chore(pyroscope.ebpf): Update ebpf-profiler upstream 2026-02-12

[marcsanmi]

Brief description of Pull Request

• Update opentelemetry-ebpf-profiler dependency to include upstream merge PR #46

Issue(s) fixed by this Pull Request

Solves https://github.com/grafana/pyroscope-squad/issues/699

PR Checklist

• Documentation added
• Tests updated
• Config converters updated

[github-actions]

🔍 Dependency Review

Below is a review of the dependency changes observed in the provided diffs. Each section summarizes what changed, whether code changes are required, and evidence (links and/or snippets). Where applicable, suggested diffs are included.

---

go.opentelemetry.io/collector/* (multiple): component 1.49.0 → 1.51.0, receiver 1.49.0 → 1.51.0, confmap 1.49.0 → 1.51.0, featuregate 1.49.0 → 1.51.0, consumer 1.49.0 → 1.51.0, pipeline 1.49.0 → 1.51.0, plus related 0.143.x → 0.145.x modules

Status: ⚠️ Needs Review

What changed

• Multiple OpenTelemetry Collector submodules were bumped to v1.51.0 (and related modules from v0.143.x → v0.145.x).
• Notable behavioral change: configuration error reporting (confmap/validation) now includes a more descriptive config path in error messages. This is reflected by the test update you included.

Impact and required code changes

• Update tests or any string comparisons that assert on exact error messages coming from Collector configuration decoding/validation. The error path now includes "otelcol.configSettings" for invalid keys in the top-level config section.
• No API changes found for component/consumer/receiver/pipeline interfaces between 1.49.0 and 1.51.0 that would require code changes in normal usage. The added indirect module go.opentelemetry.io/collector/internal/componentalias v0.145.0 is internal-only.

Suggested diff (already applied in the PR, included here for clarity):

-'' has invalid keys: bad-key
+'otelcol.configSettings' has invalid keys: bad-key

Evidence

• Collector releases/changelogs indicate ongoing improvements in confmap provider and error diagnostics around 0.144.0–0.145.0. The behavior observed (more explicit error pathing) aligns with those changes.
  • https://github.com/open-telemetry/opentelemetry-collector/releases/tag/v0.143.0
  • https://github.com/open-telemetry/opentelemetry-collector/releases/tag/v0.144.0
  • https://github.com/open-telemetry/opentelemetry-collector/releases/tag/v0.145.0

---

go.opentelemetry.io/otel 1.39.0 → 1.40.0 (and metric/trace 1.39.0 → 1.40.0)

Status: ✅ Safe

What changed

• Minor version updates across the API (otel, metric, trace).

Impact and required code changes

• None required. The OTel Go API maintains backward compatibility across minor versions.
• No API surface changes affecting typical usage identified between 1.39.0 and 1.40.0.

Evidence

• https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.40.0

---

AWS SDK for Go v2 and services (patches): core v1.41.0 → v1.41.1; config v1.32.6 → v1.32.7; imds v1.18.16 → v1.18.17; s3 v1.95.0 → v1.96.0; signin v1.0.4 → v1.0.5; sso v1.30.8 → v1.30.9; ssooidc v1.35.12 → v1.35.13; sts v1.41.5 → v1.41.6; and internal dependencies

Status: ✅ Safe

What changed

• Patch-level bumps across AWS SDK v2 core and a broad set of services and internal packages.

Impact and required code changes

• None. These patches are backward-compatible bug fixes and internal improvements.

Evidence

• AWS SDK for Go v2 follows SemVer. Patch releases do not introduce breaking changes.
  • https://github.com/aws/aws-sdk-go-v2/releases
  • https://github.com/aws/aws-sdk-go-v2/blob/main/CHANGELOG.md

---

github.com/go-viper/mapstructure/v2 2.4.0 → 2.5.0

Status: ✅ Safe

What changed

• Patch update with bug fixes.

Impact and required code changes

• None required in typical use (no public API changes reported for this patch).

Evidence

• https://github.com/go-viper/mapstructure/releases

---

github.com/klauspost/compress 1.18.2 → 1.18.4

Status: ✅ Safe

What changed

• Patch updates with performance and bug fixes.

Impact and required code changes

• None.

Evidence

• https://github.com/klauspost/compress/releases

---

github.com/knadh/koanf/v2 2.3.0 → 2.3.2

Status: ✅ Safe

What changed

• Patch updates with fixes/stability improvements.

Impact and required code changes

• None.

Evidence

• https://github.com/knadh/koanf/releases

---

github.com/zeebo/xxh3 1.0.2 → 1.1.0

Status: ✅ Safe

What changed

• Minor version bump; no breaking API changes noted.

Impact and required code changes

• None.

Evidence

• https://github.com/zeebo/xxh3/releases

---

golang.org/x/* updates (arch 0.23.0 → 0.24.0; crypto 0.46.0 → 0.48.0; mod 0.31.0 → 0.33.0; net 0.48.0 → 0.50.0; sys 0.39.0 → 0.41.0; term 0.38.0 → 0.40.0; text 0.32.0 → 0.34.0; tools 0.40.0 → 0.42.0; telemetry pseudo; exp pseudo)

Status: ✅ Safe

What changed

• Regular updates with security and compatibility improvements.

Impact and required code changes

• None observed.

Evidence

• Module release notes and commit histories generally reflect bug/security fixes for these minor/patch bumps:
  • https://cs.opensource.google/go/x

---

github.com/grafana/opentelemetry-ebpf-profiler (replace) pseudo-version bump

Status: ⚠️ Needs Review

What changed

• Replacement target for go.opentelemetry.io/ebpf-profiler updated to a newer pseudo-version of the Grafana fork.

Impact and required code changes

• No API changes are evident from the diff. However, since this is a pseudo-version bump without a published changelog, validate at runtime in the environments where the profiler is enabled.

Suggested action

• Run the profiler-related integration tests (if any) or smoke test the collector build with profiler enabled.

Evidence

• Replacement update only:
  • v0.0.202602-0.20260123050037-c33a6e86a2f5 → v0.0.202602-0.20260216144214-241376220646

---

✅ Code change snippets (applies to OTel Collector confmap diagnostics)

• Updating tests asserting on confmap error messages (you already did this; shown here for reference):

-'' has invalid keys: bad-key
+'otelcol.configSettings' has invalid keys: bad-key

This aligns with improved error context emitted by confmap/xconfmap introduced around Collector 0.144–0.145.

---

🗒️ Notes

• New indirect dependency observed: go.opentelemetry.io/collector/internal/componentalias v0.145.0. This is internal to the Collector; no code changes required.
• Other version bumps are patch/minor-tier within semver and do not present API-breaking changes in normal usage.
• If you have custom assertions on exact error strings from Collector config parsing/validation in other tests, update them similarly to include the new "otelcol.configSettings" path context.

[marcsanmi]

There's a loki failing test; not related to any of these changes.

[simonswine]

I think the loki test are related to the changes to go.mod in this PR 😬

I think this change is otherwise fine for :main, but if we are planning on fixing/backporting this to v1.13.1, I think we should aim to reduce the changes to go.mod dependencies and have a more minimal diff.

[marcsanmi]

I think the loki test are related to the changes to go.mod in this PR

I'm not sure it's related to these changes. The same test just failed for me locally on master branch when tested with go test ./internal/component/common/loki/client

[marcsanmi]

We decided to remove backport from this PR; it just should go to main. I'll create a separate branch with only the fix for dotnet in ebpf profiler and bring only that change to the backport.

[simonswine]

I think the loki test are related to the changes to go.mod in this PR 😬

Ok the test seems to fail sporadically. Sorry about this