OTel Collector v0.154.0 fixes a startup crash in exporterhelper and changes --skip-get-modules behavior. Two minor enhancements add TLS and CORS config options.
securityinclude_insecure_cipher_suites is opt-in — keep it that way
The new configtls option lets you re-enable weak cipher suites, but they stay disabled by default. Do not set include_insecure_cipher_suites: true in production unless you're forced to by a legacy peer — and if you are, treat it as a temporary workaround and track it.
breakingCheck custom build pipelines using --skip-get-modules
If your OCB-based build scripts pass --skip-get-modules expecting go.mod to be regenerated as a side effect, that no longer happens. Audit any CI pipelines that relied on this implicit behavior and add an explicit go mod tidy step if needed.
enhancementUpgrade if you use sending_queue with sizer enabled
The nil-pointer panic fix in exporterhelper is critical for anyone who sets sending_queue.sizer alongside batch.enabled: false. If your collector was crashing on startup in this config, v0.154.0 resolves it — upgrade directly.
Key changes (5)
- cmd/builder: --skip-get-modules no longer rewrites go.mod — it now truly skips module operations as documented
- pkg/exporterhelper: fixes nil-pointer panic at startup when sending_queue.sizer is set and sending_queue.batch.enabled is false
- pkg/config/configtls: new include_insecure_cipher_suites option, disabled by default
- pkg/confighttp: CORSConfig gains ExposedHeaders field to control Access-Control-Expose-Headers response header
- cmd/mdatagen: numeric validators (minimum, maximum, exclusiveMinimum, exclusiveMaximum) now supported in generated config structs