build(deps): bump the opentelemetry-deps-java group across 1 directory with 3 updates

[dependabot]

Bumps the opentelemetry-deps-java group with 3 updates in the /java directory: io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom-alpha, io.opentelemetry.javaagent:opentelemetry-javaagent and io.opentelemetry.contrib:opentelemetry-aws-resources.

Updates io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom-alpha from 2.24.0-alpha to 2.25.0-alpha

Release notes

Sourced from io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom-alpha's releases.

Version 2.24.0

This release targets the OpenTelemetry SDK 1.58.0.

Note that many artifacts have the -alpha suffix attached to their version number, reflecting that they are still alpha quality and will continue to have breaking changes. Please see the VERSIONING.md for more details.

⚠️ Breaking Changes

• Remove support for previously deprecated property otel.instrumentation.logback-appender.experimental.capture-logstash-attributes (#15722)
• Remove deprecated methods from HTTP library instrumentations (#15802)

🚫 Deprecations

• JMX Metrics: Deprecated addClassPathRules and addCustomRules methods in JmxTelemetryBuilder, and moved non-public classes to an internal package (#15658)
• Deprecated setMessagingReceiveInstrumentationEnabled in favor of setMessagingReceiveTelemetryEnabled to match config property name (#15668)
• Deprecated database client attribute getter methods getDbSystem() and getResponseStatus() in favor of getDbSystemName() and getResponseStatusCode() to align with stable semantic conventions (#15696)
• Deprecated setCapturedRequestParameters() in Servlet library instrumentation in favor of Experimental.setCapturedRequestParameters() as request parameter capture is experimental (#15826)
• Deprecated getHttpClient(), setHttpClientTransport(), and setSslContextFactory() in Jetty client instrumentation in favor of new builder-style methods newHttpClient(), newHttpClient(SslContextFactory), and newHttpClient(HttpClientTransport, SslContextFactory) (#15827)
• Deprecate Netty experimental method that is still in public API (#15828)
• Deprecated newHttpClient() in favor of wrap() in Java HTTP Client instrumentation for consistency with naming conventions across library instrumentations (#15829)
• Deprecated new* methods in favor of create* methods across multiple instrumentation libraries for consistency (e.g., newHttpClient() → createHttpClient(), newInterceptor() → createInterceptor()) (#15832)
• Deprecated methods in SqlStatementInfo and MultiQuery in favor of methods using stable semantic convention terminology: getFullStatement() → getQueryText(), getOperation() → getOperationName(), and getStatements() → getQueryTexts() (#15833)
• Deprecated database getter methods in favor of methods using stable semantic convention terminology: getResponseStatusCode() → getDbResponseStatusCode(), getBatchSize() → getDbOperationBatchSize(), and getQueryParameters() → getDbQueryParameters() (#15859)

📈 Enhancements

• Spring Boot starter: add support for otel.instrumentation.logback-appender.experimental.capture-template (#15649)
• Spring Boot Starter: Support Spring Boot 4 RestClient (#15684)
• Improve support for experimental declarative configuration (#15656, #15688, #15697, #15698, #15704, #15707, #15713, #15714, #15722, #15727, #15732, #15733, #15734, #15735, #15740, #15741, #15742, #15752, #15756, #15787, #15791, #15792, #15841, #15856)
• AWS Bedrock: support model IDs with regional prefixes (e.g., us., global.) for inference profiles (#15751)
• Redis: Improve sanitization for ACL command (#15797)
• Ktor and Netty library instrumentations: Add setSpanNameExtractorCustomizer (#15825)
• Support more of stable database semconv under opt-in flag (#15836, #15854)
• Move SpanStatusExtractor.extract() before OperationListener.onEnd() in Instrumenter (#15844)

🛠️ Bug fixes

• Servlet library instrumentation: fix capturing enduser.id (#15858)
• Fix agent startup failing on read-only filesystem (#15682)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​breedx-splk @​brunobat @​copilot-pull-request-reviewer @​gaeljw @​igreenfield @​jack-berg @​jaydeluca

... (truncated)

Changelog

Sourced from io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom-alpha's changelog.

Changelog

Unreleased

Version 2.25.0 (2026-02-13)

⚠️ Breaking changes to non-stable APIs

• Make Netty 4.1 library public API self-contained (#15981)
• Remove previously deprecated methods (#15892, #15929, #15943, #15944, #15945)

🚫 Deprecations

• Deprecated getDelegate(), request(), channel(), remoteAddress() in HTTP client request wrapper classes in favor of getRequest(), getChannel(), getRemoteAddress() for consistency (#15942)
• Deprecated NettyClientTelemetry.setChannelContext() in favor of setParentContext() (#16010)
• Deprecated new* methods in favor of create* methods in Armeria and Jetty client instrumentation (e.g., newDecorator() → createDecorator(), newHttpClient() → createHttpClient()) (#16009)
• Deprecated NettyServerTelemetry.createResponseHandler() and createCombinedHandler() overloads that expose internal classes (#16011)
• Deprecated RatpackServerTelemetry.getHandler(), getExecInterceptor(), and getExecInitializer() in favor of createHandler(), createExecInterceptor(), and createExecInitializer() (#16013)
• Deprecated setPeerService() in HTTP, gRPC, Dubbo, and Armeria instrumentation builders in favor of addAttributesExtractor() (#16059)
• Deprecated RpcAttributesGetter.getMethod() in favor of getRpcMethod() to support stable RPC semantic conventions (#16121)
• Deprecated PeerServiceResolver, PeerServiceAttributesExtractor, and HttpClientPeerServiceAttributesExtractor in favor of renamed classes ServicePeerResolver, ServicePeerAttributesExtractor, and HttpClientServicePeerAttributesExtractor (#16071)
• Deprecated setStatementSanitizationEnabled() in favor of setQuerySanitizationEnabled() across database instrumentation builders (Cassandra, JDBC, Lettuce, Mongo, R2DBC) (#16133)
• Deprecated individual runtime metric classes (Classes, Cpu, GarbageCollector, MemoryPools, Threads) in favor of RuntimeMetrics

... (truncated)

Commits

• See full diff in compare view

Updates io.opentelemetry.javaagent:opentelemetry-javaagent from 2.24.0 to 2.25.0

Release notes

Sourced from io.opentelemetry.javaagent:opentelemetry-javaagent's releases.

Version 2.25.0

This release targets the OpenTelemetry SDK 1.59.0.

Note that many artifacts have the -alpha suffix attached to their version number, reflecting that they are still alpha quality and will continue to have breaking changes. Please see the VERSIONING.md for more details.

⚠️ Breaking changes to non-stable APIs

• Make Netty 4.1 library public API self-contained (#15981)
• Remove previously deprecated methods (#15892, #15929, #15943, #15944, #15945)

🚫 Deprecations

• Deprecated getDelegate(), request(), channel(), remoteAddress() in HTTP client request wrapper classes in favor of getRequest(), getChannel(), getRemoteAddress() for consistency (#15942)
• Deprecated NettyClientTelemetry.setChannelContext() in favor of setParentContext() (#16010)
• Deprecated new* methods in favor of create* methods in Armeria and Jetty client instrumentation (e.g., newDecorator() → createDecorator(), newHttpClient() → createHttpClient()) (#16009)
• Deprecated NettyServerTelemetry.createResponseHandler() and createCombinedHandler() overloads that expose internal classes (#16011)
• Deprecated RatpackServerTelemetry.getHandler(), getExecInterceptor(), and getExecInitializer() in favor of createHandler(), createExecInterceptor(), and createExecInitializer() (#16013)
• Deprecated setPeerService() in HTTP, gRPC, Dubbo, and Armeria instrumentation builders in favor of addAttributesExtractor() (#16059)
• Deprecated RpcAttributesGetter.getMethod() in favor of getRpcMethod() to support stable RPC semantic conventions (#16121)
• Deprecated PeerServiceResolver, PeerServiceAttributesExtractor, and HttpClientPeerServiceAttributesExtractor in favor of renamed classes ServicePeerResolver, ServicePeerAttributesExtractor, and HttpClientServicePeerAttributesExtractor (#16071)
• Deprecated setStatementSanitizationEnabled() in favor of setQuerySanitizationEnabled() across database instrumentation builders (Cassandra, JDBC, Lettuce, Mongo, R2DBC) (#16133)
• Deprecated individual runtime metric classes (Classes, Cpu, GarbageCollector, MemoryPools, Threads) in favor of RuntimeMetrics (#16064)
• Deprecated SqlStatementInfo in favor of SqlQuery, and SqlStatementSanitizer in favor of SqlQuerySanitizer (#16074)

🌟 New library instrumentation

• Servlet 5 (#16033)

📈 Enhancements

• Logback appender: add declarative config support (#15813)
• OkHttp: avoid weak reference in library instrumentation (#15977)
• HTTP clients: Enable query redaction by default in library instrumentations (#16096)
• HttpURLConnection: mark as early instrumentation to ensure virtual fields are used (#16142)

🛠️ Bug fixes

• Dropwizard metrics: Sanitize names where needed to comply with OpenTelemetry requirements (#15954)
• Instrumentation API incubator: Fix span key mapping for MESSAGING_CONSUMER_PROCESS (#16001)
• Couchbase: Fix local address occasionally missing (#16035)
• Internal logging: Map jul config level to debug instead of info (#16141)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​imavroukakis @​jackshirazi @​jaydeluca @​jkwatson

... (truncated)

Changelog

Sourced from io.opentelemetry.javaagent:opentelemetry-javaagent's changelog.

Version 2.25.0 (2026-02-13)

⚠️ Breaking changes to non-stable APIs

• Make Netty 4.1 library public API self-contained (#15981)
• Remove previously deprecated methods (#15892, #15929, #15943, #15944, #15945)

🚫 Deprecations

• Deprecated getDelegate(), request(), channel(), remoteAddress() in HTTP client request wrapper classes in favor of getRequest(), getChannel(), getRemoteAddress() for consistency (#15942)
• Deprecated NettyClientTelemetry.setChannelContext() in favor of setParentContext() (#16010)
• Deprecated new* methods in favor of create* methods in Armeria and Jetty client instrumentation (e.g., newDecorator() → createDecorator(), newHttpClient() → createHttpClient()) (#16009)
• Deprecated NettyServerTelemetry.createResponseHandler() and createCombinedHandler() overloads that expose internal classes (#16011)
• Deprecated RatpackServerTelemetry.getHandler(), getExecInterceptor(), and getExecInitializer() in favor of createHandler(), createExecInterceptor(), and createExecInitializer() (#16013)
• Deprecated setPeerService() in HTTP, gRPC, Dubbo, and Armeria instrumentation builders in favor of addAttributesExtractor() (#16059)
• Deprecated RpcAttributesGetter.getMethod() in favor of getRpcMethod() to support stable RPC semantic conventions (#16121)
• Deprecated PeerServiceResolver, PeerServiceAttributesExtractor, and HttpClientPeerServiceAttributesExtractor in favor of renamed classes ServicePeerResolver, ServicePeerAttributesExtractor, and HttpClientServicePeerAttributesExtractor (#16071)
• Deprecated setStatementSanitizationEnabled() in favor of setQuerySanitizationEnabled() across database instrumentation builders (Cassandra, JDBC, Lettuce, Mongo, R2DBC) (#16133)
• Deprecated individual runtime metric classes (Classes, Cpu, GarbageCollector, MemoryPools, Threads) in favor of RuntimeMetrics (#16064)
• Deprecated SqlStatementInfo in favor of SqlQuery, and SqlStatementSanitizer in favor of SqlQuerySanitizer (#16074)

... (truncated)

Commits

• 399dae9 [release/v2.25.x] Prepare release 2.25.0 (#16159)
• b1c11e8 Update change log for upcoming release (#16157)
• 056af8c fix(deps): update dependency org.springframework:spring-test to v7.0.4 (#16156)
• 7eb964f Last peer service terminology update (#16149)
• dec960f Mark url connection as early instrumentation (#16142)
• 34514eb Rename database semantic convention internal identifiers (#16150)
• c1ffbe3 Rename test variables from dbName to namespace for semantic convention alignm...
• f27845a Rename internal statementSanitizationEnabled to querySanitizationEnabled ...
• cfa0383 More database terminology alignment (#16147)
• 7b076a7 A bit more service peer terminology updates (#16146)
• Additional commits viewable in compare view

Updates io.opentelemetry.contrib:opentelemetry-aws-resources from 1.52.0-alpha to 1.53.0-alpha

Release notes

Sourced from io.opentelemetry.contrib:opentelemetry-aws-resources's releases.

Version 1.52.0

This release targets the OpenTelemetry Java Instrumentation 2.22.0.

AWS X-Ray propagator

• Update xray lambda component provider name (#2423)

Inferred spans

• Add declarative config support. (#2030)
• Fix occasional/sporadic NPE. (#2443)

Span stack traces

• Fix stacktrace processor name for declarative config. (#2415)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​breedx-splk @​dol @​jack-berg @​jackshirazi @​jaydeluca @​laurit @​LikeTheSalad @​SylvainJuge @​trask @​zeitlinger

Changelog

Sourced from io.opentelemetry.contrib:opentelemetry-aws-resources's changelog.

Changelog

Unreleased

Version 1.53.0 (2026-01-21)

AWS X-Ray propagator

• Revert xray lambda propagator component name change (#2517)

Disk buffering

• Improve disk buffering example to retry exporting failed batches (#2539)

Dynamic control

• Initial module seeding (#2418)
• Add skeleton extension (#2470)

GCP authentication extension

• Resolve GCP_PROJECT from Google credentials if not provided (#2109)

IBM MQ metrics

• Gradle plugin for generating weaver files (#2413)

JMX metrics

• Remove JMXMP protocol support (#2502)

JMX scraper

• Remove JMXMP protocol support (#2502)

Version 1.52.0 (2025-11-20)

AWS X-Ray propagator

• Update xray lambda component provider name (#2423)

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Job Summary for Gradle

Continuous Build (Java) :: build

Gradle Root Project	Requested Tasks	Gradle Version	Build Outcome	Build Scan®
opentelemetry-lambda-java	build	8.7	❌