fix(deps): bump the gomod-group group with 3 updates

[dependabot]

Bumps the gomod-group group with 3 updates: github.com/fsnotify/fsnotify, go.opentelemetry.io/collector/pdata and google.golang.org/grpc.

Updates github.com/fsnotify/fsnotify from 1.9.0 to 1.10.1

Release notes

Sourced from github.com/fsnotify/fsnotify's releases.

v1.10.1

Changes and fixes

• inotify: don't remove sibling watches sharing a path prefix (#754)

• inotify, windows: don't rename sibling watches sharing a path prefix (#755)

#754: fsnotify/fsnotify#754 #755: fsnotify/fsnotify#755

v1.10.0

This version of fsnotify needs Go 1.23.

Changes and fixes

• inotify: improve initialization error message (#731)

• inotify: send Rename event if recursive watch is renamed (#696)

• inotify: avoid copying event buffers when reading names (#741)

• kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#748)

• kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#740)

• windows: fix nil pointer dereference in remWatch (#736)

• windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#709, #749)

#696: fsnotify/fsnotify#696 #709: fsnotify/fsnotify#709 #731: fsnotify/fsnotify#731 #736: fsnotify/fsnotify#736 #740: fsnotify/fsnotify#740 #741: fsnotify/fsnotify#741 #748: fsnotify/fsnotify#748 #749: fsnotify/fsnotify#749

Changelog

Sourced from github.com/fsnotify/fsnotify's changelog.

1.10.1 2026-05-04

Changes and fixes

• inotify: don't remove sibling watches sharing a path prefix (#754)

• inotify, windows: don't rename sibling watches sharing a path prefix (#755)

#754: fsnotify/fsnotify#754 #755: fsnotify/fsnotify#755

1.10.0 2026-04-30

This version of fsnotify needs Go 1.23.

Changes and fixes

• inotify: improve initialization error message (#731)

• inotify: send Rename event if recursive watch is renamed (#696)

• inotify: avoid copying event buffers when reading names (#741)

• kqueue: skip dangling symlinks (ENOENT) in watchDirectoryFiles, so a bad entry no longer aborts Watcher.Add for the whole directory (#748)

• kqueue: drop watches directly in Close() to fix a file descriptor leak when recycling watchers (#740)

• windows: fix nil pointer dereference in remWatch (#736)

• windows: lock watch field updates against concurrent WatchList to fix a race introduced in v1.9.0 (#709, #749)

#696: fsnotify/fsnotify#696 #709: fsnotify/fsnotify#709 #731: fsnotify/fsnotify#731 #736: fsnotify/fsnotify#736 #740: fsnotify/fsnotify#740 #741: fsnotify/fsnotify#741 #748: fsnotify/fsnotify#748 #749: fsnotify/fsnotify#749

Commits

• 76b01a6 Release 1.10.1
• fec150b Update changelog
• 162b421 inotify, windows: don't rename sibling watches sharing a path prefix (#755)
• 224257f inotify: don't remove sibling watches sharing a path prefix (#754)
• e0c956c windows: document directory Write events and stabilize tests (#745)
• 8d01d7b Release 1.10.0
• 602284e Update changelog
• 7f03e59 kqueue: skip ENOENT entries in watchDirectoryFiles (#748)
• dab9dde windows: lock watch field updates against concurrent WatchList (#709) (#749)
• eadf267 kqueue: drop watches directly in Close() instead of going through remove() (#...
• Additional commits viewable in compare view

Updates go.opentelemetry.io/collector/pdata from 1.56.0 to 1.57.0

Release notes

Sourced from go.opentelemetry.io/collector/pdata's releases.

v1.57.0/v0.151.0

Images and binaries here: https://github.com/open-telemetry/opentelemetry-collector-releases/releases/tag/v0.151.0

End User Changelog

🛑 Breaking changes 🛑

• cmd/builder: In the generated Collector source, the replace statements in the Go module will now use relative paths by default. (#15097) We expect that this will not break existing use-cases where the generated collector is only used in an interim manner for builds. It enables the possibility of tracking the generated Collector code as a longer living artifact, allowing it to be run on any machine (whereas absolute paths will be different depending on the machine the Collector source is generated on.) We have added dist::use_absolute_replace_paths to go back to the absolute path behaviour in the case where there is an unforeseen use-case that requires absolute paths.

• pkg/confighttp: Stabilize framedSnappy feature gate. (#15096)

💡 Enhancements 💡

• all: Add declarative schema support for service telemetry resource configuration. (#14411) The service::telemetry::resource configuration now accepts the declarative schema with explicit name/value pairs:

  service:
    telemetry:
      resource:
        schema_url: https://opentelemetry.io/schemas/1.38.0
        attributes:
          - name: service.name
            value: my-collector
          - name: host.name
            value: collector-host

  The legacy inline attribute map format is still supported for backward compatibility:

  service:
    telemetry:
      resource:
        service.name: my-collector
        host.name: collector-host

  Note: resource.detectors is accepted for forward compatibility but is not yet applied by the collector.

• exporter/otlp_grpc: Added the server.address and url.path attributes to metrics generated by the otlp exporter. (#14998)

• exporter/otlp_http: Added the server.address and url.path attributes to metrics generated by the otlp_http exporter. (#14998)

• pkg/config/configgrpc: Add UserAgent field to ClientConfig to allow overriding the default gRPC user-agent string. (#14686) The otlp gRPC exporter was unconditionally setting the User-Agent via grpc.WithUserAgent() at dial time, which takes precedence over per-call metadata, causing any user-configured User-Agent to be silently discarded. A dedicated UserAgent field has been added to ClientConfig which, when set, is used in the dial option directly instead of the default BuildInfo-derived string.

• pkg/config/configgrpc: Accept gRPC resolver scheme URIs in client endpoint (e.g. passthrough:///host:port) to allow control over name resolution (#14990) After the migration to grpc.NewClient, some gRPC client components such as the OTLP

... (truncated)

Changelog

Sourced from go.opentelemetry.io/collector/pdata's changelog.

v1.57.0/v0.151.0

🛑 Breaking changes 🛑

• receiver/otlp: Config.Protocols is now a named field instead of an anonymous embedded field. (#15178) Access to cfg.GRPC and cfg.HTTP must be updated to cfg.Protocols.GRPC and cfg.Protocols.HTTP.

🚩 Deprecations 🚩

• cmd/mdatagen: The DefaultMetricsBuilderConfig function is deprecated. Use NewDefaultMetricsBuilderConfig instead. (#15165) The generated DefaultMetricsBuilderConfig function has been renamed to NewDefaultMetricsBuilderConfig to follow Go naming conventions. The old function is kept as a deprecated wrapper and will be removed in a future release.

💡 Enhancements 💡

• cmd/mdatagen: Handle default values for configuration fields in generated code in mdatagen. (#14560)

• cmd/mdatagen: Add opt-in override_value support for resource_attributes config via override_value_enabled flag (#15109) Components can opt in by setting override_value_enabled: true in their metadata.yaml. When enabled, per-attribute config types are generated with typed override_value fields that let users override resource attribute values in the collector configuration. Components without the flag continue to use the shared ResourceAttributeConfig type.

• cmd/mdatagen: Extend mdatagen config code generation to correctly handle default values for allOf embedded references (#14560)

• cmd/mdatagen: Handle string validators in generated config structs (#14807) Supported validators include minLength, maxLength and pattern.

• pkg/config/configgrpc: Add a DefaultBalancerName constant for the name of the default load balancer (#15139) This replaces the BalancerName function.

• pkg/config/configgrpc: Accept gRPC resolver scheme URIs in client endpoint (e.g. passthrough:///host:port) to allow control over name resolution (#14990) After the migration to grpc.NewClient, some gRPC client components such as the OTLP exporter experienced connection issues in dual-stack DNS environments. This can now be fixed by using the passthrough:/// gRPC resolver scheme in the endpoint field.

• pkg/exporterhelper: Added the WithAttrs option to allow custom attributes on exporter metrics (#14998)

🧰 Bug fixes 🧰

• cmd/mdatagen: Fix a bug in mdatagen where the allOf field was not being properly handled, resulting in incorrect generation of data models. (#15153)

• pkg/otelcol: Synchronize Collector Run and Shutdown lifecycles so that Shutdown blocks until Run completes all cleanup. (#4947) Shutdown now blocks until Run finishes cleanup, matching http.Server semantics. If Shutdown is called before Run, the next Run call returns nil after cleaning up the config provider.

• pkg/pdata: Use pool-aware constructors in gRPC service handlers so top-level request structs participate in the sync.Pool lifecycle. (#14763) The gRPC service handlers for all signal types allocated the top-level ExportXxxServiceRequest with bare new(), bypassing the sync.Pool when pdata.useProtoPooling is enabled. This caused objects returned to the pool via Delete to never be retrieved. The handlers now use the pool-aware New*() constructors.

... (truncated)

Commits

• ec10822 [chore] Prepare release v1.57.0/v0.151.0 (#15219)
• 3fa9b11 Update module github.com/golang/snappy to v1 (#15209)
• 0d4b2f7 Update github-actions deps (#15204)
• 00864cf Update actions/create-github-app-token action to v3 (#15208)
• 261c6b9 Update module go.uber.org/zap to v1.28.0 (#15206)
• 9010b74 Update module github.com/klauspost/compress to v1.18.5 (#15205)
• baaca9a Update module golang.org/x/vuln to v1.3.0 (#15207)
• d090017 [chore] Remove go-grpc-compression dependency (#15201)
• efde8a2 Support npipe transport in confignet (#14985)
• f1f655b Add override_value to mdatagen (#15112)
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.80.0 to 1.81.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.81.0

Behavior Changes

• balancer/rls: Switch gauge metrics to asynchronous emission (once per collection cycle) to reduce telemetry noise and align with other gRPC language implementations. (#8808)

Dependencies

• Minimum supported Go version is now 1.25. (#8969)

Bug Fixes

• xds: Use the leaf cluster's security config for the TLS handshake instead of the aggregate cluster's config. (#8956)
• transport: Send a RST_STREAM when receiving an END_STREAM when the stream is not already half-closed. (#8832)
• xds: Fix ADS resource name validation to prevent a panic. (#8970)

New Features

• grpc/stats: Add support for custom labels in per-call metrics (gRFC A108). (#9008)
• xds: Add support for Server Name Indication (SNI) and SAN validation (gRFC A101). Disabled by default. To enable, set GRPC_EXPERIMENTAL_XDS_SNI=true environment variable. (#9016)
• xds: Add support to control which fields get propagated from ORCA backend metric reports to LRS load reports (gRFC A85). Disabled by default. To enable, set GRPC_EXPERIMENTAL_XDS_ORCA_LRS_PROPAGATION=true. (#9005)
• xds: Add metrics to track xDS client connectivity and cached resource state (gRFC A78). (#8807)
• stats/otel: Enhance grpc.subchannel.disconnections metric by adding disconnection reason to the grpc.disconnect_error label (gRFC A94). This provides granular insights into why subchannels are closing. (#8973)
• mem: Add mem.Buffer.Slice() API to slice the buffer like a slice. (#8977)
  • Special Thanks: @​ash2k

Performance Improvements

• alts: Pool read buffers to lower memory utilization when sockets are unreadable. (#8964)
• transport: Pool HTTP/2 framer read buffers to reduce idle memory consumption. Currently limited to Linux for ALTS and non-encrypted transports (TCP, Unix). To disable, set GRPC_GO_EXPERIMENTAL_HTTP_FRAMER_READ_BUFFER_POOLING=false and report any issues. (#9032)

Commits

• cb18228 Change version to 1.81.0 (#9062)
• 96748f9 Cherry-pick #9105 to 1.81.x (#9106)
• 9183222 Cherry pick #9055, #9032 to v1.81.x (#9095)
• 5cba6da Revert "deps: update dependencies for all modules (#9065)" (#9067)
• af8a936 deps: update dependencies for all modules (#9065)
• cdc60df transport: optimize heap allocations in ready reader and update syscall conne...
• 208d053 xds/resolver: pass complete XDSConfig in RPC context for HTTP filters (gRFC A...
• 50fe1cc test: Fix flaky test TestServerStreaming_ClientCallRecvMsgTwice in `end2end...
• d574bad build(deps): bump go.opentelemetry.io/otel/sdk from 1.42.0 to 1.43.0 (#9050)
• b8bf4d0 build(deps): bump go.opentelemetry.io/otel/sdk from 1.42.0 to 1.43.0 in /inte...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions