fix(deps): update rust crate opentelemetry_sdk to 0.32#209
fix(deps): update rust crate opentelemetry_sdk to 0.32#209renovate[bot] wants to merge 1 commit into
Conversation
![doubleword-code[bot]](https://avatars.githubusercontent.com/in/3610877?s=60&v=4){kind=small}
There was a problem hiding this comment.
Summary
This PR updates opentelemetry_sdk from version 0.31 to 0.32, but does so in isolation without updating the rest of the OpenTelemetry ecosystem dependencies. This creates a dependency version conflict that needs to be addressed before merging.
Verdict: Needs changes — The update is incomplete and introduces version incompatibilities.
Research notes
- Fetched OpenTelemetry Rust 0.32 release notes — confirms intentional breaking changes in the tracing SDK
- Fetched docs.rs for tracing-opentelemetry 0.33.0 — shows it depends on
opentelemetry ^0.32.0 - Fetched docs.rs for opentelemetry_sdk 0.32.1 — confirms it depends on
opentelemetry ^0.32
Suggested next steps
-
Update all OpenTelemetry crates together to avoid version conflicts:
- Change
opentelemetry = "0.31.0"→opentelemetry = "0.32" - Keep
opentelemetry_sdk = { version = "0.32", features = ["rt-tokio"] } - Change
opentelemetry-otlp = { version = "0.31", ... }→opentelemetry-otlp = { version = "0.32", ... } - Change
tracing-opentelemetry = "0.32.1"→tracing-opentelemetry = "0.33"
- Change
-
Verify the code compiles after the coordinated update — the breaking changes in 0.32 may require code adjustments in
src/telemetry.rs. -
Run tests to ensure the telemetry initialization and OTLP export still work correctly.
General findings
Dependency version conflict (Blocking)
The current state of the PR results in two different major versions of the opentelemetry crate being pulled into the dependency tree:
opentelemetry 0.31.0— used byonwards,tracing-opentelemetry 0.32.1,opentelemetry-otlp 0.31opentelemetry 0.32.0— used byopentelemetry_sdk 0.32.1
This happens because opentelemetry_sdk 0.32 declares a dependency on opentelemetry ^0.32, while the project explicitly pins opentelemetry = "0.31.0". Cargo resolves this by including both versions.
Having two major versions of the same library can cause type incompatibilities since traits like TracerProvider from different versions are distinct types. The code in src/telemetry.rs imports from both opentelemetry and opentelemetry_sdk, making it susceptible to these conflicts.
See the Cargo.lock diff showing both versions present:
- Line with
opentelemetry 0.31.0dependencies - New entry for
opentelemetry 0.32.0andopentelemetry_sdk 0.32.1depending on it
| @@ -60,7 +60,7 @@ tracing = "0.1.41" | |||
| tracing-opentelemetry = "0.32.1" | |||
| tracing-subscriber = { version = "0.3.18", features = ["env-filter", "registry"] } | |||
| opentelemetry = "0.31.0" | |||
There was a problem hiding this comment.
Blocking: This line pins opentelemetry to version 0.31.0, but opentelemetry_sdk 0.32 (updated on line 63) depends on opentelemetry ^0.32. This creates a dependency version conflict where Cargo will pull in BOTH opentelemetry 0.31.0 AND opentelemetry 0.32.0 simultaneously.
Why it matters: Types and traits from different major versions of opentelemetry are NOT compatible. The code in src/telemetry.rs uses opentelemetry::trace::TracerProvider alongside opentelemetry_sdk::trace::SdkTracerProvider, which can lead to type mismatches and compilation errors.
Suggested fix: Update this to opentelemetry = "0.32" to match the opentelemetry_sdk version, and also update tracing-opentelemetry to 0.33 and opentelemetry-otlp to 0.32 for consistency.
| @@ -60,7 +60,7 @@ tracing = "0.1.41" | |||
| tracing-opentelemetry = "0.32.1" | |||
There was a problem hiding this comment.
Blocking: This version (0.32.1) depends on opentelemetry 0.31.x, but you're updating opentelemetry_sdk to 0.32 which requires opentelemetry 0.32.x. Per docs.rs, tracing-opentelemetry 0.33.0 depends on opentelemetry ^0.32.0.
Why it matters: Keeping this at 0.32.1 while updating opentelemetry_sdk to 0.32 contributes to the dual-version problem where both opentelemetry 0.31 and opentelemetry 0.32 end up in the dependency tree.
Suggested fix: Update to tracing-opentelemetry = "0.33" to align with the opentelemetry 0.32 ecosystem.
| opentelemetry = "0.31.0" | ||
| opentelemetry_sdk = { version = "0.31", features = ["rt-tokio"] } | ||
| opentelemetry_sdk = { version = "0.32", features = ["rt-tokio"] } | ||
| opentelemetry-otlp = { version = "0.31", default-features = false, features = ["http-proto", "reqwest-blocking-client", "reqwest-rustls"] } |
There was a problem hiding this comment.
Blocking: This version (0.31) depends on opentelemetry 0.31.x and opentelemetry_sdk 0.31.x, creating another source of version conflict when opentelemetry_sdk is updated to 0.32.
Why it matters: The src/telemetry.rs file uses opentelemetry_otlp::{Protocol, WithExportConfig, WithHttpConfig} to build the OTLP exporter. Having mismatched versions between opentelemetry-otlp and opentelemetry_sdk can cause API incompatibilities.
Suggested fix: Update to opentelemetry-otlp = { version = "0.32", default-features = false, features = ["http-proto", "reqwest-blocking-client", "reqwest-rustls"] }. Verify that the feature flags remain valid in version 0.32.
This PR contains the following updates:
0.31→0.32Configuration
📅 Schedule: (UTC)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.