Update module github.com/open-telemetry/opentelemetry-collector-contrib/extension/bearertokenauthextension to v0.148.0

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/open-telemetry/opentelemetry-collector-contrib/extension/bearertokenauthextension	v0.93.0 → v0.148.0

---

Release Notes

open-telemetry/opentelemetry-collector-contrib (github.com/open-telemetry/opentelemetry-collector-contrib/extension/bearertokenauthextension)

v0.148.0

Compare Source

🛑 Breaking changes 🛑

• all: Removes the k8slog receiver after being unmaintained for 3 months (#​46544)

• all: Remove deprecated SAPM exporter (#​46555)

• all: Remove the datadogsemantics processor. (#​46893)
  If you need help, please contact Datadog support: https://www.datadoghq.com/support.

• exporter/google_cloud_storage: reuse_if_exists behavior changed: now checks bucket existence instead of attempting creation (#​45971)
  Previously, reuse_if_exists=true would attempt bucket creation and fall back to reusing on conflict.
  Now, reuse_if_exists=true checks if bucket exists (via storage.buckets.get) and uses it, failing if it doesn't exist.
  Set to true when the service account lacks project-level bucket creation permissions but has bucket-level permissions.
  reuse_if_exists=false still attempts to create the bucket and fails if it already exists.

• exporter/kafka: Remove deprecated top-level topic and encoding configuration fields (#​46916)
  The top-level topic and encoding fields were deprecated in v0.124.0.
  Use the per-signal fields instead: logs::topic, metrics::topic,
  traces::topic, profiles::topic, and the corresponding encoding
  fields under each signal section.

• exporter/kafka: Remove kafka-local batching partitioner wiring and require explicit sending_queue::batch::partition::metadata_keys configuration as a superset of include_metadata_keys when batching is enabled. (#​46757)

• pkg/ottl: truncate_all function now supports UTF-8 safe truncation (#​36713)
  The default truncate_all behavior has changed. Truncation now respects UTF-8 character boundaries by default (new optional parameter utf8_safe, default: true), so results stay valid UTF-8 and may be slightly shorter than the limit.
  To keep the previous byte-level truncation behavior (e.g. for non-UTF-8 data or to avoid any behavior change), set utf8_safe to false in all truncate_all usages.

• receiver/awsecscontainermetrics: Add ephemeral storage metrics and fix unit strings from Megabytes to MiB (#​46414)
  Adds two new task-level gauge metrics: ecs.task.ephemeral_storage.utilized and ecs.task.ephemeral_storage.reserved (in MiB).
  These metrics are available on AWS Fargate Linux platform version 1.4.0+ and represent the shared ephemeral storage for the entire task.

  Breaking change: The unit string for ecs.task.memory.utilized, ecs.task.memory.reserved,
  container.memory.utilized, and container.memory.reserved has been corrected from "Megabytes" to "MiB".
  The underlying values were already in MiB (computed via division by 1024*1024), but the unit label was incorrect.
  Users relying on the exact unit string (e.g. in metric filters or dashboards) will need to update accordingly.

• receiver/mysql: Set the default collection of query_sample to false (#​46902)

• receiver/postgresql: Disable default collection of top_query and query_sample events. (#​46843)
  This change is breaking because it disables the default collection of top_query and query_sample events. These events will need to be enabled manually if desired.

• receiver/redfish: system.host_name and base_url resource attribute has been changed to host.name and url.full respectively.
  (#​46236)

• receiver/windowseventlog: Change event_data from an array of single-key maps to a flat map by default, making fields directly accessible via OTTL. The previous format is available by setting event_data_format: array. (#​42565, #​32952)
  Named elements become direct keys (e.g., body["event_data"]["ProcessId"]).
  Anonymous elements use numbered keys: param1, param2, etc.
  To preserve the previous array format, set event_data_format: array in the receiver configuration.

🚩 Deprecations 🚩

• exporter/azure_blob: Introduce new snake case compliant name azure_blob (#​46722)
• exporter/google_cloud_storage: Introduce new snake case compliant name google_cloud_storage (#​46733)
• extension/aws_logs_encoding: Introduce new snake case compliant name aws_logs_encoding (#​46776)
• extension/azure_auth: Introduce new snake case compliant name azure_auth (#​46775)
• extension/cgroup_runtime: Introduce new snake case compliant name cgroup_runtime (#​46773)
• extension/google_cloud_logentry_encoding: Introduce new snake case compliant name google_cloud_logentry_encoding (#​46778)
• processor/metric_start_time: Introduce new snake case compliant name metric_start_time (#​46777)
• receiver/azure_blob: Introduce new snake case compliant name azure_blob (#​46721)
• receiver/azure_monitor: Introduce new snake case compliant name azure_monitor (#​46730)
• receiver/cisco_os: Introduce new snake case compliant name cisco_os (#​46948)
• receiver/macos_unified_logging: Introduce new snake case compliant name macos_unified_logging (#​46729)
• receiver/prometheus_remote_write: Introduce new snake case compliant name prometheus_remote_write (#​46726)
• receiver/yang_grpc: Introduce new snake case compliant name yang_grpc (#​46723)

🚀 New components 🚀

• receiver/azure_functions: Introduce new component to receive logs from Azure Functions (#​43507)
  This change includes only overall structure, readme and configuration for the new component.

💡 Enhancements 💡

• cmd/opampsupervisor: Add configurable instance ID to Supervisor (#​45596)

• connector/signal_to_metrics: Add sum.monotonic property for improved counter handling (#​45865)

• connector/spanmetrics: Add support for W3C tracestate-based adjusted count in span metrics with stochastic rounding (#​45539)
  The span metrics connector now supports extracting sampling information from W3C tracestate
  to generate extrapolated span metrics with adjusted counts. This enables accurate metric
  aggregation for sampled traces by computing stochastic-rounded adjusted counts based on
  the sampling threshold (ot.th field) in the tracestate. Key features include:

  • Stochastic rounding for fractional adjusted counts using integer-only operations
  • Single-entry cache for consecutive identical tracestates (4% overhead in benchmarks)
  • Support for mixed-mode services where some spans have tracestate and others don't
  • New sampling.method attribute to distinguish between adjusted and non-adjusted metrics
  • Histogram support for observing multiple events at once

  Performance characteristics:

  • ~4% overhead for traces with tracestate (3-span batch: 3684ns → 3829ns). Overhead will further diminish with larger batches.
  • Scales linearly with trace size (500 spans: 577μs → 581μs)
  • Zero allocations for common cases with caching enabled

• exporter/bmchelix: Enrich metric names with datapoint attributes for unique identification in BMC Helix Operations Management (#​46558)
  This feature is controlled by the enrich_metric_with_attributes configuration option (default: true).
  Set to false to disable enrichment and reduce metric cardinality.
  Normalization is applied to ensure BHOM compatibility:

  • entityTypeId and entityName: Invalid characters replaced with underscores (colons not allowed as they are used as separators in entityId)
  • metricName: Normalized to match pattern [a-zA-Z_:.][a-zA-Z0-9_:.]*
  • Label values: Commas replaced with whitespaces

• exporter/clickhouse: Add per pipeline JSON support for ClickHouse exporter, deprecate JSON feature gate (#​46553)
  Previously, the clickhouse.json feature gate was used to enable JSON for all
  ClickHouse exporter instances. This feature gate is now deprecated. Use the json
  config option instead, which allows per-pipeline control.

• exporter/elasticsearch: Add per-document dynamic_templates for metrics in ECS mapping mode (#​46499)
  Each bulk index action for ECS metrics now includes dynamic_templates so Elasticsearch can apply the correct
  mapping (e.g. histogram_metrics, summary_metrics, double_metrics) for the ECS mapping mode. The OTel mapping mode already sent dynamic_templates.

• exporter/elasticsearch: Add http.response.status_code to failed document logs to allow for better filtering and error analysis. (#​45829)

• exporter/elasticsearch: Update ECS mode encoder to add conversions for telemetry.sdk.language and telemetry.sdk.version (#​46690)
  Conversions map semconv attributes telemetry.sdk.language/telemetry.sdk.version to service.language.name/service.language.version'

• extension/aws_logs_encoding: Adopt streaming for Network Firewall logs (#​46214)

• extension/aws_logs_encoding: Adopt streaming for CloudTrail signal (#​46214)

• extension/aws_logs_encoding: Adopt encoding extension streaming contract for WAF logs (#​46214)

• extension/aws_logs_encoding: Adopt streaming for S3 access logs (#​46214)

• extension/aws_logs_encoding: Adopt encoding extension streaming contract for VPC flow logs (#​46214)

• extension/aws_logs_encoding: Adopt encoding extension streaming contract for CloudWatch Logs subscription (#​46214)

• extension/aws_logs_encoding: Adopt streaming for ELB signal (#​46214)

• extension/awscloudwatchmetricstreams_encoding: Adopt encoding extension streaming contract for OpenTelemetry v1 formatted metrics (#​46214)

• extension/azure_encoding: Add encoding.format attribute to Azure logs to identify the log type (#​44278)

• extension/azure_encoding: Promote the Azure Encoding extension to Alpha stability. (#​46886)

• extension/azure_encoding: Add processing for Azure Metrics (#​41725)

• extension/datadog: Set os.type resource attribute if not already present for Fleet Automation metadata. (#​46896)

• extension/headers_setter: Add support for file-based credentials via value_file configuration option. Files are watched for changes and header values are automatically updated. (#​46473)
  This is useful for credentials that are rotated, such as Kubernetes secrets.
  Example configuration:
  headers_setter:
  headers:
  - key: X-API-Key
  value_file: /var/secrets/api-key

• extension/oidc: Add logging for failed authentication attempts with client IP and username. (#​46482)

• internal/kafka: This change adds support for authentication via OIDC to the Kafka client. (#​41872)
  It provides an implementation of SASL/OAUTHBEARER for Kafka components, by
  integrating with auth extensions that provide OAuth2 tokens, such as oauth2clientauth.
  Token acqusition/refresh/exchange is controlled by auth extensions.

  To use this, your configuration would be something like:

  extensions:
  oauth2client:
  client_id_file: /path/to/client_id_file
  client_secret: /path/to/client_secret_file

  exporters:
  kafka:
  auth:
  sasl:
  mechanism: OAUTHBEARER
  oauthbearer_token_source: oauth2client

• pkg/azurelogs: Remove semconv v1.28.0 and v1.34.0 dependencies, migrating to v1.38.0 via paired feature gates (#​45033, #​45034)
  Two new alpha feature gates control the migration:
  pkg.translator.azurelogs.EmitV1LogConventions emits stable attribute names (code.function.name, code.file.path, eventName per log record).
  pkg.translator.azurelogs.DontEmitV0LogConventions suppresses the old names (code.function, code.filepath, event.name on resource).
  Both gates default to off; enable EmitV1LogConventions first for a dual-emit migration window.

• pkg/coreinternal: Add feature gates to migrate semconv v1.12.0 attributes to v1.38.0 equivalents in goldendataset (#​45076)
  The following attribute keys from go.opentelemetry.io/otel/semconv/v1.12.0 can now be migrated to their v1.38.0 equivalents
  using feature gates (both default to disabled, preserving the old behavior):

  • net.host.ip -> network.local.address (enable internal.coreinternal.goldendataset.EmitV1NetworkConventions)
  • net.peer.ip -> network.peer.address (enable internal.coreinternal.goldendataset.EmitV1NetworkConventions)
  • http.host -> server.address (enable internal.coreinternal.goldendataset.EmitV1NetworkConventions)
  • http.server_name -> server.address (enable internal.coreinternal.goldendataset.EmitV1NetworkConventions)
    To stop emitting the deprecated v1.12.0 attributes, also enable internal.coreinternal.goldendataset.DontEmitV0NetworkConventions
    (requires internal.coreinternal.goldendataset.EmitV1NetworkConventions to also be enabled).

• pkg/fileconsumer: filelog receiver checkpoint storage now supports protobuf encoding behind a feature gate for improved performance and reduced storage usage (#​43266)
  Added optional protobuf encoding for filelog checkpoint storage, providing ~7x faster decoding and 31% storage savings.
  Enable with feature gate: --feature-gates=filelog.protobufCheckpointEncoding
  The feature is in StageAlpha (disabled by default) and includes full backward compatibility with JSON checkpoints.

• pkg/ottl: Improve unsupported type error diagnostics in the Len() OTTL function by including the runtime type in error messages. (#​46476)

• pkg/stanza: Implement if field support for the recombine operator so entries not matching the condition pass through unrecombined. (#​46048)

• pkg/zipkin: Add feature gates to migrate semconv v1.12.0 attributes to v1.38.0 equivalents (#​45076)
  The following attribute keys from go.opentelemetry.io/otel/semconv/v1.12.0 can now be migrated to their v1.38.0 equivalents
  using feature gates (both default to disabled, preserving the old behavior):

  • net.host.ip -> network.local.address (enable pkg.translator.zipkin.EmitV1NetworkConventions)
  • net.peer.ip -> network.peer.address (enable pkg.translator.zipkin.EmitV1NetworkConventions)
    To stop emitting the deprecated v1.12.0 attributes, also enable pkg.translator.zipkin.DontEmitV0NetworkConventions
    (requires pkg.translator.zipkin.EmitV1NetworkConventions to also be enabled).

• processor/k8s_attributes: Log warning in case deprecated attributes are enabled (#​46932)

• processor/k8s_attributes: Bump version of semconv to 1.40 (#​46644)

• processor/redaction: Document audit trail attributes emitted when summary is set to debug or info (#​46648)
  Adds an Audit Trail section to the README describing the diagnostic attributes
  the processor appends to spans, log records, and metric datapoints, including
  a worked example. Also fixes the example output to omit zero-count attributes
  that are never emitted, and restores URL Sanitization and Span Name Sanitization
  as top-level README sections.

• receiver/aerospike: Enable the re-aggregation feature for the aerospike receiver (#​46347)

• receiver/awslambda: Adopt encoding extension streaming for AWS Lambda receiver (#​46608)

• receiver/awslambda: Promote AWS Lambda receiver to Alpha stability. (#​46888)

• receiver/cisco_os: Add cisco_os receiver to the contrib distribution (#​46948)

• receiver/cloudflare: Add max_request_body_size config option. (#​46630)

• receiver/docker_stats: Enables dynamic metric reaggregation in the Docker Stats receiver. This does not break existing configuration files. (#​45396)

• receiver/filelog: Add include_file_permissions option (#​46504)

• receiver/flinkmetrics: Enable re-aggregation feature by classifying attributes with requirement_level and setting reaggregation_enabled to true (#​46356)
  Attributes are classified as required when aggregating across them produces meaningless results
  (checkpoint, garbage_collector_name, record), and recommended when totals remain operationally
  meaningful (operator_name).

• receiver/github: Enables dynamic metric reaggregation in the GitHub receiver. This does not break existing configuration files. (#​46385)

• receiver/haproxy: Add haproxy.server.state resource attribute to expose server status (UP, DOWN, MAINT, etc.) (#​46799)
  The new resource attribute is disabled by default and can be enabled via configuration.

• receiver/hostmetrics: Enable dynamic metric reaggregation for the cpu scraper in the hostmetrics receiver. (#​46386)

• receiver/hostmetrics: Enable re-aggregation feature for the memory scraper to support dynamic metric attribute configuration at runtime. (#​46618)

• receiver/hostmetrics: Enable re-aggregation feature for the load scraper by setting reaggregation_enabled. (#​46617)

• receiver/hostmetrics: Enable metric re-aggregation for paging scrapers. (#​46386, #​46621)

• receiver/hostmetrics: Enables re-aggregation for nfs scraper (#​46386, #​46620)

• receiver/hostmetrics: Enable re-aggregation feature for the filesystem scraper by setting reaggregation_enabled and adding requirement_level to attributes. (#​46616)

• receiver/hostmetrics: Enable re-aggregation for processes scraper (#​46622)
  Enabled the reaggregation feature gate for the processes scraper and set the status attribute requirement level to recommended.

• receiver/hostmetrics: Enable re-aggregation feature for the disk scraper by setting reaggregation_enabled and adding requirement_level to attributes. (#​46615)

• receiver/hostmetrics: Enable re-aggregation feature for the network scraper by setting reaggregation_enabled and adding requirement_level to attributes. (#​46619)

• receiver/iis: Enable re-aggregation and set requirement levels for attributes. (#​46360)

• receiver/kafka: add kafka.topic, kafka.partition, kafka.offset to client metadata (#​45931)

• receiver/kafkametrics: Enable re-aggregation feature for kafkametrics receiver to support dynamic metric attribute configuration at runtime. (#​46362)

• receiver/mysql: Enables dynamic metric reaggregation in the MySQL receiver. This does not break existing configuration files. (#​45396)

• receiver/oracledb: Add oracledb.procedure_execution_count attribute to top query events for stored procedure execution tracking (#​46487)
  This value is derived from MAX(EXECUTIONS) across all SQL statements
  sharing the same PROGRAM_ID in V$SQL, providing
  an accurate procedure-level execution count even for multi-statement stored procedures.

• receiver/oracledb: Add oracledb.command_type attribute to the Top-Query collection. (#​46838)

• receiver/podman_stats: Enable dynamic metric reaggregation in the Podman receiver. (#​46372)

• receiver/postgresql: Enables dynamic metric reaggregation in the PostgreSQL receiver. This does not break existing configuration files. (#​45396)

• receiver/pprof: promote to alpha (#​46925)

• receiver/pprof: Read pprof data from HTTP remote endpoints or the collector itself (#​38260)

• receiver/prometheus: Graduate receiver.prometheusreceiver.RemoveReportExtraScrapeMetricsConfig feature gate to stable; deprecate receiver.prometheusreceiver.EnableReportExtraScrapeMetrics feature gate (#​44181)
  The report_extra_scrape_metrics configuration option is now fully ignored; remove it from your configuration to avoid crashes.
  The receiver.prometheusreceiver.EnableReportExtraScrapeMetrics feature gate is deprecated and will be removed in v0.148.0; use the extra_scrape_metrics Prometheus scrape configuration option instead.

• receiver/rabbitmq: Enable dynamic metric reaggregation in the RabbitMQ receiver. (#​46374)

• receiver/redis: Enable dynamic metric reaggregation in the Redis receiver. (#​46376)

• receiver/riak: Enable re-aggregation and set requirement levels for attributes. (#​46377)

• receiver/snowflake: Bump Go Snowflake Driver to v2 (#​46598)

• receiver/sqlquery: Bump Go Snowflake Driver to v2 (#​46598)

• receiver/sqlserver: Add sqlserver.procedure_execution_count attribute to the Top-Query collection. (#​46486)

• receiver/statsd: Add counter_type configuration option to control how counter values are represented (int, float, or stochastic_int) (#​45276)

• receiver/systemd: Enable dynamic metric reaggregation in the systemd receiver. (#​46381)

• receiver/tcplog: Add default values for retry_on_failure and update the documentation (#​41571)

• receiver/vcenter: Enable re-aggregation feature for vcenter receiver metrics (#​46384)

• receiver/windowseventlog: Add SID resolution feature to automatically resolve Windows Security Identifiers to user and group names (#​45875)
  Added new resolve_sids configuration option with configurable cache size and TTL.
  When enabled, Windows Security Identifiers (SIDs) in event logs are automatically resolved to human-readable names using the Windows LSA API.
  Includes support for well-known SIDs, domain users and groups, and high-performance LRU caching for improved throughput.

🧰 Bug fixes 🧰

• exporter/elasticsearch: Set require_data_stream=true for ECS mapping mode and improve guidance for Elasticsearch version compatibility. (#​46632)

• exporter/elasticsearch: Fix retry exponential backoff overflow handling edge case (#​46178)
  The retry delay growth now guards against duration overflow while preserving
  exponential backoff with jitter, so retries cap correctly at the configured
  max interval even for large attempt counts.

• exporter/kafka: Validate that topic_from_metadata_key is present in include_metadata_keys when configured, with clear config validation errors. (#​46711)

• exporter/kafka: Add MergeCtx to preserve include_metadata_keys when batching is enabled. (#​46718)

• exporter/signalfx: exporter/signalfxexporter: include inactive in memory total (#​46474)

• extension/bearertokenauth: Fix bearer token auth rejecting custom headers in HTTP requests unless specified in canonical form (#​45697)

• extension/file_storage: Fix nil pointer crash when bbolt reopen fails during on_rebound compaction (#​46489)

• extension/google_cloud_logentry_encoding: Fix incorrect snake_case conversion for keys containing numbers (e.g., "k8s" becoming "k8_s") in Google Cloud log entries. (#​46571)

• internal/metadataproviders: Fix HTTP response body leak in OpenShift metadata provider and add status code validation (#​46921)
  Three methods in the OpenShift metadata provider (OpenShiftClusterVersion, Infrastructure,
  K8SClusterVersion) were not closing the HTTP response body after making requests. This leaked
  HTTP connections and file descriptors, which could exhaust the connection pool over time when
  periodic refresh is enabled. The fix adds defer resp.Body.Close() and validates the HTTP
  status code before attempting to decode the response.

• processor/resourcedetection: Fix consul detector token_file setting the file path as the literal token value instead of configuring the consul SDK to read the file (#​46745)
  When token_file was configured, the file path string
  was assigned to api.Config.Token instead of api.Config.TokenFile,
  causing the consul API client to use the path as the authentication
  token (always resulting in 403 Forbidden)."

• processor/resourcedetection: Fix collector panic on shutdown when the same processor is used in multiple pipelines with refresh_interval enabled. (#​46918)

• receiver/datadog: Preserve original per-span service name when _dd.base_service overrides the resource-level service name, so the DD exporter can recover it on the DD-to-OTEL-to-DD roundtrip path. (#​1909)

• receiver/mysql: Fixed incorrect JOIN condition in querySample.tmpl that was comparing thread.thread_id to processlist.id instead of the correct foreign key thread.processlist_id. (#​46548)
  The LEFT JOIN with information_schema.processlist was using an incorrect join condition that would fail to properly correlate rows between the performance_schema.threads and information_schema.processlist tables. The fix changes the join condition from processlist.id = thread.thread_id to processlist.id = thread.processlist_id to use the correct foreign key relationship.

• receiver/oracledb: Fix to top_query reporting incorrect procedure execution count. (#​46869)
  The procedure execution count is now calculated using MIN(EXECUTIONS) instead of MAX(EXECUTIONS) improving best effort accuracy.

• receiver/postgresql: Fix EXPLAIN plan collection failing on DDL statements (GRANT, DROP, REVOKE, etc.) (#​46274)
  PostgreSQL does not support EXPLAIN on DDL statements. The receiver now filters queries
  using a whitelist approach, only running EXPLAIN on supported DML statements (SELECT,
  INSERT, UPDATE, DELETE, WITH, MERGE, TABLE, VALUES).

• receiver/prometheus: receiver/prometheusreceiver: return stable SeriesRef from AppendHistogram for correct per-series staleness tracking (#​44528)

• receiver/prometheus: Validate target allocator interval during configuration to prevent runtime panic when interval is set to 0 or a negative value. (#​46700)
  Previously, setting interval to 0s or a negative value would cause a runtime panic when
  time.NewTicker() was called with an invalid duration. The configuration is now validated
  early to prevent this panic and provide a clear error message.

• receiver/sqlserver: Fix to top_query reporting duplicate rows for a procedure that has more than one statement. (#​46483)
  The dbQueryAndTextQuery.tmpl template joins the aggregated CTE rows back to sys.dm_exec_query_stats using only plan_handle. But plan_handle is not unique in that DMV,
  it identifies a plan, and a single plan can contain multiple statements (each with its own row in sys.dm_exec_query_stats,
  differentiated by statement_start_offset/statement_end_offset). As a result this is producing duplicate rows for a procedure that has more than one statement.

• receiver/sqlserver: Fixed host.name resource attribute to be correctly extracted from datasource configuration when server is not set (#​42355)
  When using the datasource configuration option, the host.name resource attribute will now be
  properly parsed from the datasource connection string instead of being left empty or using an incorrect value.

• receiver/sqlserver: Add missing host.name for logs when using datasource configuration (#​46740)

• receiver/windowseventlog: Strip illegal XML 1.0 characters (e.g. U+0001) from event data before parsing to prevent parse failures on Sysmon Operational events. (#​46435)
  Some Sysmon events embed control characters (e.g. U+0001) in fields such as FileVersion.
  Go's encoding/xml rejects these as illegal XML 1.0 characters, causing an error for every
  affected event. The characters are now silently stripped before parsing.

v0.147.0

Compare Source

🛑 Breaking changes 🛑

• all: Remove unmaintained receiver/bigip component (#​46040)

• exporter/elasticsearch: Ignore mapping::mode config option (#​45246)
  The mapping::mode config option has already been deprecated and is now ignored. Instead, use
  the X-Elastic-Mapping-Mode client metadata key (via headers_setter extension) or the
  elastic.mapping.mode scope attribute to control the mapping mode per-request.
  See the README for migration instructions.

• extension/sumologic: Migrate updateCollectorMetadata from feature gate to config parameter and enable by default (#​46102)
  The extension.sumologic.updateCollectorMetadata feature gate has been replaced with an
  update_metadata configuration parameter. The feature is now enabled by default, eliminating
  the need for users to specify the --feature-gates flag. Users can control this behavior via
  the YAML configuration:

  extensions:
    sumologic:
      update_metadata: true  # default: true

• processor/azuredetector: Changed cloud platform value for Azure VM from azure_vm to azure.vm to align with OpenTelemetry semantic conventions v1.39.0. (#​45030)

• processor/resourcedetection: Remove feature gate processor.resourcedetection.removeGCPFaasID (#​45808)

• processor/resourcedetection: Changed cloud platform value for Azure EKS from azure_eks to azure.eks to align with OpenTelemetry semantic conventions v1.39.0. (#​45030)

• receiver/kafka: Remove deprecated topic and exclude_topic fields (#​46232)

• receiver/mongodb: Add service.instance.id resource attribute and move database from resource to db.namespace metric attribute in MongoDB receiver (#​45506)
  The service.instance.id attribute is a deterministic UUID v5 derived from server address and port.
  The database attribute has been moved from a resource attribute to a metric-level attribute (db.namespace) on all per-database metrics, following OpenTelemetry semantic conventions.
  This produces a single resource per MongoDB server instead of one per database, fixing Prometheus batching compatibility.

🚩 Deprecations 🚩

• processor/k8s_attributes: Rename internal telemetry metrics to use dots instead of underscores (#​45871)

💡 Enhancements 💡

• connector/grafanacloud: Make the default configuration of the Grafana Cloud Connector support Kubernetes deployments. (#​45469)
  Add "k8S.node.uid" and "k8S.cluster.name" to the default set of resource attributes evaluated by the Grafana Cloud Connector.

• exporter/clickhouse: Do not crash the exporter if it cannot inspect the table schemas (#​46285)
  Previously setting create_schema: false would skip validating the actual connection on start. This was useful
  if you had unstable targets, as you could run the collector and let the sending queue/failover connector handle
  connection errors to ClickHouse.

• exporter/loadbalancing: Support metrics routing by attributes in the loadbalancing exporter (#​45675)

• exporter/prometheusremotewrite: Add support for exporting InstrumentationScope attributes as Prometheus labels. This behavior can be disabled via the disable_scope_info configuration option. (#​45266)

• exporter/signalfx: Preserve 'k8s.service.' property names on the 'k8s.service.uid' dimension instead of converting them to 'kubernetes_service_' prefix. (#​46291)

• extension/awscloudwatchmetricstreams_encoding: Adopt encoding extension streaming contract for JSON formatted metrics (#​46214)

• extension/awscloudwatchmetricstreams_encoding: Adopt encoding extension streaming contract for AWS CloudWatch metrics extension (#​46214)

• extension/awslogs_encoding: Adopt encoding extension streaming contract for AWS Logs Extension encoding (#​46214)

• extension/azure_encoding: Add processing for Azure Traces (AppAvailabilityResults, AppDependencies and AppRequests) (#​41725)

• extension/azure_encoding: Add support for Administrative, Alert, Autoscale, Policy, Security, ServiceHealth, and ResourceHealth log categories. (#​45699)

• extension/basicauth: Add username_file and password_file options to client_auth config, enabling file-based credentials with live rotation via file watching. (#​46227)
  When set, file-based credentials take precedence over inline values.
  Files are watched for changes using fsnotify, allowing credential rotation without restarting the collector.

• internal/docker: Add Docker API version auto-negotiation when api_version is not specified in config (#​44653)
  When api_version is empty or omitted, the Docker client now automatically negotiates
  the highest mutually supported API version with the daemon using WithAPIVersionNegotiation().
  Existing configurations with an explicit api_version continue to work unchanged.
  Note: The previous default behavior pinned the API version to 1.44 when not specified.
  Now it auto-negotiates with the daemon, which may result in a different API version being used.

• pkg/ottl: Add Base64Encode function to OTTL (#​46071)

• pkg/ottl: Added metadata access path to all OTTL contexts for accessing client request metadata (#​33288)

• pkg/translator/pprof: Ensure correct handling of default sample/profile in conversion. (#​45976)

• processor/hetznerdetector: Update semantic conventions to v1.39.0 and add support for cloud.platform in Hetzner detector (#​45489)

• processor/k8s_attributes: ReplicaSet handling now supports PartialObjectMetadata, reducing cold-start memory/time compared to typed informers. (#​44407)
  In in-process cold-start benchmarks (no API server), PartialObjectMetadata reduced memory by ~57–59%, exact impact depends on cluster size and selectors.

• processor/oracleclouddetector: Add Oracle realm attribute to Oracle Cloud resource detection processor (#​44408)

• processor/redaction: Add HMAC hash functions (hmac-sha256 and hmac-sha512) for GDPR-compliant pseudonymization of sensitive data like IP addresses (#​45715)
  HMAC functions provide rainbow table resistant hashing by using a secret key, making it impossible to reverse-engineer original values without the key.
  This enables true pseudonymization per GDPR Article 4(5) requirements while maintaining consistency for pattern analysis.
  Configure with hash_function: hmac-sha256 (or hmac-sha512) and hmac_key: "${env:REDACTION_SECRET_KEY}".

• processor/resourcedetection: Added Tencent Cloud CVM resource detector to the Resource Detection Processor (#​45779)

• processor/resourcedetection: Add tags_from_imds config option to EC2 detector to control instance tag retrieval method (#​46046)
  Introduces the tags_from_imds boolean field in the EC2 detector configuration.
  When set to true, instance tags are fetched via IMDS, which does not require any IAM
  permissions but requires InstanceMetadataTags=enabled on the instance.
  When set to false (default), tags are fetched via the EC2 DescribeTags API,
  which requires the ec2:DescribeTags IAM permission. This is the existing behavior and
  the default to avoid breaking changes.

• receiver/apache: Enables dynamic metric reaggregation in the Apache receiver. This does not break existing configuration files. (#​46348)

• receiver/azure_event_hub: Promote the Azure Event Hub receiver to beta stability. (#​41661)

• receiver/azureblob: Enable the Azure Blob receiver to poll for new blobs when the Event Hub endpoint is not configured. (#​45717)
  The Azure Blob receiver now supports a polling-based ingestion mode that is automatically
  enabled when no Event Hub endpoint is configured. Instead of relying on
  event-driven notifications, it periodically checks the storage container
  for new blobs to ingest.

• receiver/ciscoos: Add multi-device configuration with global scraper settings and improved config validation (#​42647)

• receiver/haproxy: Enable dynamic metric reaggregation in the HAProxy receiver. (#​46357)

• receiver/hostmetrics: Reduce excessive float64 precision in memory, disk, and filesystem scrapers (#​46141)

• receiver/k8s_cluster: Define entities and relationships for Kubernetes resources in metadata.yaml. (#​41080)

• receiver/oracledb: Enable dynamic metric reaggregation in the OracleDB receiver. (#​46371)

• receiver/postgresql: Added support for configuring custom collection intervals for Top Query records (#​45614)

• receiver/prometheusremotewrite: Add support for extracting exemplars from Prometheus counters (#​46145)

• receiver/splunkenterprise: Enables dynamic metric reaggregation in the Splunk Enterprise receiver. This does not break existing configuration files. (#​45396)

• receiver/tlscheck: Added support for JKS and PKCS12 keystore formats. (#​41518)
  This enhancement allows users to utilize JKS and PKCS12 keystore formats
  for TLS configuration in the tlscheck receiver, providing greater flexibility
  in certificate management.

🧰 Bug fixes 🧰

• exporter/loadbalancing: Change default timeout for k8s resolver from 1s to 1m to reduce excessive Kubernetes API server load. (#​33004)
  The previous 1s default caused watch connections to reconnect every second, generating big amount of requests.
  The new 1m default provides a big reduction in API load while maintaining reasonable
  endpoint discovery latency. The timeout remains configurable for users who need different behavior.

• exporter/prometheusremotewrite: [exporter/prometheusremotewrite] Fix WAL wake-up race (#​45288)

• exporter/sematext: Add validation to require region and at least one app_token in configuration. (#​39610)

• extension/oauth2client: Make token refresh context-aware (#​45917)
  The oauth2clientauth now implements its own HTTP and gRPC middleware, so the request
  context can be passed in and honoured when refreshing tokens. This allows for cancellation
  and timeouts to be respected, as well as propagation of trace context.

• internal/metadataproviders: Fix Azure IMDS header value (#​46281)
  Azure's IMDS endpoint is expecting the Metadata header to be true, not True, the latter causing 400s.

• pkg/fileconsumer: Do not evaluate the include/exclude file patterns during component start (#​45988)
  Previously, a synchronous glob walk of all matching files
  was performed during component start. This blocked the collector from reporting readiness, causing pods to
  remain in Not Ready state for extended periods when many files matched the configured
  glob patterns. The call was purely for logging a warning and the result was discarded.
  The first poll cycle already performs the same glob walk, so the duplicate call has been
  removed.
  The warning "no files match the configured criteria" is no longer logged. It is still logged at debug level on the first (and each subsequent) poll.

• pkg/translator/pprof: fix attribute bug (#​46336)

• pkg/translator/prometheusremotewrite: Fixes an issue where zero_threshold was reset to the default value for exponential histograms. (#​46108)

• processor/cumulativetodelta: Fix memory blowup in exponential histogram delta conversion (#​45927)

• processor/resourcedetection: IRSA and Pod Identity tokens are checked to determine if running within an EKS cluster (#​45866)

• processor/tail_sampling: Properly remove trace id from its original batch when using decision_wait_after_root_received (#​46004)
  The bug only causes the traces dropped too early metric to be incorrectly incremented. There is no functional change to what is sampled.

• receiver/awscloudwatch: Use the oldest log timestamp as the next poll start time to prevent logs from being ignored (#​41122)

• receiver/docker_stats: Avoid cancelling docker stats request before it's done r

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 44 additional dependencies were updated
• The go directive was updated for compatibility reasons

Details:

Package	Change
go	1.20 -> 1.25.0
github.com/stretchr/testify	v1.8.4 -> v1.11.1
go.opentelemetry.io/collector/component	v0.93.0 -> v1.54.0
go.opentelemetry.io/collector/extension	v0.93.0 -> v1.54.0
golang.org/x/sys	v0.16.0 -> v0.41.0
cloud.google.com/go/compute/metadata	v0.2.4-0.20230617002413-005d2dfb6b68 -> v0.9.0
github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp	v1.21.0 -> v1.30.0
github.com/cespare/xxhash/v2	v2.2.0 -> v2.3.0
github.com/cncf/xds/go	v0.0.0-20230607035331-e9ce68804cb4 -> v0.0.0-20251210132809-ee656c7534f5
github.com/envoyproxy/go-control-plane	v0.11.1 -> v0.14.0
github.com/envoyproxy/protoc-gen-validate	v1.0.2 -> v1.3.0
github.com/fsnotify/fsnotify	v1.7.0 -> v1.9.0
github.com/go-logr/logr	v1.4.1 -> v1.4.3
github.com/golang/protobuf	v1.5.3 -> v1.5.4
github.com/google/go-cmp	v0.6.0 -> v0.7.0
github.com/grpc-ecosystem/grpc-gateway/v2	v2.19.0 -> v2.27.1
github.com/hashicorp/go-version	v1.6.0 -> v1.8.0
github.com/knadh/koanf/maps	v0.1.1 -> v0.1.2
github.com/knadh/koanf/providers/confmap	v0.1.0 -> v1.0.0
github.com/knadh/koanf/v2	v2.0.1 -> v2.3.3
github.com/modern-go/reflect2	v1.0.2 -> v1.0.3-0.20250322232337-35a7c28c31ee
github.com/prometheus/client_model	v0.5.0 -> v0.6.2
github.com/stretchr/objx	v0.5.0 -> v0.5.2
go.opentelemetry.io/collector/config/configopaque	v0.93.0 -> v1.54.0
go.opentelemetry.io/collector/config/configtelemetry	v0.93.0 -> v0.117.0
go.opentelemetry.io/collector/confmap	v0.93.0 -> v1.54.0
go.opentelemetry.io/otel	v1.22.0 -> v1.42.0
go.opentelemetry.io/otel/metric	v1.22.0 -> v1.42.0
go.opentelemetry.io/otel/sdk	v1.22.0 -> v1.42.0
go.opentelemetry.io/otel/sdk/metric	v1.22.0 -> v1.42.0
go.opentelemetry.io/otel/trace	v1.22.0 -> v1.42.0
go.opentelemetry.io/proto/otlp	v1.0.0 -> v1.7.1
go.uber.org/zap	v1.26.0 -> v1.27.1
golang.org/x/crypto	v0.18.0 -> v0.48.0
golang.org/x/mod	v0.14.0 -> v0.32.0
golang.org/x/net	v0.20.0 -> v0.51.0
golang.org/x/oauth2	v0.16.0 -> v0.34.0
golang.org/x/term	v0.16.0 -> v0.40.0
golang.org/x/text	v0.14.0 -> v0.34.0
golang.org/x/tools	v0.16.0 -> v0.41.0
gonum.org/v1/gonum	v0.14.0 -> v0.16.0
google.golang.org/genproto/googleapis/api	v0.0.0-20240102182953-50ed04b92917 -> v0.0.0-20251202230838-ff82c1b0f217
google.golang.org/genproto/googleapis/rpc	v0.0.0-20240102182953-50ed04b92917 -> v0.0.0-20251222181119-0a764e51fe1b
google.golang.org/grpc	v1.60.1 -> v1.79.2
google.golang.org/protobuf	v1.32.0 -> v1.36.11