deps(deps): bump opentelemetry-prometheus from 0.29.1 to 0.31.0

[dependabot]

Bumps opentelemetry-prometheus from 0.29.1 to 0.31.0.

Release notes

Sourced from opentelemetry-prometheus's releases.

v0.31.0

See changelog for individual crates to know the exact set of changes. All crates in this repo follows same version (0.31.0 for this release).

0.30.0 Release

See changelog for individual crates to know the exact set of changes. All crates in this repo follows same version (0.30.0 for this release).

This release also upgrades Metrics-SDK to stable!

See summary of release notes: https://github.com/open-telemetry/opentelemetry-rust/blob/main/docs/release_0.30.md

Changelog

Sourced from opentelemetry-prometheus's changelog.

Release Notes 0.30

OpenTelemetry Rust 0.30 introduces a few breaking changes to the opentelemetry_sdk crate in the metrics feature. These changes were essential to drive the Metrics SDK towards stability. With this release, the Metrics SDK is officially declared stable. The Metrics API was declared stable last year, and previously, the Logs API, SDK, and OTel-Appender-Tracing were also marked stable. Importantly, no breaking changes have been introduced to components already marked as stable.

It is worth noting that the opentelemetry-otlp crate remains in a Release-Candidate state and is not yet considered stable. With the API and SDK for Logs and Metrics now stable, the focus will shift towards further refining and stabilizing the OTLP Exporters in upcoming releases. Additionally, Distributed Tracing is expected to progress towards stability, addressing key interoperability challenges.

For detailed changelogs of individual crates, please refer to their respective changelog files. This document serves as a summary of the main changes.

Key Changes

Metrics SDK Improvements

1. Stabilized "view" features: Previously under an experimental feature flag, views can now be used to modify the name, unit, description, and cardinality limit of a metric. Advanced view capabilities, such as changing aggregation or dropping attributes, remain under the experimental feature flag.

2. Cardinality capping: Introduced the ability to cap cardinality and configure limits using views.

3. Polished public API: Refined the public API to hide implementation details from exporters, enabling future internal optimizations and ensuring consistency. Some APIs related to authoring custom metric readers have been moved behind experimental feature flags. These advanced use cases require more time to finalize the API surface before being included in the stable release.

Context-Based Suppression

Added the ability to suppress telemetry based on Context. This feature prevents telemetry-induced-telemetry scenarios and addresses a long-standing issue. Note that suppression relies on proper context propagation. Certain libraries used in OTLP Exporters utilize tracing but do not adopt OpenTelemetry's context propagation. As a result, not all telemetry is automatically suppressed with this feature. Improvements in this area are expected in future releases.

Next Release

... (truncated)

Commits

• 2b63b75 fix: Panics and exploding memory usage from large cardinality limit (#3290)
• c346d4b feat: Upgrade SDK version to 0.31.0 (#3287)
• 07bb613 feat: Improve support for exponential histogram (#3259)
• 693dcc0 chore: Unify SpanExporter with LogExporter and PushMetricExporter (#3281)
• 65969fd docs: logs enrichment (#3266)
• 627f252 feat: Stabilize Logger Enabled (#3278)
• 4c16d9b fix: Remove unused tracing dependency from opentelemetry-otlp (#3264)
• 759b539 chore(sampling): move sdk types from opentelemetry to opentelemetry_sdk (#3277)
• 483b420 fix: handle shutdown in logs exporter (#3255)
• 53c9f47 chore(deps): bump step-security/harden-runner from 2.13.1 to 2.13.2 (#3273)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Assignees

The following users could not be added as assignees: vectorizer-maintainers. Either the username does not exist or it does not have the correct permissions to be added as an assignee.

Labels

The following labels could not be found: dependencies, rust. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.