Skip to content

feat: bump otelcol base version to 0.124.0 #192

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Apr 23, 2025
Merged

feat: bump otelcol base version to 0.124.0 #192

merged 4 commits into from
Apr 23, 2025

Conversation

obs-gh-alexlew
Copy link
Collaborator

Description

Bump otelcol base version to 0.124.0

Checklist

  • Created tests which fail without the change (if possible)
  • Extended the README / documentation, if necessary

orca-security-us[bot]
orca-security-us bot reviewed Apr 22, 2025
View reviewed changes
Copy link

@orca-security-us orca-security-us bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Orca Security Scan Summary

Status Check Issues by priority
Passed Passed Infrastructure as Code high 0   medium 0   low 0   info 0 View in Orca
Passed Passed SAST high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Secrets high 0   medium 0   low 0   info 0 View in Orca
Failed Failed Vulnerabilities high 1   medium 0   low 0   info 0 View in Orca
☢️ The following Vulnerabilities (CVEs) have been detected
PACKAGE FILE CVE ID INSTALLED VERSION FIXED VERSION
high uplot ...ui/package-lock.json CVE-2024-21489 1.6.30 1.6.31 View in code

orca-security-us[bot]
orca-security-us bot reviewed Apr 22, 2025
View reviewed changes
Copy link

@orca-security-us orca-security-us bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Orca Security Scan Summary

Status Check Issues by priority
Passed Passed Infrastructure as Code high 0   medium 0   low 0   info 0 View in Orca
Passed Passed SAST high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Secrets high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Vulnerabilities high 0   medium 0   low 0   info 0 View in Orca

orca-security-us[bot]
orca-security-us bot reviewed Apr 22, 2025
View reviewed changes
Copy link

@orca-security-us orca-security-us bot left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Orca Security Scan Summary

Status Check Issues by priority
Passed Passed Infrastructure as Code high 0   medium 0   low 0   info 0 View in Orca
Passed Passed SAST high 0   medium 0   low 0   info 0 View in Orca
Passed Passed Secrets high 0   medium 0   low 0   info 0 View in Orca
Failed Failed Vulnerabilities high 1   medium 0   low 0   info 0 View in Orca
☢️ The following Vulnerabilities (CVEs) have been detected
PACKAGE FILE CVE ID INSTALLED VERSION FIXED VERSION
high uplot ...ui/package-lock.json CVE-2024-21489 1.6.30 1.6.31 View in code

@obs-gh-alexlew
Copy link
Collaborator Author

obs-gh-alexlew commented Apr 22, 2025
edited
Loading

Can't bump the prometheus version since prometheus receiver needs version https://github.com/open-telemetry/opentelemetry-collector-contrib/blob/c2e12729a13e4cef07b503fede311cb8c8942af9/receiver/prometheusreceiver/go.mod#L18

hopefully vuln will be fixable later but not fixable now without removing critical functionality

@obs-gh-alexlew obs-gh-alexlew force-pushed the alew/bump-otel-col-version branch from a413347 to befeb86 Compare April 22, 2025 21:07
obs-gh-mattcotter
obs-gh-mattcotter approved these changes Apr 23, 2025
View reviewed changes
builder-config.yaml
@@ -3,75 +3,75 @@ dist:
module: github.com/observeinc/observe-agent/observecol
description: Observe Distribution of OTEL Collector
output_path: ./ocb-build
version: 0.121.0
version: 0.124.1
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this 0.124.1?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

they released a patch version so i figured why not. but if you actually use 0.124.0 for the other components they're not found. so i guess they dont release all the components for patch releases

@obs-gh-alexlew obs-gh-alexlew merged commit 46a2df0 into main Apr 23, 2025
11 of 12 checks passed
@obs-gh-alexlew obs-gh-alexlew deleted the alew/bump-otel-col-version branch April 23, 2025 21:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@orca-security-us orca-security-us[bot] orca-security-us[bot] left review comments

@obs-gh-mattcotter obs-gh-mattcotter obs-gh-mattcotter approved these changes

Assignees

@obs-gh-mattcotter obs-gh-mattcotter

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@obs-gh-alexlew @obs-gh-mattcotter