From fd90764a0e2b939036ddf5a9fdd488db6f3a1aa4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Sep 2023 12:40:18 +0000
Subject: [PATCH 1/6] chore(deps): Bump github.com/hashicorp/golang-lru/v2 from
 2.0.5 to 2.0.6 (#2711)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps
[github.com/hashicorp/golang-lru/v2](https://github.com/hashicorp/golang-lru)
from 2.0.5 to 2.0.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/hashicorp/golang-lru/releases">github.com/hashicorp/golang-lru/v2's
releases</a>.</em></p>
<blockquote>
<h2>golang-lru 2.0.6</h2>
<p>This release removes calling the eviction callback when the
<code>Add</code> method is called with an item that is already in the
cache (<a
href="https://redirect.github.com/hashicorp/golang-lru/issues/154">#154</a>);
it reverts PR <a
href="https://redirect.github.com/hashicorp/golang-lru/issues/135">#135</a>
which caused issue <a
href="https://redirect.github.com/hashicorp/golang-lru/issues/141">#141</a>.</p>
<h2>What's Changed</h2>
<ul>
<li>[COMPLIANCE] Add Copyright and License Headers by <a
href="https://github.com/hashicorp-copywrite"><code>@​hashicorp-copywrite</code></a>
in <a
href="https://redirect.github.com/hashicorp/golang-lru/pull/149">hashicorp/golang-lru#149</a></li>
<li>Revert <a
href="https://redirect.github.com/hashicorp/golang-lru/issues/135">#135</a>
and add tests for eviction callback by <a
href="https://github.com/mgaffney"><code>@​mgaffney</code></a> in <a
href="https://redirect.github.com/hashicorp/golang-lru/pull/154">hashicorp/golang-lru#154</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/hashicorp/golang-lru/compare/v2.0.5...v2.0.6">https://github.com/hashicorp/golang-lru/compare/v2.0.5...v2.0.6</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/hashicorp/golang-lru/commit/8f8764ff4ea3482c98afefa2b7a7ce8d922d93bc"><code>8f8764f</code></a>
test: Add tests for eviction callback</li>
<li><a
href="https://github.com/hashicorp/golang-lru/commit/0ed35fdcd45f53f54749528e31ab9acee63ce1ff"><code>0ed35fd</code></a>
Revert &quot;call evict on replacing value (<a
href="https://redirect.github.com/hashicorp/golang-lru/issues/135">#135</a>)&quot;</li>
<li><a
href="https://github.com/hashicorp/golang-lru/commit/1e956f57ce74941bc0c4822df2cb68927fc8a8a1"><code>1e956f5</code></a>
[COMPLIANCE] Add Copyright and License Headers</li>
<li><a
href="https://github.com/hashicorp/golang-lru/commit/3afaa48530f711754c178ceb61ff060d86c17b95"><code>3afaa48</code></a>
Release update arc dependencies to v2.0.5</li>
<li>See full diff in <a
href="https://github.com/hashicorp/golang-lru/compare/v2.0.5...v2.0.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/hashicorp/golang-lru/v2&package-manager=go_modules&previous-version=2.0.5&new-version=2.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index 8cda25d380..74f49bec0e 100644
--- a/go.mod
+++ b/go.mod
@@ -28,7 +28,7 @@ require (
 	github.com/golang/mock v1.6.0
 	github.com/gorilla/mux v1.8.0
 	github.com/hashicorp/go-retryablehttp v0.7.4
-	github.com/hashicorp/golang-lru/v2 v2.0.5
+	github.com/hashicorp/golang-lru/v2 v2.0.6
 	github.com/imdario/mergo v0.3.16
 	github.com/ipfs/boxo v0.12.0
 	github.com/ipfs/go-block-format v0.2.0
diff --git a/go.sum b/go.sum
index 354b14ac32..8363974ccb 100644
--- a/go.sum
+++ b/go.sum
@@ -980,8 +980,8 @@ github.com/hashicorp/golang-lru v1.0.2/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uG
 github.com/hashicorp/golang-lru/arc/v2 v2.0.5 h1:l2zaLDubNhW4XO3LnliVj0GXO3+/CGNJAg1dcN2Fpfw=
 github.com/hashicorp/golang-lru/arc/v2 v2.0.5/go.mod h1:ny6zBSQZi2JxIeYcv7kt2sH2PXJtirBN7RDhRpxPkxU=
 github.com/hashicorp/golang-lru/v2 v2.0.1/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
-github.com/hashicorp/golang-lru/v2 v2.0.5 h1:wW7h1TG88eUIJ2i69gaE3uNVtEPIagzhGvHgwfx2Vm4=
-github.com/hashicorp/golang-lru/v2 v2.0.5/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
+github.com/hashicorp/golang-lru/v2 v2.0.6 h1:3xi/Cafd1NaoEnS/yDssIiuVeDVywU0QdFGl3aQaQHM=
+github.com/hashicorp/golang-lru/v2 v2.0.6/go.mod h1:QeFd9opnmA6QUJc5vARoKUSoFhyfM2/ZepoAG6RGpeM=
 github.com/hashicorp/hcl v1.0.0 h1:0Anlzjpi4vEasTeNFn2mLJgTSwt0+6sfsiTG8qcWGx4=
 github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
 github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64=

From 288e9925a90c5840db440aabc343e364beee8240 Mon Sep 17 00:00:00 2001
From: Vlad <13818348+walldiss@users.noreply.github.com>
Date: Mon, 18 Sep 2023 21:10:50 +0800
Subject: [PATCH 2/6] feat(share/store/cache): Split accessor cache into recent
 and blockstore (#2656)

Adds MultiCache. Replaces eds store cache with multicache containing 2
separate caches:

- recently added edses (10 accessors, added on put only)
- edses requested by ipld (128 accessors, added on request to blockstore
from bitswap server)
---
 share/eds/blockstore.go        | 31 +++++++++------------
 share/eds/cache/doublecache.go | 51 ++++++++++++++++++++++++++++++++++
 share/eds/store.go             | 16 +++++++----
 share/eds/store_test.go        |  4 +--
 share/eds/utils.go             | 16 +++++++----
 5 files changed, 87 insertions(+), 31 deletions(-)
 create mode 100644 share/eds/cache/doublecache.go

diff --git a/share/eds/blockstore.go b/share/eds/blockstore.go
index 349d6f58ba..9cbb3f4e8a 100644
--- a/share/eds/blockstore.go
+++ b/share/eds/blockstore.go
@@ -10,9 +10,8 @@ import (
 	blocks "github.com/ipfs/go-block-format"
 	"github.com/ipfs/go-cid"
 	"github.com/ipfs/go-datastore"
+	"github.com/ipfs/go-datastore/namespace"
 	ipld "github.com/ipfs/go-ipld-format"
-
-	"github.com/celestiaorg/celestia-node/share/eds/cache"
 )
 
 var _ bstore.Blockstore = (*blockstore)(nil)
@@ -35,6 +34,13 @@ type blockstore struct {
 	ds    datastore.Batching
 }
 
+func newBlockstore(store *Store, ds datastore.Batching) *blockstore {
+	return &blockstore{
+		store: store,
+		ds:    namespace.Wrap(ds, blockstoreCacheKey),
+	}
+}
+
 func (bs *blockstore) Has(ctx context.Context, cid cid.Cid) (bool, error) {
 	keys, err := bs.store.dgstr.ShardsContainingMultihash(ctx, cid.Hash())
 	if errors.Is(err, ErrNotFound) || errors.Is(err, ErrNotFoundInIndex) {
@@ -146,28 +152,17 @@ func (bs *blockstore) getReadOnlyBlockstore(ctx context.Context, cid cid.Cid) (*
 		return nil, fmt.Errorf("failed to find shards containing multihash: %w", err)
 	}
 
-	// check if cache contains any of accessors
+	// check if either cache contains an accessor
 	shardKey := keys[0]
-	if accessor, err := bs.store.cache.Get(shardKey); err == nil {
+	accessor, err := bs.store.cache.Get(shardKey)
+	if err == nil {
 		return blockstoreCloser(accessor)
 	}
 
-	// load accessor to the cache and use it as blockstoreCloser
-	accessor, err := bs.store.cache.GetOrLoad(ctx, shardKey, bs.store.getAccessor)
+	// load accessor to the blockstore cache and use it as blockstoreCloser
+	accessor, err = bs.store.cache.Second().GetOrLoad(ctx, shardKey, bs.store.getAccessor)
 	if err != nil {
 		return nil, fmt.Errorf("failed to get accessor for shard %s: %w", shardKey, err)
 	}
 	return blockstoreCloser(accessor)
 }
-
-// blockstoreCloser constructs new BlockstoreCloser from cache.Accessor
-func blockstoreCloser(ac cache.Accessor) (*BlockstoreCloser, error) {
-	bs, err := ac.Blockstore()
-	if err != nil {
-		return nil, fmt.Errorf("eds/store: failed to get blockstore: %w", err)
-	}
-	return &BlockstoreCloser{
-		ReadBlockstore: bs,
-		Closer:         ac,
-	}, nil
-}
diff --git a/share/eds/cache/doublecache.go b/share/eds/cache/doublecache.go
new file mode 100644
index 0000000000..a63eadee9e
--- /dev/null
+++ b/share/eds/cache/doublecache.go
@@ -0,0 +1,51 @@
+package cache
+
+import (
+	"errors"
+
+	"github.com/filecoin-project/dagstore/shard"
+)
+
+// DoubleCache represents a Cache that looks into multiple caches one by one.
+type DoubleCache struct {
+	first, second Cache
+}
+
+// NewDoubleCache creates a new DoubleCache with the provided caches.
+func NewDoubleCache(first, second Cache) *DoubleCache {
+	return &DoubleCache{
+		first:  first,
+		second: second,
+	}
+}
+
+// Get looks for an item in all the caches one by one and returns the Cache found item.
+func (mc *DoubleCache) Get(key shard.Key) (Accessor, error) {
+	ac, err := mc.first.Get(key)
+	if err == nil {
+		return ac, nil
+	}
+	return mc.second.Get(key)
+}
+
+// Remove removes an item from all underlying caches
+func (mc *DoubleCache) Remove(key shard.Key) error {
+	err1 := mc.first.Remove(key)
+	err2 := mc.second.Remove(key)
+	return errors.Join(err1, err2)
+}
+
+func (mc *DoubleCache) First() Cache {
+	return mc.first
+}
+
+func (mc *DoubleCache) Second() Cache {
+	return mc.second
+}
+
+func (mc *DoubleCache) EnableMetrics() error {
+	if err := mc.first.EnableMetrics(); err != nil {
+		return err
+	}
+	return mc.second.EnableMetrics()
+}
diff --git a/share/eds/store.go b/share/eds/store.go
index e8caf4c35a..14df4a4bee 100644
--- a/share/eds/store.go
+++ b/share/eds/store.go
@@ -40,7 +40,8 @@ const (
 	// We don't use transient files right now, so GC is turned off by default.
 	defaultGCInterval = 0
 
-	defaultCacheSize = 128
+	defaultRecentBlocksCacheSize = 10
+	defaultBlockstoreCacheSize   = 128
 )
 
 var ErrNotFound = errors.New("eds not found in store")
@@ -56,7 +57,7 @@ type Store struct {
 	mounts *mount.Registry
 
 	bs    *blockstore
-	cache cache.Cache
+	cache *cache.DoubleCache
 
 	carIdx      index.FullIndexRepo
 	invertedIdx *simpleInvertedIndex
@@ -114,11 +115,16 @@ func NewStore(basepath string, ds datastore.Batching) (*Store, error) {
 		return nil, fmt.Errorf("failed to create DAGStore: %w", err)
 	}
 
-	accessorCache, err := cache.NewAccessorCache("cache", defaultCacheSize)
+	recentBlocksCache, err := cache.NewAccessorCache("recent", defaultRecentBlocksCacheSize)
 	if err != nil {
 		return nil, fmt.Errorf("failed to create recent blocks cache: %w", err)
 	}
 
+	blockstoreCache, err := cache.NewAccessorCache("blockstore", defaultBlockstoreCacheSize)
+	if err != nil {
+		return nil, fmt.Errorf("failed to create blockstore blocks cache: %w", err)
+	}
+
 	store := &Store{
 		basepath:      basepath,
 		dgstr:         dagStore,
@@ -127,7 +133,7 @@ func NewStore(basepath string, ds datastore.Batching) (*Store, error) {
 		gcInterval:    defaultGCInterval,
 		mounts:        r,
 		shardFailures: failureChan,
-		cache:         accessorCache,
+		cache:         cache.NewDoubleCache(recentBlocksCache, blockstoreCache),
 	}
 	store.bs = newBlockstore(store, ds)
 	return store, nil
@@ -284,7 +290,7 @@ func (s *Store) put(ctx context.Context, root share.DataHash, square *rsmt2d.Ext
 	go func() {
 		ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
 		defer cancel()
-		_, err := s.cache.GetOrLoad(ctx, result.Key, s.getAccessor)
+		_, err := s.cache.First().GetOrLoad(ctx, result.Key, s.getAccessor)
 		if err != nil {
 			log.Warnw("unable to put accessor to recent blocks accessors cache", "err", err)
 			return
diff --git a/share/eds/store_test.go b/share/eds/store_test.go
index 0d5283e2f2..b38a25c827 100644
--- a/share/eds/store_test.go
+++ b/share/eds/store_test.go
@@ -303,7 +303,7 @@ func Test_BlockstoreCache(t *testing.T) {
 
 	// store eds to the store with noopCache to allow clean cache after put
 	swap := edsStore.cache
-	edsStore.cache = cache.NoopCache{}
+	edsStore.cache = cache.NewDoubleCache(cache.NoopCache{}, cache.NoopCache{})
 	eds, dah := randomEDS(t)
 	err = edsStore.Put(ctx, dah.Hash(), eds)
 	require.NoError(t, err)
@@ -388,7 +388,7 @@ func Test_NotCachedAccessor(t *testing.T) {
 	err = edsStore.Start(ctx)
 	require.NoError(t, err)
 	// replace cache with noopCache to
-	edsStore.cache = cache.NoopCache{}
+	edsStore.cache = cache.NewDoubleCache(cache.NoopCache{}, cache.NoopCache{})
 
 	eds, dah := randomEDS(t)
 	err = edsStore.Put(ctx, dah.Hash(), eds)
diff --git a/share/eds/utils.go b/share/eds/utils.go
index e7b24a9aee..3417a2aa62 100644
--- a/share/eds/utils.go
+++ b/share/eds/utils.go
@@ -1,11 +1,10 @@
 package eds
 
 import (
+	"fmt"
 	"io"
 
 	"github.com/filecoin-project/dagstore"
-	"github.com/ipfs/go-datastore"
-	"github.com/ipfs/go-datastore/namespace"
 
 	"github.com/celestiaorg/celestia-node/share/eds/cache"
 )
@@ -30,11 +29,16 @@ func newReadCloser(ac cache.Accessor) io.ReadCloser {
 	}
 }
 
-func newBlockstore(store *Store, ds datastore.Batching) *blockstore {
-	return &blockstore{
-		store: store,
-		ds:    namespace.Wrap(ds, blockstoreCacheKey),
+// blockstoreCloser constructs new BlockstoreCloser from cache.Accessor
+func blockstoreCloser(ac cache.Accessor) (*BlockstoreCloser, error) {
+	bs, err := ac.Blockstore()
+	if err != nil {
+		return nil, fmt.Errorf("eds/store: failed to get blockstore: %w", err)
 	}
+	return &BlockstoreCloser{
+		ReadBlockstore: bs,
+		Closer:         ac,
+	}, nil
 }
 
 func closeAndLog(name string, closer io.Closer) {

From eae39fd9fa4edff2b14a034acfc4c934eaac5cc9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Sep 2023 13:51:55 +0000
Subject: [PATCH 3/6] chore(deps): Bump mathieudutour/github-tag-action from
 6.0 to 6.1 (#2721)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps
[mathieudutour/github-tag-action](https://github.com/mathieudutour/github-tag-action)
from 6.0 to 6.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/mathieudutour/github-tag-action/commit/fcfbdceb3093f6d85a3b194740f8c6cec632f4e2"><code>fcfbdce</code></a>
check in prod dependencies</li>
<li><a
href="https://github.com/mathieudutour/github-tag-action/commit/dbd80d2e9d640266d8fe579d11ab9896ed618e16"><code>dbd80d2</code></a>
version 6.1</li>
<li><a
href="https://github.com/mathieudutour/github-tag-action/commit/a1afa112d39eb8a91ff58476c3025306da79c60f"><code>a1afa11</code></a>
Correctly parse <code>create_annotated_tag</code> (<a
href="https://redirect.github.com/mathieudutour/github-tag-action/issues/137">#137</a>)</li>
<li><a
href="https://github.com/mathieudutour/github-tag-action/commit/3f9dffdaa0f8750e4522679fc07ad1ddc50d0501"><code>3f9dffd</code></a>
Merge pull request <a
href="https://redirect.github.com/mathieudutour/github-tag-action/issues/147">#147</a>
from JohnTitor/nodejs16</li>
<li><a
href="https://github.com/mathieudutour/github-tag-action/commit/c4f56e7003b5ac959eda97b0994d4d95ed2eca6d"><code>c4f56e7</code></a>
Merge pull request <a
href="https://redirect.github.com/mathieudutour/github-tag-action/issues/146">#146</a>
from JohnTitor/actions-core</li>
<li><a
href="https://github.com/mathieudutour/github-tag-action/commit/923acce875f1d341e5123bbc6a6e7c227b95f463"><code>923acce</code></a>
Update <code>@actions/core</code> to v1.10.0</li>
<li><a
href="https://github.com/mathieudutour/github-tag-action/commit/c5ababce46db7606902685c98e276cd74683a072"><code>c5ababc</code></a>
Update to Node.js 16</li>
<li><a
href="https://github.com/mathieudutour/github-tag-action/commit/e923a6115f1a2ccc3404e26ec2535092a9fd5536"><code>e923a61</code></a>
Merge pull request <a
href="https://redirect.github.com/mathieudutour/github-tag-action/issues/142">#142</a>
from mathieudutour/dependabot/npm_and_yarn/actions/co...</li>
<li><a
href="https://github.com/mathieudutour/github-tag-action/commit/8bee2b2289cf9e4d3bdf3c38b5ed387837cbd224"><code>8bee2b2</code></a>
Bump <code>@​actions/core</code> from 1.6.0 to 1.9.1</li>
<li><a
href="https://github.com/mathieudutour/github-tag-action/commit/92dc56ebabc5570d1b41c60962250c2d11e0174e"><code>92dc56e</code></a>
Merge pull request <a
href="https://redirect.github.com/mathieudutour/github-tag-action/issues/124">#124</a>
from mathieudutour/dependabot/npm_and_yarn/node-fetch...</li>
<li>Additional commits viewable in <a
href="https://github.com/mathieudutour/github-tag-action/compare/v6.0...v6.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=mathieudutour/github-tag-action&package-manager=github_actions&previous-version=6.0&new-version=6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ryan <ryan@celestia.org>
---
 .github/workflows/ci_release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci_release.yml b/.github/workflows/ci_release.yml
index 6e9293cc38..7f72a24f13 100644
--- a/.github/workflows/ci_release.yml
+++ b/.github/workflows/ci_release.yml
@@ -65,7 +65,7 @@ jobs:
         # version_bump section, it would skip and not run, which would result
         # in goreleaser not running either.
         if: ${{ github.event_name == 'workflow_dispatch' }}
-        uses: mathieudutour/github-tag-action@v6.0
+        uses: mathieudutour/github-tag-action@v6.1
 
       - name: Version Release
         uses: celestiaorg/.github/.github/actions/version-release@v0.2.2

From c134ce74a640d54fbec20f9adf58c381cbb4804a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Sep 2023 13:59:55 +0000
Subject: [PATCH 4/6] chore(deps): Bump goreleaser/goreleaser-action from 4 to
 5 (#2719)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps
[goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action)
from 4 to 5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/goreleaser/goreleaser-action/releases">goreleaser/goreleaser-action's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>feat: node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/432">goreleaser/goreleaser-action#432</a></li>
<li>chore(deps): bump <code>@​actions/core</code> from 1.10.0 to 1.10.1
in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/434">goreleaser/goreleaser-action#434</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/goreleaser/goreleaser-action/compare/v4.6.0...v5.0.0">https://github.com/goreleaser/goreleaser-action/compare/v4.6.0...v5.0.0</a></p>
<h2>v4.6.0</h2>
<p>Reverts the change to <code>node20</code> runtime.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/goreleaser/goreleaser-action/compare/v4.5.0...v4.6.0">https://github.com/goreleaser/goreleaser-action/compare/v4.5.0...v4.6.0</a></p>
<h2>v4.5.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps): bump word-wrap from 1.2.3 to 1.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/427">goreleaser/goreleaser-action#427</a></li>
<li>feat: bump to use node20 runtime, actions/checkout to v4 by <a
href="https://github.com/kbdharun"><code>@​kbdharun</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/430">goreleaser/goreleaser-action#430</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/kbdharun"><code>@​kbdharun</code></a>
made their first contribution in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/430">goreleaser/goreleaser-action#430</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/goreleaser/goreleaser-action/compare/v4.4.0...v4.5.0">https://github.com/goreleaser/goreleaser-action/compare/v4.4.0...v4.5.0</a></p>
<h2>v4.4.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps): bump semver from 7.5.0 to 7.5.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/417">goreleaser/goreleaser-action#417</a></li>
<li>feat: support oss nightlies by <a
href="https://github.com/caarlos0"><code>@​caarlos0</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/424">goreleaser/goreleaser-action#424</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/goreleaser/goreleaser-action/compare/v4.3.0...v4.4.0">https://github.com/goreleaser/goreleaser-action/compare/v4.3.0...v4.4.0</a></p>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update in command examples by <a
href="https://github.com/arnaduga"><code>@​arnaduga</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/393">goreleaser/goreleaser-action#393</a></li>
<li>chore(deps): bump yargs from 17.6.2 to 17.7.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/395">goreleaser/goreleaser-action#395</a></li>
<li>Improve documentation for use of <code>GITHUB_TOKEN</code> by <a
href="https://github.com/jamietanna"><code>@​jamietanna</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/399">goreleaser/goreleaser-action#399</a></li>
<li>chore(deps): bump actions/setup-go from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/403">goreleaser/goreleaser-action#403</a></li>
<li>chore(deps): bump docker/bake-action from 2 to 3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/408">goreleaser/goreleaser-action#408</a></li>
<li>chore(deps): bump semver from 7.3.8 to 7.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/407">goreleaser/goreleaser-action#407</a></li>
<li>Bump setup-go action version to v4 in README by <a
href="https://github.com/kishaningithub"><code>@​kishaningithub</code></a>
in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/411">goreleaser/goreleaser-action#411</a></li>
<li>ci: split test and validate workflow by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/413">goreleaser/goreleaser-action#413</a></li>
<li>chore: update yarn to 3.5.1 by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/412">goreleaser/goreleaser-action#412</a></li>
<li>chore(deps): bump yargs from 17.7.1 to 17.7.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/410">goreleaser/goreleaser-action#410</a></li>
<li>feat: support nightly by <a
href="https://github.com/caarlos0"><code>@​caarlos0</code></a> in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/419">goreleaser/goreleaser-action#419</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/arnaduga"><code>@​arnaduga</code></a>
made their first contribution in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/393">goreleaser/goreleaser-action#393</a></li>
<li><a
href="https://github.com/jamietanna"><code>@​jamietanna</code></a> made
their first contribution in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/399">goreleaser/goreleaser-action#399</a></li>
<li><a
href="https://github.com/kishaningithub"><code>@​kishaningithub</code></a>
made their first contribution in <a
href="https://redirect.github.com/goreleaser/goreleaser-action/pull/411">goreleaser/goreleaser-action#411</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/goreleaser/goreleaser-action/compare/v4.2.0...v4.3.0">https://github.com/goreleaser/goreleaser-action/compare/v4.2.0...v4.3.0</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/goreleaser/goreleaser-action/commit/7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8"><code>7ec5c2b</code></a>
chore(deps): bump <code>@​actions/core</code> from 1.10.0 to 1.10.1 (<a
href="https://redirect.github.com/goreleaser/goreleaser-action/issues/434">#434</a>)</li>
<li><a
href="https://github.com/goreleaser/goreleaser-action/commit/3529a650d2cb08134fe7707d27dc62a0c93bec6e"><code>3529a65</code></a>
chore: node 20 as default runtime (<a
href="https://redirect.github.com/goreleaser/goreleaser-action/issues/432">#432</a>)</li>
<li><a
href="https://github.com/goreleaser/goreleaser-action/commit/d2f6e33a35c9b611d80d6facefe33e5d2fe8f2db"><code>d2f6e33</code></a>
chore(deps): bump crazy-max/ghaction-import-gpg from 5 to 6 (<a
href="https://redirect.github.com/goreleaser/goreleaser-action/issues/433">#433</a>)</li>
<li>See full diff in <a
href="https://github.com/goreleaser/goreleaser-action/compare/v4...v5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=goreleaser/goreleaser-action&package-manager=github_actions&previous-version=4&new-version=5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ryan <ryan@celestia.org>
---
 .github/workflows/ci_release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci_release.yml b/.github/workflows/ci_release.yml
index 7f72a24f13..cfe1bafd90 100644
--- a/.github/workflows/ci_release.yml
+++ b/.github/workflows/ci_release.yml
@@ -88,7 +88,7 @@ jobs:
         with:
           go-version: 1.21
       # Generate the binaries and release
-      - uses: goreleaser/goreleaser-action@v4
+      - uses: goreleaser/goreleaser-action@v5
         with:
           distribution: goreleaser
           version: latest

From 60eb760a43a203b3bb3a3df6886e35925c55ae88 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Sep 2023 22:08:25 +0800
Subject: [PATCH 5/6] chore(deps): Bump celestiaorg/.github from 0.2.2 to 0.2.3
 (#2720)

Bumps [celestiaorg/.github](https://github.com/celestiaorg/.github) from
0.2.2 to 0.2.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/celestiaorg/.github/releases">celestiaorg/.github's
releases</a>.</em></p>
<blockquote>
<h2>Release v0.2.3</h2>
<p>Fixes unknown/unknown in our ghcr.io packages</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/celestiaorg/.github/commit/4dedea02c25e2ee314b8ba5dd8effac54a87a4b3"><code>4dedea0</code></a>
fix: obliterate unknown/unknown marks in ghcr (<a
href="https://redirect.github.com/celestiaorg/.github/issues/71">#71</a>)</li>
<li><a
href="https://github.com/celestiaorg/.github/commit/bdde53db9b3b359532bcc7c93b6703fb30be023c"><code>bdde53d</code></a>
chore: upgrade to markdownlint-cli v0.35.0 (<a
href="https://redirect.github.com/celestiaorg/.github/issues/69">#69</a>)</li>
<li><a
href="https://github.com/celestiaorg/.github/commit/a2697f6f3b9f4ee1149555e721a36a74dc46772d"><code>a2697f6</code></a>
testing slack notification (<a
href="https://redirect.github.com/celestiaorg/.github/issues/68">#68</a>)</li>
<li>See full diff in <a
href="https://github.com/celestiaorg/.github/compare/v0.2.2...v0.2.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=celestiaorg/.github&package-manager=github_actions&previous-version=0.2.2&new-version=0.2.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ryan <ryan@celestia.org>
Co-authored-by: Vlad <13818348+walldiss@users.noreply.github.com>
---
 .github/workflows/ci_release.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/ci_release.yml b/.github/workflows/ci_release.yml
index cfe1bafd90..271cab472f 100644
--- a/.github/workflows/ci_release.yml
+++ b/.github/workflows/ci_release.yml
@@ -25,7 +25,7 @@ on:
 jobs:
   # Dockerfile Linting
   hadolint:
-    uses: celestiaorg/.github/.github/workflows/reusable_dockerfile_lint.yml@v0.2.2 # yamllint disable-line rule:line-length
+    uses: celestiaorg/.github/.github/workflows/reusable_dockerfile_lint.yml@v0.2.3 # yamllint disable-line rule:line-length
     with:
       dockerfile: Dockerfile
 
@@ -33,7 +33,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: celestiaorg/.github/.github/actions/yamllint@v0.2.2
+      - uses: celestiaorg/.github/.github/actions/yamllint@v0.2.3
 
   markdown-lint:
     name: Markdown Lint
@@ -68,7 +68,7 @@ jobs:
         uses: mathieudutour/github-tag-action@v6.1
 
       - name: Version Release
-        uses: celestiaorg/.github/.github/actions/version-release@v0.2.2
+        uses: celestiaorg/.github/.github/actions/version-release@v0.2.3
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           default_bump: ${{ inputs.version }}

From f6d10560b3c3a586bd1dce784f1c1b508fe0789b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Sep 2023 15:23:18 +0000
Subject: [PATCH 6/6] chore(deps): Bump
 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp from 1.17.0
 to 1.18.0 (#2714)

Bumps
[go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go)
from 1.17.0 to 1.18.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md">go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp's
changelog</a>.</em></p>
<blockquote>
<h2>[1.18.0/0.41.0/0.0.6] 2023-09-12</h2>
<p>This release drops the compatibility guarantee of [Go 1.19].</p>
<h3>Added</h3>
<ul>
<li>Add <code>WithProducer</code> option in
<code>go.opentelemetry.op/otel/exporters/prometheus</code> to restore
the ability to register producers on the prometheus exporter's manual
reader. (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4473">#4473</a>)</li>
<li>Add <code>IgnoreValue</code> option in
<code>go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest</code>
to allow ignoring values when comparing metrics. (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4447">#4447</a>)</li>
</ul>
<h3>Changed</h3>
<ul>
<li>Use a <code>TestingT</code> interface instead of
<code>*testing.T</code> struct in
<code>go.opentelemetry.io/otel/sdk/metric/metricdata/metricdatatest</code>.
(<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4483">#4483</a>)</li>
</ul>
<h3>Deprecated</h3>
<ul>
<li>The <code>NewMetricExporter</code> in
<code>go.opentelemetry.io/otel/bridge/opencensus</code> was deprecated
in <code>v0.35.0</code> (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/3541">#3541</a>).
The deprecation notice format for the function has been corrected to
trigger Go documentation and build tooling. (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4470">#4470</a>)</li>
</ul>
<h3>Removed</h3>
<ul>
<li>Removed the deprecated
<code>go.opentelemetry.io/otel/exporters/jaeger</code> package. (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4467">#4467</a>)</li>
<li>Removed the deprecated
<code>go.opentelemetry.io/otel/example/jaeger</code> package. (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4467">#4467</a>)</li>
<li>Removed the deprecated
<code>go.opentelemetry.io/otel/sdk/metric/aggregation</code> package.
(<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4468">#4468</a>)</li>
<li>Removed the deprecated internal packages in
<code>go.opentelemetry.io/otel/exporters/otlp</code> and its
sub-packages. (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4469">#4469</a>)</li>
<li>Dropped guaranteed support for versions of Go less than 1.20. (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4481">#4481</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/open-telemetry/opentelemetry-go/commit/4242228103c19cabc435a75b02d7aea82aa8bf36"><code>4242228</code></a>
Release v1.18.0/v0.41.0/v0.0.6 (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4489">#4489</a>)</li>
<li><a
href="https://github.com/open-telemetry/opentelemetry-go/commit/ac4fca2260ae51e7318a2680e8e57771340e958a"><code>ac4fca2</code></a>
Use a TB interface in metricdatatest (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4483">#4483</a>)</li>
<li><a
href="https://github.com/open-telemetry/opentelemetry-go/commit/77d62375754ce036868cbdf1d4eae4a6faf1f0e4"><code>77d6237</code></a>
Bump actions/checkout from 3 to 4 (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4490">#4490</a>)</li>
<li><a
href="https://github.com/open-telemetry/opentelemetry-go/commit/8ef73395ea22daf7627e7fd75223f1a298697fd9"><code>8ef7339</code></a>
dependabot updates Sun Sep 10 14:30:56 UTC 2023 (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4498">#4498</a>)</li>
<li><a
href="https://github.com/open-telemetry/opentelemetry-go/commit/e44ea5cc7fa82cbbc839e69829e7660b6e0c7536"><code>e44ea5c</code></a>
Revert &quot;Collector example: add metrics and use official port (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4466">#4466</a>)&quot;
(<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4487">#4487</a>)</li>
<li><a
href="https://github.com/open-telemetry/opentelemetry-go/commit/9737995cdbf1cd30234352ec1298f5a68169a0e6"><code>9737995</code></a>
Drop support for Go 1.19 (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4481">#4481</a>)</li>
<li><a
href="https://github.com/open-telemetry/opentelemetry-go/commit/6eedabf874a8fffbccbeeea1410d6d0d12784e72"><code>6eedabf</code></a>
Collector example: add metrics and use official port (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4466">#4466</a>)</li>
<li><a
href="https://github.com/open-telemetry/opentelemetry-go/commit/76c370f1b128a0dab2d456f0fc26b59c4595fb36"><code>76c370f</code></a>
Document public metric SDK interfaces to remain stable (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4396">#4396</a>)</li>
<li><a
href="https://github.com/open-telemetry/opentelemetry-go/commit/01d64c3e7757df743d6d85de681b750029da3bf2"><code>01d64c3</code></a>
Update go versions used in workflows (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4480">#4480</a>)</li>
<li><a
href="https://github.com/open-telemetry/opentelemetry-go/commit/fc70923e533295d9c0124b1ed6ed23c0e1151fc6"><code>fc70923</code></a>
Ignore value option for metricdatatest (<a
href="https://redirect.github.com/open-telemetry/opentelemetry-go/issues/4447">#4447</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/open-telemetry/opentelemetry-go/compare/v1.17.0...v1.18.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp&package-manager=go_modules&previous-version=1.17.0&new-version=1.18.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 4 ++--
 go.sum | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/go.mod b/go.mod
index 74f49bec0e..dc7aeb1676 100644
--- a/go.mod
+++ b/go.mod
@@ -59,8 +59,8 @@ require (
 	go.opentelemetry.io/contrib/instrumentation/runtime v0.43.0
 	go.opentelemetry.io/otel v1.18.0
 	go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v0.41.0
-	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.17.0
-	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.17.0
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.18.0
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.18.0
 	go.opentelemetry.io/otel/metric v1.18.0
 	go.opentelemetry.io/otel/sdk v1.18.0
 	go.opentelemetry.io/otel/sdk/metric v0.41.0
diff --git a/go.sum b/go.sum
index 8363974ccb..2959221c98 100644
--- a/go.sum
+++ b/go.sum
@@ -2386,10 +2386,10 @@ go.opentelemetry.io/otel/exporters/otlp/otlpmetric v0.41.0 h1:k0k7hFNDd8K4iOMJXj
 go.opentelemetry.io/otel/exporters/otlp/otlpmetric v0.41.0/go.mod h1:hG4Fj/y8TR/tlEDREo8tWstl9fO9gcFkn4xrx0Io8xU=
 go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v0.41.0 h1:iV3BOgW4fry1Riw9dwypigqlIYWXvSRVT2RJmblzo40=
 go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp v0.41.0/go.mod h1:7PGzqlKrxIRmbj5tlNW0nTkYZ5fHXDgk6Fy8/KjR0CI=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.17.0 h1:U5GYackKpVKlPrd/5gKMlrTlP2dCESAAFU682VCpieY=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.17.0/go.mod h1:aFsJfCEnLzEu9vRRAcUiB/cpRTbVsNdF3OHSPpdjxZQ=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.17.0 h1:kvWMtSUNVylLVrOE4WLUmBtgziYoCIYUNSpTYtMzVJI=
-go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.17.0/go.mod h1:SExUrRYIXhDgEKG4tkiQovd2HTaELiHUsuK08s5Nqx4=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.18.0 h1:IAtl+7gua134xcV3NieDhJHjjOVeJhXAnYf/0hswjUY=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.18.0/go.mod h1:w+pXobnBzh95MNIkeIuAKcHe/Uu/CX2PKIvBP6ipKRA=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.18.0 h1:6pu8ttx76BxHf+xz/H77AUZkPF3cwWzXqAUsXhVKI18=
+go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.18.0/go.mod h1:IOmXxPrxoxFMXdNy7lfDmE8MzE61YPcurbUm0SMjerI=
 go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.15.1 h1:2PunuO5SbkN5MhCbuHCd3tC6qrcaj+uDAkX/qBU5BAs=
 go.opentelemetry.io/otel/exporters/stdout/stdouttrace v1.15.1/go.mod h1:q8+Tha+5LThjeSU8BW93uUC5w5/+DnYHMKBMpRCsui0=
 go.opentelemetry.io/otel/metric v0.20.0/go.mod h1:598I5tYlH1vzBjn+BTuhzTCSb/9debfNp6R3s7Pr1eU=