Skip to content

Bump the python-auto-sample-app-deps group across 1 directory with 11 updates #1338

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the python-auto-sample-app-deps group across 1 directory with 11 updates #1338

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 30, 2025
edited
Loading

Bumps the python-auto-sample-app-deps group with 11 updates in the /sample-apps/python-auto-instrumentation-sample-app directory:

Package From To
boto3 1.35.64 1.40.41
opentelemetry-distro 0.49b2 0.58b0
opentelemetry-exporter-otlp 1.28.2 1.37.0
opentelemetry-api 1.28.2 1.37.0
opentelemetry-instrumentation-flask 0.49b2 0.58b0
opentelemetry-instrumentation-requests 0.49b2 0.58b0
opentelemetry-instrumentation-botocore 0.49b2 0.58b0
opentelemetry-sdk-extension-aws 2.0.2 2.1.0
protobuf 5.28.3 6.32.1
pyyaml 6.0.2 6.0.3
requests 2.32.3 2.32.5

Updates boto3 from 1.35.64 to 1.40.41

Commits
  • 0d23a56 Merge branch 'release-1.40.41'
  • 1a13683 Bumping version to 1.40.41
  • ac9649e Add changelog entries from botocore
  • 3515909 Merge branch 'release-1.40.40'
  • e3efe2d Merge branch 'release-1.40.40' into develop
  • 1e46da3 Bumping version to 1.40.40
  • 53ccfb7 Add changelog entries from botocore
  • 71cfc75 Merge branch 'release-1.40.39'
  • d947110 Merge branch 'release-1.40.39' into develop
  • 5653e58 Bumping version to 1.40.39
  • Additional commits viewable in compare view

Updates opentelemetry-distro from 0.49b2 to 0.58b0

Changelog

Sourced from opentelemetry-distro's changelog.

Version 1.37.0/0.58b0 (2025-09-11)

Fixed

  • opentelemetry-instrumentation-fastapi: Fix middleware ordering to cover all exception handling use cases. (#3664)
  • opentelemetry-instrumentation-asgi: Make all user hooks failsafe and record exceptions in hooks. (#3664)
  • opentelemetry-instrumentation-fastapi: Fix memory leak in uninstrument_app() by properly removing apps from the tracking set (#3688)
  • opentelemetry-instrumentation-tornado Fix server (request) duration metric calculation (#3679)
  • opentelemetry-instrumentation-tornado: Fix to properly skip all server telemetry when URL excluded. (#3680)
  • opentelemetry-instrumentation: Avoid calls to context.detach with None token. (#3673)
  • opentelemetry-instrumentation-starlette/opentelemetry-instrumentation-fastapi: Fixes a crash when host-based routing is used (#3507)
  • Fix documentation order of sections and headers for Django, Flask, MySQL, mysqlclient, psycopg, psycopg2, pymysql, sqlalchemy instrumentations. (#3719)
  • opentelemetry-instrumentation-asgi Fixed an issue where FastAPI reports IP instead of URL. (#3670)
  • opentelemetry-instrumentation-httpx: fix missing metric response attributes when tracing is disabled (#3615)
  • opentelemetry-instrumentation-fastapi: Don't pass bounded server_request_hook when using FastAPIInstrumentor.instrument() (#3701)

Added

  • opentelemetry-instrumentation-confluent-kafka Add support for confluent-kafka <=2.11.0 (#3685)
  • opentelemetry-instrumentation-system-metrics: Add cpython.gc.collected_objects and cpython.gc.uncollectable_objects metrics (#3666)
  • opentelemetry-sdk-extension-aws Add AWS X-Ray Remote Sampler with initial Rules Poller implementation (#3366)
  • opentelemetry-instrumentation: add support for OTEL_PYTHON_AUTO_INSTRUMENTATION_EXPERIMENTAL_GEVENT_PATCH to inform opentelemetry-instrument about gevent monkeypatching (#3699)
  • opentelemetry-instrumentation: botocore: Add support for AWS Step Functions semantic convention attributes (#3737)
  • opentelemetry-instrumentation-botocore: Add support for SNS semantic convention attribute aws.sns.topic.arn (#3734)
  • opentelemetry-instrumentation: botocore: upgrade moto package from 5.0.9 to 5.1.11 (#3736)

Version 1.36.0/0.57b0 (2025-07-29)

Fixed

  • opentelemetry-instrumentation: Fix dependency conflict detection when instrumented packages are not installed by moving check back to before instrumentors are loaded. Add "instruments-any" feature for instrumentations that target multiple packages. (#3610)

... (truncated)

Commits

Updates opentelemetry-exporter-otlp from 1.28.2 to 1.37.0

Changelog

Sourced from opentelemetry-exporter-otlp's changelog.

Version 1.37.0/0.58b0 (2025-09-11)

  • Add experimental composite samplers (#4714)
  • Add new environment variables to the SDK OTEL_PYTHON_EXPORTER_OTLP_{HTTP/GRPC}_{METRICS/TRACES/LOGS}_CREDENTIAL_PROVIDER that can be used to inject a requests.Session or grpc.ChannelCredentials object into OTLP exporters created during auto instrumentation #4689.
  • Filter duplicate logs out of some internal logger's logs on the export logs path that might otherwise endlessly log or cause a recursion depth exceeded issue in cases where logging itself results in an exception. (#4695).
  • docs: linked the examples with their github source code location and added Prometheus example (#4728)
  • Permit to override default HTTP OTLP exporters headers (#4634)
  • semantic-conventions: Bump to 1.37.0 (#4731)
  • opentelemetry-sdk: fix handling of OTEL_ATTRIBUTE_COUNT_LIMIT in logs (#4677)
  • Performance: Cache importlib_metadata.entry_points (#4735)
  • opentelemetry-sdk: fix calling Logger.emit with an API LogRecord instance (#4741)

Version 1.36.0/0.57b0 (2025-07-29)

  • Add missing Prometheus exporter documentation (#4485)

  • Overwrite logging.config.fileConfig and logging.config.dictConfig to ensure the OTLP LogHandler remains attached to the root logger. Fix a bug that can cause a deadlock to occur over logging._lock in some cases (#4636).

  • otlp-http-exporter: set default value for param timeout_sec in _export method (#4691)

  • Update OTLP gRPC/HTTP exporters: calling shutdown will now interrupt exporters that are sleeping before a retry attempt, and cause them to return failure immediately. Update BatchSpan/LogRecordProcessors: shutdown will now complete after 30 seconds of trying to finish exporting any buffered telemetry, instead of continuing to export until all telemetry was exported. (#4638).

Version 1.35.0/0.56b0 (2025-07-11)

  • Update OTLP proto to v1.7 #4645.
  • Add event_name as a top level field in the LogRecord. Events are now simply logs with the event_name field set, the logs SDK should be used to emit events (#4652).
  • Update OTLP gRPC/HTTP exporters: the export timeout is now inclusive of all retries and backoffs. A +/-20% jitter was added to all backoffs. A pointless 32 second sleep that occurred after all retries had completed/failed was removed. (#4564).
  • Update ConsoleLogExporter.export to handle LogRecord's containing bytes type in the body (#4614).
  • opentelemetry-sdk: Fix invalid type: ignore that causes mypy to ignore the whole file (#4618)

... (truncated)

Commits
  • bc413fc [release/v1.37.x-0.58bx] Prepare release 1.37.0/0.58b0 (#4745)
  • 712ed5d OTEL attribute count limit not respected, causing columns dropped (#4677)
  • dd93fa7 infra: ignore pushes on otelbot branches (#4742)
  • 22d1fd1 Fix API LogRecord serialization (#4741)
  • d6c0441 Add credentials environment variables to let ChannelCredentials and `Sessio...
  • c71c4a4 Cache importlib_metadata.entry_points (#4735)
  • 64de448 Permit to override default OTLP HTTP exporter headers (#4634)
  • 0d9e1b4 semantic-conventions: bump to 1.37.0 (#4731)
  • 31289bd fix: make client.py runnable without CLI arguments (#4694)
  • 8bca97d Add experimental composite sampler (#4714)
  • Additional commits viewable in compare view

Updates opentelemetry-api from 1.28.2 to 1.37.0

Changelog

Sourced from opentelemetry-api's changelog.

Version 1.37.0/0.58b0 (2025-09-11)

  • Add experimental composite samplers (#4714)
  • Add new environment variables to the SDK OTEL_PYTHON_EXPORTER_OTLP_{HTTP/GRPC}_{METRICS/TRACES/LOGS}_CREDENTIAL_PROVIDER that can be used to inject a requests.Session or grpc.ChannelCredentials object into OTLP exporters created during auto instrumentation #4689.
  • Filter duplicate logs out of some internal logger's logs on the export logs path that might otherwise endlessly log or cause a recursion depth exceeded issue in cases where logging itself results in an exception. (#4695).
  • docs: linked the examples with their github source code location and added Prometheus example (#4728)
  • Permit to override default HTTP OTLP exporters headers (#4634)
  • semantic-conventions: Bump to 1.37.0 (#4731)
  • opentelemetry-sdk: fix handling of OTEL_ATTRIBUTE_COUNT_LIMIT in logs (#4677)
  • Performance: Cache importlib_metadata.entry_points (#4735)
  • opentelemetry-sdk: fix calling Logger.emit with an API LogRecord instance (#4741)

Version 1.36.0/0.57b0 (2025-07-29)

  • Add missing Prometheus exporter documentation (#4485)

  • Overwrite logging.config.fileConfig and logging.config.dictConfig to ensure the OTLP LogHandler remains attached to the root logger. Fix a bug that can cause a deadlock to occur over logging._lock in some cases (#4636).

  • otlp-http-exporter: set default value for param timeout_sec in _export method (#4691)

  • Update OTLP gRPC/HTTP exporters: calling shutdown will now interrupt exporters that are sleeping before a retry attempt, and cause them to return failure immediately. Update BatchSpan/LogRecordProcessors: shutdown will now complete after 30 seconds of trying to finish exporting any buffered telemetry, instead of continuing to export until all telemetry was exported. (#4638).

Version 1.35.0/0.56b0 (2025-07-11)

  • Update OTLP proto to v1.7 #4645.
  • Add event_name as a top level field in the LogRecord. Events are now simply logs with the event_name field set, the logs SDK should be used to emit events (#4652).
  • Update OTLP gRPC/HTTP exporters: the export timeout is now inclusive of all retries and backoffs. A +/-20% jitter was added to all backoffs. A pointless 32 second sleep that occurred after all retries had completed/failed was removed. (#4564).
  • Update ConsoleLogExporter.export to handle LogRecord's containing bytes type in the body (#4614).
  • opentelemetry-sdk: Fix invalid type: ignore that causes mypy to ignore the whole file (#4618)

... (truncated)

Commits
  • bc413fc [release/v1.37.x-0.58bx] Prepare release 1.37.0/0.58b0 (#4745)
  • 712ed5d OTEL attribute count limit not respected, causing columns dropped (#4677)
  • dd93fa7 infra: ignore pushes on otelbot branches (#4742)
  • 22d1fd1 Fix API LogRecord serialization (#4741)
  • d6c0441 Add credentials environment variables to let ChannelCredentials and `Sessio...
  • c71c4a4 Cache importlib_metadata.entry_points (#4735)
  • 64de448 Permit to override default OTLP HTTP exporter headers (#4634)
  • 0d9e1b4 semantic-conventions: bump to 1.37.0 (#4731)
  • 31289bd fix: make client.py runnable without CLI arguments (#4694)
  • 8bca97d Add experimental composite sampler (#4714)
  • Additional commits viewable in compare view

Updates opentelemetry-instrumentation-flask from 0.49b2 to 0.58b0

Changelog

Sourced from opentelemetry-instrumentation-flask's changelog.

Version 1.37.0/0.58b0 (2025-09-11)

Fixed

  • opentelemetry-instrumentation-fastapi: Fix middleware ordering to cover all exception handling use cases. (#3664)
  • opentelemetry-instrumentation-asgi: Make all user hooks failsafe and record exceptions in hooks. (#3664)
  • opentelemetry-instrumentation-fastapi: Fix memory leak in uninstrument_app() by properly removing apps from the tracking set (#3688)
  • opentelemetry-instrumentation-tornado Fix server (request) duration metric calculation (#3679)
  • opentelemetry-instrumentation-tornado: Fix to properly skip all server telemetry when URL excluded. (#3680)
  • opentelemetry-instrumentation: Avoid calls to context.detach with None token. (#3673)
  • opentelemetry-instrumentation-starlette/opentelemetry-instrumentation-fastapi: Fixes a crash when host-based routing is used (#3507)
  • Fix documentation order of sections and headers for Django, Flask, MySQL, mysqlclient, psycopg, psycopg2, pymysql, sqlalchemy instrumentations. (#3719)
  • opentelemetry-instrumentation-asgi Fixed an issue where FastAPI reports IP instead of URL. (#3670)
  • opentelemetry-instrumentation-httpx: fix missing metric response attributes when tracing is disabled (#3615)
  • opentelemetry-instrumentation-fastapi: Don't pass bounded server_request_hook when using FastAPIInstrumentor.instrument() (#3701)

Added

  • opentelemetry-instrumentation-confluent-kafka Add support for confluent-kafka <=2.11.0 (#3685)
  • opentelemetry-instrumentation-system-metrics: Add cpython.gc.collected_objects and cpython.gc.uncollectable_objects metrics (#3666)
  • opentelemetry-sdk-extension-aws Add AWS X-Ray Remote Sampler with initial Rules Poller implementation (#3366)
  • opentelemetry-instrumentation: add support for OTEL_PYTHON_AUTO_INSTRUMENTATION_EXPERIMENTAL_GEVENT_PATCH to inform opentelemetry-instrument about gevent monkeypatching (#3699)
  • opentelemetry-instrumentation: botocore: Add support for AWS Step Functions semantic convention attributes (#3737)
  • opentelemetry-instrumentation-botocore: Add support for SNS semantic convention attribute aws.sns.topic.arn (#3734)
  • opentelemetry-instrumentation: botocore: upgrade moto package from 5.0.9 to 5.1.11 (#3736)

Version 1.36.0/0.57b0 (2025-07-29)

Fixed

  • opentelemetry-instrumentation: Fix dependency conflict detection when instrumented packages are not installed by moving check back to before instrumentors are loaded. Add "instruments-any" feature for instrumentations that target multiple packages. (#3610)

... (truncated)

Commits

Updates opentelemetry-instrumentation-requests from 0.49b2 to 0.58b0

Changelog

Sourced from opentelemetry-instrumentation-requests's changelog.

Version 1.37.0/0.58b0 (2025-09-11)

Fixed

  • opentelemetry-instrumentation-fastapi: Fix middleware ordering to cover all exception handling use cases. (#3664)
  • opentelemetry-instrumentation-asgi: Make all user hooks failsafe and record exceptions in hooks. (#3664)
  • opentelemetry-instrumentation-fastapi: Fix memory leak in uninstrument_app() by properly removing apps from the tracking set (#3688)
  • opentelemetry-instrumentation-tornado Fix server (request) duration metric calculation (#3679)
  • opentelemetry-instrumentation-tornado: Fix to properly skip all server telemetry when URL excluded. (#3680)
  • opentelemetry-instrumentation: Avoid calls to context.detach with None token. (#3673)
  • opentelemetry-instrumentation-starlette/opentelemetry-instrumentation-fastapi: Fixes a crash when host-based routing is used (#3507)
  • Fix documentation order of sections and headers for Django, Flask, MySQL, mysqlclient, psycopg, psycopg2, pymysql, sqlalchemy instrumentations. (#3719)
  • opentelemetry-instrumentation-asgi Fixed an issue where FastAPI reports IP instead of URL. (#3670)
  • opentelemetry-instrumentation-httpx: fix missing metric response attributes when tracing is disabled (#3615)
  • opentelemetry-instrumentation-fastapi: Don't pass bounded server_request_hook when using FastAPIInstrumentor.instrument() (#3701)

Added

  • opentelemetry-instrumentation-confluent-kafka Add support for confluent-kafka <=2.11.0 (#3685)
  • opentelemetry-instrumentation-system-metrics: Add cpython.gc.collected_objects and cpython.gc.uncollectable_objects metrics (#3666)
  • opentelemetry-sdk-extension-aws Add AWS X-Ray Remote Sampler with initial Rules Poller implementation (#3366)
  • opentelemetry-instrumentation: add support for OTEL_PYTHON_AUTO_INSTRUMENTATION_EXPERIMENTAL_GEVENT_PATCH to inform opentelemetry-instrument about gevent monkeypatching (#3699)
  • opentelemetry-instrumentation: botocore: Add support for AWS Step Functions semantic convention attributes (#3737)
  • opentelemetry-instrumentation-botocore: Add support for SNS semantic convention attribute aws.sns.topic.arn (#3734)
  • opentelemetry-instrumentation: botocore: upgrade moto package from 5.0.9 to 5.1.11 (#3736)

Version 1.36.0/0.57b0 (2025-07-29)

Fixed

  • opentelemetry-instrumentation: Fix dependency conflict detection when instrumented packages are not installed by moving check back to before instrumentors are loaded. Add "instruments-any" feature for instrumentations that target multiple packages. (#3610)

... (truncated)

Commits

Updates opentelemetry-instrumentation-botocore from 0.49b2 to 0.58b0

Changelog

Sourced from opentelemetry-instrumentation-botocore's changelog.

Version 1.37.0/0.58b0 (2025-09-11)

Fixed

  • opentelemetry-instrumentation-fastapi: Fix middleware ordering to cover all exception handling use cases. (#3664)
  • opentelemetry-instrumentation-asgi: Make all user hooks failsafe and record exceptions in hooks. (#3664)
  • opentelemetry-instrumentation-fastapi: Fix memory leak in uninstrument_app() by properly removing apps from the tracking set (#3688)
  • opentelemetry-instrumentation-tornado Fix server (request) duration metric calculation (#3679)
  • opentelemetry-instrumentation-tornado: Fix to properly skip all server telemetry when URL excluded. (#3680)
  • opentelemetry-instrumentation: Avoid calls to context.detach with None token. (#3673)
  • opentelemetry-instrumentation-starlette/opentelemetry-instrumentation-fastapi: Fixes a crash when host-based routing is used (#3507)
  • Fix documentation order of sections and headers for Django, Flask, MySQL, mysqlclient, psycopg, psycopg2, pymysql, sqlalchemy instrumentations. (#3719)
  • opentelemetry-instrumentation-asgi Fixed an issue where FastAPI reports IP instead of URL. (#3670)
  • opentelemetry-instrumentation-httpx: fix missing metric response attributes when tracing is disabled (#3615)
  • opentelemetry-instrumentation-fastapi: Don't pass bounded server_request_hook when using FastAPIInstrumentor.instrument() (#3701)

Added

  • opentelemetry-instrumentation-confluent-kafka Add support for confluent-kafka <=2.11.0 (#3685)
  • opentelemetry-instrumentation-system-metrics: Add cpython.gc.collected_objects and cpython.gc.uncollectable_objects metrics (#3666)
  • opentelemetry-sdk-extension-aws Add AWS X-Ray Remote Sampler with initial Rules Poller implementation (#3366)
  • opentelemetry-instrumentation: add support for OTEL_PYTHON_AUTO_INSTRUMENTATION_EXPERIMENTAL_GEVENT_PATCH to inform opentelemetry-instrument about gevent monkeypatching (#3699)
  • opentelemetry-instrumentation: botocore: Add support for AWS Step Functions semantic convention attributes (#3737)
  • opentelemetry-instrumentation-botocore: Add support for SNS semantic convention attribute aws.sns.topic.arn (#3734)
  • opentelemetry-instrumentation: botocore: upgrade moto package from 5.0.9 to 5.1.11 (#3736)

Version 1.36.0/0.57b0 (2025-07-29)

Fixed

  • opentelemetry-instrumentation: Fix dependency conflict detection when instrumented packages are not installed by moving check back to before instrumentors are loaded. Add "instruments-any" feature for instrumentations that target multiple packages. (#3610)

... (truncated)

Commits

Updates opentelemetry-sdk-extension-aws from 2.0.2 to 2.1.0

Release notes

Sourced from opentelemetry-sdk-extension-aws's releases.

opentelemetry-sdk-extension-aws 2.1.0

  • Make ec2 resource detector silent when loaded outside AWS (#3120)
  • Make ecs and beanstalk resource detector silent when loaded outside AWS (#3076)
  • Make EKS resource detector don't warn when not running in EKS (#3074)
Commits

Updates protobuf from 5.28.3 to 6.32.1

Commits

Updates pyyaml from 6.0.2 to 6.0.3

Release notes

Sourced from pyyaml's releases.

6.0.3

What's Changed

  • Support for Python 3.14 and free-threading (experimental).

Full Changelog: yaml/pyyaml@6.0.2...6.0.3

Changelog

Sourced from pyyaml's changelog.

6.0.3 (2025-09-25)

  • yaml/pyyaml#864 -- Support for Python 3.14 and free-threading (experimental)
Commits

Updates requests from 2.32.3 to 2.32.5

Release notes

Sourced from requests's releases.

v2.32.5

2.32.5 (2025-08-18)

Bugfixes

  • The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

  • Added support for Python 3.14.
  • Dropped support for Python 3.8 following its end of support.

v2.32.4

2.32.4 (2025-06-10)

Security

  • CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file. (#6965)

Improvements

  • Numerous documentation improvements

Deprecations

  • Added support for pypy 3.11 for Linux and macOS. (#6926)
  • Dropped support for pypy 3.9 following its end of support. (#6926)
Changelog

Sourced from requests's changelog.

2.32.5 (2025-08-18)

Bugfixes

  • The SSLContext caching feature originally introduced in 2.32.0 has created a new class of issues in Requests that have had negative impact across a number of use cases. The Requests team has decided to revert this feature as long term maintenance of it is proving to be unsustainable in its current iteration.

Deprecations

  • Added support for Python 3.14.
  • Dropped support for Python 3.8 following its end of support.

2.32.4 (2025-06-10)

Security

  • CVE-2024-47081 Fixed an issue where a maliciously crafted URL and trusted environment will retrieve credentials for the wrong hostname/machine from a netrc file.

Improvements

  • Numerous documentation improvements

Deprecations

  • Added support for pypy 3.11 for Linux and macOS.
  • Dropped support for pypy 3.9 following its end of support.
Commits
  • b25c87d v2.32.5
  • 131e506 Merge pull request #7010 from psf/dependabot/github_actions/actions/checkout-...
  • b336cb2 Bump actions/checkout from 4.2.0 to 5.0.0
  • 46e939b Update publish workflow to use artifact-id instead of name
  • 4b9c546 Merge pull request #6999 from psf/dependabot/github_actions/step-security/har...
  • 7618dbe Bump step-security/harden-runner from 2.12.0 to 2.13.0
  • 2edca11 Add support for Python 3.14 and drop support for Python 3.8 (#6993)
  • fec96cd Update Makefile rules (#6996)
  • d58d8aa docs: clarify timeout parameter uses seconds in Session.request (#6994)
  • 91a3eab Bump github/codeql-action from 3.28.5 to 3.29.0
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the python-auto-sample-app-deps group across 1 directory with 11…
f2a4044 
… updates

Bumps the python-auto-sample-app-deps group with 11 updates in the /sample-apps/python-auto-instrumentation-sample-app directory:

| Package | From | To |
| --- | --- | --- |
| [boto3](https://github.com/boto/boto3) | `1.35.64` | `1.40.41` |
| [opentelemetry-distro](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.49b2` | `0.58b0` |
| [opentelemetry-exporter-otlp](https://github.com/open-telemetry/opentelemetry-python) | `1.28.2` | `1.37.0` |
| [opentelemetry-api](https://github.com/open-telemetry/opentelemetry-python) | `1.28.2` | `1.37.0` |
| [opentelemetry-instrumentation-flask](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.49b2` | `0.58b0` |
| [opentelemetry-instrumentation-requests](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.49b2` | `0.58b0` |
| [opentelemetry-instrumentation-botocore](https://github.com/open-telemetry/opentelemetry-python-contrib) | `0.49b2` | `0.58b0` |
| [opentelemetry-sdk-extension-aws](https://github.com/open-telemetry/opentelemetry-python-contrib) | `2.0.2` | `2.1.0` |
| [protobuf](https://github.com/protocolbuffers/protobuf) | `5.28.3` | `6.32.1` |
| [pyyaml](https://github.com/yaml/pyyaml) | `6.0.2` | `6.0.3` |
| [requests](https://github.com/psf/requests) | `2.32.3` | `2.32.5` |



Updates `boto3` from 1.35.64 to 1.40.41
- [Release notes](https://github.com/boto/boto3/releases)
- [Commits](boto/boto3@1.35.64...1.40.41)

Updates `opentelemetry-distro` from 0.49b2 to 0.58b0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python-contrib/commits)

Updates `opentelemetry-exporter-otlp` from 1.28.2 to 1.37.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-python@v1.28.2...v1.37.0)

Updates `opentelemetry-api` from 1.28.2 to 1.37.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python/blob/main/CHANGELOG.md)
- [Commits](open-telemetry/opentelemetry-python@v1.28.2...v1.37.0)

Updates `opentelemetry-instrumentation-flask` from 0.49b2 to 0.58b0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python-contrib/commits)

Updates `opentelemetry-instrumentation-requests` from 0.49b2 to 0.58b0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python-contrib/commits)

Updates `opentelemetry-instrumentation-botocore` from 0.49b2 to 0.58b0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python-contrib/commits)

Updates `opentelemetry-sdk-extension-aws` from 2.0.2 to 2.1.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-python-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-python-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-python-contrib/commits/opentelemetry-sdk-extension-aws==2.1.0)

Updates `protobuf` from 5.28.3 to 6.32.1
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

Updates `pyyaml` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/yaml/pyyaml/releases)
- [Changelog](https://github.com/yaml/pyyaml/blob/6.0.3/CHANGES)
- [Commits](yaml/pyyaml@6.0.2...6.0.3)

Updates `requests` from 2.32.3 to 2.32.5
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.32.3...v2.32.5)

---
updated-dependencies:
- dependency-name: boto3
  dependency-version: 1.40.41
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-auto-sample-app-deps
- dependency-name: opentelemetry-distro
  dependency-version: 0.58b0
  dependency-type: direct:production
  dependency-group: python-auto-sample-app-deps
- dependency-name: opentelemetry-exporter-otlp
  dependency-version: 1.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-auto-sample-app-deps
- dependency-name: opentelemetry-api
  dependency-version: 1.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-auto-sample-app-deps
- dependency-name: opentelemetry-instrumentation-flask
  dependency-version: 0.58b0
  dependency-type: direct:production
  dependency-group: python-auto-sample-app-deps
- dependency-name: opentelemetry-instrumentation-requests
  dependency-version: 0.58b0
  dependency-type: direct:production
  dependency-group: python-auto-sample-app-deps
- dependency-name: opentelemetry-instrumentation-botocore
  dependency-version: 0.58b0
  dependency-type: direct:production
  dependency-group: python-auto-sample-app-deps
- dependency-name: opentelemetry-sdk-extension-aws
  dependency-version: 2.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: python-auto-sample-app-deps
- dependency-name: protobuf
  dependency-version: 6.32.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: python-auto-sample-app-deps
- dependency-name: pyyaml
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-auto-sample-app-deps
- dependency-name: requests
  dependency-version: 2.32.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: python-auto-sample-app-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Python SDK related issues labels Sep 30, 2025
@dependabot dependabot bot requested a review from a team as a code owner September 30, 2025 17:02
@dependabot dependabot bot added python Python SDK related issues dependencies Pull requests that update a dependency file labels Sep 30, 2025
@github-actions github-actions bot added the InstrumentationSampleApp Issues and PRs related to instrumentation sample apps label Sep 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file InstrumentationSampleApp Issues and PRs related to instrumentation sample apps python Python SDK related issues

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants