Skip to content

chore(deps): bump prometheus-client from 0.22.3 to 0.25.0#162

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/prometheus-client-0.25.0
Open

chore(deps): bump prometheus-client from 0.22.3 to 0.25.0#162
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/cargo/prometheus-client-0.25.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 7, 2026

Copy link
Copy Markdown
Contributor

Bumps prometheus-client from 0.22.3 to 0.25.0.

Release notes

Sourced from prometheus-client's releases.

v0.25.0

Highlights

Added

  • Native histogram support, including native-only histograms and histograms with both classic and native buckets.
  • An off-by-default protobuf-protox feature to build protobuf support without requiring an external protoc binary.

Changed

  • prometheus_protobuf now generates and encodes Prometheus io.prometheus.client protobuf messages (from metrics.proto) instead of the OpenMetrics protobuf data model (OM 2.0: OM protobuf future prometheus/OpenMetrics#296). The protobuf and openmetrics_protobuf features retain the now-deprecated OpenMetrics protobuf support, which will be removed in a future release.
  • Updated prost, prost-build, and prost-types to v0.14.

What's Changed

New Contributors

Full Changelog: prometheus/client_rust@v0.24.1...v0.25.0

v0.24.1

What's Changed

New Contributors

Full Changelog: prometheus/client_rust@v0.23.1...v0.24.1

v0.24.0

What's Changed

... (truncated)

Changelog

Sourced from prometheus-client's changelog.

[0.25.0]

Added

  • Added native histogram support, including native-only histograms and histograms with both classic and native buckets.

  • Added an off-by-default protobuf-protox feature to build protobuf support without requiring an external protoc binary.

Changed

  • Updated prost, prost-build, and prost-types dependencies to v0.14.
  • The prometheus_protobuf feature generates and encodes Prometheus io.prometheus.client protobuf messages from metrics.proto rather than the OpenMetrics protobuf data model. See Issue for more context. The protobuf and openmetrics_protobuf features retain the old, deprecated, OpenMetrics protobuf support which will be removed in a future release.

[0.24.1]

Added

  • EncodeGaugeValue is implemented for usize and isize, and EncodeCounterValue is implemented for usize. See PR 282.

Fixed

  • EncodeGaugeValue, EncodeCounterValue and EncodeExemplarValue now use fewer as casts in their implementation. This caught an issue where EncodeGaugeValue would not error when encoding some u64s that don't fit in a i64. See PR 281.
  • Filter out empty metric families, to match the go client. See PR 279.
  • Histogram now exposes count() and sum() methods when the test-util feature is enabled. See PR 242.
  • Family now exposes a contains() method when the test-util feature is enabled. See PR 245.
  • Family now exposes len() and is_empty() methods when the test-util feature is enabled. See PR 246.

[0.24.0]

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [prometheus-client](https://github.com/prometheus/client_rust) from 0.22.3 to 0.25.0.
- [Release notes](https://github.com/prometheus/client_rust/releases)
- [Changelog](https://github.com/prometheus/client_rust/blob/master/CHANGELOG.md)
- [Commits](prometheus/client_rust@v0.22.3...v0.25.0)

---
updated-dependencies:
- dependency-name: prometheus-client
  dependency-version: 0.25.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file rust Pull requests that update rust code labels Jul 7, 2026
@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown

Thanks for the PR! CI will run CERT validation and replay checks. Results will appear in workflow badges and artifacts.

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown

SBOM Security Report

Total Packages: 4535

Language Distribution:

  • go: 359
  • javascript: 3278
  • rust: 592
  • python: 1

License Distribution:

  • MIT: 1269
  • Apache-2.0: 46
  • CC0-1.0: 43
  • BSD-3-Clause: 34
  • ISC: 87
  • BSD-2-Clause: 41
  • Python-2.0: 2
  • MPL-2.0: 1
  • Unlicense: 5
  • CC-BY-4.0: 1
  • (Apache-2.0 OR MPL-1.1): 1
  • BlueOak-1.0.0: 3
  • (AFL-2.1 OR BSD-3-Clause): 2
  • (BSD-3-Clause OR GPL-2.0): 1
  • 0BSD: 3
  • (MIT OR CC0-1.0): 4
  • MIT AND ISC: 1

✅ SBOM generated successfully
✅ No GPL licenses detected
✅ No high/critical vulnerabilities found

@github-actions

github-actions Bot commented Jul 7, 2026

Copy link
Copy Markdown

Policy Coverage Report

Tools Coverage: 100%
Events Coverage: 100%
Egress Labeled: 100%
Replay Determinism: 100%

All policy gates passed successfully!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file rust Pull requests that update rust code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants