chore(deps): Update go minor and patch

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Change	Age	Confidence
github.com/dgraph-io/ristretto/v2	v2.2.0 → v2.4.0
github.com/google/flatbuffers	v25.2.10+incompatible → v25.12.19+incompatible
github.com/klauspost/compress	v1.18.0 → v1.18.5
github.com/spf13/cobra	v1.9.1 → v1.10.2
github.com/stretchr/testify	v1.10.0 → v1.11.1
go.opentelemetry.io/contrib/zpages	v0.62.0 → v0.68.0
go.opentelemetry.io/otel	v1.37.0 → v1.43.0
golang.org/x/sys	v0.35.0 → v0.43.0
google.golang.org/protobuf	v1.36.7 → v1.36.11

---

Release Notes

dgraph-io/ristretto (github.com/dgraph-io/ristretto/v2)

v2.4.0

Compare Source

Added

• Implement public Cache.IterValues() method (#​475)
• Allow custom key types with underlying types in Key constraint (#​478)

Fixed

• Fix compilation on 32-bit archs (#​465)

Full Changelog: dgraph-io/ristretto@v2.3.0...v2.4.0

v2.3.0: Ristretto v2.3.0

Compare Source

What's Changed

• chore(deps): Update go minor and patch by @​renovate[bot] in hypermodeinc#447
• Add public Cache.RemainingCost() method by @​xl-s in hypermodeinc#448
• chore(deps): Update module golang.org/x/sys to v0.33.0 by @​renovate[bot] in hypermodeinc#449
• chore(deps): Update dependency go to v1.24.3 by @​renovate[bot] in hypermodeinc#450
• chore(deps): Update dependency go to v1.24.4 by @​renovate[bot] in hypermodeinc#453
• Fix assertion in TestDropUpdates and trunk upgrade by @​mangalaman93 in hypermodeinc#452
• trunk upgrade by @​mangalaman93 in hypermodeinc#454
• Fix typo: ffor → for by @​maximal in hypermodeinc#456
• chore(deps): Update module golang.org/x/sys to v0.34.0 by @​renovate[bot] in hypermodeinc#457
• chore(deps): Update dependency go to v1.24.5 by @​renovate[bot] in hypermodeinc#458
• fix: correct grammar in error message by @​Fungx in hypermodeinc#461
• feat: Support uint Keys by @​jcalabro in hypermodeinc#463
• chore(deps): Update go minor and patch by @​renovate[bot] in hypermodeinc#462

New Contributors

• @​xl-s made their first contribution in hypermodeinc#448
• @​maximal made their first contribution in hypermodeinc#456
• @​Fungx made their first contribution in hypermodeinc#461
• @​jcalabro made their first contribution in hypermodeinc#463

Full Changelog: dgraph-io/ristretto@v2.2.0...v2.3.0

google/flatbuffers (github.com/google/flatbuffers)

v25.12.19+incompatible

Compare Source

v25.9.23+incompatible

Compare Source

klauspost/compress (github.com/klauspost/compress)

v1.18.5

Compare Source

What's Changed

• zstd: Fix crash when changing encoder dictionary with same ID by @​klauspost in #​1135
• zstd: Default to full zero frames by @​klauspost in #​1134
• flate: Clean up histogram order by @​klauspost in #​1133

Full Changelog: klauspost/compress@v1.18.4...v1.18.5

v1.18.4

Compare Source

What's Changed

• gzhttp: Add zstandard to server handler wrapper by @​klauspost in #​1121
• zstd: Add ResetWithOptions to encoder/decoder by @​klauspost in #​1122
• gzhttp: preserve qvalue when extra parameters follow in Accept-Encoding by @​analytically in #​1116

New Contributors

• @​analytically made their first contribution in #​1116
• @​ethaizone made their first contribution in #​1124
• @​zwass made their first contribution in #​1125

Full Changelog: klauspost/compress@v1.18.2...v1.18.4

v1.18.3

Compare Source

Downstream CVE-2025-61728

See golang/go#77102

Full Changelog: klauspost/compress@v1.18.2...v1.18.3

v1.18.2

Compare Source

What's Changed

• flate: Fix invalid encoding on level 9 with single value input by @​klauspost in #​1115
• flate: reduce stateless allocations by @​RXamzin in #​1106
• build(deps): bump github/codeql-action from 3.30.5 to 4.31.2 in the github-actions group by @​dependabot[bot] in #​1111

v1.18.1 is marked "retracted" due to invalid flate/zip/gzip encoding.

New Contributors

• @​RXamzin made their first contribution in #​1106

Full Changelog: klauspost/compress@v1.18.1...v1.18.2

v1.18.1

Compare Source

What's Changed

• zstd: Fix incorrect buffer size in dictionary encodes by @​klauspost in #​1059
• s2: check for cap, not len of buffer in EncodeBetter/Best by @​vdarulis in #​1080
• zstd: Add simple zstd EncodeTo/DecodeTo functions by @​klauspost in #​1079
• zlib: Avoiding extra allocation in zlib.reader.Reset by @​travelpolicy in #​1086
• gzhttp: remove redundant err check in zstdReader by @​ryanfowler in #​1090
• Run modernize. Deprecate Go 1.22 by @​klauspost in #​1095
• flate: Simplify matchlen by @​klauspost in #​1101
• flate: Add examples by @​klauspost in #​1102
• flate: Use exact sizes for huffman tables by @​klauspost in #​1103
• flate: Faster load+store by @​klauspost in #​1104
• Add notice to S2 about MinLZ by @​klauspost in #​1065

New Contributors

• @​wooffie made their first contribution in #​1069
• @​vdarulis made their first contribution in #​1080
• @​travelpolicy made their first contribution in #​1086
• @​ryanfowler made their first contribution in #​1090

Full Changelog: klauspost/compress@v1.18.0...v1.18.1

spf13/cobra (github.com/spf13/cobra)

v1.10.2

Compare Source

🔧 Dependencies

• chore: Migrate from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3 by @​dims in #​2336 - the gopkg.in/yaml.v3 package has been deprecated for some time: this should significantly cleanup dependency/supply-chains for consumers of spf13/cobra

📈 CI/CD

• Fix linter and allow CI to pass by @​marckhouzam in #​2327
• fix: actions/setup-go v6 by @​jpmcb in #​2337

🔥✍🏼 Docs

• Add documentation for repeated flags functionality by @​rvergis in #​2316

🍂 Refactors

• refactor: replace several vars with consts by @​htoyoda18 in #​2328
• refactor: change minUsagePadding from var to const by @​ssam18 in #​2325

🤗 New Contributors

• @​rvergis made their first contribution in #​2316
• @​htoyoda18 made their first contribution in #​2328
• @​ssam18 made their first contribution in #​2325
• @​dims made their first contribution in #​2336

Full Changelog: spf13/cobra@v1.10.1...v1.10.2

Thank you to our amazing contributors!!!!! 🐍 🚀

v1.10.1

Compare Source

🐛 Fix

• chore: upgrade pflags v1.0.9 by @​jpmcb in #​2305

v1.0.9 of pflags brought back ParseErrorsWhitelist and marked it as deprecated

Full Changelog: spf13/cobra@v1.10.0...v1.10.1

v1.10.0

Compare Source

What's Changed

🚨 Attention!

• Bump pflag to 1.0.8 by @​tomasaschan in #​2303

This version of pflag carried a breaking change: it renamed ParseErrorsWhitelist to ParseErrorsAllowlist which can break builds if both pflag and cobra are dependencies in your project.

• If you use both pflag and cobra, upgrade pflagto 1.0.8 andcobrato1.10.0`
• or use the newer, fixed version of pflag v1.0.9 which keeps the deprecated ParseErrorsWhitelist

More details can be found here: #​2303 (comment)

✨ Features

• Flow context to command in SetHelpFunc by @​Frassle in #​2241
• The default ShellCompDirective can be customized for a command and its subcommands by @​albers in #​2238

🐛 Fix

• Upgrade golangci-lint to v2, address findings by @​scop in #​2279

🪠 Testing

• Test with Go 1.24 by @​harryzcy in #​2236
• chore: Rm GitHub Action PR size labeler by @​jpmcb in #​2256

📝 Docs

• Remove traling curlybrace by @​yedayak in #​2237
• Update command.go by @​styee in #​2248
• feat: Add security policy by @​jpmcb in #​2253
• Update Readme (Warp) by @​ericdachen in #​2267
• Add Periscope to the list of projects using Cobra by @​anishathalye in #​2299

New Contributors

• @​harryzcy made their first contribution in #​2236
• @​yedayak made their first contribution in #​2237
• @​Frassle made their first contribution in #​2241
• @​styee made their first contribution in #​2248
• @​ericdachen made their first contribution in #​2267
• @​albers made their first contribution in #​2238
• @​anishathalye made their first contribution in #​2299
• @​tomasaschan made their first contribution in #​2303

Full Changelog: spf13/cobra@v1.9.1...v1.9.2

stretchr/testify (github.com/stretchr/testify)

v1.11.1

Compare Source

This release fixes #​1785 introduced in v1.11.0 where expected argument values implementing the stringer interface (String() string) with a method which mutates their value, when passed to mock.Mock.On (m.On("Method", <expected>).Return()) or actual argument values passed to mock.Mock.Called may no longer match one another where they previously did match. The behaviour prior to v1.11.0 where the stringer is always called is restored. Future testify releases may not call the stringer method at all in this case.

What's Changed

• Backport #​1786 to release/1.11: mock: revert to pre-v1.11.0 argument matching behavior for mutating stringers by @​brackendawson in #​1788

Full Changelog: stretchr/testify@v1.11.0...v1.11.1

v1.11.0

Compare Source

What's Changed

Functional Changes

v1.11.0 Includes a number of performance improvements.

• Call stack perf change for CallerInfo by @​mikeauclair in #​1614
• Lazily render mock diff output on successful match by @​mikeauclair in #​1615
• assert: check early in Eventually, EventuallyWithT, and Never by @​cszczepaniak in #​1427
• assert: add IsNotType by @​bartventer in #​1730
• assert.JSONEq: shortcut if same strings by @​dolmen in #​1754
• assert.YAMLEq: shortcut if same strings by @​dolmen in #​1755
• assert: faster and simpler isEmpty using reflect.Value.IsZero by @​dolmen in #​1761
• suite: faster methods filtering (internal refactor) by @​dolmen in #​1758

Fixes

• assert.ErrorAs: log target type by @​craig65535 in #​1345
• Fix failure message formatting for Positive and Negative asserts in #​1062
• Improve ErrorIs message when error is nil but an error was expected by @​tsioftas in #​1681
• fix Subset/NotSubset when calling with mixed input types by @​siliconbrain in #​1729
• Improve ErrorAs failure message when error is nil by @​ccoVeille in #​1734
• mock.AssertNumberOfCalls: improve error msg by @​3scalation in #​1743

Documentation, Build & CI

• docs: Fix typo in README by @​alexandear in #​1688
• Replace deprecated io/ioutil with io and os by @​alexandear in #​1684
• Document consequences of calling t.FailNow() by @​greg0ire in #​1710
• chore: update docs for Unset #​1621 by @​techfg in #​1709
• README: apply gofmt to examples by @​alexandear in #​1687
• refactor: use %q and %T to simplify fmt.Sprintf by @​alexandear in #​1674
• Propose Christophe Colombier (ccoVeille) as approver by @​brackendawson in #​1716
• Update documentation for the Error function in assert or require package by @​architagr in #​1675
• assert: remove deprecated build constraints by @​alexandear in #​1671
• assert: apply gofumpt to internal test suite by @​ccoVeille in #​1739
• CI: fix shebang in .ci.*.sh scripts by @​dolmen in #​1746
• assert,require: enable parallel testing on (almost) all top tests by @​dolmen in #​1747
• suite.Passed: add one more status test report by @​Ararsa-Derese in #​1706
• Add Helper() method in internal mocks and assert.CollectT by @​dolmen in #​1423
• assert.Same/NotSame: improve usage of Sprintf by @​ccoVeille in #​1742
• mock: enable parallel testing on internal testsuite by @​dolmen in #​1756
• suite: cleanup use of 'testing' internals at runtime by @​dolmen in #​1751
• assert: check test failure message for Empty and NotEmpty by @​ccoVeille in #​1745
• deps: fix dependency cycle with objx (again) by @​dolmen in #​1567
• assert.Empty: comprehensive doc of "Empty"-ness rules by @​dolmen in #​1753
• doc: improve godoc of top level 'testify' package by @​dolmen in #​1760
• assert.ErrorAs: simplify retrieving the type name by @​ccoVeille in #​1740
• assert.EqualValues: improve test coverage to 100% by @​dolmen in #​1763
• suite.Run: simplify running of Setup/TeardownSuite by @​renzoarreaza in #​1769
• assert.CallerInfo: micro optimization by using LastIndexByte by @​dolmen in #​1767
• assert.CallerInfo: micro cleanup by @​dolmen in #​1768
• assert: refactor TestFileExists and TestDirExists tests to enable parallel testing by @​dolmen in #​1766
• suite.Run: refactor handling of stats for improved readability by @​dolmen in #​1764
• tests: improve captureTestingT helper by @​ccoVeille in #​1741
• build(deps): bump actions/checkout from 4 to 5 by @​dependabot[bot] in #​1778

New Contributors

• @​greg0ire made their first contribution in #​1710
• @​techfg made their first contribution in #​1709
• @​mikeauclair made their first contribution in #​1614
• @​cszczepaniak made their first contribution in #​1427
• @​architagr made their first contribution in #​1675
• @​tsioftas made their first contribution in #​1681
• @​siliconbrain made their first contribution in #​1729
• @​bartventer made their first contribution in #​1730
• @​Ararsa-Derese made their first contribution in #​1706
• @​renzoarreaza made their first contribution in #​1769
• @​3scalation made their first contribution in #​1743

Full Changelog: stretchr/testify@v1.10.0...v1.11.0

open-telemetry/opentelemetry-go (go.opentelemetry.io/otel)

v1.43.0: /v0.65.0/v0.19.0

Compare Source

Added

• Add IsRandom and WithRandom on TraceFlags, and IsRandom on SpanContext in go.opentelemetry.io/otel/trace
  for W3C Trace Context Level 2 Random Trace ID Flag support. (#​8012)
• Add service detection with WithService in go.opentelemetry.io/otel/sdk/resource. (#​7642)
• Add DefaultWithContext and EnvironmentWithContext in go.opentelemetry.io/otel/sdk/resource to support plumbing context.Context through default and environment detectors. (#​8051)
• Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc. (#​8038)
• Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc. (#​8038)
• Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc. (#​8038)
• Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp. (#​8038)
• Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp. (#​8038)
• Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp. (#​8038)
• Support attributes with empty value (attribute.EMPTY) in go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest. (#​8038)
• Add support for per-series start time tracking for cumulative metrics in go.opentelemetry.io/otel/sdk/metric.
  Set OTEL_GO_X_PER_SERIES_START_TIMESTAMPS=true to enable. (#​8060)
• Add WithCardinalityLimitSelector for metric reader for configuring cardinality limits specific to the instrument kind. (#​7855)

Changed

• Introduce the EMPTY Type in go.opentelemetry.io/otel/attribute to reflect that an empty value is now a valid value, with INVALID remaining as a deprecated alias of EMPTY. (#​8038)
• Refactor slice handling in go.opentelemetry.io/otel/attribute to optimize short slice values with fixed-size fast paths. (#​8039)
• Improve performance of span metric recording in go.opentelemetry.io/otel/sdk/trace by returning early if self-observability is not enabled. (#​8067)
• Improve formatting of metric data diffs in go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest. (#​8073)

Deprecated

• Deprecate INVALID in go.opentelemetry.io/otel/attribute. Use EMPTY instead. (#​8038)

Fixed

• Return spec-compliant TraceIdRatioBased description. This is a breaking behavioral change, but it is necessary to
  make the implementation spec-compliant. (#​8027)
• Fix a race condition in go.opentelemetry.io/otel/sdk/metric where the lastvalue aggregation could collect the value 0 even when no zero-value measurements were recorded. (#​8056)
• Limit HTTP response body to 4 MiB in go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp to mitigate excessive memory usage caused by a misconfigured or malicious server.
  Responses exceeding the limit are treated as non-retryable errors. (#​8108)
• Limit HTTP response body to 4 MiB in go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp to mitigate excessive memory usage caused by a misconfigured or malicious server.
  Responses exceeding the limit are treated as non-retryable errors. (#​8108)
• Limit HTTP response body to 4 MiB in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp to mitigate excessive memory usage caused by a misconfigured or malicious server.
  Responses exceeding the limit are treated as non-retryable errors. (#​8108)
• WithHostID detector in go.opentelemetry.io/otel/sdk/resource to use full path for kenv command on BSD. (#​8113)
• Fix missing request.GetBody in go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp to correctly handle HTTP2 GOAWAY frame. (#​8096)

What's Changed

• chore(deps): update module github.com/jgautheron/goconst to v1.9.0 by @​renovate[bot] in #​8014
• fix(deps): update github.com/opentracing-contrib/go-grpc/test digest to 190d7d4 by @​renovate[bot] in #​8013
• chore(deps): update module go.yaml.in/yaml/v2 to v2.4.4 by @​renovate[bot] in #​8016
• fix(deps): update module github.com/golangci/golangci-lint/v2 to v2.11.1 by @​renovate[bot] in #​8011
• fix(deps): update golang.org/x by @​renovate[bot] in #​8023
• fix(deps): update module github.com/golangci/golangci-lint/v2 to v2.11.2 by @​renovate[bot] in #​8020
• chore(deps): update module github.com/mattn/go-runewidth to v0.0.21 by @​renovate[bot] in #​8017
• chore(deps): update module codeberg.org/chavacava/garif to v0.2.1 by @​renovate[bot] in #​8019
• Add doc on how to upgrade to new semconv by @​jmmcorreia in #​7807
• fix(deps): update module go.opentelemetry.io/proto/otlp to v1.10.0 by @​renovate[bot] in #​8028
• resource: add WithService detector option by @​codeboten in #​7642
• fix(deps): update googleapis to a57be14 by @​renovate[bot] in #​8031
• fix(deps): update module github.com/golangci/golangci-lint/v2 to v2.11.3 by @​renovate[bot] in #​8032
• chore(deps): update module github.com/prometheus/procfs to v0.20.1 by @​renovate[bot] in #​8034
• chore(deps): update github.com/securego/gosec/v2 digest to 8895462 by @​renovate[bot] in #​8036
• chore(deps): update module github.com/sonatard/noctx to v0.5.1 by @​renovate[bot] in #​8040
• chore(deps): update github.com/securego/gosec/v2 digest to 6e66a94 by @​renovate[bot] in #​8043
• docs(otlp): document HTTP/protobuf insecure env vars by @​marcschaeferger in #​8037
• Rebuild semconvkit and verifyreadmes on changes by @​MrAlias in #​7995
• chore(sdk/trace): join errors properly by @​ash2k in #​8030
• fix(deps): update googleapis to 84a4fc4 by @​renovate[bot] in #​8048
• attribute: change INVALID Type to EMPTY and mark INVALID as deprecated by @​pellared in #​8038
• fix(sdk/trace): return spec-compliant TraceIdRatioBased description by @​ash2k in #​8027
• linting: add depguard rule to enforce semconv version by @​ajuijas in #​8041
• chore(deps): update actions/download-artifact action to v8.0.1 by @​renovate[bot] in #​8046
• chore(deps): update github.com/securego/gosec/v2 digest to b7b2c7b by @​renovate[bot] in #​8044
• fix(deps): update golang.org/x by @​renovate[bot] in #​8045
• Optimize attribute slice conversion by @​MrAlias in #​8039
• Add benchmarks for end-to-end metrics SDK usage by @​dashpole in #​7768
• fix(deps): update golang.org/x by @​renovate[bot] in #​8052
• chore(deps): update github.com/securego/gosec/v2 digest to befce8d by @​renovate[bot] in #​8053
• trace: add Random Trace ID Flag by @​yuanyuanzhao3 in #​8012
• Improve aggregation concurrent safe tests by @​dashpole in #​8021
• Add tests for exponential histogram concurrent-safety edge-cases by @​dashpole in #​8024
• exphist: replace min, max, sum, and count with atomics by @​dashpole in #​8025
• chore(deps): update github.com/securego/gosec/v2 digest to c2dfcec by @​renovate[bot] in #​8055
• chore(deps): update otel/weaver docker tag to v0.22.0 by @​renovate[bot] in #​8058
• chore(deps): update github.com/securego/gosec/v2 digest to dec52c4 by @​renovate[bot] in #​8063
• chore(deps): update otel/weaver docker tag to v0.22.1 by @​renovate[bot] in #​8061
• chore(deps): update github/codeql-action action to v4.33.0 by @​renovate[bot] in #​8065
• Fix race in the lastvalue aggregation where 0 could be observed by @​dashpole in #​8056
• chore(deps): update github.com/securego/gosec/v2 digest to 744bfb5 by @​renovate[bot] in #​8064
• Migrate to new bare metal runner (Ubuntu 24) by @​trask in #​8068
• sdk/resource: add WithContext variants for Default and Environment (#​7808) by @​ajuijas in #​8051
• Use atomics for exponential histogram buckets by @​dashpole in #​8057
• Added the internal/observ package to stdoutlog by @​yumosx in #​7735
• Add support for the development per-series starttime feature by @​dashpole in #​8060
• sdk/trace/internal/observ: guard SpanStarted and spanLive with Enabled by @​kouji-yoshimura in #​8067
• Cleanup exemplar featuregate readme by @​dashpole in #​8072
• chore(deps): update codecov/codecov-action action to v5.5.3 by @​renovate[bot] in #​8080
• chore(deps): update module github.com/ryanrolds/sqlclosecheck to v0.6.0 by @​renovate[bot] in #​8083
• fix(deps): update github.com/opentracing-contrib/go-grpc/test digest to de6f1cc by @​renovate[bot] in #​8082
• chore(deps): update module go.opentelemetry.io/collector/featuregate to v1.54.0 by @​renovate[bot] in #​8085
• chore(deps): update module github.com/securego/gosec/v2 to v2.25.0 by @​renovate[bot] in #​8084
• chore(deps): update module github.com/protonmail/go-crypto to v1.4.1 by @​renovate[bot] in #​8081
• fix(deps): update module go.opentelemetry.io/collector/pdata to v1.54.0 by @​renovate[bot] in #​8086
• chore(deps): update actions/cache action to v5.0.4 by @​renovate[bot] in #​8079
• chore(deps): update module github.com/fatih/color to v1.19.0 by @​renovate[bot] in #​8087
• fix(deps): update googleapis to d00831a by @​renovate[bot] in #​8078
• chore(deps): update golang.org/x/telemetry digest to b6b0c46 by @​renovate[bot] in #​8076
• fix(deps): update module google.golang.org/grpc to v1.79.3 [security] by @​renovate[bot] in #​8075
• sdk/metric: Support specifying cardinality limits per instrument kinds by @​petern48 in #​7855
• chore(deps): update github/codeql-action action to v4.34.0 by @​renovate[bot] in #​8088
• chore(deps): update codspeedhq/action action to v4.12.1 by @​renovate[bot] in #​8089
• chore(deps): update github/codeql-action action to v4.34.1 by @​renovate[bot] in #​8090
• fix(deps): update module github.com/golangci/golangci-lint/v2 to v2.11.4 by @​renovate[bot] in #​8092
• chore: fix noctx issues by @​mmorel-35 in #​8008
• chore(deps): update module github.com/pelletier/go-toml/v2 to v2.3.0 by @​renovate[bot] in #​8095
• chore(deps): update codecov/codecov-action action to v5.5.4 by @​renovate[bot] in #​8097
• chore(deps): update codecov/codecov-action action to v6 by @​renovate[bot] in #​8098
• chore(deps): update module github.com/tetafro/godot to v1.5.6 by @​renovate[bot] in #​8099
• chore(deps): update module github.com/butuzov/ireturn to v0.4.1 by @​renovate[bot] in #​8100
• chore(deps): update github/codeql-action action to v4.35.0 by @​renovate[bot] in #​8101
• chore(deps): update actions/setup-go action to v6.4.0 by @​renovate[bot] in #​8107
• chore(deps): update module github.com/go-git/go-git/v5 to v5.17.1 by @​renovate[bot] in #​8106
• c

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • Between 12:00 AM and 03:59 AM, on day 1 of the month (* 0-3 1 * *)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 5 additional dependencies were updated
• The go directive was updated for compatibility reasons

Details:

Package	Change
go	1.23.0 -> 1.25.0
github.com/spf13/pflag	v1.0.6 -> v1.0.9
go.opentelemetry.io/auto/sdk	v1.1.0 -> v1.2.1
go.opentelemetry.io/otel/metric	v1.37.0 -> v1.43.0
go.opentelemetry.io/otel/sdk	v1.37.0 -> v1.43.0
go.opentelemetry.io/otel/trace	v1.37.0 -> v1.43.0

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}