Skip to content

Bump io.opentelemetry.semconv:opentelemetry-semconv from 1.34.0 to 1.40.0 in /agentic-net-executor#1

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/agentic-net-executor/io.opentelemetry.semconv-opentelemetry-semconv-1.40.0
Open

Bump io.opentelemetry.semconv:opentelemetry-semconv from 1.34.0 to 1.40.0 in /agentic-net-executor#1
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/maven/agentic-net-executor/io.opentelemetry.semconv-opentelemetry-semconv-1.40.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 24, 2026

Copy link
Copy Markdown

Bumps io.opentelemetry.semconv:opentelemetry-semconv from 1.34.0 to 1.40.0.

Release notes

Sourced from io.opentelemetry.semconv:opentelemetry-semconv's releases.

Version 1.40.0

  • Bump to semconv v1.40.0 (#418)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​jack-berg @​jaydeluca @​laurit @​trask

Version 1.39.0

  • Bump to semconv v1.39.0 (#396)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@ @​jaydeluca @​laurit @​trask

Version 1.38.0

  • Bump to semconv v1.38.0 (#384)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​breedx-splk @​jack-berg @​jaydeluca @​laurit @​trask @​zeitlinger

Version 1.37.0

  • Bump to semconv v1.37.0 (#288)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​breedx-splk @​jaydeluca @​laurit

... (truncated)

Changelog

Sourced from io.opentelemetry.semconv:opentelemetry-semconv's changelog.

Version 1.40.0 (2026-02-19)

  • Bump to semconv v1.40.0 (#418)

Version 1.39.0 (2026-01-28)

  • Bump to semconv v1.39.0 (#396)

Version 1.38.0 (2026-01-27)

  • Bump to semconv v1.38.0 (#384)

Version 1.37.0 (2025-08-27)

  • Bump to semconv v1.37.0 (#288)

Version 1.36.0 (2025-08-26)

Note: there was no v1.35.0 release (see details).

  • Bump to semconv v1.36.0 (#253)
Commits
  • c7c3cc7 Prepare release 1.40.0 (#419)
  • 3086d67 Update the semantic conventions version to 1.40.0 (#418)
  • e9dd703 Fix executable permission on update-semconv-version.sh (#417)
  • b7a09ad chore(deps): update github/codeql-action action to v4.32.3 (#416)
  • 0aa5028 fix(deps): update dependency usejunitjupiter to v5.14.3 (#415)
  • 82c6ba0 chore(deps): update dependency lychee to v0.23.0 (#414)
  • 26bcdda Align generate-release-contributors.sh with contrib (#412)
  • 9d3dc5c chore(deps): update github actions (#413)
  • 4bd75f2 fix(deps): update dependency checkstyle to v13.2.0 (#411)
  • d0bec65 chore(deps): update otel/weaver docker tag to v0.21.2 (#410)
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

Bumps [io.opentelemetry.semconv:opentelemetry-semconv](https://github.com/open-telemetry/semantic-conventions-java) from 1.34.0 to 1.40.0.
- [Release notes](https://github.com/open-telemetry/semantic-conventions-java/releases)
- [Changelog](https://github.com/open-telemetry/semantic-conventions-java/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/semantic-conventions-java@v1.34.0...v1.40.0)

---
updated-dependencies:
- dependency-name: io.opentelemetry.semconv:opentelemetry-semconv
  dependency-version: 1.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Apr 24, 2026
@dependabot dependabot Bot requested a review from alexejsailer as a code owner April 24, 2026 04:38
@dependabot dependabot Bot added the java Pull requests that update java code label Apr 24, 2026
alexejsailer added a commit that referenced this pull request Jul 11, 2026
…main + ignore rules for majors

Applied directly to main (equivalent to or newer than the dependabot PRs, which
auto-close once main satisfies them):
- All four services: spring-boot-starter-parent 3.5.13 -> 3.5.16
- opentelemetry-instrumentation-bom 2.18.1 -> 2.29.0, opentelemetry-semconv
  1.34.0 -> 1.43.0, opentelemetry-sdk-testing 1.52.0 -> 1.63.0 (PRs #36, #13,
  #11, #4, #19, #16, #1, #12, #8, #5)
- wiremock-standalone 3.3.1 -> 3.13.2 (#9, #6), awaitility 4.3.0 (#2)
- mockwebserver 4.12.0 -> 5.3.2: required follow-up — sdk-testing 1.63 pulls
  okhttp-jvm 5.3.2, whose internals break mockwebserver 4.x (NoSuchMethodError
  in TaskRunner); the 5.x artifact keeps the classic okhttp3.mockwebserver API
- cli: form-data 4.0.6 (CRLF injection, GHSA-hmw2-7cc7-3qxx), ollama 0.6.3
  (#21), commander 14 (#25), @anthropic-ai/sdk 0.91 (#22) — tsc + tsup clean
- chat: form-data 4.0.6, grammy 1.44 (#35)
- ci.yml: checkout@v7 (#34), setup-java@v5 (#27), setup-node@v6 (#28),
  upload-artifact@v7 (#26)

Declined via dependabot.yml ignore rules (dependabot closes those PRs on its
next run): Spring Boot 4.x (#33, #17, #14), spring-vault 4 (#32), springdoc 3
(#15), hibernate-validator 9 (#18) — all gated on a deliberate Boot 4
migration; typescript 6 (#23) and @types/node 25 (#24) — blocked by tooling
peer ranges and the Node 22 runtime.

Suites green: gateway 102, executor 186, vault 47, blobstore 50. Remaining
accepted: esbuild low-severity dev-only Windows-only advisory (pinned by tsup).

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_01UEMvAWnBeMFuQjcmpquRQA
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants