Updates:
- go.opentelemetry.io/contrib/instrumentation (and subpackages) from 0.52.0 to 0.55.0
- go.opentelemetry.io/otel (and subpackages) from 1.27.0 to 1.30.0
Upstream release notes:
https://github.com/open-telemetry/opentelemetry-go-contrib/releases
Also transitively updates a few golang.org/x/ dependencies, and the grpc and protobuf
dependencies.
Updates:
github.com/weppos/publicsuffix-go from
v0.30.3-0.20240510084413-5f1d03393b3d to
v0.40.3-0.20240815124645-a8ed110559c9
golang.org/x/crypto from v0.24.0 to v0.26.0
golang.org/x/net from v0.26.0 to v0.28.0
golang.org/x/sync from v0.7.0 to v0.8.0
golang.org/x/term from v0.21.0 to v0.23.0
golang.org/x/text from v0.16.0 to v0.17.0
golang.org/x/sys from v0.21.0 to v0.23.0
Right now, Boulder expects to be able to connect to syslog, and panics
if it's not available. We'd like to be able to log to stdout/stderr as a
replacement for syslog.
- Add a detailed timestamp (down to microseconds, same as we collect in
prod via syslog).
- Remove the escape codes for colorizing output.
- Report the severity level numerically rather than with a letter prefix.
Add locking for stdout/stderr and syslog logs. Neither the [syslog] package
nor the [os] package document concurrency-safety, and the Go rule is: if
it's not documented to be concurrent-safe, it's not. Notably the [log.Logger]
package is documented to be concurrent-safe, and a look at its implementation
shows it uses a Mutex internally.
Remove places that use the singleton `blog.Get()`, and instead pass through
a logger from main in all the places that need it.
[syslog]: https://pkg.go.dev/log/syslog
[os]: https://pkg.go.dev/os
[log.Logger]: https://pkg.go.dev/log#Logger
dependabot[bot]