fix(deps): update tool deps

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
github.com/Khan/genqlient	v0.8.0 -> v0.8.1			require	patch
github.com/golangci/golangci-lint	v1.64.5 -> v1.64.8			require	patch
github.com/securego/gosec/v2	v2.22.1 -> v2.22.10			require	patch
go (source)	1.24.0 -> 1.25.5			toolchain	minor
go.opentelemetry.io/build-tools/crosslink	v0.18.0 -> v0.29.0			require	minor
go.opentelemetry.io/build-tools/multimod	v0.18.0 -> v0.29.0			require	minor
go.opentelemetry.io/collector/cmd/builder	v0.132.0 -> v0.141.0			require	minor
go.opentelemetry.io/collector/cmd/mdatagen	v0.132.0 -> v0.141.0			require	minor
golang.org/x/tools	v0.35.0 -> v0.39.0			require	minor
honnef.co/go/tools	v0.6.0 -> v0.6.1			require	patch

---

Release Notes

Khan/genqlient (github.com/Khan/genqlient)

v0.8.1

Compare Source

This release fixes a bug introduced in v0.8.0 breaking path resolution on Windows, along with some other small features and bugs.

New features:

• Added @genqlient(alias) directive to customize field names without requiring GraphQL aliases (fixes #​367)
• Added auto_camel_case config option to automatically convert snake_case to camelCase in both field names and type names

Bug fixes:

• fixed path resolution on Windows
• fixed documentation link in introduction.md
• upgraded version of alexflint/go-arg from 1.4.2 to 1.5.1
• fixed a typo in the struct + fragment error message

golangci/golangci-lint (github.com/golangci/golangci-lint)

v1.64.8

Compare Source

• Detects use of configuration files from golangci-lint v2

v1.64.7

Compare Source

1. Linters bug fixes
   • depguard: from 2.2.0 to 2.2.1
   • dupl: from 3e9179a to f665c8d
   • gosec: from 2.22.1 to 2.22.2
   • staticcheck: from 0.6.0 to 0.6.1
2. Documentation
   • Add GitLab documentation

v1.64.6

Compare Source

1. Linters bug fixes
   • asciicheck: from 0.4.0 to 0.4.1
   • contextcheck: from 1.1.5 to 1.1.6
   • errcheck: from 1.8.0 to 1.9.0
   • exptostd: from 0.4.1 to 0.4.2
   • ginkgolinter: from 0.19.0 to 0.19.1
   • go-exhaustruct: from 3.3.0 to 3.3.1
   • gocheckcompilerdirectives: from 1.2.1 to 1.3.0
   • godot: from 1.4.20 to 1.5.0
   • perfsprint: from 0.8.1 to 0.8.2
   • revive: from 1.6.1 to 1.7.0
   • tagalign: from 1.4.1 to 1.4.2

securego/gosec (github.com/securego/gosec/v2)

v2.22.10

Compare Source

Changelog

• 6be2b51 Update go to version 1.25.3 and 1.24.9 in CI (#​1404)
• fddb942 chore(deps): update all dependencies (#​1402)
• f676031 Update go to version 1.25.2 and 2.24.8 in CI (#​1401)
• 35f7ec2 chore(deps): update all dependencies (#​1399)
• 01029f0 check nil slices, partially check bounds (#​1396)
• 34db3de Remove unused target from the makefile
• f5a3b7a Use the ginkgo command install by the dependencies
• 761fcbc Keep the go module at 1.24 version for compatibility reasons
• 2238079 Remove manual test deps
• bb08aa3 fix: text must be supplied when markdown is used
• 23597d2 fix: improve error message of CheckAnalyzers
• 8d7e9d5 fix: log panic on SSA
• 0d8255e chore(deps): update all dependencies
• f9c52aa Update gosec to version v.22.9 in the github action

v2.22.9

Compare Source

Changelog

• 15d5c61 Update cosign to v2.6.0 and go in the CI to latest version
• 7b8713e fix(autofix): unnecessary conversion
• 64ebfc0 feat(autofix): update gemini sdk and add anthropic claude
• 506407e feat(G304): add os.Root remediation hint (Autofix) when Go >= 1.24
• 3ead143 chore(deps): update all dependencies
• e81fba3 refactor(G304): remove unused trackJoin helper; no functional change
• ab078db style: gofmt rules/readfile.go
• e6218c8 test(g304): add samples for var perm and var flag with cleaned path\n\n- Ensure G304 does not fire when only non-path args (flag/perm) are variables\n- Both samples use filepath.Clean on the path arg\n- Rules suite remains green (42 passed)
• 79f835d rules(G304): analyze only path arg; ignore flag/perm vars; track Clean and safe Join; fix nil-context panic\n\n- Limit G304 checks to first arg (path) for os.Open/OpenFile/ReadFile, avoiding false positives when flag/perm are variables\n- Track filepath.Clean so cleaned identifiers are treated as safe\n- Consider safe joins: filepath.Join(const|resolvedBase, Clean(var)|cleanedIdent)\n- Record Join(...) assigned to identifiers and allow if later cleaned\n- Fix panic by passing non-nil context in trackJoinAssignStmt\n- All rules tests: 42 passed
• 40ac530 rules(G202): detect SQL concat in ValueSpec declarations; add test sample\n\n- Handle var query string = 'SELECT ...' + user style declarations\n- Reuse existing binary expr detection on ValueSpec.Values\n- Add postgres sample mirroring issue #​1309 report\n- Rules tests: 42 passed
• 4be6b11 chore(deps): update all dependencies
• 5af1117 chore(deps): update all dependencies
• 287b46c chore(deps): update all dependencies
• cee0aea Update gosec version to v2.22.8 in the Github action

v2.22.8

Compare Source

Changelog

• c945302 Add support for go version 1.25.0
• ef7adab Update go version in CI to 1.24.6 and 1.23.12
• e201bb8 chore(deps): update all dependencies
• ba592af chore(deps): update all dependencies
• 2ef6017 Update github action to release v2.22.7

v2.22.7

Compare Source

Changelog

• 32975f4 Fix crash in hardcoded_nonce analyzer
• 6ea6b35 Update go action to use release v2.22.6

v2.22.6

Compare Source

Changelog

• bc3f214 Update go version to 1.24.5 and 1.23.11 in the CI
• 925741b chore(deps): update module google.golang.org/api to v0.242.0
• 59ae7e9 chore(deps): update all dependencies
• e7abd9e chore(deps): update all dependencies
• 35e7bc1 chore(deps): update all dependencies
• 2d1ed95 chore(deps): update all dependencies
• 4a8cb46 Do not allow dashes in file names
• bcc8afb Update gosec to version 2.22.5 in Github action

v2.22.5

Compare Source

Changelog

• d2d3ae6 Switch back go.mod to minimum 1.23.0
• 1e7ed06 Update dependencies
• 1bef91a Update go version 1.24.4 and 1.23.10 in CI
• 621702f chore(deps): update all dependencies
• 017d1d6 G201/G202: add checks for injection into sql.Conn methods
• 67f63d4 chore(deps): update module google.golang.org/api to v0.235.0
• b4eabb1 chore(deps): update module google.golang.org/api to v0.234.0
• 52a80ff chore(deps): update module google.golang.org/api to v0.233.0
• e2a9506 chore(deps): update module google.golang.org/api to v0.232.0

v2.22.4

Compare Source

Changelog

• 6decf96 Update to go version 1.24.3 and 1.23.9
• d522338 update: updated the build command to include version metadata
• 270b5ce chore(deps): update all dependencies
• 6027926 Update the AI provider API key value when provided as an argument
• 65d2d9f chore(deps): update module google.golang.org/api to v0.230.0
• dc1c38b chore(deps): update module google.golang.org/api to v0.229.0
• 55dbf5a chore(deps): update all dependencies
• 2aaa9c4 Comment the reason why the file can be nil when an issue is created
• 700e9a9 Handle nil file when creating a new issue
• d514c42 chore(deps): update all dependencies (#​1333)
• 1d458c5 Update version in 'action.yml' to 2.22.3 (anticipating next version (#​1332)

v2.22.3

Compare Source

Changelog

• 955a68d Update go version to 1.24.2 and 1.23.8 (#​1331)
• 1336dc6 remove G113. It only affects old/unsupported versions of Go (#​1328)
• 5fd2a37 chore(deps): update all dependencies (#​1325)
• 39e4477 Add SSOJet (#​1320)
• 6141d10 chore(deps): update all dependencies (#​1319)
• 9452efe Update the integrity sha for babel dependency in html report (#​1316)
• 57ec633 Add support for //gosec:disable directive (#​1314)
• e5fee17 chore(deps): update all dependencies (#​1315)

v2.22.2

Compare Source

Changelog

• 136f6c0 Update to go version 1.24.1 and 1.23.7 (#​1313)
• 047453a chore(deps): update all dependencies (#​1310)
• 76ccee5 chore(deps): update all dependencies (#​1308)
• a9eb1c9 Update gosec version in the GitHub action to v2.22.1 (#​1307)
• 89c5da3 chore(deps): update module google.golang.org/api to v0.221.0 (#​1305)

golang/go (go)

v1.25.4

v1.25.3

v1.25.2

v1.25.1

v1.25.0

v1.24.10

v1.24.9

v1.24.8

v1.24.7

v1.24.6

v1.24.5

v1.24.4

v1.24.3

v1.24.2

v1.24.1

open-telemetry/opentelemetry-go-build-tools (go.opentelemetry.io/build-tools/crosslink)

v0.29.0

Compare Source

💡 Enhancements 💡

• checkapi: Validate the functions exported by a component (#​1358)
  Set explicitly what functions a component can export.
  Set name to "*" to allow any function to be exported under a class of component.
  Set name to "" or missing to not allow any functions to be exported under a class of component.

• issuegenerator: Add PR number to issue comments (#​1180)

🧰 Bug fixes 🧰

• checkapi: Do not report errors about a missing factory function if the component is not expected to have a factory function (#​1283)
• checkapi: Fix collision of struct names inside a module (#​1357)
• checkapi: do not read the API of go modules that are not associated with a metadata.yaml file. (#​1356)
• checkapi: do not try to read the API of a nested module folder (#​1355)

v0.28.1

Compare Source

💡 Enhancements 💡

• checkapi: Work with a JSON schema stored as yaml under metadata.yaml config key. (#​1148)
• chloggen: Sort changelog entries lexicographically based on their component field (#​1276)
• issuegenerator: issuegenerator now pings the author of a failing test's PR (#​1182)
• issuegenerator: trim component type suffix from component names (#​1255)

🧰 Bug fixes 🧰

• issuegenerator: removed pr section from autogenerated issue body. (#​1243)

v0.28.0

Compare Source

🛑 Breaking changes 🛑

• all: Bump minimum Go version to 1.24 (#​1145, #​1159)

💡 Enhancements 💡

• issuegenerator: added component section in auto generated issue body (#​42518)
  Related issue is in the opentelemetry-collector-contrib repository.
• checkapi: Add the folder name to error messages (#​1141)
• issuegenerator: Include commit and pr in issues generated by issuegenerator (#​1180)
• issue generator: Use labels to search for existing issues in issue generator (#​1181)

🧰 Bug fixes 🧰

• multimod: Support vN directories when tagging (#​1209)
  When tagging a vN version of a Go module the vN suffix should not be included in the tag before the version.
• checkapi: Do not check internal structs for unkeyed literal initialization. (#​1140)

v0.26.2

Compare Source

Overview

🧰 Bug fixes 🧰

• checkapi: Support detecting usage of a Struct as part of config when used as a generic type of a map key (#​1116)

What's Changed

• chore(deps): update google.golang.org/genproto/googleapis/rpc digest to 6b04f9b by @​renovate[bot] in #​1110
• chore(deps): update golang.org/x/exp/typeparams digest to 51f8813 by @​renovate[bot] in #​1111
• chore(deps): update google.golang.org/genproto/googleapis/rpc digest to 5f3141c by @​renovate[bot] in #​1112
• fix(deps): update all opentelemetry collector packages by @​renovate[bot] in #​1113
• chore(deps): update module go-simpler.org/musttag to v0.14.0 by @​renovate[bot] in #​1115
• chore(deps): update github-actions deps by @​renovate[bot] in #​1107
• [checkapi] support generics and map keys by @​atoulme in #​1117
• Release 0.26.2 by @​atoulme in #​1120

Full Changelog: open-telemetry/opentelemetry-go-build-tools@v0.26.1...v0.26.2

v0.26.1

Compare Source

Overview

🧰 Bug fixes 🧰

• checkapi: Do not crash when the createDefaultConfig function calls out to another function (#​1029)

What's Changed

• chore(deps): update github-actions deps by @​renovate[bot] in #​1077
• Add subscript to issue templates by @​opentelemetrybot in #​1080
• chore(deps): update module github.com/prometheus/client_golang to v1.23.0 by @​renovate[bot] in #​1081
• fix(deps): update module github.com/golangci/golangci-lint/v2 to v2.3.1 by @​renovate[bot] in #​1082
• chore(deps): update module github.com/alecthomas/chroma/v2 to v2.20.0 by @​renovate[bot] in #​1084
• chore(deps): update google.golang.org/genproto/googleapis/rpc digest to a7a43d2 by @​renovate[bot] in #​1085
• chore(deps): update golang.org/x/telemetry digest to 9469f96 by @​renovate[bot] in #​1086
• chore(deps): update module github.com/charmbracelet/x/ansi to v0.10.0 by @​renovate[bot] in #​1087
• chore(deps): update module github.com/charmbracelet/x/ansi to v0.10.1 by @​renovate[bot] in #​1088
• chore(deps): update module google.golang.org/protobuf to v1.36.7 by @​renovate[bot] in #​1091
• fix(deps): update golang.org/x by @​renovate[bot] in #​1089
• chore(deps): update actions/cache digest to 0400d5f by @​renovate[bot] in #​1090
• chore(deps): update github-actions deps by @​renovate[bot] in #​1092
• fix(deps): update golang.org/x by @​renovate[bot] in #​1093
• chore(deps): update python docker tag to v3.13.6 by @​renovate[bot] in #​1094
• chore(deps): update github-actions deps by @​renovate[bot] in #​1095
• chore(deps): update module golang.org/x/net to v0.43.0 by @​renovate[bot] in #​1096
• chore(deps): update module golang.org/x/tools to v0.36.0 by @​renovate[bot] in #​1098
• chore(deps): update python:3.13.6-slim-bullseye docker digest to e98b521 by @​renovate[bot] in #​1097
• chore(deps): update github-actions deps by @​renovate[bot] in #​1100
• chore(deps): update golang.org/x/exp/typeparams digest to a408d31 by @​renovate[bot] in #​1101
• [checkapi] fix panic when trying to find the config Struct by @​atoulme in #​1073
• chore(deps): update module google.golang.org/protobuf to v1.36.7 by @​renovate[bot] in #​1103
• chore(deps): update google.golang.org/genproto/googleapis/rpc digest to a7a43d2 by @​renovate[bot] in #​1102
• fix(deps): update all opentelemetry collector packages by @​renovate[bot] in #​1106
• chore(deps): update golang.org/x by @​renovate[bot] in #​1105
• chore(deps): update github-actions deps to v5 (major) by @​renovate[bot] in #​1108
• Release 0.26.1 by @​atoulme in #​1109

Full Changelog: open-telemetry/opentelemetry-go-build-tools@v0.26.0...v0.26.1

v0.26.0

Compare Source

💡 Enhancements 💡

• githubgen: Support a custom distribution which contains all elements that are not in a distribution (#​1068)
• issuegenerator: Include test failure message in the issue comment. (#​1065)

🧰 Bug fixes 🧰

• issuegenerator: Don't fatal when not able to ingest a JUnit report. (#​1063)
• githubgen: derive chloggen component name from repository path if no metadata is present (#​1067)

v0.25.0

Compare Source

🛑 Breaking changes 🛑

• semconvgen: The deprecated semconvgen tool is removed (#​1017)

💡 Enhancements 💡

• issuegenerator: Handle multiple test suites in ingested junit files. (#​1031)
• multimod: Parallelize requests to Go Proxy when doing multimod sync. (#​1052)
• multimod: Retry on 404 errors from the Go proxy (#​1051)

v0.24.0

Compare Source

🛑 Breaking changes 🛑

• multimod: Default to attempting pre-releasing all module sets. (#​992)

🚩 Deprecations 🚩

• semconvgen: The semconvgen tooling is deprecated. (#​1004)
  Use Weaver instead.

💡 Enhancements 💡

• checkapi: Allow to check the API of components matches strictly to guidelines, with the only structs exported the Config structs. (#​894)

• issuegenerator: Increased search for existing issues to 6 months. (#​925)

• multimod: Add retries to multimod sync (#​941)
  This tries to address occasional flakes in the Go proxy.

• multimod: Support custom version reference files (#​994)
  A new "modules" section is parsed in the version configuration. This section
  defines relative file paths for files that references the version of the
  module set. If this section is not used for a module the default "version.go"
  file at the root of the module directory is still assumed.

🧰 Bug fixes 🧰

• multimod: Use Go errors to return error instead of logging and halting. (#​1006)
• multimod: Fix the multimod root command name in help text. (#​991)

v0.23.1

Compare Source

🧰 Bug fixes 🧰

• issuegenerator: Trim repository prefix from new issue titles (#​864)

v0.23.0

Compare Source

🧰 Bug fixes 🧰

• issuegenerator: Print correct workflow link in the issue body. (#​840)
• issuegenerator: Trim repository name from the module name in the issue title. (#​841)

v0.22.0

Compare Source

🚀 New components 🚀

• checkapi: New tool to check API constraints of Golang modules (#​729)

v0.21.0

Compare Source

💡 Enhancements 💡

• chloggen: Add a --component, -c flag to chloggen update to specify a filter of which component to add to the changelog. (#​725)
• githubgen: Add support for chloggen components list generation (#​717)

🧰 Bug fixes 🧰

• issuegenerator: Fix duplicated owner when calling GitHub APIs. (#​720)

v0.20.0

Compare Source

💡 Enhancements 💡

• all: Update golang.org/x/crypto to v0.35.0 to address GO-2025-3487 (#​703)
• multimod: prerelease command will now update the dependencies for excluded modules. (#​702)

v0.19.0

Compare Source

💡 Enhancements 💡

• all: Bump minimum Go version to 1.23 (#​695)
• issuegenerator: IssueGenerator now creates issues based on JUnit test results. (#​672)

open-telemetry/opentelemetry-collector (go.opentelemetry.io/collector/cmd/builder)

v0.141.0

Compare Source

🛑 Breaking changes 🛑

• pkg/config/confighttp: Use configoptional.Optional for confighttp.ClientConfig.Cookies field (#​14021)

💡 Enhancements 💡

• pkg/config/confighttp: Setting compression_algorithms to an empty list now disables automatic decompression, ignoring Content-Encoding (#​14131)
• pkg/service: Update semantic conventions from internal telemetry to v1.37.0 (#​14232)
• pkg/xscraper: Implement xscraper for Profiles. (#​13915)

🧰 Bug fixes 🧰

• pkg/config/configoptional: Ensure that configoptional.None values resulting from unmarshaling are equivalent to configoptional.Optional zero value. (#​14218)

v0.140.0

Compare Source

💡 Enhancements 💡

• cmd/mdatagen: metadata.yaml now supports an optional entities section to organize resource attributes into logical entities with identity and description attributes (#​14051)
  When entities are defined, mdatagen generates AssociateWith{EntityType}() methods on ResourceBuilder
  that associate resources with entity types using the entity refs API. The entities section is backward
  compatible - existing metadata.yaml files without entities continue to work as before.

• cmd/mdatagen: Add semconv reference for metrics (#​13920)

• connector/forward: Add support for Profiles to Profiles (#​14092)

• exporter/debug: Disable sending queue by default (#​14138)
  The recently added sending queue configuration in Debug exporter was enabled by default and had a problematic default size of 1.
  This change disables the sending queue by default.
  Users can enable and configure the sending queue if needed.

• pkg/config/configoptional: Mark configoptional.AddEnabledField as beta (#​14021)

• pkg/otelcol: This feature has been improved and tested; secure-by-default redacts configopaque values (#​12369)

🧰 Bug fixes 🧰

• all: Ensure service service.instance.id is the same for all the signals when it is autogenerated. (#​14140)

v0.139.0

Compare Source

🛑 Breaking changes 🛑

• cmd/mdatagen: Make stability.level a required field for metrics (#​14070)

• cmd/mdatagen: Replace optional field with requirement_level field for attributes in metadata schema (#​13913)
  The optional boolean field for attributes has been replaced with a requirement_level field that accepts enum values: required, conditionally_required, recommended, or opt_in.

  • required: attribute is always included and cannot be excluded
  • conditionally_required: attribute is included by default when certain conditions are met (replaces optional: true)
  • recommended: attribute is included by default but can be disabled via configuration (replaces optional: false)
  • opt_in: attribute is not included unless explicitly enabled in user config
    When requirement_level is not specified, it defaults to recommended.

• pdata/pprofile: Remove deprecated PutAttribute helper method (#​14082)

• pdata/pprofile: Remove deprecated PutLocation helper method (#​14082)

💡 Enhancements 💡

• all: Add FIPS and non-FIPS implementations for allowed TLS curves (#​13990)
• cmd/builder: Set CGO_ENABLED=0 by default, add the cgo_enabled configuration to enable it. (#​10028)
• pkg/config/configgrpc: Errors of type status.Status returned from an Authenticator extension are being propagated as is to the upstream client. (#​14005)
• pkg/config/configoptional: Adds new configoptional.AddEnabledField feature gate that allows users to explicitly disable a configoptional.Optional through a new enabled field. (#​14021)
• pkg/exporterhelper: Replace usage of gogo proto for persistent queue metadata (#​14079)
• pkg/pdata: Remove usage of gogo proto and generate the structs with pdatagen (#​14078)

🧰 Bug fixes 🧰

• exporter/debug: add queue configuration (#​14101)

v0.138.0

Compare Source

🛑 Breaking changes 🛑

• all: Remove deprecated type TracesConfig (#​14036)

• pkg/exporterhelper: Add default values for sending_queue::batch configuration. (#​13766)
  Setting sending_queue::batch to an empty value now results in the same setup as the default batch processor configuration.

• all: Add unified print-config command with mode support (redacted, unredacted), json support (unstable), and validation support. (#​11775)
  This replaces the print-initial-config command. See the service package README for more details. The original command name print-initial-config remains an alias, to be retired with the feature flag.

💡 Enhancements 💡

• all: Add keep_alives_enabled option to ServerConfig to control HTTP keep-alives for all components that create an HTTP server. (#​13783)
• pkg/otelcol: Avoid unnecessary mutex in collector logs, replace by atomic pointer (#​14008)
• cmd/mdatagen: Add lint/ordering validation for metadata.yaml (#​13781)
• pdata/xpdata: Refactor JSON marshaling and unmarshaling to use pcommon.Value instead of AnyValue. (#​13837)
• pkg/exporterhelper: Expose MergeCtx in exporterhelper's queue batch settings` (#​13742)

🧰 Bug fixes 🧰

• all: Fix zstd decoder data corruption due to decoder pooling for all components that create an HTTP server. (#​13954)
• pkg/otelcol: Remove UB when taking internal logs and move them to the final zapcore.Core (#​14009)
  This can happen because of a race on accessing logsTaken.
• pkg/confmap: Fix a potential race condition in confmap by closing the providers first. (#​14018)

v0.137.0

Compare Source

💡 Enhancements 💡

• cmd/mdatagen: Improve validation for resource attribute enabled field in metadata files (#​12722)
  Resource attributes now require an explicit enabled field in metadata.yaml files, while regular attributes
  are prohibited from having th

---

Configuration

📅 Schedule: Branch creation - "before 5am" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: internal/tools/go.sum

Command failed: install-tool golang 1.23.12

[baserrato]

Will be taking over this MR to update version from otel-collector and collector-contrib.

Seems to be one refactor need to be done according to the changelogs:

pkg/config/confighttp: Replace component.Host parameter of ToServer/ToClient by map of extensions (#13640)
Components must now pass the map obtained from the host's GetExtensions method
instead of the host itself.
Changelog Source: https://github.com/open-telemetry/opentelemetry-collector/releases/tag/v0.141.0

[baserrato]

Collector version v0.138.0 introduced in changelogs:

cmd/mdatagen: Add lint/ordering validation for metadata.yaml (open-telemetry/opentelemetry-collector#13781)

Changelog Ref: https://github.com/open-telemetry/opentelemetry-collector/releases/tag/v0.138.0

Causes failure due to ordering for ADO reciever when running make generate. Pipeline Ref: https://github.com/liatrio/liatrio-otel-collector/actions/runs/19838064145/job/56839997011#step:5:192

[baserrato]

Collector version v0.139.0 introduced in changelogs:

cmd/mdatagen: Make stability.level a required field for metrics (open-telemetry/opentelemetry-collector#14070)

Causes failure due to stability being required now. Metrics will now have stability field set. Any Metrics that are defined per Semantic Convention will align with the attributes listes. (i.e VCS and Deployment.

Custom metrics will using the development level. Ref for stability levels: https://github.com/open-telemetry/opentelemetry-collector/blob/main/docs/component-stability.md

[baserrato]

Not something breaking but just as an addition tidbit. Requirement was also included in v0.139.0:

cmd/mdatagen: Replace optional field with requirement_level field for attributes in metadata schema (open-telemetry/opentelemetry-collector#13913)
The optional boolean field for attributes has been replaced with a requirement_level field that accepts enum values: required, conditionally_required, recommended, or opt_in.

• required: attribute is always included and cannot be excluded
• conditionally_required: attribute is included by default when certain conditions are met (replaces optional: true)
• recommended: attribute is included by default but can be disabled via configuration (replaces optional: false)
• opt_in: attribute is not included unless explicitly enabled in user config
  When requirement_level is not specified, it defaults to recommended.

Something to keep note of for receivers and users consuming these receivers for documentation purposes.

[meher-liatrio]

Did live walk through to verify.
LGTM