Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump codecov/codecov-action from 3 to 4 #437

Merged
merged 1 commit into from
Sep 15, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 15, 2023

Bumps codecov/codecov-action from 3 to 4.

Release notes

Sourced from codecov/codecov-action's releases.

v4.0.0-beta.2

What's Changed

Full Changelog: codecov/codecov-action@v4.0.0-beta.1...v4.0.0-beta.2

4.0.0-beta.1

v4 represents a move from the universal uploader to the Codecov CLI. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.

Breaking Changes

  • No current support for aarch64 and alpine architectures.
  • Tokenless uploading is unsuported
  • Various arguments to the Action have been removed

What's Changed

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

4.0.0-beta.2

Fixes

  • #1085 not adding -n if empty to do-upload command

4.0.0-beta.1

v4 represents a move from the universal uploader to the Codecov CLI. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.

Breaking Changes

  • No current support for aarch64 and alpine architectures.
  • Tokenless uploading is unsuported
  • Various arguments to the Action have been removed

3.1.4

Fixes

  • #967 Fix typo in README.md
  • #971 fix: add back in working dir
  • #969 fix: CLI option names for uploader

Dependencies

  • #970 build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3
  • #979 build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2
  • #981 build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4

3.1.3

Fixes

  • #960 fix: allow for aarch64 build

Dependencies

  • #957 build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0
  • #958 build(deps): bump openpgp from 5.7.0 to 5.8.0
  • #959 build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12

3.1.2

Fixes

  • #718 Update README.md
  • #851 Remove unsupported path_to_write_report argument
  • #898 codeql-analysis.yml
  • #901 Update README to contain correct information - inputs and negate feature
  • #955 fix: add in all the extra arguments for uploader

Dependencies

  • #819 build(deps): bump openpgp from 5.4.0 to 5.5.0
  • #835 build(deps): bump node-fetch from 3.2.4 to 3.2.10
  • #840 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4
  • #841 build(deps): bump @​actions/core from 1.9.1 to 1.10.0
  • #843 build(deps): bump @​actions/github from 5.0.3 to 5.1.1
  • #869 build(deps): bump node-fetch from 3.2.10 to 3.3.0
  • #872 build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0
  • #879 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2

... (truncated)

Commits
  • c4cf8a4 4.0.0-beta.2 (#1086)
  • 845c445 not adding -n if empty to do-upload command (#1085)
  • 0016507 chore(release): 4.0.0-beta.1 (#1084)
  • c9e4b73 use cli instead of node uploader (#1068)
  • c9e0f0b build(deps-dev): bump eslint from 8.48.0 to 8.49.0 (#1076)
  • da8479a build(deps-dev): bump @​typescript-eslint/parser from 6.6.0 to 6.7.0 (#1079)
  • 8e29a53 build(deps-dev): bump @​types/node from 20.5.9 to 20.6.0 (#1075)
  • 162bda9 build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 (#1077)
  • 46acd9d build(deps): bump actions/checkout from 3.6.0 to 4.0.0 (#1078)
  • 904bf5a build(deps-dev): bump @​typescript-eslint/eslint-plugin from 6.6.0 to 6.7.0 (#...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3 to 4.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v3...v4)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Sep 15, 2023
@caarlos0 caarlos0 merged commit 44dd992 into master Sep 15, 2023
31 checks passed
@caarlos0 caarlos0 deleted the dependabot/github_actions/codecov/codecov-action-4 branch September 15, 2023 12:27
@crazy-max
Copy link
Member

renovate bot referenced this pull request in nobl9/terraform-provider-nobl9 May 10, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action)
| action | minor | `v5.0.0` -> `v5.1.0` |

---

### Release Notes

<details>
<summary>goreleaser/goreleaser-action
(goreleaser/goreleaser-action)</summary>

###
[`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0)

#### Important

This version changes the default behavior of `latest` to `~> v1`.

The next major of this action (v6), will change this to `~> v2`, and
will be launched together with GoReleaser v2.

#### What's Changed

- docs: bump actions to latest major by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435)
- chore(deps): bump docker/bake-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437)
- chore(deps): bump actions/setup-go from 4 to 5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443)
- chore(deps): bump actions/upload-artifact from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444)
- Delete .kodiak.toml by
[@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448)
- chore(deps): bump ip from 2.0.0 to 2.0.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450)
- Upgrade setup-go action version in README by
[@&#8203;kishaningithub](https://togithub.com/kishaningithub) in
[https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455)
- chore(deps): bump tar from 6.1.14 to 6.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456)
- chore: use corepack to install yarn by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458)
- feat: lock this major version of the action to use '~> v1' as 'latest'
by [@&#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461)
- chore(deps): bump semver from 7.6.0 to 7.6.2 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462)
- chore(deps): bump
[@&#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451)

#### New Contributors

- [@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their
first contribution in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)

**Full Changelog**:
goreleaser/goreleaser-action@v5.0.0...v5.1.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "after 10pm every weekday,before 5am
every weekday,every weekend" (UTC), Automerge - At any time (no schedule
defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/nobl9/terraform-provider-nobl9).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJnaXRodWItYWN0aW9ucyIsInJlbm92YXRlIl19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
codeboten referenced this pull request in open-telemetry/opentelemetry-collector May 14, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.4` -> `v4.1.5` |
| [codecov/codecov-action](https://togithub.com/codecov/codecov-action)
| action | minor | `4.3.1` -> `4.4.0` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v3.25.3` -> `v3.25.5` |
|
[goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action)
| action | minor | `v5.0.0` -> `v5.1.0` |
| [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) |
action | patch | `v2.3.1` -> `v2.3.3` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5)

#### What's Changed

- Update NPM dependencies by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703)
- Bump github/codeql-action from 2 to 3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694)
- Bump actions/setup-node from 1 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696)
- Bump actions/upload-artifact from 2 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695)
- README: Suggest `user.email` to be
`41898282+github-actions[bot]@&#8203;users.noreply.github.com` by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707)

**Full Changelog**:
actions/checkout@v4.1.4...v4.1.5

</details>

<details>
<summary>codecov/codecov-action (codecov/codecov-action)</summary>

###
[`v4.4.0`](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0)

[Compare
Source](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0)

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

###
[`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

</details>

<details>
<summary>goreleaser/goreleaser-action
(goreleaser/goreleaser-action)</summary>

###
[`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0)

#### Important

This version changes the default behavior of `latest` to `~> v1`.

The next major of this action (v6), will change this to `~> v2`, and
will be launched together with GoReleaser v2.

#### What's Changed

- docs: bump actions to latest major by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435)
- chore(deps): bump docker/bake-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437)
- chore(deps): bump actions/setup-go from 4 to 5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443)
- chore(deps): bump actions/upload-artifact from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444)
- Delete .kodiak.toml by
[@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448)
- chore(deps): bump ip from 2.0.0 to 2.0.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450)
- Upgrade setup-go action version in README by
[@&#8203;kishaningithub](https://togithub.com/kishaningithub) in
[https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455)
- chore(deps): bump tar from 6.1.14 to 6.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456)
- chore: use corepack to install yarn by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458)
- feat: lock this major version of the action to use '~> v1' as 'latest'
by [@&#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461)
- chore(deps): bump semver from 7.6.0 to 7.6.2 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462)
- chore(deps): bump
[@&#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451)

#### New Contributors

- [@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their
first contribution in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)

**Full Changelog**:
goreleaser/goreleaser-action@v5.0.0...v5.1.0

</details>

<details>
<summary>ossf/scorecard-action (ossf/scorecard-action)</summary>

###
[`v2.3.3`](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

###
[`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJyZW5vdmF0ZWJvdCJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Racer159 referenced this pull request in defenseunicorns/maru-runner May 22, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[actions/create-github-app-token](https://togithub.com/actions/create-github-app-token)
| action | minor | `v1.9.0` -> `v1.10.0` |
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |
| [anchore/sbom-action](https://togithub.com/anchore/sbom-action) |
action | minor | `v0.15.11` -> `v0.16.0` |
| [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | |
minor | `v0.32.5` -> `v0.33.2` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v3.25.3` -> `v3.25.6` |
|
[goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action)
| action | minor | `v5.0.0` -> `v5.1.0` |
| [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) |
action | patch | `v2.3.1` -> `v2.3.3` |

---

### Release Notes

<details>
<summary>actions/create-github-app-token
(actions/create-github-app-token)</summary>

###
[`v1.10.0`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.10.0)

[Compare
Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.3...v1.10.0)

##### Features

- **`private-key`:** escaped newlines will be replaced
([#&#8203;132](https://togithub.com/actions/create-github-app-token/issues/132))
([9d23fb9](https://togithub.com/actions/create-github-app-token/commit/9d23fb93dd620572046d85c7c1032b488c12514f))

###
[`v1.9.3`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.9.3)

[Compare
Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.2...v1.9.3)

##### Bug Fixes

- **deps:** bump undici from 6.10.2 to 6.11.1
([#&#8203;125](https://togithub.com/actions/create-github-app-token/issues/125))
([3c223c7](https://togithub.com/actions/create-github-app-token/commit/3c223c7336e276235eb843dd4e6ad42147199cbf)),
closes
[#&#8203;3024](https://togithub.com/actions/create-github-app-token/issues/3024)
[nodejs/undici#3044](https://togithub.com/nodejs/undici/issues/3044)
[#&#8203;3023](https://togithub.com/actions/create-github-app-token/issues/3023)
[nodejs/undici#3025](https://togithub.com/nodejs/undici/issues/3025)
[nodejs/undici#3024](https://togithub.com/nodejs/undici/issues/3024)
[nodejs/undici#3034](https://togithub.com/nodejs/undici/issues/3034)
[nodejs/undici#3038](https://togithub.com/nodejs/undici/issues/3038)
[nodejs/undici#2947](https://togithub.com/nodejs/undici/issues/2947)
[nodejs/undici#3040](https://togithub.com/nodejs/undici/issues/3040)
[nodejs/undici#3036](https://togithub.com/nodejs/undici/issues/3036)
[nodejs/undici#3041](https://togithub.com/nodejs/undici/issues/3041)
[#&#8203;3024](https://togithub.com/actions/create-github-app-token/issues/3024)
[#&#8203;3041](https://togithub.com/actions/create-github-app-token/issues/3041)
[#&#8203;3036](https://togithub.com/actions/create-github-app-token/issues/3036)

###
[`v1.9.2`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.9.2)

[Compare
Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.1...v1.9.2)

##### Bug Fixes

- **deps:** bump the production-dependencies group with 1 update
([#&#8203;123](https://togithub.com/actions/create-github-app-token/issues/123))
([beea7b8](https://togithub.com/actions/create-github-app-token/commit/beea7b860ac0b14ca14258aca701da842aa65e30)),
closes
[nodejs/undici#2978](https://togithub.com/nodejs/undici/issues/2978)
[nodejs/undici#2971](https://togithub.com/nodejs/undici/issues/2971)
[nodejs/undici#2980](https://togithub.com/nodejs/undici/issues/2980)
[#&#8203;2982](https://togithub.com/actions/create-github-app-token/issues/2982)
[nodejs/undici#2983](https://togithub.com/nodejs/undici/issues/2983)
[nodejs/undici#2987](https://togithub.com/nodejs/undici/issues/2987)
[nodejs/undici#2991](https://togithub.com/nodejs/undici/issues/2991)
[#&#8203;2986](https://togithub.com/actions/create-github-app-token/issues/2986)
[nodejs/undici#2992](https://togithub.com/nodejs/undici/issues/2992)
[nodejs/undici#2985](https://togithub.com/nodejs/undici/issues/2985)
[nodejs/undici#2993](https://togithub.com/nodejs/undici/issues/2993)
[nodejs/undici#2995](https://togithub.com/nodejs/undici/issues/2995)
[nodejs/undici#2998](https://togithub.com/nodejs/undici/issues/2998)
[#&#8203;2863](https://togithub.com/actions/create-github-app-token/issues/2863)
[nodejs/undici#2999](https://togithub.com/nodejs/undici/issues/2999)
[nodejs/undici#3001](https://togithub.com/nodejs/undici/issues/3001)
[nodejs/undici#2971](https://togithub.com/nodejs/undici/issues/2971)
[nodejs/undici#2980](https://togithub.com/nodejs/undici/issues/2980)
[nodejs/undici#2983](https://togithub.com/nodejs/undici/issues/2983)
[nodejs/undici#2987](https://togithub.com/nodejs/undici/issues/2987)
[nodejs/undici#2991](https://togithub.com/nodejs/undici/issues/2991)
[nodejs/undici#2985](https://togithub.com/nodejs/undici/issues/2985)
[nodejs/undici#2995](https://togithub.com/nodejs/undici/issues/2995)
[nodejs/undici#2960](https://togithub.com/nodejs/undici/issues/2960)
[nodejs/undici#2959](https://togithub.com/nodejs/undici/issues/2959)
[nodejs/undici#2969](https://togithub.com/nodejs/undici/issues/2969)
[nodejs/undici#2962](https://togithub.com/nodejs/undici/issues/2962)
[nodejs/undici#2974](https://togithub.com/nodejs/undici/issues/2974)
[nodejs/undici#2967](https://togithub.com/nodejs/undici/issues/2967)
[nodejs/undici#2966](https://togithub.com/nodejs/undici/issues/2966)
[nodejs/undici#2969](https://togithub.com/nodejs/undici/issues/2969)
[nodejs/undici#2962](https://togithub.com/nodejs/undici/issues/2962)
[nodejs/undici#2826](https://togithub.com/nodejs/undici/issues/2826)
[nodejs/undici#2952](https://togithub.com/nodejs/undici/issues/2952)
[#&#8203;3001](https://togithub.com/actions/create-github-app-token/issues/3001)
[#&#8203;2863](https://togithub.com/actions/create-github-app-token/issues/2863)
[#&#8203;2999](https://togithub.com/actions/create-github-app-token/issues/2999)
[#&#8203;2998](https://togithub.com/actions/create-github-app-token/issues/2998)
[#&#8203;2993](https://togithub.com/actions/create-github-app-token/issues/2993)
[#&#8203;2986](https://togithub.com/actions/create-github-app-token/issues/2986)
[#&#8203;2992](https://togithub.com/actions/create-github-app-token/issues/2992)
[#&#8203;2991](https://togithub.com/actions/create-github-app-token/issues/2991)
[#&#8203;2987](https://togithub.com/actions/create-github-app-token/issues/2987)

###
[`v1.9.1`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.9.1)

[Compare
Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.0...v1.9.1)

##### Bug Fixes

- clarify `owner` input description
([#&#8203;118](https://togithub.com/actions/create-github-app-token/issues/118))
([d9bc169](https://togithub.com/actions/create-github-app-token/commit/d9bc16919cdbdb07543eb732aa872437384e296f))

</details>

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&#8203;dependabot](https://togithub.com/dependabot) ,
[@&#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
actions/setup-go@v5.0.0...v5.0.1

</details>

<details>
<summary>anchore/sbom-action (anchore/sbom-action)</summary>

###
[`v0.16.0`](https://togithub.com/anchore/sbom-action/releases/tag/v0.16.0):
v0.16

[Compare
Source](https://togithub.com/anchore/sbom-action/compare/v0.15.11...v0.16.0)

#### Changes in v0.16.0

- Update Syft to v1.4.1
([#&#8203;465](https://togithub.com/anchore/sbom-action/issues/465))
- Update GitHub artifact client
([#&#8203;463](https://togithub.com/anchore/sbom-action/issues/463))
\[[kzantow](https://togithub.com/kzantow)]

</details>

<details>
<summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary>

###
[`v0.33.2`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.2)

[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.1...v0.33.2)

##### What's Changed

- fix: schema integration by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2463](https://togithub.com/defenseunicorns/zarf/pull/2463)
- docs: add contributor covenant code of conduct by
[@&#8203;salaxander](https://togithub.com/salaxander) in
[https://github.com/defenseunicorns/zarf/pull/2462](https://togithub.com/defenseunicorns/zarf/pull/2462)
- docs: fix casing on code of conduct badge by
[@&#8203;salaxander](https://togithub.com/salaxander) in
[https://github.com/defenseunicorns/zarf/pull/2466](https://togithub.com/defenseunicorns/zarf/pull/2466)
- fix(deps): update github.com/anchore/clio digest to
[`3c4abf8`](https://togithub.com/defenseunicorns/zarf/commit/3c4abf8) by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2424](https://togithub.com/defenseunicorns/zarf/pull/2424)
- fix: update docker media type in registry by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2476](https://togithub.com/defenseunicorns/zarf/pull/2476)
- fix: adds GetVariableConfig function for packager by
[@&#8203;decleaver](https://togithub.com/decleaver) in
[https://github.com/defenseunicorns/zarf/pull/2475](https://togithub.com/defenseunicorns/zarf/pull/2475)
- test: add tests for remove copies from components to enable
refactoring by [@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2473](https://togithub.com/defenseunicorns/zarf/pull/2473)
- fix!: do not uninstall helm chart after failed install or upgrade by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2456](https://togithub.com/defenseunicorns/zarf/pull/2456)
- feat: inspect --list-images by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2478](https://togithub.com/defenseunicorns/zarf/pull/2478)
- refactor: remove copies from components to a filter by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2474](https://togithub.com/defenseunicorns/zarf/pull/2474)
- chore: add support.md by
[@&#8203;schristoff](https://togithub.com/schristoff) in
[https://github.com/defenseunicorns/zarf/pull/2480](https://togithub.com/defenseunicorns/zarf/pull/2480)
- chore: add a check for go mod tidy by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2481](https://togithub.com/defenseunicorns/zarf/pull/2481)
- fix: use correct sha256 checksum for arm64 injector binary by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2483](https://togithub.com/defenseunicorns/zarf/pull/2483)
- fix: simplify go mod tidy check by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2482](https://togithub.com/defenseunicorns/zarf/pull/2482)

##### New Contributors

- [@&#8203;salaxander](https://togithub.com/salaxander) made their first
contribution in
[https://github.com/defenseunicorns/zarf/pull/2462](https://togithub.com/defenseunicorns/zarf/pull/2462)
- [@&#8203;phillebaba](https://togithub.com/phillebaba) made their first
contribution in
[https://github.com/defenseunicorns/zarf/pull/2473](https://togithub.com/defenseunicorns/zarf/pull/2473)
- [@&#8203;schristoff](https://togithub.com/schristoff) made their first
contribution in
[https://github.com/defenseunicorns/zarf/pull/2480](https://togithub.com/defenseunicorns/zarf/pull/2480)

**Full Changelog**:
zarf-dev/zarf@v0.33.1...v0.33.2

###
[`v0.33.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.1)

[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.0...v0.33.1)

#### What's Changed

- fix: add redirect so old zarf base link is compatiable by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2432](https://togithub.com/defenseunicorns/zarf/pull/2432)
- ci: pin third-party gh actions by hash by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2433](https://togithub.com/defenseunicorns/zarf/pull/2433)
- docs: add redirect for examples by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2438](https://togithub.com/defenseunicorns/zarf/pull/2438)
- docs: update contributing and pre-commit by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2439](https://togithub.com/defenseunicorns/zarf/pull/2439)
- ci: fix revive image ref in lint workflow by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2436](https://togithub.com/defenseunicorns/zarf/pull/2436)
- fix: filter on running pods when finding an image for injector pod by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2415](https://togithub.com/defenseunicorns/zarf/pull/2415)
- fix: readme dead links by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2442](https://togithub.com/defenseunicorns/zarf/pull/2442)
- fix: differential package create with non local sources by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2444](https://togithub.com/defenseunicorns/zarf/pull/2444)
- refactor: move variables into separate package by
[@&#8203;Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2414](https://togithub.com/defenseunicorns/zarf/pull/2414)
- ci: add top level workflow permission to commitlint by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2449](https://togithub.com/defenseunicorns/zarf/pull/2449)
- ci: remove unused env var from codeql workflow by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2450](https://togithub.com/defenseunicorns/zarf/pull/2450)
- chore: cleanup root level files and add SPDX check for Go files by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2431](https://togithub.com/defenseunicorns/zarf/pull/2431)
- feat: config to enable resilient registry by
[@&#8203;Michael-Kruggel](https://togithub.com/Michael-Kruggel) in
[https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440)
- docs: init package clarity and cleanup by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2447](https://togithub.com/defenseunicorns/zarf/pull/2447)
- ci: compare cves to main by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2448](https://togithub.com/defenseunicorns/zarf/pull/2448)
- test: unpin version in bigbang extension test by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2459](https://togithub.com/defenseunicorns/zarf/pull/2459)
- fix: broken schema from unexpanded embedded variables by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2458](https://togithub.com/defenseunicorns/zarf/pull/2458)
- fix: error on create if an index sha is used by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2429](https://togithub.com/defenseunicorns/zarf/pull/2429)

#### New Contributors

- [@&#8203;Michael-Kruggel](https://togithub.com/Michael-Kruggel) made
their first contribution in
[https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440)

**Full Changelog**:
zarf-dev/zarf@v0.33.0...v0.33.1

###
[`v0.33.0`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.0)

[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.6...v0.33.0)

#### What's Changed

- fix: update deprecated syft packages command to syft scan by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2399](https://togithub.com/defenseunicorns/zarf/pull/2399)
- chore: move helpers to defenseunicorns/pkg by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2402](https://togithub.com/defenseunicorns/zarf/pull/2402)
- fix(deps): update github.com/anchore/clio digest to
[`fb5fc4c`](https://togithub.com/defenseunicorns/zarf/commit/fb5fc4c) by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2366](https://togithub.com/defenseunicorns/zarf/pull/2366)
- feat(tools): add yq by
[@&#8203;zachariahmiller](https://togithub.com/zachariahmiller) in
[https://github.com/defenseunicorns/zarf/pull/2406](https://togithub.com/defenseunicorns/zarf/pull/2406)
- chore: switch to use oci lib in defenseunicorns/pkg by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2404](https://togithub.com/defenseunicorns/zarf/pull/2404)
- fix(deps): update module github.com/defenseunicorns/pkg/helpers to v1
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2411](https://togithub.com/defenseunicorns/zarf/pull/2411)
- fix: use env var for PR title in commitlint workflow to prevent
untrusted script injection by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2418](https://togithub.com/defenseunicorns/zarf/pull/2418)
- fix: use default GITHUB_TOKEN for ossf/scorecard-action by
[@&#8203;bburky](https://togithub.com/bburky) in
[https://github.com/defenseunicorns/zarf/pull/2416](https://togithub.com/defenseunicorns/zarf/pull/2416)
- fix: remove duplicate logic for writing image layers to disk
concurrently by [@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2409](https://togithub.com/defenseunicorns/zarf/pull/2409)
- feat: add option to skip cosign lookup during find images by
[@&#8203;Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2427](https://togithub.com/defenseunicorns/zarf/pull/2427)
- feat: allow chart deploy overrides ALPHA by
[@&#8203;naveensrinivasan](https://togithub.com/naveensrinivasan) in
[https://github.com/defenseunicorns/zarf/pull/2403](https://togithub.com/defenseunicorns/zarf/pull/2403)
- chore: update pull_request_template.md by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2428](https://togithub.com/defenseunicorns/zarf/pull/2428)
- ci: pin k3s image version in k3d github action by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2430](https://togithub.com/defenseunicorns/zarf/pull/2430)
- feat(docs): port docs to starlight by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2315](https://togithub.com/defenseunicorns/zarf/pull/2315)

#### New Contributors

- [@&#8203;zachariahmiller](https://togithub.com/zachariahmiller) made
their first contribution in
[https://github.com/defenseunicorns/zarf/pull/2406](https://togithub.com/defenseunicorns/zarf/pull/2406)
- [@&#8203;bburky](https://togithub.com/bburky) made their first
contribution in
[https://github.com/defenseunicorns/zarf/pull/2416](https://togithub.com/defenseunicorns/zarf/pull/2416)

**Full Changelog**:
zarf-dev/zarf@v0.32.6...v0.33.0

###
[`v0.32.6`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.6)

[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6)

#### \[0.32.6] - 2024-03-22

> trying out some different release note generators, formatting may vary
for a few releases while we figure out what works best
~[@&#8203;Noxsios](https://togithub.com/Noxsios)

##### 🚀 Features

- \[**ALPHA**] feat: package generation ALPHA by
[@&#8203;andrewg-xyz](https://togithub.com/andrewg-xyz) in
[#&#8203;2269](https://togithub.com/defenseunicorns/zarf/pull/2269)
- *(lib)* feat(lib): configurable log file location by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[#&#8203;2380](https://togithub.com/defenseunicorns/zarf/pull/2380)
- \[**BREAKING**] feat!: filter package components with strategy
interface by [@&#8203;Noxsios](https://togithub.com/Noxsios) in
[#&#8203;2321](https://togithub.com/defenseunicorns/zarf/pull/2321)

##### 🐛 Bug Fixes

- fix: refactor create stages into separate lib by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[#&#8203;2223](https://togithub.com/defenseunicorns/zarf/pull/2223)
- fix: handle registry caBundle as a multiline string by
[@&#8203;AbrohamLincoln](https://togithub.com/AbrohamLincoln) in
[#&#8203;2381](https://togithub.com/defenseunicorns/zarf/pull/2381)
- *(regression)* fix: populate `p.sbomViewFiles` on `deploy` and
`mirror` by [@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[#&#8203;2386](https://togithub.com/defenseunicorns/zarf/pull/2386)
- fix: allow absolute paths for differential packages by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[#&#8203;2397](https://togithub.com/defenseunicorns/zarf/pull/2397)
- fix: hotfix skeleton publish by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[#&#8203;2398](https://togithub.com/defenseunicorns/zarf/pull/2398)

##### 🚜 Refactor

- refactor: split helpers/exec libs by
[@&#8203;Racer159](https://togithub.com/Racer159) in
[#&#8203;2379](https://togithub.com/defenseunicorns/zarf/pull/2379)

##### 🧪 Testing

- test: data injection flake by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[#&#8203;2361](https://togithub.com/defenseunicorns/zarf/pull/2361)

##### ⚙️ Miscellaneous Tasks

- ci: add commitlint workflow and update contributing guide by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[#&#8203;2391](https://togithub.com/defenseunicorns/zarf/pull/2391)

##### 🛡️ Security

- *(release)* build: create PRs on `homebrew-tap` by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[#&#8203;2385](https://togithub.com/defenseunicorns/zarf/pull/2385)

**Full Changelog**:
zarf-dev/zarf@v0.32.5...v0.32.6

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.6`](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6)

###
[`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

###
[`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

</details>

<details>
<summary>goreleaser/goreleaser-action
(goreleaser/goreleaser-action)</summary>

###
[`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0)

#### Important

This version changes the default behavior of `latest` to `~> v1`.

The next major of this action (v6), will change this to `~> v2`, and
will be launched together with GoReleaser v2.

#### What's Changed

- docs: bump actions to latest major by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435)
- chore(deps): bump docker/bake-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437)
- chore(deps): bump actions/setup-go from 4 to 5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443)
- chore(deps): bump actions/upload-artifact from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444)
- Delete .kodiak.toml by
[@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448)
- chore(deps): bump ip from 2.0.0 to 2.0.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450)
- Upgrade setup-go action version in README by
[@&#8203;kishaningithub](https://togithub.com/kishaningithub) in
[https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455)
- chore(deps): bump tar from 6.1.14 to 6.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456)
- chore: use corepack to install yarn by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458)
- feat: lock this major version of the action to use '~> v1' as 'latest'
by [@&#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461)
- chore(deps): bump semver from 7.6.0 to 7.6.2 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462)
- chore(deps): bump
[@&#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451)

#### New Contributors

- [@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their
first contribution in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)

**Full Changelog**:
goreleaser/goreleaser-action@v5.0.0...v5.1.0

</details>

<details>
<summary>ossf/scorecard-action (ossf/scorecard-action)</summary>

###
[`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

> \[!NOTE]\
> There is no v2.3.2 release as a step was skipped in the release
process. This was fixed and re-released under the v2.3.3 tag

#### What's Changed

- 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to
github.com/ossf/scorecard/v5 (v5.0.0-rc1) by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1366](https://togithub.com/ossf/scorecard-action/pull/1366)
- 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to
v5.0.0-rc2 by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1374](https://togithub.com/ossf/scorecard-action/pull/1374)
- 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to
v5.0.0-rc2.0.20240509182734-7ce860946928 by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1377](https://togithub.com/ossf/scorecard-action/pull/1377)

For a full changelist of what these include, see the
[v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1)
and
[v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2)
release notes.

##### Documentation

- 📖 Move token discussion out of main README. by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1279](https://togithub.com/ossf/scorecard-action/pull/1279)
- 📖 link to `ossf/scorecard` workflow instead of maintaining an
example by [@&#8203;spencerschrock](https://togithub.com/spencerschrock)
in
[https://github.com/ossf/scorecard-action/pull/1352](https://togithub.com/ossf/scorecard-action/pull/1352)
- 📖 update api links to new scorecard.dev site by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1376](https://togithub.com/ossf/scorecard-action/pull/1376)

**Full Changelog**:
ossf/scorecard-action@v2.3.1...v2.3.3

###
[`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "after 12pm every weekday,before 11am
every weekday" in timezone America/New_York, Automerge - At any time (no
schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/defenseunicorns/maru-runner).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbInN1cHBvcnQtZGVwcyJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
cuixq referenced this pull request in google/osv-scanner May 23, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.4` -> `v4.1.6` |
| [codecov/codecov-action](https://togithub.com/codecov/codecov-action)
| action | minor | `v4.3.1` -> `v4.4.1` |
| gaurav-nelson/github-action-markdown-link-check | action | digest |
`25b2c43` -> `7d83e59` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v3.25.3` -> `v3.25.6` |
|
[goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action)
| action | minor | `v5.0.0` -> `v5.1.0` |
| [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) |
action | patch | `v2.3.1` -> `v2.3.3` |

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6)

- Check platform to set archive extension appropriately by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1732](https://togithub.com/actions/checkout/pull/1732)

###
[`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5)

#### What's Changed

- Update NPM dependencies by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703)
- Bump github/codeql-action from 2 to 3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694)
- Bump actions/setup-node from 1 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696)
- Bump actions/upload-artifact from 2 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695)
- README: Suggest `user.email` to be
`41898282+github-actions[bot]@&#8203;users.noreply.github.com` by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707)

**Full Changelog**:
actions/checkout@v4.1.4...v4.1.5

</details>

<details>
<summary>codecov/codecov-action (codecov/codecov-action)</summary>

###
[`v4.4.1`](https://togithub.com/codecov/codecov-action/compare/v4.4.0...v4.4.1)

[Compare
Source](https://togithub.com/codecov/codecov-action/compare/v4.4.0...v4.4.1)

###
[`v4.4.0`](https://togithub.com/codecov/codecov-action/releases/tag/v4.4.0)

[Compare
Source](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0)

#### What's Changed

- chore: Clarify isPullRequestFromFork by
[@&#8203;jsoref](https://togithub.com/jsoref) in
[https://github.com/codecov/codecov-action/pull/1411](https://togithub.com/codecov/codecov-action/pull/1411)
- build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/codecov/codecov-action/pull/1423](https://togithub.com/codecov/codecov-action/pull/1423)
- build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/codecov/codecov-action/pull/1421](https://togithub.com/codecov/codecov-action/pull/1421)
- build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/codecov/codecov-action/pull/1420](https://togithub.com/codecov/codecov-action/pull/1420)
- feat: remove GPG and run on spawn by
[@&#8203;thomasrockhu-codecov](https://togithub.com/thomasrockhu-codecov)
in
[https://github.com/codecov/codecov-action/pull/1426](https://togithub.com/codecov/codecov-action/pull/1426)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 7.8.0 to 7.9.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/codecov/codecov-action/pull/1428](https://togithub.com/codecov/codecov-action/pull/1428)
- chore(release): 4.4.0 by
[@&#8203;thomasrockhu-codecov](https://togithub.com/thomasrockhu-codecov)
in
[https://github.com/codecov/codecov-action/pull/1430](https://togithub.com/codecov/codecov-action/pull/1430)

**Full Changelog**:
codecov/codecov-action@v4.3.1...v4.4.0

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.6`](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6)

###
[`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

###
[`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

</details>

<details>
<summary>goreleaser/goreleaser-action
(goreleaser/goreleaser-action)</summary>

###
[`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0)

#### Important

This version changes the default behavior of `latest` to `~> v1`.

The next major of this action (v6), will change this to `~> v2`, and
will be launched together with GoReleaser v2.

#### What's Changed

- docs: bump actions to latest major by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435)
- chore(deps): bump docker/bake-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437)
- chore(deps): bump actions/setup-go from 4 to 5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443)
- chore(deps): bump actions/upload-artifact from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444)
- Delete .kodiak.toml by
[@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448)
- chore(deps): bump ip from 2.0.0 to 2.0.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450)
- Upgrade setup-go action version in README by
[@&#8203;kishaningithub](https://togithub.com/kishaningithub) in
[https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455)
- chore(deps): bump tar from 6.1.14 to 6.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456)
- chore: use corepack to install yarn by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458)
- feat: lock this major version of the action to use '~> v1' as 'latest'
by [@&#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461)
- chore(deps): bump semver from 7.6.0 to 7.6.2 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462)
- chore(deps): bump
[@&#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451)

#### New Contributors

- [@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their
first contribution in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)

**Full Changelog**:
goreleaser/goreleaser-action@v5.0.0...v5.1.0

</details>

<details>
<summary>ossf/scorecard-action (ossf/scorecard-action)</summary>

###
[`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

> \[!NOTE]\
> There is no v2.3.2 release as a step was skipped in the release
process. This was fixed and re-released under the v2.3.3 tag

#### What's Changed

- 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to
github.com/ossf/scorecard/v5 (v5.0.0-rc1) by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1366](https://togithub.com/ossf/scorecard-action/pull/1366)
- 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to
v5.0.0-rc2 by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1374](https://togithub.com/ossf/scorecard-action/pull/1374)
- 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to
v5.0.0-rc2.0.20240509182734-7ce860946928 by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1377](https://togithub.com/ossf/scorecard-action/pull/1377)

For a full changelist of what these include, see the
[v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1)
and
[v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2)
release notes.

##### Documentation

- 📖 Move token discussion out of main README. by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1279](https://togithub.com/ossf/scorecard-action/pull/1279)
- 📖 link to `ossf/scorecard` workflow instead of maintaining an
example by [@&#8203;spencerschrock](https://togithub.com/spencerschrock)
in
[https://github.com/ossf/scorecard-action/pull/1352](https://togithub.com/ossf/scorecard-action/pull/1352)
- 📖 update api links to new scorecard.dev site by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1376](https://togithub.com/ossf/scorecard-action/pull/1376)

**Full Changelog**:
ossf/scorecard-action@v2.3.1...v2.3.3

###
[`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on monday" in timezone
Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/google/osv-scanner).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM2My41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->

Co-authored-by: Xueqin Cui <72771658+cuixq@users.noreply.github.com>
andrzej-stencel referenced this pull request in andrzej-stencel/opentelemetry-collector May 27, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.4` -> `v4.1.5` |
| [codecov/codecov-action](https://togithub.com/codecov/codecov-action)
| action | minor | `4.3.1` -> `4.4.0` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v3.25.3` -> `v3.25.5` |
|
[goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action)
| action | minor | `v5.0.0` -> `v5.1.0` |
| [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) |
action | patch | `v2.3.1` -> `v2.3.3` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5)

#### What's Changed

- Update NPM dependencies by
[@&open-telemetry#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703)
- Bump github/codeql-action from 2 to 3 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694)
- Bump actions/setup-node from 1 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696)
- Bump actions/upload-artifact from 2 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695)
- README: Suggest `user.email` to be
`41898282+github-actions[bot]@&open-telemetry#8203;users.noreply.github.com` by
[@&open-telemetry#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707)

**Full Changelog**:
actions/checkout@v4.1.4...v4.1.5

</details>

<details>
<summary>codecov/codecov-action (codecov/codecov-action)</summary>

###
[`v4.4.0`](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0)

[Compare
Source](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0)

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

###
[`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

</details>

<details>
<summary>goreleaser/goreleaser-action
(goreleaser/goreleaser-action)</summary>

###
[`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0)

#### Important

This version changes the default behavior of `latest` to `~> v1`.

The next major of this action (v6), will change this to `~> v2`, and
will be launched together with GoReleaser v2.

#### What's Changed

- docs: bump actions to latest major by
[@&open-telemetry#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435)
- chore(deps): bump docker/bake-action from 3 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437)
- chore(deps): bump actions/setup-go from 4 to 5 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443)
- chore(deps): bump actions/upload-artifact from 3 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444)
- Delete .kodiak.toml by
[@&open-telemetry#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448)
- chore(deps): bump ip from 2.0.0 to 2.0.1 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450)
- Upgrade setup-go action version in README by
[@&open-telemetry#8203;kishaningithub](https://togithub.com/kishaningithub) in
[https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455)
- chore(deps): bump tar from 6.1.14 to 6.2.1 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456)
- chore: use corepack to install yarn by
[@&open-telemetry#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458)
- feat: lock this major version of the action to use '~> v1' as 'latest'
by [@&open-telemetry#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461)
- chore(deps): bump semver from 7.6.0 to 7.6.2 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462)
- chore(deps): bump
[@&open-telemetry#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451)

#### New Contributors

- [@&open-telemetry#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their
first contribution in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)

**Full Changelog**:
goreleaser/goreleaser-action@v5.0.0...v5.1.0

</details>

<details>
<summary>ossf/scorecard-action (ossf/scorecard-action)</summary>

###
[`v2.3.3`](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

###
[`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJyZW5vdmF0ZWJvdCJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
josieang referenced this pull request in josieang/osv-scanner Jun 6, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.4` -> `v4.1.6` |
| [codecov/codecov-action](https://togithub.com/codecov/codecov-action)
| action | minor | `v4.3.1` -> `v4.4.1` |
| gaurav-nelson/github-action-markdown-link-check | action | digest |
`25b2c43` -> `7d83e59` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v3.25.3` -> `v3.25.6` |
|
[goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action)
| action | minor | `v5.0.0` -> `v5.1.0` |
| [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) |
action | patch | `v2.3.1` -> `v2.3.3` |

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6)

- Check platform to set archive extension appropriately by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1732](https://togithub.com/actions/checkout/pull/1732)

###
[`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5)

#### What's Changed

- Update NPM dependencies by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703)
- Bump github/codeql-action from 2 to 3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694)
- Bump actions/setup-node from 1 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696)
- Bump actions/upload-artifact from 2 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695)
- README: Suggest `user.email` to be
`41898282+github-actions[bot]@&#8203;users.noreply.github.com` by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707)

**Full Changelog**:
actions/checkout@v4.1.4...v4.1.5

</details>

<details>
<summary>codecov/codecov-action (codecov/codecov-action)</summary>

###
[`v4.4.1`](https://togithub.com/codecov/codecov-action/compare/v4.4.0...v4.4.1)

[Compare
Source](https://togithub.com/codecov/codecov-action/compare/v4.4.0...v4.4.1)

###
[`v4.4.0`](https://togithub.com/codecov/codecov-action/releases/tag/v4.4.0)

[Compare
Source](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0)

#### What's Changed

- chore: Clarify isPullRequestFromFork by
[@&#8203;jsoref](https://togithub.com/jsoref) in
[https://github.com/codecov/codecov-action/pull/1411](https://togithub.com/codecov/codecov-action/pull/1411)
- build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/codecov/codecov-action/pull/1423](https://togithub.com/codecov/codecov-action/pull/1423)
- build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/codecov/codecov-action/pull/1421](https://togithub.com/codecov/codecov-action/pull/1421)
- build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/codecov/codecov-action/pull/1420](https://togithub.com/codecov/codecov-action/pull/1420)
- feat: remove GPG and run on spawn by
[@&#8203;thomasrockhu-codecov](https://togithub.com/thomasrockhu-codecov)
in
[https://github.com/codecov/codecov-action/pull/1426](https://togithub.com/codecov/codecov-action/pull/1426)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 7.8.0 to 7.9.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/codecov/codecov-action/pull/1428](https://togithub.com/codecov/codecov-action/pull/1428)
- chore(release): 4.4.0 by
[@&#8203;thomasrockhu-codecov](https://togithub.com/thomasrockhu-codecov)
in
[https://github.com/codecov/codecov-action/pull/1430](https://togithub.com/codecov/codecov-action/pull/1430)

**Full Changelog**:
codecov/codecov-action@v4.3.1...v4.4.0

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.6`](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6)

###
[`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

###
[`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

</details>

<details>
<summary>goreleaser/goreleaser-action
(goreleaser/goreleaser-action)</summary>

###
[`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0)

#### Important

This version changes the default behavior of `latest` to `~> v1`.

The next major of this action (v6), will change this to `~> v2`, and
will be launched together with GoReleaser v2.

#### What's Changed

- docs: bump actions to latest major by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435)
- chore(deps): bump docker/bake-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437)
- chore(deps): bump actions/setup-go from 4 to 5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443)
- chore(deps): bump actions/upload-artifact from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444)
- Delete .kodiak.toml by
[@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448)
- chore(deps): bump ip from 2.0.0 to 2.0.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450)
- Upgrade setup-go action version in README by
[@&#8203;kishaningithub](https://togithub.com/kishaningithub) in
[https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455)
- chore(deps): bump tar from 6.1.14 to 6.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456)
- chore: use corepack to install yarn by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458)
- feat: lock this major version of the action to use '~> v1' as 'latest'
by [@&#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461)
- chore(deps): bump semver from 7.6.0 to 7.6.2 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462)
- chore(deps): bump
[@&#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451)

#### New Contributors

- [@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their
first contribution in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)

**Full Changelog**:
goreleaser/goreleaser-action@v5.0.0...v5.1.0

</details>

<details>
<summary>ossf/scorecard-action (ossf/scorecard-action)</summary>

###
[`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

> \[!NOTE]\
> There is no v2.3.2 release as a step was skipped in the release
process. This was fixed and re-released under the v2.3.3 tag

#### What's Changed

- 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to
github.com/ossf/scorecard/v5 (v5.0.0-rc1) by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1366](https://togithub.com/ossf/scorecard-action/pull/1366)
- 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to
v5.0.0-rc2 by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1374](https://togithub.com/ossf/scorecard-action/pull/1374)
- 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to
v5.0.0-rc2.0.20240509182734-7ce860946928 by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1377](https://togithub.com/ossf/scorecard-action/pull/1377)

For a full changelist of what these include, see the
[v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1)
and
[v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2)
release notes.

##### Documentation

- 📖 Move token discussion out of main README. by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1279](https://togithub.com/ossf/scorecard-action/pull/1279)
- 📖 link to `ossf/scorecard` workflow instead of maintaining an
example by [@&#8203;spencerschrock](https://togithub.com/spencerschrock)
in
[https://github.com/ossf/scorecard-action/pull/1352](https://togithub.com/ossf/scorecard-action/pull/1352)
- 📖 update api links to new scorecard.dev site by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1376](https://togithub.com/ossf/scorecard-action/pull/1376)

**Full Changelog**:
ossf/scorecard-action@v2.3.1...v2.3.3

###
[`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on monday" in timezone
Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/google/osv-scanner).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM2My41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->

Co-authored-by: Xueqin Cui <72771658+cuixq@users.noreply.github.com>
steves-canva referenced this pull request in Canva/opentelemetry-collector Jun 14, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.4` -> `v4.1.5` |
| [codecov/codecov-action](https://togithub.com/codecov/codecov-action)
| action | minor | `4.3.1` -> `4.4.0` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v3.25.3` -> `v3.25.5` |
|
[goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action)
| action | minor | `v5.0.0` -> `v5.1.0` |
| [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) |
action | patch | `v2.3.1` -> `v2.3.3` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5)

#### What's Changed

- Update NPM dependencies by
[@&open-telemetry#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703)
- Bump github/codeql-action from 2 to 3 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694)
- Bump actions/setup-node from 1 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696)
- Bump actions/upload-artifact from 2 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695)
- README: Suggest `user.email` to be
`41898282+github-actions[bot]@&open-telemetry#8203;users.noreply.github.com` by
[@&open-telemetry#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707)

**Full Changelog**:
actions/checkout@v4.1.4...v4.1.5

</details>

<details>
<summary>codecov/codecov-action (codecov/codecov-action)</summary>

###
[`v4.4.0`](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0)

[Compare
Source](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0)

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

###
[`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

</details>

<details>
<summary>goreleaser/goreleaser-action
(goreleaser/goreleaser-action)</summary>

###
[`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0)

#### Important

This version changes the default behavior of `latest` to `~> v1`.

The next major of this action (v6), will change this to `~> v2`, and
will be launched together with GoReleaser v2.

#### What's Changed

- docs: bump actions to latest major by
[@&open-telemetry#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435)
- chore(deps): bump docker/bake-action from 3 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437)
- chore(deps): bump actions/setup-go from 4 to 5 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443)
- chore(deps): bump actions/upload-artifact from 3 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444)
- Delete .kodiak.toml by
[@&open-telemetry#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448)
- chore(deps): bump ip from 2.0.0 to 2.0.1 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450)
- Upgrade setup-go action version in README by
[@&open-telemetry#8203;kishaningithub](https://togithub.com/kishaningithub) in
[https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455)
- chore(deps): bump tar from 6.1.14 to 6.2.1 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456)
- chore: use corepack to install yarn by
[@&open-telemetry#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458)
- feat: lock this major version of the action to use '~> v1' as 'latest'
by [@&open-telemetry#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461)
- chore(deps): bump semver from 7.6.0 to 7.6.2 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462)
- chore(deps): bump
[@&open-telemetry#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451)

#### New Contributors

- [@&open-telemetry#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their
first contribution in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)

**Full Changelog**:
goreleaser/goreleaser-action@v5.0.0...v5.1.0

</details>

<details>
<summary>ossf/scorecard-action (ossf/scorecard-action)</summary>

###
[`v2.3.3`](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

###
[`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJyZW5vdmF0ZWJvdCJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
steves-canva referenced this pull request in Canva/opentelemetry-collector Jun 14, 2024
* [mdatagen] use mdatagen to produce component internal telemetry (#10054)

#### Description

This updates mdatagen to generate internal telemetry for components
based on metadata.yaml configuration.

#### Testing

Added tests to mdatagen and updated the batch processor to use this as
well for synchronous counters and histogram

---------

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>
(cherry picked from commit d73235fc9104fdc10f930c36bcf122c7a5bd162c)

* [chore] Update release schedule after release 0.100.0 (#10092)

Signed-off-by: Bogdan Drutu <bogdandrutu@gmail.com>
(cherry picked from commit 430369240f7fc2b640cab48f233cf7d8b39796a4)

* [chore] add unit test for histogram in mdatagen (#10089)

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>
(cherry picked from commit 7855bf2ababecdddfea82e4b1a15fd81be2d2d66)

* Update module github.com/shirou/gopsutil/v3 to v3.24.4 (#10097)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [github.com/shirou/gopsutil/v3](https://togithub.com/shirou/gopsutil)
| `v3.24.3` -> `v3.24.4` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fshirou%2fgopsutil%2fv3/v3.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fshirou%2fgopsutil%2fv3/v3.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fshirou%2fgopsutil%2fv3/v3.24.3/v3.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fshirou%2fgopsutil%2fv3/v3.24.3/v3.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>shirou/gopsutil (github.com/shirou/gopsutil/v3)</summary>

###
[`v3.24.4`](https://togithub.com/shirou/gopsutil/releases/tag/v3.24.4)

[Compare
Source](https://togithub.com/shirou/gopsutil/compare/v3.24.3...v3.24.4)

<!-- Release notes generated using configuration in .github/release.yml
at v3.24.4 -->

##### What's Changed

##### net

- Update net_openbsd.go to correctly parse netstat output on obsd by
[@&#8203;amarinderca](https://togithub.com/amarinderca) in
[https://github.com/shirou/gopsutil/pull/1621](https://togithub.com/shirou/gopsutil/pull/1621)
- chore: fix some typos in comments by
[@&#8203;camcui](https://togithub.com/camcui) in
[https://github.com/shirou/gopsutil/pull/1624](https://togithub.com/shirou/gopsutil/pull/1624)

##### New Contributors

- [@&#8203;amarinderca](https://togithub.com/amarinderca) made their
first contribution in
[https://github.com/shirou/gopsutil/pull/1621](https://togithub.com/shirou/gopsutil/pull/1621)
- [@&#8203;camcui](https://togithub.com/camcui) made their first
contribution in
[https://github.com/shirou/gopsutil/pull/1624](https://togithub.com/shirou/gopsutil/pull/1624)

**Full Changelog**:
https://github.com/shirou/gopsutil/compare/v3.24.3...v3.24.4

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>
(cherry picked from commit 9bee0cafcae752ee3701c106ede7060ed3470a00)

* Update module go.opentelemetry.io/collector/exporter/otlphttpexporter to v0.100.0 (#10104)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[go.opentelemetry.io/collector/exporter/otlphttpexporter](https://togithub.com/open-telemetry/opentelemetry-collector)
| `v0.99.0` -> `v0.100.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlphttpexporter/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlphttpexporter/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlphttpexporter/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlphttpexporter/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>open-telemetry/opentelemetry-collector
(go.opentelemetry.io/collector/exporter/otlphttpexporter)</summary>

###
[`v0.100.0`](https://togithub.com/open-telemetry/opentelemetry-collector/blob/HEAD/CHANGELOG.md#v170v01000)

[Compare
Source](https://togithub.com/open-telemetry/opentelemetry-collector/compare/v0.99.0...v0.100.0)

##### 🛑 Breaking changes 🛑

- `service`: The `validate` sub-command no longer validates that each
pipeline's type is the same as its component types
([#&#8203;10031](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10031))

##### 💡 Enhancements 💡

- `semconv`: Add support for v1.25.0 semantic convention
([#&#8203;10072](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10072))
- `builder`: remove the need to go get a module to address ambiguous
import paths
([#&#8203;10015](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10015))
- `pmetric`: Support parsing metric.metadata from OTLP JSON.
([#&#8203;10026](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10026))

##### 🧰 Bug fixes 🧰

- `exporterhelper`: Fix enabled config option for batch sender
([#&#8203;10076](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10076))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
(cherry picked from commit 5605528fbdbe37662891f19a3948c1774740b9c8)

* [chore] split arm builds into their own workflow (#10113)

This is the same as was done in contrib.

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>
(cherry picked from commit 93901cd2b767b555b46fce2bf6d72704adbb8b11)

* [chore] group more dependencies (#10112)

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>
(cherry picked from commit 067ac03a57b1b7e85e9d76ecfbbbfe0932aa47e2)

* [chore] fix package prefix (#10116)

should not have included `https`

(cherry picked from commit f23316625776a917dbf625c5e1640330fa3d022a)

* Update All go.opentelemetry.io/collector packages to v0.100.0 (#10115)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[go.opentelemetry.io/collector/exporter/otlpexporter](https://togithub.com/open-telemetry/opentelemetry-collector)
| `v0.99.0` -> `v0.100.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlpexporter/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlpexporter/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlpexporter/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlpexporter/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
|
[go.opentelemetry.io/collector/receiver/otlpreceiver](https://togithub.com/open-telemetry/opentelemetry-collector)
| `v0.99.0` -> `v0.100.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/go.opentelemetry.io%2fcollector%2freceiver%2fotlpreceiver/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/go.opentelemetry.io%2fcollector%2freceiver%2fotlpreceiver/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/go.opentelemetry.io%2fcollector%2freceiver%2fotlpreceiver/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/go.opentelemetry.io%2fcollector%2freceiver%2fotlpreceiver/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>open-telemetry/opentelemetry-collector
(go.opentelemetry.io/collector/exporter/otlpexporter)</summary>

###
[`v0.100.0`](https://togithub.com/open-telemetry/opentelemetry-collector/blob/HEAD/CHANGELOG.md#v170v01000)

[Compare
Source](https://togithub.com/open-telemetry/opentelemetry-collector/compare/v0.99.0...v0.100.0)

##### 🛑 Breaking changes 🛑

- `service`: The `validate` sub-command no longer validates that each
pipeline's type is the same as its component types
([#&#8203;10031](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10031))

##### 💡 Enhancements 💡

- `semconv`: Add support for v1.25.0 semantic convention
([#&#8203;10072](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10072))
- `builder`: remove the need to go get a module to address ambiguous
import paths
([#&#8203;10015](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10015))
- `pmetric`: Support parsing metric.metadata from OTLP JSON.
([#&#8203;10026](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10026))

##### 🧰 Bug fixes 🧰

- `exporterhelper`: Fix enabled config option for batch sender
([#&#8203;10076](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10076))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
(cherry picked from commit 2e289b64bbed115d186c8cf944ba054dbb8e4b63)

* Update All golang.org/x packages (#10117)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| golang.org/x/exp | `v0.0.0-20231110203233-9a3e6036ecaa` ->
`v0.0.0-20240506185415-9bf2ced13842` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fexp/v0.0.0-20231110203233-9a3e6036ecaa/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fexp/v0.0.0-20231110203233-9a3e6036ecaa/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| golang.org/x/exp | `v0.0.0-20240119083558-1b970713d09a` ->
`v0.0.0-20240506185415-9bf2ced13842` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fexp/v0.0.0-20240119083558-1b970713d09a/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fexp/v0.0.0-20240119083558-1b970713d09a/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| golang.org/x/net | `v0.24.0` -> `v0.25.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fnet/v0.25.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fnet/v0.25.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fnet/v0.24.0/v0.25.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fnet/v0.24.0/v0.25.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| golang.org/x/sys | `v0.19.0` -> `v0.20.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fsys/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fsys/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fsys/v0.19.0/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fsys/v0.19.0/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| golang.org/x/text | `v0.14.0` -> `v0.15.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2ftext/v0.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2ftext/v0.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2ftext/v0.14.0/v0.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2ftext/v0.14.0/v0.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| golang.org/x/tools | `v0.20.0` -> `v0.21.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2ftools/v0.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2ftools/v0.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2ftools/v0.20.0/v0.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2ftools/v0.20.0/v0.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>
(cherry picked from commit 3c5bca5097da4585f3a50ebefdbb6403a0038948)

* Update module google.golang.org/protobuf to v1.34.1 (#10101)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[google.golang.org/protobuf](https://togithub.com/protocolbuffers/protobuf-go)
| `v1.34.0` -> `v1.34.1` |
[![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fprotobuf/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fprotobuf/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fprotobuf/v1.34.0/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fprotobuf/v1.34.0/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>protocolbuffers/protobuf-go
(google.golang.org/protobuf)</summary>

###
[`v1.34.1`](https://togithub.com/protocolbuffers/protobuf-go/releases/tag/v1.34.1)

[Compare
Source](https://togithub.com/protocolbuffers/protobuf-go/compare/v1.34.0...v1.34.1)

Minor fixes for editions compliance:

- [CL/582635](https://go.dev/cl/582635): all: update to protobuf
27.0-rc1 and regenerate protos
- [CL/582755](https://go.dev/cl/582755): encoding/proto\[json|text]:
accept lower case names for group-like fields

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>
Co-authored-by: Alex Boten <223565+codeboten@users.noreply.github.com>
(cherry picked from commit c5ee52b133725ce07a0d5b2ed76f1d1462fd6633)

* Update module github.com/golangci/golangci-lint to v1.58.0 (#10102)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[github.com/golangci/golangci-lint](https://togithub.com/golangci/golangci-lint)
| `v1.57.2` -> `v1.58.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fgolangci%2fgolangci-lint/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fgolangci%2fgolangci-lint/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fgolangci%2fgolangci-lint/v1.57.2/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fgolangci%2fgolangci-lint/v1.57.2/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>golangci/golangci-lint
(github.com/golangci/golangci-lint)</summary>

###
[`v1.58.0`](https://togithub.com/golangci/golangci-lint/compare/v1.57.2...v1.58.0)

[Compare
Source](https://togithub.com/golangci/golangci-lint/compare/v1.57.2...v1.58.0)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>
(cherry picked from commit 90ddbcb666e3a415ef83120c5d828e44422b35c8)

* Update actions/setup-go action to v5.0.1 (#10096)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&#8203;dependabot](https://togithub.com/dependabot) ,
[@&#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
https://github.com/actions/setup-go/compare/v5.0.0...v5.0.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Yang Song <songy23@users.noreply.github.com>
(cherry picked from commit 9bc32498ce5edc12222ced1db46378e26dbd3cce)

* [chore] Update go versions in CI (#10119)

(cherry picked from commit 7b63bfc9a46b692451c838bb7acd2e3692580bf4)

* Move Aneurysm9 to emeritus status (#10120)

I have been unable to provide this position the bandwidth that it
deserves and it is time to formalize recognition of that fact.

Signed-off-by: Anthony J Mirabella <a9@aneurysm9.com>
Co-authored-by: Alex Boten <223565+codeboten@users.noreply.github.com>
(cherry picked from commit c6b70a7ec794d1a296f82863032def0848f870e0)

* [chore] use mdatagen for exporterhelper metrics (#10094)

Uses the new mdatagen capabilities to generate internal telemetry
details for exporterhelper.

---------

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>
(cherry picked from commit 5c72c5d2a035c811fc60e6608320986ec85e4110)

* [chore] use mdatagen scraperhelper (#10095)

Follows
https://github.com/open-telemetry/opentelemetry-collector/pull/10094

---------

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [chore] use mdatagen for processorhelper (#10122)

This updates the processor helper to use mdatagen for its internal
telemetry.

---------

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [chore][cmd/builder] Test for unreleased versions (#10030)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

Add a test to help prevent our replace statements from going out of date
and causing situations like
https://github.com/open-telemetry/opentelemetry-collector/issues/10014.
This is also probably just a decent test case to have since it's a
syntactically valid but nonexistent version.

---------

Co-authored-by: Evan Bradley <evan-bradley@users.noreply.github.com>
Co-authored-by: Juraci Paixão Kröhling <juraci.github@kroehling.de>

* [mdatagen] Run tests when skipping goleak (#10126)

#### Description
Tests are currently not being run when `goleak` checks are skipped. This
is because `TestMain` is called in the generated file, and needs to call
`m.Run()` to properly run the package's tests. This call was missing.

#### Link to tracking issue
Fixes #10125

#### Testing
There aren't any `goleak` checks currently being skipped in core from
the generated package tests, but there are quite a few in `contrib`.
This will fix the skipped tests in `contrib`.

* [chore] use mdatagen for receiverhelper metrics (#10123)

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [mdatagen] use main as package for cmd types (#10130)

This allows us to enabled package test generation for mdatagen itself
(and for telemetrygen in contrib)

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [mdatagen] only generate telemetry as needed (#10129)

This prevent unnecessary files from being generated if metadata.yaml
doesn't include any internal telemetry for a component.

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* ExporterHelper tests - switch to DataType instead of Type (#10127)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description
`newBaseExporter` needs a `DataType` - up until now we've been passing
in a `Type`. In preparation of splitting `DataType` and `Type`, pass in
a real `DataType`.

<!-- Issue number if applicable -->
#### Link to tracking issue
related to
https://github.com/open-telemetry/opentelemetry-collector/issues/9429



In preparation for
https://github.com/open-telemetry/opentelemetry-collector/pull/10069

* MemoryLimiterProcessor - switch to  MustNewID instead of zero value ID (#10128)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description
In an upcoming PR, I change Type to be an interface. This means the zero
value of Type will be nil - which will cause this test to fail.
Initializing ID instead of relying on the zero value fixes this

<!-- Issue number if applicable -->
#### Link to tracking issue
related to
https://github.com/open-telemetry/opentelemetry-collector/issues/9429


<!--Please delete paragraphs that you did not use before submitting.-->
In preparation for
https://github.com/open-telemetry/opentelemetry-collector/pull/10069

* [otelcol] Add a custom zapcore.Core for confmap logging (#10056)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

Provides a logger to confmap that buffers logs in memory until the
primary logger can be used. Once the primary logger exists, places that
used the original logger are given the updated Core.

If an error occurs that would shut down the collector before the primary
logger could be created, the logs are written to stdout/err using a
fallback logger.

Alternative to
https://github.com/open-telemetry/opentelemetry-collector/pull/10008

I've pushed the testing I did to show how the logger successfully
updates. Before config resolution the debug log in confmap is not
printed, but afterwards it is.

test config:
```yaml
receivers:
  nop:

exporters:
  otlphttp:
    endpoint: http://0.0.0.0:4317
    headers:
      # Not set
      x-test: ${env:TEMP3}
  debug:
    # set to "detailed"
    verbosity: $TEMP

service:
  telemetry:
    logs:
      level: debug
  pipelines:
    traces:
      receivers:
        - nop
      exporters:
        - debug
```


![image](https://github.com/open-telemetry/opentelemetry-collector/assets/12352919/6a17993f-1f97-4c54-9165-5c34dd58d108)

<!-- Issue number if applicable -->
#### Link to tracking issue
Related to
https://github.com/open-telemetry/opentelemetry-collector/issues/9162
Related to
https://github.com/open-telemetry/opentelemetry-collector/issues/5615

<!--Describe what testing was performed and which tests were added.-->
#### Testing
If we like this approach I'll add tests

<!--Describe the documentation added.-->
#### Documentation

---------

Co-authored-by: Dan Jaglowski <jaglows3@gmail.com>
Co-authored-by: Pablo Baeyens <pbaeyens31+github@gmail.com>

* [confmap] Deprecate `NewWithSettings` and `New` (#10134)

#### Description

Each of these was deprecated in v0.99.0, so I think removing them in
v0.101.0 is a safe deprecation period for an API that is likely only
used by vendor distros built without ocb.

If we would like to extend the deprecation period or break this change
into PRs for each module, let me know and I'll make the necessary
changes.

* [confmap] Add logger to ConverterSettings (#10135)

#### Description
Adds a Logger to ConverterSettings to enable logging from within
converters. Also update the expand converter to log a warning if the env
var is empty or missing.

#### Link to tracking issue
Closes
https://github.com/open-telemetry/opentelemetry-collector/issues/9162
Closes
https://github.com/open-telemetry/opentelemetry-collector/issues/5615

#### Testing

Unit tests and local testing


![image](https://github.com/open-telemetry/opentelemetry-collector/assets/12352919/af5dd1e2-62f9-4272-97c7-da57166ef07e)

```yaml
receivers:
  nop:

exporters:
  otlphttp:
    endpoint: http://0.0.0.0:4317
    headers:
      # Not set
      x-test: $TEMP3
  debug:
    # set to "detailed"
    verbosity: $TEMP

service:
  telemetry:
    logs:
      level: info
  pipelines:
    traces:
      receivers:
        - nop
      exporters:
        - otlphttp
        - debug
```

#### Documentation
Added godoc comments

* [confighttp] Remove deprecated functions (#10138)

Closes
https://github.com/open-telemetry/opentelemetry-collector/issues/9807

* Update module github.com/prometheus/client_golang to v1.19.1 (#10147)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[github.com/prometheus/client_golang](https://togithub.com/prometheus/client_golang)
| `v1.19.0` -> `v1.19.1` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fprometheus%2fclient_golang/v1.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fprometheus%2fclient_golang/v1.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fprometheus%2fclient_golang/v1.19.0/v1.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fprometheus%2fclient_golang/v1.19.0/v1.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>prometheus/client_golang
(github.com/prometheus/client_golang)</summary>

###
[`v1.19.1`](https://togithub.com/prometheus/client_golang/releases/tag/v1.19.1)

[Compare
Source](https://togithub.com/prometheus/client_golang/compare/v1.19.0...v1.19.1)

#### What's Changed

- Security patches for `golang.org/x/sys` and
`google.golang.org/protobuf`

#### New Contributors

- [@&#8203;lukasauk](https://togithub.com/lukasauk) made their first
contribution in
[https://github.com/prometheus/client_golang/pull/1494](https://togithub.com/prometheus/client_golang/pull/1494)

**Full Changelog**:
https://github.com/prometheus/client_golang/compare/v1.19.0...v1.19.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJyZW5vdmF0ZWJvdCJdfQ==-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>

* Update module github.com/golangci/golangci-lint to v1.58.1 (#10146)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[github.com/golangci/golangci-lint](https://togithub.com/golangci/golangci-lint)
| `v1.58.0` -> `v1.58.1` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fgolangci%2fgolangci-lint/v1.58.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fgolangci%2fgolangci-lint/v1.58.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fgolangci%2fgolangci-lint/v1.58.0/v1.58.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fgolangci%2fgolangci-lint/v1.58.0/v1.58.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>golangci/golangci-lint
(github.com/golangci/golangci-lint)</summary>

###
[`v1.58.1`](https://togithub.com/golangci/golangci-lint/compare/v1.58.0...v1.58.1)

[Compare
Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.0...v1.58.1)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJyZW5vdmF0ZWJvdCJdfQ==-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>

* Update github-actions deps (#10145)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.4` -> `v4.1.5` |
| [codecov/codecov-action](https://togithub.com/codecov/codecov-action)
| action | minor | `4.3.1` -> `4.4.0` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v3.25.3` -> `v3.25.5` |
|
[goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action)
| action | minor | `v5.0.0` -> `v5.1.0` |
| [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) |
action | patch | `v2.3.1` -> `v2.3.3` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5)

#### What's Changed

- Update NPM dependencies by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703)
- Bump github/codeql-action from 2 to 3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694)
- Bump actions/setup-node from 1 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696)
- Bump actions/upload-artifact from 2 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695)
- README: Suggest `user.email` to be
`41898282+github-actions[bot]@&#8203;users.noreply.github.com` by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707)

**Full Changelog**:
https://github.com/actions/checkout/compare/v4.1.4...v4.1.5

</details>

<details>
<summary>codecov/codecov-action (codecov/codecov-action)</summary>

###
[`v4.4.0`](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0)

[Compare
Source](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0)

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

###
[`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

</details>

<details>
<summary>goreleaser/goreleaser-action
(goreleaser/goreleaser-action)</summary>

###
[`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0)

#### Important

This version changes the default behavior of `latest` to `~> v1`.

The next major of this action (v6), will change this to `~> v2`, and
will be launched together with GoReleaser v2.

#### What's Changed

- docs: bump actions to latest major by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435)
- chore(deps): bump docker/bake-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437)
- chore(deps): bump actions/setup-go from 4 to 5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443)
- chore(deps): bump actions/upload-artifact from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444)
- Delete .kodiak.toml by
[@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448)
- chore(deps): bump ip from 2.0.0 to 2.0.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450)
- Upgrade setup-go action version in README by
[@&#8203;kishaningithub](https://togithub.com/kishaningithub) in
[https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455)
- chore(deps): bump tar from 6.1.14 to 6.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456)
- chore: use corepack to install yarn by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458)
- feat: lock this major version of the action to use '~> v1' as 'latest'
by [@&#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461)
- chore(deps): bump semver from 7.6.0 to 7.6.2 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462)
- chore(deps): bump
[@&#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451)

#### New Contributors

- [@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their
first contribution in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)

**Full Changelog**:
https://github.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0

</details>

<details>
<summary>ossf/scorecard-action (ossf/scorecard-action)</summary>

###
[`v2.3.3`](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

###
[`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJyZW5vdmF0ZWJvdCJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore: fix function name in comment (#10150)

<!--Please delete paragraphs that you did not use before submitting.-->

Signed-off-by: petercover <raowanxiang@outlook.com>

* Update module google.golang.org/genproto/googleapis/rpc to v0.0.0-20240506185236-b8a5c65736ae (#10100)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[google.golang.org/genproto/googleapis/rpc](https://togithub.com/googleapis/go-genproto)
| `v0.0.0-20240401170217-c3f982113cda` ->
`v0.0.0-20240506185236-b8a5c65736ae` |
[![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240506185236-b8a5c65736ae?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240506185236-b8a5c65736ae?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240401170217-c3f982113cda/v0.0.0-20240506185236-b8a5c65736ae?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240401170217-c3f982113cda/v0.0.0-20240506185236-b8a5c65736ae?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>
Co-authored-by: Yang Song <songy23@users.noreply.github.com>
Co-authored-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* fix(deps): update module google.golang.org/genproto/googleapis/rpc to v0.0.0-20240513163218-0867130af1f8 (#10153)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[google.golang.org/genproto/googleapis/rpc](https://togithub.com/googleapis/go-genproto)
| `v0.0.0-20240506185236-b8a5c65736ae` ->
`v0.0.0-20240513163218-0867130af1f8` |
[![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240513163218-0867130af1f8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240513163218-0867130af1f8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240506185236-b8a5c65736ae/v0.0.0-20240513163218-0867130af1f8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240506185236-b8a5c65736ae/v0.0.0-20240513163218-0867130af1f8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJyZW5vdmF0ZWJvdCJdfQ==-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>

* [chore] update Andrzej's affiliation (#10156)

* Add origin field name option to base fields (#10149)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

This adds an `originFieldName` option to `sliceField`,
`messageValueField` and `primitiveField`.
This option already exists for `primitiveTypedField`, `oneOfField`,
`oneOfPrimitiveValue` and `oneOfMessageValue`.

#### Link to tracking issue

This is needed for #10109.

<!--Describe what testing was performed and which tests were added.-->
#### Testing

This is unit tested.

cc @mx-psi

* [confmap] Encode string-like map keys (#10137)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

Our check for determining whether a map key can be encoded as a string
is too restrictive and doesn't into account types which are essentially
aliases for the string type and don't implement `UnmarshalText`.

I encountered this while trying to call
`(confmap.Conf).Marshal(*otelcol.Config)` when the config includes a
Prometheus receiver, which includes the [LabelName
type](https://github.com/prometheus/common/blob/main/model/labels.go#L98)
that does not implement an unmarshaling method. We can't guarantee that
all types will implement this, and [Go's print formatters
check](https://github.com/golang/go/blob/master/src/fmt/print.go#L803)
whether `(reflect.Value).Kind()` equals `reflect.String`, so I think
this will be an overall more robust approach.

<!--Describe what testing was performed and which tests were added.-->
#### Testing

I added two test cases to demonstrate when we will hit this case.

---------

Co-authored-by: Pablo Baeyens <pbaeyens31+github@gmail.com>

* [otelcol] Add mapstructure tags to main Config struct (#10152)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

Adds `mapstructure` tags to main `Config` struct.

cc @mackjmr

* Upgrade proto and generate profiles (#10155)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

This upgrades the proto to their latest version, and generates the
profiles.

<!-- Issue number if applicable -->
#### Link to tracking issue
Part of #10109

cc @mx-psi

* Upgrade the used otlp version in readme (#10167)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

We upgraded the proto version, so we need to upgrade it in the readme as
well.

<!-- Issue number if applicable -->
#### Link to tracking issue

*
https://github.com/open-telemetry/opentelemetry-collector/pull/10109#pullrequestreview-2058708683
* https://github.com/open-telemetry/opentelemetry-collector/pull/10155

* [chore] appease versioning warnings (#10163)

as per dependabot security recommendations

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [chore] set permissions to read explicitly (#10164)

This is as recommended by dependabot security warnings.

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [mdatagen] add support for async instruments (#10159)

This PR adds the ability to configure asynchronous (observable)
instruments via mdatagen. This requires providing a mechanism to set
options to pass in the callbacks that will be called at the time of the
observation.

---------

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [mdatagen] update mdatagen to document internal telemetry (#10170)

This allows end users to see what telemetry each component should be
emitting.

---------

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [chore] make gogenerate (#10171)

documentation needed to be regenerated

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [chore]: fix the dead link in mdatagen (#10142)

#### Description
Fixed the deadlink in mdatagen that would cause existing functionality
to not work as expected.

<!-- Issue number if applicable -->
#### Link to tracking issue
Fixes #10071

* [confmap] Remove deprecated ResolverSettings fields (#10173)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

These fields were deprecated in v0.99.0 and aren't used in any upstream
repositories.

These appear to still be used in downstream distributions. If we want to
lengthen the deprecation period for these fields, I'll open a PR to
instead set a timeline for their removal.

* Documentation improvements  - Internal Architecture Doc + Package level comments (#10068)

<!--Describe the documentation added.-->
#### Documentation
Creates an internal architecture file. In it is a diagram of the startup
flow of the collector as well as links to key files / packages. I also
added package level comments to some key packages.

I wrote some other documentation in
https://github.com/open-telemetry/opentelemetry-collector/pull/10029 but
split the PRs up.

---------

Co-authored-by: Pablo Baeyens <pbaeyens31+github@gmail.com>

* [chore] Remove unused package test file from otelcorecol (#10178)

* [chore] Remove required toolchain version from nopexporter (#10179)

* fix(deps): update module github.com/golangci/golangci-lint to v1.58.2 (#10185)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[github.com/golangci/golangci-lint](https://togithub.com/golangci/golangci-lint)
| `v1.58.1` -> `v1.58.2` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fgolangci%2fgolangci-lint/v1.58.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fgolangci%2fgolangci-lint/v1.58.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fgolangci%2fgolangci-lint/v1.58.1/v1.58.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fgolangci%2fgolangci-lint/v1.58.1/v1.58.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>golangci/golangci-lint
(github.com/golangci/golangci-lint)</summary>

###
[`v1.58.2`](https://togithub.com/golangci/golangci-lint/compare/v1.58.1...v1.58.2)

[Compare
Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.1...v1.58.2)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNjMuNSIsInVwZGF0ZWRJblZlciI6IjM3LjM2My41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJyZW5vdmF0ZWJvdCJdfQ==-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>

* [chore] Prepare release v1.8.0/v0.101.0 (#10190)

This replaces #10188, by fixing a relatively new test case that blocked
the release.

Signed-off-by: Juraci Paixão Kröhling <juraci@kroehling.de>

---------

Signed-off-by: Juraci Paixão Kröhling <juraci@kroehling.de>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>

* chore(deps): update github-actions deps (#10184)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/ch…
mmlb referenced this pull request in metal-toolbox/vogelkop Jun 14, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action)
| action | major | `v5.0.0` -> `v6.0.0` |

---

### Release Notes

<details>
<summary>goreleaser/goreleaser-action
(goreleaser/goreleaser-action)</summary>

###
[`v6.0.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v6.0.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.1.0...v6.0.0)

> \[!WARNING]
> **This is a breaking change!**
>
> Follow the instructions
[here](https://goreleaser.com/blog/goreleaser-v2/#upgrading) to upgrade!

#### What's Changed

- feat!: use "~> v2" as default by
[@&#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/463](https://togithub.com/goreleaser/goreleaser-action/pull/463)

**Full Changelog**:
goreleaser/goreleaser-action@v5...v6.0.0

###
[`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0)

#### Important

This version changes the default behavior of `latest` to `~> v1`.

The next major of this action (v6), will change this to `~> v2`, and
will be launched together with GoReleaser v2.

#### What's Changed

- docs: bump actions to latest major by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435)
- chore(deps): bump docker/bake-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437)
- chore(deps): bump actions/setup-go from 4 to 5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443)
- chore(deps): bump actions/upload-artifact from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444)
- Delete .kodiak.toml by
[@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448)
- chore(deps): bump ip from 2.0.0 to 2.0.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450)
- Upgrade setup-go action version in README by
[@&#8203;kishaningithub](https://togithub.com/kishaningithub) in
[https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455)
- chore(deps): bump tar from 6.1.14 to 6.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456)
- chore: use corepack to install yarn by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458)
- feat: lock this major version of the action to use '~> v1' as 'latest'
by [@&#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461)
- chore(deps): bump semver from 7.6.0 to 7.6.2 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462)
- chore(deps): bump
[@&#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451)

#### New Contributors

- [@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their
first contribution in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)

**Full Changelog**:
goreleaser/goreleaser-action@v5.0.0...v5.1.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/metal-toolbox/vogelkop).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zODguMSIsInVwZGF0ZWRJblZlciI6IjM3LjM4OC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->
AustinAbro321 referenced this pull request in zarf-dev/zarf Jun 18, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action)
| action | major | `v5.0.0` -> `v6.0.0` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>goreleaser/goreleaser-action
(goreleaser/goreleaser-action)</summary>

###
[`v6.0.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v6.0.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.1.0...v6.0.0)

> \[!WARNING]
> **This is a breaking change!**
>
> Follow the instructions
[here](https://goreleaser.com/blog/goreleaser-v2/#upgrading) to upgrade!

##### What's Changed

- feat!: use "~> v2" as default by
[@&#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/463](https://togithub.com/goreleaser/goreleaser-action/pull/463)

**Full Changelog**:
goreleaser/goreleaser-action@v5...v6.0.0

###
[`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0)

#### Important

This version changes the default behavior of `latest` to `~> v1`.

The next major of this action (v6), will change this to `~> v2`, and
will be launched together with GoReleaser v2.

#### What's Changed

- docs: bump actions to latest major by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435)
- chore(deps): bump docker/bake-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437)
- chore(deps): bump actions/setup-go from 4 to 5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443)
- chore(deps): bump actions/upload-artifact from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444)
- Delete .kodiak.toml by
[@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448)
- chore(deps): bump ip from 2.0.0 to 2.0.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450)
- Upgrade setup-go action version in README by
[@&#8203;kishaningithub](https://togithub.com/kishaningithub) in
[https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455)
- chore(deps): bump tar from 6.1.14 to 6.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456)
- chore: use corepack to install yarn by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458)
- feat: lock this major version of the action to use '~> v1' as 'latest'
by [@&#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461)
- chore(deps): bump semver from 7.6.0 to 7.6.2 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462)
- chore(deps): bump
[@&#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451)

#### New Contributors

- [@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their
first contribution in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)

**Full Changelog**:
goreleaser/goreleaser-action@v5.0.0...v5.1.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/defenseunicorns/zarf).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zOTMuMCIsInVwZGF0ZWRJblZlciI6IjM3LjM5My4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Lucas Rodriguez <lucas.rodriguez@defenseunicorns.com>
Co-authored-by: Austin Abro <AustinAbro321@gmail.com>
AustinAbro321 referenced this pull request in zarf-dev/zarf Jul 23, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action)
| action | major | `v5.0.0` -> `v6.0.0` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>goreleaser/goreleaser-action
(goreleaser/goreleaser-action)</summary>

###
[`v6.0.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v6.0.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.1.0...v6.0.0)

> \[!WARNING]
> **This is a breaking change!**
>
> Follow the instructions
[here](https://goreleaser.com/blog/goreleaser-v2/#upgrading) to upgrade!

##### What's Changed

- feat!: use "~> v2" as default by
[@&#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/463](https://togithub.com/goreleaser/goreleaser-action/pull/463)

**Full Changelog**:
goreleaser/goreleaser-action@v5...v6.0.0

###
[`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0)

#### Important

This version changes the default behavior of `latest` to `~> v1`.

The next major of this action (v6), will change this to `~> v2`, and
will be launched together with GoReleaser v2.

#### What's Changed

- docs: bump actions to latest major by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435)
- chore(deps): bump docker/bake-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437)
- chore(deps): bump actions/setup-go from 4 to 5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443)
- chore(deps): bump actions/upload-artifact from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444)
- Delete .kodiak.toml by
[@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448)
- chore(deps): bump ip from 2.0.0 to 2.0.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450)
- Upgrade setup-go action version in README by
[@&#8203;kishaningithub](https://togithub.com/kishaningithub) in
[https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455)
- chore(deps): bump tar from 6.1.14 to 6.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456)
- chore: use corepack to install yarn by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458)
- feat: lock this major version of the action to use '~> v1' as 'latest'
by [@&#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461)
- chore(deps): bump semver from 7.6.0 to 7.6.2 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462)
- chore(deps): bump
[@&#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451)

#### New Contributors

- [@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their
first contribution in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)

**Full Changelog**:
goreleaser/goreleaser-action@v5.0.0...v5.1.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/defenseunicorns/zarf).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zOTMuMCIsInVwZGF0ZWRJblZlciI6IjM3LjM5My4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Lucas Rodriguez <lucas.rodriguez@defenseunicorns.com>
Co-authored-by: Austin Abro <AustinAbro321@gmail.com>
Signed-off-by: Austin Abro <AustinAbro321@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants