Bump the opentelemetry group with 2 updates

[dependabot]

Bumps the opentelemetry group with 2 updates: io.opentelemetry:opentelemetry-bom and io.opentelemetry:opentelemetry-bom-alpha.

Updates io.opentelemetry:opentelemetry-bom from 1.62.0 to 1.63.0

Release notes

Sourced from io.opentelemetry:opentelemetry-bom's releases.

Version 1.63.0

API

• Add missing setAttribute shortcuts to Span and LogRecordBuilder (#8255)
• Promote InstrumentationUtil to public class in io.opentelemetry.api.impl package (#8413)
• Fix index-out-of-bounds in StrictContextStorage (#8294)

Incubating

• BREAKING Remove deprecated ExtendedAttributes and related code (#8395)

SDK

Metrics

• Collect async exemplars when exemplar filter is always_on (#8363)
• Move delta record/collect coordination from instrument to series level (#8313)

Exporters

• Add noop() factory method to SpanExporter and LogRecordExporter (#8435)
• BREAKING OTLP: Remove support for deprecated GrpcSenderProvider and HttpSenderProvider SPI property names (use io.opentelemetry.sdk.common.export.GrpcSenderProvider / io.opentelemetry.sdk.common.export.HttpSenderProvider instead) (#8392)
• OTLP: Bound OkHttp sender dispatchers and surface rejections (#8422)
• Prometheus: Limit exemplar label characters to conform to Prometheus limits (#8362)
• Logging: Fix LoggingSpanExporter.flush() to preserve flush failures (#8361)
• Zipkin: Make exporter self-contained by removing shared internal code dependencies (#8413)

Extensions

• BREAKING Autoconfigure: Remove deprecated otel.experimental.config.file property (#8393)
• BREAKING Incubator: Remove deprecated ViewConfig/ViewConfigCustomizer view file config mechanism (#8394)
• Declarative config: Fix model package (#8403)
• Declarative config: Fix Java module name to io.opentelemetry.sdk.autoconfigure.declarativeconfig (#8452)

Shims

• Deprecate OpenTracing shim public API (#8373)

Project tooling

• Finish adding OSGi support across all modules (#8401, #8417)
• Force io.zipkin.zipkin2:zipkin:3.6.1 to avoid problematic gson version (#8430)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​ADITYA-CODE-SOURCE @​anuq @​bogdandrutu

... (truncated)

Changelog

Sourced from io.opentelemetry:opentelemetry-bom's changelog.

Version 1.63.0 (2026-06-05)

API

• Add missing setAttribute shortcuts to Span and LogRecordBuilder (#8255)
• Promote InstrumentationUtil to public class in io.opentelemetry.api.impl package (#8413)
• Fix index-out-of-bounds in StrictContextStorage (#8294)

Incubating

• BREAKING Remove deprecated ExtendedAttributes and related code (#8395)

SDK

Metrics

• Collect async exemplars when exemplar filter is always_on (#8363)
• Move delta record/collect coordination from instrument to series level (#8313)

Exporters

• Add noop() factory method to SpanExporter and LogRecordExporter (#8435)
• BREAKING OTLP: Remove support for deprecated GrpcSenderProvider and HttpSenderProvider SPI property names (use io.opentelemetry.sdk.common.export.GrpcSenderProvider / io.opentelemetry.sdk.common.export.HttpSenderProvider instead) (#8392)
• OTLP: Bound OkHttp sender dispatchers and surface rejections (#8422)
• Prometheus: Limit exemplar label characters to conform to Prometheus limits (#8362)
• Logging: Fix LoggingSpanExporter.flush() to preserve flush failures (#8361)
• Zipkin: Make exporter self-contained by removing shared internal code dependencies (#8413)

Extensions

• BREAKING Autoconfigure: Remove deprecated otel.experimental.config.file property (#8393)
• BREAKING Incubator: Remove deprecated ViewConfig/ViewConfigCustomizer view file config mechanism (#8394)
• Declarative config: Fix model package (#8403)

... (truncated)

Commits

• 485976a [release/v1.63.x] Prepare release 1.63.0 (#8457)
• 38683b0 Prepare for 1.63.0 release (#8453)
• 0e59934 [doc] fix sonatype link and token generation instruction (#8455)
• 315ba13 Fix declarative config artifact moduleName (#8452)
• 539a84a Directly expose noop exporters for spans and logs. (#8435)
• 28f91ed Remove spring slueth link to fix link check (#8448)
• 79608eb Update spotless packages to v8.6.0 (#8441)
• 9ab2f57 Finish adding OSGi support (#8417)
• 63573ce Add jaydeluca as approver (#8443)
• 235ee11 Add psx95 as approver (#8442)
• Additional commits viewable in compare view

Updates io.opentelemetry:opentelemetry-bom-alpha from 1.62.0-alpha to 1.63.0-alpha

Release notes

Sourced from io.opentelemetry:opentelemetry-bom-alpha's releases.

Version 1.62.0

API

Context

• Fix GHSA-rcgg-9c38-7xpx: Apply limits to baggage entries for W3CBaggagePropagator, OtTracePropagator, JaegerPropagator (#8378)

SDK

Traces

• Avoid parentContext allocation on span start for the common case (#8332)

Metrics

• Add setMaxExportBatchSize to PeriodicMetricReaderBuilder (#8296)
• Fix PeriodicMetricReader shutdown race that could drop the final flush (#8299)

Exporters

• BREAKING Prometheus: Change default server host from 0.0.0.0 to localhost (#8298)
• BREAKING Prometheus: Stop converting unit "1" to "ratio" (#8252)
• OTLP: Fix null input handling in StringEncoder (#8312)
• OTLP: Align proto field types and wire tag names in marshalers (#8293)
• OTLP: Fix MarshalerUtil sizeRepeatedString calculation (#8284)
• OTLP: Bound JdkHttpSender thread pool size to prevent unbounded thread creation (#8276)
• OTLP Profiles: Split profiles data model into separate sdk-profiles and JFR shim modules (#8207)
• OTLP Profiles: Publish alpha release of opentelemetry-sdk-profiles and opentelemetry-exporter-otlp-profiles (#8351)

Extensions

• BREAKING Declarative config: Extract to new opentelemetry-sdk-extension-declarative-config artifact with new package io.opentelemetry.sdk.autoconfigure.declarativeconfig (#8265)
• Autoconfigure: Add file size validation in OtlpConfigUtil to avoid unsafe cast to int (#8287)
• Declarative config: Fix collection fields to not be initialized to empty by default (#8356)
• Incubator: Add EventToSpanEventBridge to bridge log-based events to span events (#8372)

Testing

• Add @Nullable to equalTo value argument in OpenTelemetryAssertions (#8301)
• Add hasValueSatisfying to LongPointAssert and DoublePointAssert for fuzzy value matching (#8328)
• Add containsPointsSatisfying to metric data asserts for "each given assertion must be satisfied by at least one point, extras allowed" checks on sum, gauge, histogram, exponential histogram, and summary data (#8329)

Project tooling

• Add initial OSGi support (#7964)
• Promote ApiUsageLogger to opentelemetry-common public API (#8318)
• Establish exception logging guidelines and fix inconsistent patterns across exporters and SDK (#8231)
• Add *.impl.* package naming convention for internal code with japicmp compatibility (#8325)
• Add Sonatype dependency audit to build (#8365)

... (truncated)

Changelog

Sourced from io.opentelemetry:opentelemetry-bom-alpha's changelog.

Changelog

Unreleased

Version 1.63.0 (2026-06-05)

API

• Add missing setAttribute shortcuts to Span and LogRecordBuilder (#8255)
• Promote InstrumentationUtil to public class in io.opentelemetry.api.impl package (#8413)
• Fix index-out-of-bounds in StrictContextStorage (#8294)

Incubating

• BREAKING Remove deprecated ExtendedAttributes and related code (#8395)

SDK

Metrics

• Collect async exemplars when exemplar filter is always_on (#8363)
• Move delta record/collect coordination from instrument to series level (#8313)

Exporters

• Add noop() factory method to SpanExporter and LogRecordExporter (#8435)
• BREAKING OTLP: Remove support for deprecated GrpcSenderProvider and HttpSenderProvider SPI property names (use io.opentelemetry.sdk.common.export.GrpcSenderProvider / io.opentelemetry.sdk.common.export.HttpSenderProvider instead) (#8392)
• OTLP: Bound OkHttp sender dispatchers and surface rejections (#8422)
• Prometheus: Limit exemplar label characters to conform to Prometheus limits (#8362)
• Logging: Fix LoggingSpanExporter.flush() to preserve flush failures (#8361)
• Zipkin: Make exporter self-contained by removing shared internal code dependencies (#8413)

Extensions

• BREAKING Autoconfigure: Remove deprecated otel.experimental.config.file property (#8393)

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions