open-telemetry · renovate · May 15, 2026 · May 15, 2026
@@ -50,7 +50,7 @@ task default: default_tasks
 desc 'update semantic conventions'
 task generate: %i[update_spec_version_constant generate_require_rollups]
 
-SPEC_VERSION = '1.38.0'
+SPEC_VERSION = '1.41.1'
 OTEL_WEAVER_VERSION = 'v0.22.1'
 semconv_source_dir = Pathname.new('./tmp/semconvrepo')
 semconv_output_dir = Pathname.new('./lib/opentelemetry/semconv')

@@ -7,7 +7,7 @@
 module OpenTelemetry
   module SemanticConventions
     # Version of the OpenTelemetry Semantic Conventions from which this library was generated.
-    SPEC_VERSION = '1.38.0'
+    SPEC_VERSION = '1.41.1'
     # Release version of this gem. May not match SPEC_VERSION until gem is released after a spec update.
     VERSION = '1.37.1'
   end

@@ -83,15 +83,20 @@ module DB
       # Summary may be available to the instrumentation through
       # instrumentation hooks or other means. If it is not available, instrumentations
       # that support query parsing SHOULD generate a summary following
-      # [Generating query summary](/docs/database/database-spans.md#generating-a-summary-of-the-query)
+      # [Generating query summary](/docs/db/database-spans.md#generating-a-summary-of-the-query)
       # section.
       #
+      # For batch operations, if the individual operations are known to have the same query summary
+      # then that query summary SHOULD be used prepended by `BATCH `,
+      # otherwise `db.query.summary` SHOULD be `BATCH` or some other database
+      # system specific term if more applicable.
+      #
       # @note Stability Level: stable
       DB_QUERY_SUMMARY = 'db.query.summary'
 
       # The database query being executed.
       #
-      # For sanitization see [Sanitization of `db.query.text`](/docs/database/database-spans.md#sanitization-of-dbquerytext).
+      # For sanitization see [Sanitization of `db.query.text`](/docs/db/database-spans.md#sanitization-of-dbquerytext).
       # For batch operations, if the individual operations are known to have the same query text then that query text SHOULD be used, otherwise all of the individual query texts SHOULD be concatenated with separator `; ` or some other database system specific separator if more applicable.
       # Parameterized query text SHOULD NOT be sanitized. Even though parameterized query text can potentially have sensitive data, by using a parameterized query the user is giving a strong signal that any sensitive data will be passed as parameter values, and the benefit to observability of capturing the static part of the query text by default outweighs the risk.
       #

@@ -0,0 +1,21 @@
+# frozen_string_literal: true
+
+# Copyright The OpenTelemetry Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+
+# This file was autogenerated. Do not edit it by hand.
+
+require_relative 'deployment/attributes'
@@ -0,0 +1,42 @@
+# frozen_string_literal: true
+
+# Copyright The OpenTelemetry Authors
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+#
+# This file was autogenerated. Do not edit it by hand.
+
+module OpenTelemetry
+  module SemConv
+    module DEPLOYMENT
+      # @!group Attribute Names
+
+      # Name of the [deployment environment](https://wikipedia.org/wiki/Deployment_environment) (aka deployment tier).
+      #
+      # `deployment.environment.name` does not affect the uniqueness constraints defined through
+      # the `service.namespace`, `service.name` and `service.instance.id` resource attributes.
+      # This implies that resources carrying the following attribute combinations MUST be
+      # considered to be identifying the same service:
+      #
+      # - `service.name=frontend`, `deployment.environment.name=production`
+      # - `service.name=frontend`, `deployment.environment.name=staging`.
+      #
+      # @note Stability Level: stable
+      DEPLOYMENT_ENVIRONMENT_NAME = 'deployment.environment.name'
+
+      # @!endgroup
+    end
+  end
+end
@@ -30,6 +30,12 @@ module ERROR
       # When `error.type` is set to a type (e.g., an exception type), its
       # canonical class name identifying the type within the artifact SHOULD be used.
       #
+      # If the recorded error type is a wrapper that is not meaningful for
+      # failure classification, instrumentation MAY use the type of the inner
+      # error instead. For example, in Go, errors created with `fmt.Errorf`
+      # using `%w` MAY be unwrapped when the wrapper type does not help
+      # classify the failure.
+      #
       # Instrumentations SHOULD document the list of errors they report.
       #
       # The cardinality of `error.type` within one instrumentation library SHOULD be low.
@@ -39,7 +45,7 @@ module ERROR
       #
       # If the operation has completed successfully, instrumentations SHOULD NOT set `error.type`.
       #
-      # If a specific domain defines its own set of error identifiers (such as HTTP or gRPC status codes),
+      # If a specific domain defines its own set of error identifiers (such as HTTP or RPC status codes),
       # it's RECOMMENDED to:
       #
       # - Use a domain-specific attribute

@@ -31,6 +31,8 @@ module EXCEPTION
 
       # The exception message.
       #
+      # > [!WARNING]> This attribute may contain sensitive information.
+      #
       # @note Stability Level: stable
       EXCEPTION_MESSAGE = 'exception.message'
 
@@ -41,6 +43,12 @@ module EXCEPTION
 
       # The type of the exception (its fully-qualified class name, if applicable). The dynamic type of the exception should be preferred over the static type in languages that support it.
       #
+      # If the recorded exception type is a wrapper that is not meaningful for
+      # failure classification, instrumentation MAY use the type of the inner
+      # exception instead. For example, in Go, errors created with `fmt.Errorf`
+      # using `%w` MAY be unwrapped when the wrapper type does not help
+      # classify the failure.
+      #
       # @note Stability Level: stable
       EXCEPTION_TYPE = 'exception.type'
 

@@ -62,8 +62,15 @@ module HTTP
       #
       # If the HTTP instrumentation could end up converting valid HTTP request methods to `_OTHER`, then it MUST provide a way to override
       # the list of known HTTP methods. If this override is done via environment variable, then the environment variable MUST be named
-      # OTEL_INSTRUMENTATION_HTTP_KNOWN_METHODS and support a comma-separated list of case-sensitive known HTTP methods
-      # (this list MUST be a full override of the default known method, it is not a list of known methods in addition to the defaults).
+      # OTEL_INSTRUMENTATION_HTTP_KNOWN_METHODS and support a comma-separated list of case-sensitive known HTTP methods.
+      #
+      #
+      # If this override is done via declarative configuration, then the list MUST be configurable via the `known_methods` property
+      # (an array of case-sensitive strings with minimum items 0) under `.instrumentation/development.general.http.client` and/or
+      # `.instrumentation/development.general.http.server`.
+      #
+      # In either case, this list MUST be a full override of the default known methods,
+      # it is not a list of known methods in addition to the defaults.
       #
       # HTTP method names are case-sensitive and `http.request.method` attribute value MUST match a known HTTP method name exactly.
       # Instrumentations for specific web frameworks that consider HTTP methods to be case insensitive, SHOULD populate a canonical equivalent.

@@ -201,7 +201,7 @@ module AWS
         # @note Stability Level: development
         AWS_LAMBDA_INVOKED_ARN = 'aws.lambda.invoked_arn'
 
-        # The UUID of the [AWS Lambda EvenSource Mapping](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html). An event source is mapped to a lambda function. It's contents are read by Lambda and used to trigger a function. This isn't available in the lambda execution context or the lambda runtime environtment. This is going to be populated by the AWS SDK for each language when that UUID is present. Some of these operations are Create/Delete/Get/List/Update EventSourceMapping.
+        # The UUID of the [AWS Lambda EvenSource Mapping](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-eventsourcemapping.html). An event source is mapped to a lambda function. It's contents are read by Lambda and used to trigger a function. This isn't available in the lambda execution context or the lambda runtime environment. This is going to be populated by the AWS SDK for each language when that UUID is present. Some of these operations are Create/Delete/Get/List/Update EventSourceMapping.
         #
         # @note Stability Level: development
         AWS_LAMBDA_RESOURCE_MAPPING_ID = 'aws.lambda.resource_mapping.id'
@@ -313,7 +313,7 @@ module AWS
         # @note Stability Level: development
         AWS_S3_UPLOAD_ID = 'aws.s3.upload_id'
 
-        # The ARN of the Secret stored in the Secrets Mangger
+        # The ARN of the Secret stored in the Secrets Manager
         #
         # @note Stability Level: development
         AWS_SECRETSMANAGER_SECRET_ARN = 'aws.secretsmanager.secret.arn'

@@ -61,6 +61,8 @@ module CICD
 
         # The unique identifier of a task run within a pipeline.
         #
+        # For a given pipeline run and task, the `cicd.pipeline.task.run.id` MUST be unique within that run. For the same task across different runs of the same pipeline, the `cicd.pipeline.task.run.id` MAY remain the same, enabling correlation of `cicd.pipeline.task.run.result` values across multiple pipeline runs.
+        #
         # @note Stability Level: development
         CICD_PIPELINE_TASK_RUN_ID = 'cicd.pipeline.task.run.id'
 

@@ -63,12 +63,12 @@ module CONTAINER
 
         # Container ID. Usually a UUID, as for example used to [identify Docker containers](https://docs.docker.com/engine/containers/run/#container-identification). The UUID might be abbreviated.
         #
-        # @note Stability Level: development
+        # @note Stability Level: release_candidate
         CONTAINER_ID = 'container.id'
 
         # Runtime specific image identifier. Usually a hash algorithm followed by a UUID.
         #
-        # Docker defines a sha256 of the image id; `container.image.id` corresponds to the `Image` field from the Docker container inspect [API](https://docs.docker.com/reference/api/engine/version/v1.43/#tag/Container/operation/ContainerInspect) endpoint.
+        # Docker defines a sha256 of the image id; `container.image.id` corresponds to the `Image` field from the Docker container inspect [API](https://docs.docker.com/reference/api/engine/version/v1.52/#tag/Container/operation/ContainerInspect) endpoint.
         # K8s defines a link to the container registry repository with digest `"imageID": "registry.azurecr.io /namespace/service/dockerfile@sha256:bdeabd40c3a8a492eaf9e8e44d0ebbb84bac7ee25ac0cf8a7159d25f62555625"`.
         # The ID is assigned by the container runtime and can vary in different environments. Consider using `oci.manifest.digest` if it is important to identify the same image in different environments/runtimes.
         #
@@ -77,19 +77,19 @@ module CONTAINER
 
         # Name of the image the container was built on.
         #
-        # @note Stability Level: development
+        # @note Stability Level: release_candidate
         CONTAINER_IMAGE_NAME = 'container.image.name'
 
         # Repo digests of the container image as provided by the container runtime.
         #
-        # [Docker](https://docs.docker.com/reference/api/engine/version/v1.43/#tag/Image/operation/ImageInspect) and [CRI](https://github.com/kubernetes/cri-api/blob/c75ef5b473bbe2d0a4fc92f82235efd665ea8e9f/pkg/apis/runtime/v1/api.proto#L1237-L1238) report those under the `RepoDigests` field.
+        # [Docker](https://docs.docker.com/reference/api/engine/version/v1.52/#tag/Image/operation/ImageInspect) and [CRI](https://github.com/kubernetes/cri-api/blob/c75ef5b473bbe2d0a4fc92f82235efd665ea8e9f/pkg/apis/runtime/v1/api.proto#L1237-L1238) report those under the `RepoDigests` field.
         #
-        # @note Stability Level: development
+        # @note Stability Level: release_candidate
         CONTAINER_IMAGE_REPO_DIGESTS = 'container.image.repo_digests'
 
-        # Container image tags. An example can be found in [Docker Image Inspect](https://docs.docker.com/reference/api/engine/version/v1.43/#tag/Image/operation/ImageInspect). Should be only the `<tag>` section of the full name for example from `registry.example.com/my-org/my-image:<tag>`.
+        # Container image tags. An example can be found in [Docker Image Inspect](https://docs.docker.com/reference/api/engine/version/v1.52/#tag/Image/operation/ImageInspect). Should be only the `<tag>` section of the full name for example from `registry.example.com/my-org/my-image:<tag>`.
         #
-        # @note Stability Level: development
+        # @note Stability Level: release_candidate
         CONTAINER_IMAGE_TAGS = 'container.image.tags'
 
         # Must be called with a key for the full attribute name. See notes below about the expectations
@@ -128,7 +128,7 @@ module CONTAINER
         # @deprecated Replaced by `container.runtime.name`.
         CONTAINER_RUNTIME = 'container.runtime'
 
-        # A description about the runtime which could include, for example details about the CRI/API version being used or other customisations.
+        # A description about the runtime which could include, for example details about the CRI/API version being used or other customizations.
         #
         # @note Stability Level: development
         CONTAINER_RUNTIME_DESCRIPTION = 'container.runtime.description'

@@ -328,17 +328,22 @@ module DB
         # Summary may be available to the instrumentation through
         # instrumentation hooks or other means. If it is not available, instrumentations
         # that support query parsing SHOULD generate a summary following
-        # [Generating query summary](/docs/database/database-spans.md#generating-a-summary-of-the-query)
+        # [Generating query summary](/docs/db/database-spans.md#generating-a-summary-of-the-query)
         # section.
         #
+        # For batch operations, if the individual operations are known to have the same query summary
+        # then that query summary SHOULD be used prepended by `BATCH `,
+        # otherwise `db.query.summary` SHOULD be `BATCH` or some other database
+        # system specific term if more applicable.
+        #
         # @note Stability Level: stable
         #
         # @deprecated Now available in the stable namespace at {OpenTelemetry::SemConv::DB::DB_QUERY_SUMMARY}.
         DB_QUERY_SUMMARY = 'db.query.summary'
 
         # The database query being executed.
         #
-        # For sanitization see [Sanitization of `db.query.text`](/docs/database/database-spans.md#sanitization-of-dbquerytext).
+        # For sanitization see [Sanitization of `db.query.text`](/docs/db/database-spans.md#sanitization-of-dbquerytext).
         # For batch operations, if the individual operations are known to have the same query text then that query text SHOULD be used, otherwise all of the individual query texts SHOULD be concatenated with separator `; ` or some other database system specific separator if more applicable.
         # Parameterized query text SHOULD NOT be sanitized. Even though parameterized query text can potentially have sensitive data, by using a parameterized query the user is giving a strong signal that any sensitive data will be passed as parameter values, and the benefit to observability of capturing the static part of the query text by default outweighs the risk.
         #

@@ -40,7 +40,9 @@ module DEPLOYMENT
         # - `service.name=frontend`, `deployment.environment.name=production`
         # - `service.name=frontend`, `deployment.environment.name=staging`.
         #
-        # @note Stability Level: development
+        # @note Stability Level: stable
+        #
+        # @deprecated Now available in the stable namespace at {OpenTelemetry::SemConv::DEPLOYMENT::DEPLOYMENT_ENVIRONMENT_NAME}.
         DEPLOYMENT_ENVIRONMENT_NAME = 'deployment.environment.name'
 
         # The id of the deployment.

@@ -33,6 +33,7 @@ module ERROR
         # `error.message` is NOT RECOMMENDED for metrics or spans due to its unbounded cardinality and overlap with span status.
         #
         # @note Stability Level: development
+        # @deprecated Use domain-specific error message attribute. For example, use `feature_flag.error.message` for feature flag errors.
         ERROR_MESSAGE = 'error.message'
 
         # Describes a class of error the operation ended with.
@@ -42,6 +43,12 @@ module ERROR
         # When `error.type` is set to a type (e.g., an exception type), its
         # canonical class name identifying the type within the artifact SHOULD be used.
         #
+        # If the recorded error type is a wrapper that is not meaningful for
+        # failure classification, instrumentation MAY use the type of the inner
+        # error instead. For example, in Go, errors created with `fmt.Errorf`
+        # using `%w` MAY be unwrapped when the wrapper type does not help
+        # classify the failure.
+        #
         # Instrumentations SHOULD document the list of errors they report.
         #
         # The cardinality of `error.type` within one instrumentation library SHOULD be low.
@@ -51,7 +58,7 @@ module ERROR
         #
         # If the operation has completed successfully, instrumentations SHOULD NOT set `error.type`.
         #
-        # If a specific domain defines its own set of error identifiers (such as HTTP or gRPC status codes),
+        # If a specific domain defines its own set of error identifiers (such as HTTP or RPC status codes),
         # it's RECOMMENDED to:
         #
         # - Use a domain-specific attribute

@@ -32,6 +32,8 @@ module EXCEPTION
 
         # The exception message.
         #
+        # > [!WARNING]> This attribute may contain sensitive information.
+        #
         # @note Stability Level: stable
         #
         # @deprecated Now available in the stable namespace at {OpenTelemetry::SemConv::EXCEPTION::EXCEPTION_MESSAGE}.
@@ -46,6 +48,12 @@ module EXCEPTION
 
         # The type of the exception (its fully-qualified class name, if applicable). The dynamic type of the exception should be preferred over the static type in languages that support it.
         #
+        # If the recorded exception type is a wrapper that is not meaningful for
+        # failure classification, instrumentation MAY use the type of the inner
+        # exception instead. For example, in Go, errors created with `fmt.Errorf`
+        # using `%w` MAY be unwrapped when the wrapper type does not help
+        # classify the failure.
+        #
         # @note Stability Level: stable
         #
         # @deprecated Now available in the stable namespace at {OpenTelemetry::SemConv::EXCEPTION::EXCEPTION_TYPE}.