fix(deps): update dependency io.zipkin.zipkin2:zipkin to v3.4.0

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
io.zipkin.zipkin2:zipkin	3.1.1 -> 3.4.0

---

Release Notes

openzipkin/zipkin (io.zipkin.zipkin2:zipkin)

v3.4.0: Zipkin 3.4

Compare Source

Zipkin 3.4 adds support for OpenSearch v2 using the same ES_ prefixed environment variables used for Elasticsearch. Thanks a lot to @​reta for all the engineering that results in this being simple to use!

Note: Zipkin Dependencies 3.2 is the corresponding first release of the dependencies job that supports OpenSearch v2.

v3.3.1: Zipkin 3.3.1

Compare Source

Zipkin 3.3.1 is a maintenance release that notably updates to Spring Boot 3.3 and Alpine Linux 3.20.

This also adds the test docker image ghcr.io/openzipkin/zipkin-opensearch2, which is used to test the upcoming Zipkin 3.4 release which will support OpenSearch 2 in addition to existing storage backends.

Notable thanks to @​reta on this release!

v3.3.0: Zipkin 3.3

Compare Source

Zipkin 3.3 is maintenance only with no new features since the last release.

Notably, this raises the floor JRE version of libraries except core from 11 to 17. The only reason we had 11 in the past was due to Spark limitations that affected zipkin-dependencies. This was resolved by Spark 3.4, which we were recently able to upgrade to once libraries we used all became compatible with it.

Also, we now run Trivy security and misconfiguration scanner on every commit, in support of our new security policy. This policy was designed around the norms of our maintenance community, which is currently 100pct volunteers with no dedicated paid time for the project.

We appreciate Trivy adjusting the open source code for the somewhat unique needs of tracing projects: it requires running tests on old library versions. Their open mindedness in classification policy was critical in coming up with a policy at all. We need to focus the small amount of time we have available to the most important alerts, and not the noise: now we can.

v3.2.1: Zipkin 3.2.1

Compare Source

Zipkin 3.2.1 fixes a regression where libraries that improve network performance (netty-tcnative) were not included in the main zipkin jar, resulting in unpublished Docker images.

v3.2.0: Zipkin 3.2

Compare Source

Zipkin 3.2 improves accessibility blindness and language controls.

Before, there was no way to control "dark mode". Also, the color scheme lacked contrast and other features to support vision accessibility. @​giaroc's first commit to zipkin knocked this out of the park, resulting in an easier to read and control UI.

before:

after:

Full Changelog: https://github.com/openzipkin/zipkin/compare/3.1.1..3.2.0

---

Configuration

📅 Schedule: Branch creation - "after 10pm" in timezone Europe/Prague, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud