diff --git a/Gopkg.lock b/Gopkg.lock
index 0a05e905..8bc3719f 100644
--- a/Gopkg.lock
+++ b/Gopkg.lock
@@ -261,7 +261,7 @@
     "tools/dep-collector",
   ]
   pruneopts = "UT"
-  revision = "f7f13f8e3a8af17943e1a44102607f1d3fc4751d"
+  revision = "d976261d75101cab99291409641dc999c7baec68"
 
 [[projects]]
   digest = "1:5985ef4caf91ece5d54817c11ea25f182697534f8ae6521eadcd628c142ac4b6"
@@ -930,7 +930,7 @@
 
 [[projects]]
   branch = "master"
-  digest = "1:ed15fad369d1d253ebcae3defd279859d26e54d83e1e601fb3cf40d192377404"
+  digest = "1:4563adec376c56f3441da3767facc1d6c733d93a39f593495c009fed54dbb76c"
   name = "knative.dev/pkg"
   packages = [
     "apis",
@@ -949,7 +949,7 @@
     "metrics/metricskey",
   ]
   pruneopts = "T"
-  revision = "84d3910c565e397fa044f246398f94712da53303"
+  revision = "e2418a08c195ff0acda037c11c21882ca5453d96"
 
 [solve-meta]
   analyzer-name = "dep"
diff --git a/vendor/knative.dev/pkg/webhook/user_info.go b/vendor/knative.dev/pkg/webhook/user_info.go
index 24f5bd9e..11f4e54a 100644
--- a/vendor/knative.dev/pkg/webhook/user_info.go
+++ b/vendor/knative.dev/pkg/webhook/user_info.go
@@ -31,7 +31,7 @@ const (
 
 	// UpdaterAnnotationSuffix is the suffix of the annotation key to describe
 	// the user who last modified the resource.
-	UpdaterAnnotationSuffix = "/updater"
+	UpdaterAnnotationSuffix = "/lastModifier"
 )
 
 // SetUserInfoAnnotations sets creator and updater annotations on a resource.
@@ -45,7 +45,7 @@ func SetUserInfoAnnotations(resource apis.HasSpec, ctx context.Context, groupNam
 		annotations := objectMetaAccessor.GetObjectMeta().GetAnnotations()
 		if annotations == nil {
 			annotations = map[string]string{}
-			defer objectMetaAccessor.GetObjectMeta().SetAnnotations(annotations)
+			objectMetaAccessor.GetObjectMeta().SetAnnotations(annotations)
 		}
 
 		if apis.IsInUpdate(ctx) {
diff --git a/vendor/knative.dev/pkg/webhook/webhook.go b/vendor/knative.dev/pkg/webhook/webhook.go
index 08ff6b90..3aa67dd9 100644
--- a/vendor/knative.dev/pkg/webhook/webhook.go
+++ b/vendor/knative.dev/pkg/webhook/webhook.go
@@ -99,6 +99,10 @@ type ControllerOptions struct {
 	// TLS Client Authentication.
 	// The default value is tls.NoClientCert.
 	ClientAuth tls.ClientAuthType
+
+	// StatsReporter reports metrics about the webhook.
+	// This will be automatically initialized by the constructor if left uninitialized.
+	StatsReporter StatsReporter
 }
 
 // ResourceCallback defines a signature for resource specific (Route, Configuration, etc.)
@@ -114,11 +118,10 @@ type ResourceDefaulter func(patches *[]jsonpatch.JsonPatchOperation, crd Generic
 // AdmissionController implements the external admission webhook for validation of
 // pilot configuration.
 type AdmissionController struct {
-	Client        kubernetes.Interface
-	Options       ControllerOptions
-	Handlers      map[schema.GroupVersionKind]GenericCRD
-	Logger        *zap.SugaredLogger
-	StatsReporter StatsReporter
+	Client   kubernetes.Interface
+	Options  ControllerOptions
+	Handlers map[schema.GroupVersionKind]GenericCRD
+	Logger   *zap.SugaredLogger
 
 	WithContext           func(context.Context) context.Context
 	DisallowUnknownFields bool
@@ -136,6 +139,33 @@ type GenericCRD interface {
 	runtime.Object
 }
 
+// NewAdmissionController constructs an AdmissionController
+func NewAdmissionController(
+	client kubernetes.Interface,
+	opts ControllerOptions,
+	handlers map[schema.GroupVersionKind]GenericCRD,
+	logger *zap.SugaredLogger,
+	ctx func(context.Context) context.Context,
+	disallowUnknownFields bool) (*AdmissionController, error) {
+
+	if opts.StatsReporter == nil {
+		reporter, err := NewStatsReporter()
+		if err != nil {
+			return nil, err
+		}
+		opts.StatsReporter = reporter
+	}
+
+	return &AdmissionController{
+		Client:                client,
+		Options:               opts,
+		Handlers:              handlers,
+		Logger:                logger,
+		WithContext:           ctx,
+		DisallowUnknownFields: disallowUnknownFields,
+	}, nil
+}
+
 // GetAPIServerExtensionCACert gets the Kubernetes aggregate apiserver
 // client CA cert used by validator.
 //
@@ -455,8 +485,10 @@ func (ac *AdmissionController) ServeHTTP(w http.ResponseWriter, r *http.Request)
 		return
 	}
 
-	// Only report valid requests
-	ac.StatsReporter.ReportRequest(review.Request, response.Response, time.Since(ttStart))
+	if ac.Options.StatsReporter != nil {
+		// Only report valid requests
+		ac.Options.StatsReporter.ReportRequest(review.Request, response.Response, time.Since(ttStart))
+	}
 }
 
 func makeErrorStatus(reason string, args ...interface{}) *admissionv1beta1.AdmissionResponse {