fix(deps): update module go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc to v0.46.0 [security]

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc	require	minor	v0.42.0 -> v0.46.0

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

GitHub Vulnerability Alerts

CVE-2023-47108

Summary

The grpc Unary Server Interceptor opentelemetry-go-contrib/instrumentation/google.golang.org/grpc/otelgrpc/interceptor.go

// UnaryServerInterceptor returns a grpc.UnaryServerInterceptor suitable
// for use in a grpc.NewServer call.
func UnaryServerInterceptor(opts ...Option) grpc.UnaryServerInterceptor {

out of the box adds labels

• net.peer.sock.addr
• net.peer.sock.port

that have unbound cardinality. It leads to the server's potential memory exhaustion when many malicious requests are sent.

Details

An attacker can easily flood the peer address and port for requests.

PoC

Apply the attached patch to the example and run the client multiple times. Observe how each request will create a unique histogram and how the memory consumption increases during it.

Impact

In order to be affected, the program has to configure a metrics pipeline, use UnaryServerInterceptor, and does not filter any client IP address and ports via middleware or proxies, etc.

Others

It is similar to already reported vulnerabilities.

• GHSA-rcjv-mgp8-qvmr (open-telemetry/opentelemetry-go-contrib)

• GHSA-5r5m-65gx-7vrh (open-telemetry/opentelemetry-go-contrib)
• GHSA-cg3q-j54f-5p7p (prometheus/client_golang)

Workaround for affected versions

As a workaround to stop being affected, a view removing the attributes can be used.

The other possibility is to disable grpc metrics instrumentation by passing otelgrpc.WithMeterProvider option with noop.NewMeterProvider.

Solution provided by upgrading

In PR #​4322, to be released with v0.46.0, the attributes were removed.

References

• #​4322

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[renovate]

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: services/cctp-relayer/go.sum

Command failed: docker run --rm --name=renovate_a_sidecar --label=renovate_a_child --memory=3584m -v "/tmp/worker/846559/cb9048/repos/github/synapsecns/sanguine":"/tmp/worker/846559/cb9048/repos/github/synapsecns/sanguine" -v "/tmp/worker/846559/cb9048/cache":"/tmp/worker/846559/cb9048/cache" -e GOPATH -e GOPROXY -e GOSUMDB -e GOFLAGS -e CGO_ENABLED -e GIT_CONFIG_KEY_0 -e GIT_CONFIG_VALUE_0 -e GIT_CONFIG_KEY_1 -e GIT_CONFIG_VALUE_1 -e GIT_CONFIG_KEY_2 -e GIT_CONFIG_VALUE_2 -e GIT_CONFIG_COUNT -e CONTAINERBASE_CACHE_DIR -w "/tmp/worker/846559/cb9048/repos/github/synapsecns/sanguine/services/cctp-relayer" ghcr.io/containerbase/sidecar:9.23.11 bash -l -c "install-tool golang 1.21.4 && go get -d -t ./... && go mod tidy && go mod tidy"
go: downloading github.com/ethereum/go-ethereum v1.10.26
go: downloading github.com/gin-gonic/gin v1.9.1
go: downloading golang.org/x/sync v0.3.0
go: downloading gorm.io/gorm v1.25.2-0.20230530020048-26663ab9bf55
go: downloading github.com/Flaque/filet v0.0.0-20201012163910-45f684403088
go: downloading github.com/brianvoe/gofakeit/v6 v6.9.0
go: downloading github.com/phayes/freeport v0.0.0-20220201140144-74d24b5ae9f5
go: downloading github.com/stretchr/testify v1.8.4
go: downloading github.com/urfave/cli/v2 v2.25.5
go: downloading github.com/ImVexed/fasturl v0.0.0-20230304231329-4e41488060f3
go: downloading github.com/davecgh/go-spew v1.1.1
go: downloading github.com/jftuga/ellipsis v1.0.0
go: downloading github.com/richardwilkes/toolbox v1.74.0
go: downloading gopkg.in/yaml.v2 v2.4.0
go: downloading github.com/ipfs/go-log v1.0.5
go: downloading gorm.io/driver/mysql v1.3.6
go: downloading gorm.io/driver/sqlite v1.5.3
go: downloading go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.46.0
go: downloading go.opentelemetry.io/contrib v1.16.1
go: downloading go.opentelemetry.io/otel v1.20.0
go: downloading go.opentelemetry.io/otel/trace v1.20.0
go: downloading google.golang.org/grpc v1.59.0
go: downloading github.com/gin-contrib/sse v0.1.0
go: downloading github.com/mattn/go-isatty v0.0.19
go: downloading golang.org/x/net v0.17.0
go: downloading github.com/jinzhu/now v1.1.5
go: downloading github.com/spf13/afero v1.9.5
go: downloading github.com/mitchellh/go-homedir v1.1.0
go: downloading go.uber.org/zap v1.25.0
go: downloading github.com/prometheus/client_golang v1.15.1
go: downloading github.com/pyroscope-io/client v0.7.2
go: downloading github.com/pyroscope-io/otel-profiling-go v0.4.0
go: downloading github.com/uptrace/opentelemetry-go-extra/otelgorm v0.1.21
go: downloading go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin v0.42.0
go: downloading go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.42.0
go: downloading go.opentelemetry.io/contrib/propagators/b3 v1.17.0
go: downloading go.opentelemetry.io/otel/exporters/jaeger v1.14.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.16.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.16.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.16.0
go: downloading go.opentelemetry.io/otel/exporters/prometheus v0.39.0
go: downloading go.opentelemetry.io/otel/metric v1.20.0
go: downloading go.opentelemetry.io/otel/sdk/metric v0.39.0
go: downloading go.opentelemetry.io/otel/sdk v1.16.0
go: downloading github.com/ory/dockertest/v3 v3.10.0
go: downloading github.com/google/go-cmp v0.6.0
go: downloading k8s.io/apimachinery v0.25.5
go: downloading github.com/chzyer/test v1.0.0
go: downloading golang.org/x/crypto v0.14.0
go: downloading github.com/c-bata/go-prompt v0.2.6
go: downloading github.com/pkg/errors v0.9.1
go: downloading github.com/go-git/go-git/v5 v5.8.1
go: downloading github.com/integralist/go-findroot v0.0.0-20160518114804-ac90681525dc
go: downloading github.com/shibukawa/configdir v0.0.0-20170330084843-e180dbdc8da0
go: downloading github.com/fatih/structtag v1.2.0
go: downloading github.com/rung/go-safecast v1.0.1
go: downloading github.com/cpuguy83/go-md2man/v2 v2.0.2
go: downloading github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673
go: downloading cloud.google.com/go/kms v1.15.0
go: downloading google.golang.org/api v0.126.0
go: downloading github.com/pmezard/go-difflib v1.0.0
go: downloading gopkg.in/yaml.v3 v3.0.1
go: downloading github.com/miguelmota/go-ethereum-hdwallet v0.1.1
go: downloading github.com/tyler-smith/go-bip39 v1.1.0
go: downloading github.com/holiman/uint256 v1.2.1
go: downloading golang.org/x/exp v0.0.0-20230127193734-31bee513bff7
go: downloading github.com/imkira/go-interpol v1.1.0
go: downloading github.com/jinzhu/inflection v1.0.0
go: downloading github.com/ipfs/go-log/v2 v2.1.3
go: downloading github.com/opentracing/opentracing-go v1.2.0
go: downloading github.com/go-sql-driver/mysql v1.7.0
go: downloading github.com/mattn/go-sqlite3 v2.0.3+incompatible
go: downloading github.com/neverlee/keymutex v0.0.0-20171121013845-f593aa834bf9
go: downloading github.com/btcsuite/btcd/btcec/v2 v2.3.0
go: downloading github.com/btcsuite/btcd v0.22.1
go: downloading github.com/jpillora/backoff v1.0.0
go: downloading github.com/lmittmann/w3 v0.10.0
go: downloading github.com/puzpuzpuz/xsync/v2 v2.5.1
go: downloading github.com/puzpuzpuz/xsync v1.4.3
go: downloading github.com/grpc-ecosystem/grpc-gateway/v2 v2.11.3
go: downloading google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d
go: downloading google.golang.org/protobuf v1.31.0
go: downloading github.com/mattn/go-colorable v0.1.13
go: downloading github.com/teivah/onecontext v1.3.0
go: downloading google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d
go: downloading github.com/go-playground/validator/v10 v10.14.0
go: downloading github.com/pelletier/go-toml/v2 v2.0.8
go: downloading github.com/ugorji/go/codec v1.2.11
go: downloading github.com/pelletier/go-toml v1.9.5
go: downloading github.com/bytedance/sonic v1.9.1
go: downloading github.com/goccy/go-json v0.10.2
go: downloading github.com/json-iterator/go v1.1.12
go: downloading golang.org/x/sys v0.13.0
go: downloading golang.org/x/text v0.13.0
go: downloading github.com/deckarep/golang-set v1.8.0
go: downloading github.com/gorilla/websocket v1.5.0
go: downloading gopkg.in/natefinch/npipe.v2 v2.0.0-20160621034901-c1b8fa8bdcce
go: downloading go.uber.org/multierr v1.10.0
go: downloading github.com/prometheus/client_model v0.4.0
go: downloading github.com/prometheus/common v0.42.0
go: downloading github.com/pyroscope-io/godeltaprof v0.1.2
go: downloading github.com/danielkov/gin-helmet v0.0.0-20171108135313-1387e224435e
go: downloading github.com/gin-contrib/cors v1.4.0
go: downloading github.com/gin-contrib/requestid v0.0.6
go: downloading github.com/gin-contrib/zap v0.1.0
go: downloading github.com/go-http-utils/headers v0.0.0-20181008091004-fed159eddc2a
go: downloading github.com/google/uuid v1.3.1
go: downloading github.com/uptrace/opentelemetry-go-extra/otelsql v0.2.2
go: downloading github.com/felixge/httpsnoop v1.0.3
go: downloading github.com/go-logr/logr v1.3.0
go: downloading github.com/go-logr/stdr v1.2.2
go: downloading go.opentelemetry.io/proto/otlp v0.19.0
go: downloading go.opentelemetry.io/otel/exporters/otlp/internal/retry v1.16.0
go: downloading google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d
go: downloading github.com/cenkalti/backoff/v4 v4.2.1
go: downloading github.com/Microsoft/go-winio v0.6.1
go: downloading github.com/docker/go-units v0.5.0
go: downloading github.com/chzyer/logex v1.2.1
go: downloading github.com/rjeczalik/notify v0.9.2
go: downloading github.com/mattn/go-runewidth v0.0.13
go: downloading github.com/mattn/go-tty v0.0.3
go: downloading k8s.io/utils v0.0.0-20221128185143-99ec85e7a448
go: downloading dario.cat/mergo v1.0.0
go: downloading github.com/ProtonMail/go-crypto v0.0.0-20230717121422-5aa5874ade95
go: downloading github.com/go-git/go-billy/v5 v5.4.1
go: downloading github.com/sergi/go-diff v1.3.1
go: downloading github.com/benbjohnson/immutable v0.4.3
go: downloading github.com/soheilhy/cmux v0.1.5
go: downloading github.com/russross/blackfriday/v2 v2.1.0
go: downloading cloud.google.com/go/iam v1.1.1
go: downloading github.com/googleapis/gax-go/v2 v2.11.0
go: downloading github.com/aws/aws-sdk-go-v2 v1.18.0
go: downloading github.com/aws/aws-sdk-go-v2/config v1.18.21
go: downloading github.com/aws/aws-sdk-go-v2/service/kms v1.17.3
go: downloading github.com/btcsuite/btcutil v1.0.3-0.20201208143702-a53e38424cce
go: downloading github.com/go-stack/stack v1.8.1
go: downloading github.com/regen-network/protobuf v1.3.3-alpha.regen.1
go: downloading github.com/hashicorp/golang-lru v0.5.5-0.20210104140557-80c98217689d
go: downloading github.com/decred/dcrd/dcrec/secp256k1/v4 v4.1.0
go: downloading github.com/LK4d4/trylock v0.0.0-20191027065348-ff7e133a5c54
go: downloading golang.org/x/oauth2 v0.11.0
go: downloading github.com/golang/protobuf v1.5.3
go: downloading github.com/buger/jsonparser v1.1.1
go: downloading github.com/go-resty/resty/v2 v2.7.0
go: downloading github.com/synapsecns/fasthttp-http2 v1.0.0
go: downloading github.com/valyala/fasthttp v1.41.0
go: downloading github.com/Soft/iter v0.1.0
go: downloading github.com/hashicorp/go-multierror v1.1.1
go: downloading github.com/hedzr/cmdr v1.10.49
go: downloading github.com/gballet/go-libpcsclite v0.0.0-20191108122812-4678299bea08
go: downloading github.com/shirou/gopsutil v3.21.11+incompatible
go: downloading github.com/graph-gophers/graphql-go v1.3.0
go: downloading github.com/golang-jwt/jwt/v4 v4.4.3
go: downloading github.com/prometheus/tsdb v0.10.0
go: downloading github.com/rs/cors v1.8.2
go: downloading github.com/keep-network/keep-common v1.7.1-0.20211012131917-7102d7b9c6a0
go: downloading golang.org/x/time v0.3.0
go: downloading bitbucket.org/tentontrain/math v0.0.0-20220519191623-a4e86beba92a
go: downloading github.com/aws/smithy-go v1.13.5
go: downloading github.com/gabriel-vasile/mimetype v1.4.2
go: downloading github.com/go-playground/universal-translator v0.18.1
go: downloading github.com/leodido/go-urn v1.2.4
go: downloading github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd
go: downloading github.com/modern-go/reflect2 v1.0.2
go: downloading github.com/beorn7/perks v1.0.1
go: downloading github.com/cespare/xxhash/v2 v2.2.0
go: downloading github.com/prometheus/procfs v0.9.0
go: downloading github.com/matttproud/golang_protobuf_extensions v1.0.4
go: downloading github.com/docker/cli v20.10.17+incompatible
go: downloading github.com/sirupsen/logrus v1.9.0
go: downloading github.com/opencontainers/runc v1.1.5
go: downloading github.com/Nvveen/Gotty v0.0.0-20120604004816-cd527374f1e5
go: downloading github.com/moby/term v0.0.0-20221205130635-1aeaba878587
go: downloading github.com/opencontainers/image-spec v1.0.3-0.20211202183452-c5a74bcca799
go: downloading golang.org/x/tools v0.9.3
go: downloading github.com/pkg/term v1.2.0-beta.2
go: downloading github.com/rivo/uniseg v0.2.0
go: downloading k8s.io/klog/v2 v2.80.1
go: downloading github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376
go: downloading github.com/pjbgf/sha1cd v0.3.0
go: downloading github.com/emirpasic/gods v1.18.1
go: downloading github.com/acomagu/bufpipe v1.0.4
go: downloading github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99
go: downloading github.com/99designs/gqlgen v0.17.36
go: downloading github.com/friendsofgo/graphiql v0.2.2
go: downloading github.com/ravilushqa/otelgqlgen v0.13.1
go: downloading cloud.google.com/go/compute/metadata v0.2.3
go: downloading cloud.google.com/go/compute v1.23.0
go: downloading go.opencensus.io v0.24.0
go: downloading google.golang.org/appengine v1.6.7
go: downloading github.com/aws/aws-sdk-go-v2/credentials v1.13.20
go: downloading github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.13.2
go: downloading github.com/aws/aws-sdk-go-v2/internal/ini v1.3.34
go: downloading github.com/aws/aws-sdk-go-v2/service/sso v1.12.8
go: downloading github.com/aws/aws-sdk-go-v2/service/ssooidc v1.14.8
go: downloading github.com/aws/aws-sdk-go-v2/service/sts v1.18.9
go: downloading github.com/aws/aws-sdk-go-v2/internal/configsources v1.1.32
go: downloading github.com/btcsuite/btcd/chaincfg/chainhash v1.0.1
go: downloading github.com/google/s2a-go v0.1.4
go: downloading github.com/dgrr/http2 v0.3.5
go: downloading github.com/hashicorp/errwrap v1.1.0
go: downloading github.com/andybalholm/brotli v1.0.4
go: downloading github.com/klauspost/compress v1.15.12
go: downloading github.com/valyala/bytebufferpool v1.0.0
go: downloading github.com/invopop/jsonschema v0.7.0
go: downloading github.com/rbretecher/go-postman-collection v0.9.0
go: downloading github.com/edsrzf/mmap-go v1.0.0
go: downloading github.com/peterh/liner v1.2.1
go: downloading github.com/golang/snappy v0.0.4
go: downloading github.com/olekukonko/tablewriter v0.0.5
go: downloading github.com/fjl/memsize v0.0.0-20190710130421-bcb5799ab5e5
go: downloading github.com/hashicorp/go-bexpr v0.1.10
go: downloading github.com/influxdata/influxdb-client-go/v2 v2.5.1
go: downloading github.com/influxdata/influxdb v1.8.3
go: downloading github.com/syndtr/goleveldb v1.0.1-0.20210819022825-2ae1ddf74ef7
go: downloading github.com/huin/goupnp v1.0.3
go: downloading github.com/jackpal/go-nat-pmp v1.0.2
go: downloading github.com/hedzr/log v1.6.3
go: downloading gopkg.in/hedzr/errors.v3 v3.1.1
go: downloading github.com/VictoriaMetrics/fastcache v1.6.0
go: downloading github.com/holiman/bloomfilter/v2 v2.0.3
go: downloading github.com/spf13/cast v1.5.0
go: downloading github.com/tenderly/tenderly-cli v1.4.6
go: downloading github.com/go-playground/locales v0.14.1
go: downloading github.com/chenzhuoyu/base64x v0.0.0-20221115062448-fe3a3abad311
go: downloading golang.org/x/arch v0.3.0
go: downloading github.com/tklauser/go-sysconf v0.3.10
go: downloading github.com/yusufpapurcu/wmi v1.2.2
go: downloading github.com/docker/docker v20.10.23+incompatible
go: downloading github.com/docker/go-connections v0.4.0
go: downloading github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
go: downloading github.com/imdario/mergo v0.3.13
go: downloading github.com/mitchellh/mapstructure v1.5.0
go: downloading github.com/containerd/continuity v0.3.0
go: downloading github.com/opencontainers/go-digest v1.0.0
go: downloading gopkg.in/warnings.v0 v0.1.2
go: downloading github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da
go: downloading github.com/kevinburke/ssh_config v1.2.0
go: downloading github.com/skeema/knownhosts v1.2.0
go: downloading github.com/xanzy/ssh-agent v0.3.3
go: downloading github.com/vektah/gqlparser/v2 v2.5.8
go: downloading github.com/cloudflare/circl v1.3.3
go: downloading github.com/googleapis/enterprise-certificate-proxy v0.2.3
go: downloading github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.9.26
go: downloading github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.4.26
go: downloading github.com/cheekybits/genny v1.0.0
go: downloading github.com/valyala/fastrand v1.1.0
go: downloading github.com/iancoleman/orderedmap v0.0.0-20190318233801-ac98e3ecb4b0
go: downloading github.com/status-im/keycard-go v0.0.0-20200402102358-957c09536969
go: downloading github.com/mitchellh/pointerstructure v1.2.0
go: downloading golang.org/x/term v0.13.0
go: downloading github.com/briandowns/spinner v1.6.1
go: downloading github.com/manifoldco/promptui v0.7.0
go: downloading github.com/spf13/cobra v1.6.1
go: downloading github.com/spf13/viper v1.12.0
go: downloading github.com/badoux/checkmail v0.0.0-20181210160741-9661bd69e9ad
go: downloading github.com/klauspost/cpuid/v2 v2.2.4
go: downloading github.com/twitchyliquid64/golang-asm v0.15.1
go: downloading github.com/tklauser/numcpus v0.4.0
go: downloading github.com/go-ole/go-ole v1.2.6
go: downloading github.com/xeipuuv/gojsonschema v1.2.0
go: downloading github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1
go: downloading github.com/hashicorp/golang-lru/v2 v2.0.3
go: downloading github.com/influxdata/line-protocol v0.0.0-20210311194329-9aa0e372d097
go: downloading github.com/deepmap/oapi-codegen v1.8.2
go: downloading github.com/fatih/color v1.13.0
go: downloading github.com/chzyer/readline v1.5.1
go: downloading github.com/juju/ansiterm v0.0.0-20180109212912-720a0952cc2a
go: downloading github.com/hashicorp/go-version v1.6.0
go: downloading github.com/logrusorgru/aurora v2.0.3+incompatible
go: downloading github.com/inconshreveable/mousetrap v1.1.0
go: downloading github.com/spf13/pflag v1.0.5
go: downloading github.com/google/go-github/v37 v37.0.0
go: downloading github.com/robfig/cron/v3 v3.0.1
go: downloading github.com/palantir/pkg/datetime v1.0.1
go: downloading github.com/palantir/pkg/safejson v1.0.1
go: downloading github.com/palantir/pkg v1.0.1
go: downloading github.com/palantir/pkg/safeyaml v1.0.1
go: downloading github.com/fsnotify/fsnotify v1.5.4
go: downloading github.com/spf13/jwalterweatherman v1.1.0
go: downloading golang.org/x/mod v0.10.0
go: downloading github.com/agnivade/levenshtein v1.1.1
go: downloading github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415
go: downloading github.com/google/go-querystring v1.1.0
go: downloading github.com/subosito/gotenv v1.4.0
go: downloading github.com/hashicorp/hcl v1.0.0
go: downloading gopkg.in/ini.v1 v1.66.6
go: downloading github.com/magiconair/properties v1.8.6
go: downloading github.com/palantir/pkg/transform v1.0.0
go: downloading github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f
go: downloading github.com/lunixbochs/vtclean v1.0.0
go: downloading github.com/flynn/json5 v0.0.0-20160717195620-7620272ed633
go: downloading go.opentelemetry.io v0.1.0
go: downloading go.opentelemetry.io/otel/exporters/otlp v0.20.1
go: github.com/synapsecns/sanguine/services/cctp-relayer/cmd imports
	github.com/synapsecns/sanguine/core/metrics imports
	go.opentelemetry.io/otel/exporters/otlp/otlptrace imports
	go.opentelemetry.io/otel/exporters/otlp/internal: cannot find module providing package go.opentelemetry.io/otel/exporters/otlp/internal
go: github.com/synapsecns/sanguine/services/cctp-relayer/cmd imports
	github.com/synapsecns/sanguine/core/metrics imports
	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc imports
	go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal/otlpconfig imports
	go.opentelemetry.io/otel/exporters/otlp/internal/envconfig: cannot find module providing package go.opentelemetry.io/otel/exporters/otlp/internal/envconfig
go: warning: github.com/mattn/[email protected]+incompatible: retracted by module author: Accidental; no major changes or features.
go: to switch to the latest unretracted version, run:
	go get github.com/mattn/go-sqlite3@latest

[coderabbitai]

Important

Auto Review Skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

---

Tips

Chat with CodeRabbit Bot (@coderabbitai)

• If you reply to a review comment from CodeRabbit, the bot will automatically respond.
• To engage with CodeRabbit bot directly around the specific lines of code in the PR, mention @coderabbitai in your review comment
• Note: Review comments are made on code diffs or files, not on the PR overview.
• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.

CodeRabbit Commands (invoked as PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger a review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai help to get help.

Note: For conversation with the bot, please use the review comments on code diffs or files.

CodeRabbit Configration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• The JSON schema for the configuration file is available here.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/coderabbit-overrides.v2.json

[github-actions]

This PR is stale because it has been open 14 days with no activity. Remove stale label or comment or this will be closed in 5 days.

[renovate]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (v0.46.0). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.