysql SQL tracing integration by @​giortzisg in #1305
    • Supports multiple integration paths depending on how your app opens database connections: sentrysql.Open(...), sentrysql.OpenDB(...), and wrapped drivers/connectors for custom setups.
    • Database metadata is not inferred in every setup. If the database name is not discoverable automatically, pass sentrysql.WithDatabaseName(...) so spans are populated correctly.
    • Example:
     // Simple driver-based setup
     db, err := sentrysql.Open("sqlite", ":memory:",
         sentrysql.WithDatabaseSystem(sentrysql.SystemSQLite),
         sentrysql.WithDatabaseName("main"),
     )

Internal Changes 🔧

Deps

... (truncated)

Commits

Updates github.com/go-git/go-git/v5 from 5.17.2 to 5.19.1

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.19.1

What's Changed

Full Changelog: go-git/go-git@v5.19.0...v5.19.1

v5.19.0

What's Changed

Full Changelog: go-git/go-git@v5.18.0...v5.19.0

v5.18.0

What's Changed

Full Changelog: go-git/go-git@v5.17.2...v5.18.0

Commits
  • 3c3be60 Merge pull request #2137 from go-git/validate-v5
  • 3fba897 plumbing: format/packfile, cap delta chain depth in parser
  • a97d660 Merge pull request #2125 from hiddeco/v5/format-input-bounds
  • aeaa125 plumbing: format/objfile, require Header before Read
  • 1f38e17 plumbing: format/packfile, bound inflate size
  • f7545a0 plumbing: format/idxfile, bound nr by file size
  • 170b881 Merge pull request #2116 from pjbgf/symlink-v5
  • 7b6d994 Merge pull request #2117 from hiddeco/v5/worktree-fs-mkdirall-root-noop
  • f0709b3 git: Stop validating symlink target paths
  • 776d00f git: Allow MkdirAll on worktree-root paths
  • Additional commits viewable in compare view

Updates github.com/go-playground/validator/v10 from 10.30.2 to 10.30.3

Release notes

Sourced from github.com/go-playground/validator/v10's releases.

v10.30.3

What's Changed

New Contributors

Full Changelog: go-playground/validator@v10.30.2...v10.30.3

Commits
  • ac4c1ba fix(docs): correct ripemd160 tag name in README validation table (#1582)
  • feacb34 feat: omit blank tag names from namespace (#1567)
  • 5ed0a7e chore(deps): bump golang.org/x/crypto from 0.51.0 to 0.52.0 (#1580)
  • 0364541 fix(cron): anchor regex and accept full cron syntax (#1577)
  • 8eb2659 chore(deps): bump golang.org/x/crypto from 0.50.0 to 0.51.0 (#1571)
  • f7e1721 chore(deps): bump golang.org/x/text from 0.36.0 to 0.37.0 (#1572)
  • cf37fce fix(lint): correctly disable govet inline analyzer & deprecated gomodguard (#...
  • 7c334e5 fix: reject hostnames with trailing hyphen in RFC 952 validator (#1569)
  • 6bcb7bc feat: add origin validator for web origin URLs (#1565)
  • 6fd2fa8 docs: fix typos (#1568)
  • Additional commits viewable in compare view

Updates github.com/oapi-codegen/nullable from 1.1.0 to 1.2.0

Release notes

Sourced from github.com/oapi-codegen/nullable's releases.

New getter function

🚀 New features and improvements

  • feat: new method for fetching ignoring error (#13) @​lzap

There is now a GetOrEmpty() on Nullable which will return the wrapped value if it's available, or it will create a new zerovalue if Nullable is uninitialized, or initialized to nil.

📝 Documentation updates

✍ Other changes

📦 Dependency updates

Sponsors

We would like to thank our sponsors for their support during this release.

Commits

Updates github.com/posthog/posthog-go from 1.11.2 to 1.17.5

Release notes

Sourced from github.com/posthog/posthog-go's releases.

1.17.5

Unreleased

1.17.4

Unreleased

1.17.3

Unreleased

1.17.2

Unreleased

1.17.1

Unreleased

1.17.0

Unreleased

1.16.2

Unreleased

1.16.1

Unreleased

1.16.0

Unreleased

1.15.1

Unreleased

1.15.0

Unreleased

1.14.0

Unreleased

1.13.2

Unreleased

1.13.1

Unreleased

1.13.0

Unreleased

1.12.6

Unreleased

1.12.5

Unreleased

... (truncated)

Changelog

Sourced from github.com/posthog/posthog-go's changelog.

1.17.5

Patch Changes

  • fe66557: Change the default capture delivery budget from 10 attempts to 4 (DefaultMaxAttempts) when Config.MaxRetries is unset, aligning with the cross-SDK Capture V1 parity standard (posthog-rs uses the same envelope). This affects both the v0 (/batch/) and v1 send paths, since they share the attempt budget. Callers that set MaxRetries explicitly are unaffected.
  • 3d8404a: Unify the capture retry backoff ceiling at 30s. DefaultBackoff's cap changes from 10s to 30s (default only — override via Config.RetryAfter), and the Capture V1 send now clamps a server Retry-After to the same 30s so a hostile or buggy header cannot park a batch goroutine. Retry-After still acts as a minimum; the configured backoff is never truncated. This aligns the default retry behavior with posthog-rs and posthog-python.

1.17.4

Patch Changes

  • 25e43f8: Stop duplicating distinct_id inside /flags person properties.

1.17.3

Patch Changes

  • dafed74: Retry remote feature flag requests after transient 502 and 504 responses.

1.17.2

Patch Changes

  • d98ef79: Retry feature flag requests after transient network errors only. The feature flag request retry count defaults to 1 and can be set to 0 to disable retries.

1.17.1

Patch Changes

  • 651b303: Preserve caller-provided system context values when building capture v1 event properties.
  • e0eb8bd: Send capture batches uncompressed when request-body compression fails instead of failing the batch.
  • 71f5c2e: Expose capture default properties to BeforeSend hooks before serialization.

1.17.0

Minor Changes

  • ff0e74b: Enrich capture-v1 failure reporting with typed errors and verbose result logging. When CaptureMode is CaptureModeAnalyticsV1, Callback.Failure now receives either a *CaptureEventError (a single event the server dropped, or one still asking to retry once attempts are exhausted — exposing EventUUID, Result, Details, and Exhausted) or a *CaptureRequestError (a whole request that failed on a non-2xx status, transport error, or malformed body — exposing StatusCode, Code, Description, and unwrapping to the underlying error). Inspect them with errors.As. Additionally, with Verbose: true the SDK logs one debug line per 2xx response summarizing the per-event directive counts (ok/warning/drop/retry/other) so partial-submission outcomes are easy to debug. The legacy path and its callback errors are unchanged.
  • ff0e74b: Add opt-in capture-v1 support via a new Config.CaptureMode option. It defaults to CaptureModeLegacy (the existing POST /batch/ endpoint), so upgrading is transparent and requires no code changes. Set CaptureMode: posthog.CaptureModeAnalyticsV1 to send events to POST /i/v1/analytics/events instead, which uses Bearer auth, per-event delivery results, and partial retry (only the events the server asks to retry are re-sent). For v1, the Callback interface is unchanged but outcomes become per-event: a drop result fails an individual event (and can fire Failure on an HTTP 200), warning counts as success, and a uuid missing from the results is silently dropped. All other configuration (host, API key, Callback, Logger, MaxRetries, Compression) is reused across both modes.
  • ff0e74b: Add zstd, deflate, and brotli compression for the capture-v1 path, alongside the existing gzip. Select one via Config.Compression (CompressionZstd, CompressionDeflate, CompressionBrotli) and the SDK sets the matching Content-Encoding header (zstd, deflate, br). These three codecs require CaptureMode: posthog.CaptureModeAnalyticsV1 — the legacy POST /batch/ endpoint only understands gzip, so configuring them with CaptureModeLegacy returns a validation error. CompressionGzip and CompressionNone continue to work on both capture modes. All codecs use pure-Go libraries (stdlib compress/zlib, github.com/klauspost/compress/zstd, github.com/andybalholm/brotli), so CGO_ENABLED=0 builds are unaffected.

1.16.2

Patch Changes

  • 76de226: Dedupe $feature_flag_called events by feature flag response value.

1.16.1

Patch Changes

... (truncated)

Commits
  • d7f8a22 chore: release v1.17.5 [version bump] [skip ci]
  • fe66557 feat(capture): default to 4 delivery attempts (down from 10) (#256)
  • 3d8404a fix(capture): unify retry backoff ceiling at 30s (#255)
  • 6affc15 ci: Standardize SDK release failure telemetry (#252)
  • 93b9681 chore: release v1.17.4 [version bump] [skip ci]
  • 25e43f8 fix: stop duplicating distinct_id in flags person properties (#250)
  • 01e60bf chore: release v1.17.3 [version bump] [skip ci]
  • dafed74 fix: Retry flags requests on 502 and 504 (#251)
  • ed70fae fix: make TCP drop recovery test deterministic (#248)
  • 2b6e187 ci: update SDK harness to 0.9.0 (#247)
  • Additional commits viewable in compare view

Updates github.com/stripe/pg-schema-diff from 1.0.5 to 1.0.7

Release notes

Sourced from github.com/stripe/pg-schema-diff's releases.

v1.0.7

Security fixes

Fixes two additional SQL injection sinks identified via the same root cause as v1.0.6 (enum labels, #295). Schema-derived values were re-emitted into generated DDL without proper escaping.

Policy role names (policy_sql_generator.go)

AppliesTo role names (sourced from pg_roles.rolname) were interpolated raw into CREATE POLICY ... TO and ALTER POLICY ... TO statements. A user with CREATEROLE privilege could plant a role whose name contains an embedded double-quote to inject arbitrary SQL during plan execution.

Fix: Added escapeRoleNames() helper that applies EscapeIdentifier to each role name, preserving PUBLIC as an unquoted SQL keyword.

Function/procedure names (schema.go buildProcName)

The function used hand-rolled quoting (fmt.Sprintf("\"%s\"(%s)", name, ...)) that did not double embedded double-quotes. A user with CREATE FUNCTION privilege could create a function with " in its name to inject SQL when DROP FUNCTION/DROP PROCEDURE statements are generated.

Fix: Replaced the hand-rolled quoting with EscapeIdentifier(name).

What's Changed

  • fix: escape policy role names and function/procedure names in generated SQL (#296)

Full Changelog: stripe/pg-schema-diff@v1.0.6...v1.0.7

v1.0.6

Security fix

Escapes enum labels in generated SQL to prevent a second-order SQL injection.

Enum labels were interpolated into generated DDL using raw fmt.Sprintf("'%s'", val). A label containing a single quote could break out of the string literal and inject arbitrary SQL, which then executes with the plan runner's (often superuser) privileges when pg-schema-diff generates migration SQL — enabling RCE via COPY ... TO PROGRAM.

All three enum sinks (CREATE TYPE ... AS ENUM, ALTER TYPE ... ADD VALUE, and the BEFORE ordering clause) now route through a new EscapeLiteral helper that doubles single quotes and strips null bytes.

See #295 for details and test evidence.

Recommendation: upgrade to v1.0.6, especially if you run pg-schema-diff against databases where lower-privileged users can create enum types.

Commits
  • 6208f8f fix: escape policy role names and function names in generated SQL (#296)
  • 4ff84db fix: escape enum labels in generated SQL to prevent SQL injection (#295)
  • See full diff in compare view

Updates github.com/volcengine/volcengine-go-sdk from 1.2.36 to 1.2.42

Release notes

Sourced from github.com/volcengine/volcengine-go-sdk's releases.

v1.2.42

v1.2.41

v1.2.40

v1.2.39

v1.2.38

v1.2.37

Commits
  • 2505006 update version and commitId
  • c8d9649 Merge 'i18n_openapi-Golang-2021-05-21-online-2905-2026_07_09_18_43_52' into '...
  • 76c6a1e Merge "integration_2026-07-10_1179011163138" into "i18n_openapi-Golang-2021-0...
  • ae75464 update version and commitId
  • 6555886 Merge 'integration_2026-07-09_1179033718018' into 'master'
  • 60f341c update version and commitId
  • 1112eda feat: auto generate for i18n_openapi-Golang-2021-05-21-online-2905-2026_07_09...
  • 0fb2ced Merge 'na-Golang-2020-04-01-online-2888-2026_07_08_15_57_04' into 'integratio...
  • 768d6c9 Merge 'flink-Golang-2025-01-01-online-2592-2026_04_23_14_05_21' into 'integra...
  • 6f3fd8a Merge 'vke-Golang-2022-05-12-online-2876-2026_07_06_14_06_58' into 'integrati...
  • Additional commits viewable in compare view

Updates go.opentelemetry.io/otel from 1.43.0 to 1.44.0

Changelog

Sourced from go.opentelemetry.io/otel's changelog.

[1.44.0/0.66.0/0.20.0/0.0.17] 2026-05-27

Added

  • Add ByteSlice and ByteSliceValue functions for new BYTESLICE attribute type in go.opentelemetry.io/otel/attribute. (#7948)
  • Apply attribute value limit to the KindBytes attribute type in go.opentelemetry.io/otel/sdk/log. (#7990)
  • Apply attribute value limit to the BYTESLICE attribute type in go.opentelemetry.io/otel/sdk/trace. (#7990)
  • Support BYTESLICE attributes in go.opentelemetry.io/otel/trace. (#8153)
  • Support BYTESLICE attributes in go.opentelemetry.io/otel/exporters/otlp/otlptrace. (#8153)
  • Support BYTESLICE attributes in go.opentelemetry.io/otel/exporters/otlp/otlplog. (#8153)
  • Support BYTESLICE attributes in go.opentelemetry.io/otel/exporters/otlp/otlpmetric. (#8153)
  • Support BYTESLICE attributes in go.opentelemetry.io/otel/exporters/zipkin. (#8153)
  • Add String method for Value type in go.opentelemetry.io/otel/attribute. (#8142)
  • Add Slice and SliceValue functions for new SLICE attribute type in go.opentelemetry.io/otel/attribute. (#8166)
  • Support SLICE attributes in go.opentelemetry.io/otel/exporters/otlp/otlptrace. (#8216)
  • Support SLICE attributes in go.opentelemetry.io/otel/exporters/otlp/otlplog. (#8216)
  • Support SLICE attributes in go.opentelemetry.io/otel/exporters/otlp/otlpmetric. (#8216)
  • Support SLICE attributes in go.opentelemetry.io/otel/exporters/zipkin. (#8216)
  • Apply AttributeValueLengthLimit to attribute.SLICE type attribute values in go.opentelemetry.io/otel/sdk/trace, recursively truncating contained string values. (#8217)
  • Add Error field on Record type in go.opentelemetry.io/otel/log/logtest. (#8148)
  • Add WithMaxRequestSize option in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc. (#8157)
  • Add WithMaxRequestSize option in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp. (#8157)
  • Add Description has been truncated

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jul 10, 2026
Bumps the go-minor group with 12 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/andybalholm/brotli](https://github.com/andybalholm/brotli) | `1.2.1` | `1.2.2` |
| [github.com/docker/go-connections](https://github.com/docker/go-connections) | `0.6.0` | `0.7.0` |
| [github.com/fsnotify/fsnotify](https://github.com/fsnotify/fsnotify) | `1.9.0` | `1.10.1` |
| [github.com/getsentry/sentry-go](https://github.com/getsentry/sentry-go) | `0.44.1` | `0.47.0` |
| [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) | `5.17.2` | `5.19.1` |
| [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) | `10.30.2` | `10.30.3` |
| [github.com/oapi-codegen/nullable](https://github.com/oapi-codegen/nullable) | `1.1.0` | `1.2.0` |
| [github.com/posthog/posthog-go](https://github.com/posthog/posthog-go) | `1.11.2` | `1.17.5` |
| [github.com/stripe/pg-schema-diff](https://github.com/stripe/pg-schema-diff) | `1.0.5` | `1.0.7` |
| [github.com/volcengine/volcengine-go-sdk](https://github.com/volcengine/volcengine-go-sdk) | `1.2.36` | `1.2.42` |
| [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) | `1.43.0` | `1.44.0` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.80.0` | `1.82.0` |

Bumps the go-minor group with 5 updates in the /pkg directory:

| Package | From | To |
| --- | --- | --- |
| [github.com/andybalholm/brotli](https://github.com/andybalholm/brotli) | `1.2.1` | `1.2.2` |
| [github.com/oapi-codegen/nullable](https://github.com/oapi-codegen/nullable) | `1.1.0` | `1.2.0` |
| [golang.org/x/mod](https://github.com/golang/mod) | `0.34.0` | `0.38.0` |
| [google.golang.org/grpc](https://github.com/grpc/grpc-go) | `1.80.0` | `1.82.0` |
| [github.com/oapi-codegen/runtime](https://github.com/oapi-codegen/runtime) | `1.3.1` | `1.4.2` |



Updates `github.com/andybalholm/brotli` from 1.2.1 to 1.2.2
- [Commits](andybalholm/brotli@v1.2.1...v1.2.2)

Updates `github.com/docker/go-connections` from 0.6.0 to 0.7.0
- [Commits](docker/go-connections@v0.6.0...v0.7.0)

Updates `github.com/fsnotify/fsnotify` from 1.9.0 to 1.10.1
- [Release notes](https://github.com/fsnotify/fsnotify/releases)
- [Changelog](https://github.com/fsnotify/fsnotify/blob/main/CHANGELOG.md)
- [Commits](fsnotify/fsnotify@v1.9.0...v1.10.1)

Updates `github.com/getsentry/sentry-go` from 0.44.1 to 0.47.0
- [Release notes](https://github.com/getsentry/sentry-go/releases)
- [Changelog](https://github.com/getsentry/sentry-go/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-go@v0.44.1...v0.47.0)

Updates `github.com/go-git/go-git/v5` from 5.17.2 to 5.19.1
- [Release notes](https://github.com/go-git/go-git/releases)
- [Changelog](https://github.com/go-git/go-git/blob/main/HISTORY.md)
- [Commits](go-git/go-git@v5.17.2...v5.19.1)

Updates `github.com/go-playground/validator/v10` from 10.30.2 to 10.30.3
- [Release notes](https://github.com/go-playground/validator/releases)
- [Commits](go-playground/validator@v10.30.2...v10.30.3)

Updates `github.com/oapi-codegen/nullable` from 1.1.0 to 1.2.0
- [Release notes](https://github.com/oapi-codegen/nullable/releases)
- [Commits](oapi-codegen/nullable@v1.1.0...v1.2.0)

Updates `github.com/posthog/posthog-go` from 1.11.2 to 1.17.5
- [Release notes](https://github.com/posthog/posthog-go/releases)
- [Changelog](https://github.com/PostHog/posthog-go/blob/main/CHANGELOG.md)
- [Commits](PostHog/posthog-go@v1.11.2...v1.17.5)

Updates `github.com/stripe/pg-schema-diff` from 1.0.5 to 1.0.7
- [Release notes](https://github.com/stripe/pg-schema-diff/releases)
- [Commits](stripe/pg-schema-diff@v1.0.5...v1.0.7)

Updates `github.com/volcengine/volcengine-go-sdk` from 1.2.36 to 1.2.42
- [Release notes](https://github.com/volcengine/volcengine-go-sdk/releases)
- [Commits](volcengine/volcengine-go-sdk@v1.2.36...v1.2.42)

Updates `go.opentelemetry.io/otel` from 1.43.0 to 1.44.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-go@v1.43.0...v1.44.0)

Updates `golang.org/x/mod` from 0.34.0 to 0.35.0
- [Commits](golang/mod@v0.34.0...v0.38.0)

Updates `golang.org/x/net` from 0.52.0 to 0.54.0
- [Commits](golang/net@v0.52.0...v0.54.0)

Updates `golang.org/x/term` from 0.41.0 to 0.43.0
- [Commits](golang/term@v0.41.0...v0.43.0)

Updates `google.golang.org/grpc` from 1.80.0 to 1.82.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.80.0...v1.82.0)

Updates `github.com/andybalholm/brotli` from 1.2.1 to 1.2.2
- [Commits](andybalholm/brotli@v1.2.1...v1.2.2)

Updates `github.com/oapi-codegen/nullable` from 1.1.0 to 1.2.0
- [Release notes](https://github.com/oapi-codegen/nullable/releases)
- [Commits](oapi-codegen/nullable@v1.1.0...v1.2.0)

Updates `golang.org/x/mod` from 0.34.0 to 0.35.0
- [Commits](golang/mod@v0.34.0...v0.38.0)

Updates `google.golang.org/grpc` from 1.80.0 to 1.82.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.80.0...v1.82.0)

Updates `github.com/andybalholm/brotli` from 1.2.1 to 1.2.2
- [Commits](andybalholm/brotli@v1.2.1...v1.2.2)

Updates `github.com/oapi-codegen/nullable` from 1.1.0 to 1.2.0
- [Release notes](https://github.com/oapi-codegen/nullable/releases)
- [Commits](oapi-codegen/nullable@v1.1.0...v1.2.0)

Updates `golang.org/x/mod` from 0.34.0 to 0.38.0
- [Commits](golang/mod@v0.34.0...v0.38.0)

Updates `google.golang.org/grpc` from 1.80.0 to 1.82.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.80.0...v1.82.0)

Updates `github.com/andybalholm/brotli` from 1.2.1 to 1.2.2
- [Commits](andybalholm/brotli@v1.2.1...v1.2.2)

Updates `github.com/oapi-codegen/nullable` from 1.1.0 to 1.2.0
- [Release notes](https://github.com/oapi-codegen/nullable/releases)
- [Commits](oapi-codegen/nullable@v1.1.0...v1.2.0)

Updates `github.com/oapi-codegen/runtime` from 1.3.1 to 1.4.2
- [Release notes](https://github.com/oapi-codegen/runtime/releases)
- [Commits](oapi-codegen/runtime@v1.3.1...v1.4.2)

Updates `golang.org/x/mod` from 0.34.0 to 0.38.0
- [Commits](golang/mod@v0.34.0...v0.38.0)

Updates `google.golang.org/grpc` from 1.80.0 to 1.82.0
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.80.0...v1.82.0)

---
updated-dependencies:
- dependency-name: github.com/andybalholm/brotli
  dependency-version: 1.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor
- dependency-name: github.com/andybalholm/brotli
  dependency-version: 1.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor
- dependency-name: github.com/andybalholm/brotli
  dependency-version: 1.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor
- dependency-name: github.com/andybalholm/brotli
  dependency-version: 1.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor
- dependency-name: github.com/docker/go-connections
  dependency-version: 0.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/fsnotify/fsnotify
  dependency-version: 1.10.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/getsentry/sentry-go
  dependency-version: 0.47.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/go-git/go-git/v5
  dependency-version: 5.19.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/go-playground/validator/v10
  dependency-version: 10.30.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor
- dependency-name: github.com/oapi-codegen/nullable
  dependency-version: 1.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/oapi-codegen/nullable
  dependency-version: 1.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/oapi-codegen/nullable
  dependency-version: 1.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/oapi-codegen/nullable
  dependency-version: 1.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/oapi-codegen/runtime
  dependency-version: 1.4.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/posthog/posthog-go
  dependency-version: 1.17.5
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: github.com/stripe/pg-schema-diff
  dependency-version: 1.0.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor
- dependency-name: github.com/volcengine/volcengine-go-sdk
  dependency-version: 1.2.41
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: go-minor
- dependency-name: go.opentelemetry.io/otel
  dependency-version: 1.44.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: golang.org/x/mod
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: golang.org/x/mod
  dependency-version: 0.35.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: golang.org/x/mod
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: golang.org/x/mod
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: golang.org/x/net
  dependency-version: 0.54.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: golang.org/x/term
  dependency-version: 0.43.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: google.golang.org/grpc
  dependency-version: 1.82.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: google.golang.org/grpc
  dependency-version: 1.82.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: google.golang.org/grpc
  dependency-version: 1.82.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
- dependency-name: google.golang.org/grpc
  dependency-version: 1.82.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: go-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/go-minor-21b406f923 branch from aca421b to 7af5989 Compare July 11, 2026 00:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants