Tempo v2.10.6 released on 08-06-2026

Tempo v2.10.6 is out now. It delivers targeted security dependency updates and a Go toolchain bump that close known vulnerabilities and change build behaviour.
See the Tempo GitHub release notes for full details, dependency references and migration guidance.
What’s in this release
- Security dependency updates: apache/thrift updated to v0.23.0, golang.org/x/crypto to v0.52.0 and golang.org/x/net to v0.55.0 to pick up upstream fixes.
- Build toolchain upgrade: Tempo is now built with Go 1.26.3, bringing upstream security and bug fixes that affect binaries and CI.
- Breaking change: the distributor no longer supports the OpenCensus receiver; ingestion via OpenCensus will stop working.
- Monitoring and collector dependency upgrades: Prometheus updated to v0.311.3 and OpenTelemetry Collector dependencies updated to v1.52, including related transitive dependencies such as dskit.
Upgrade notes
- OpenCensus receiver removed — migrate any senders to supported ingestion paths (for example OTLP or other supported receivers) before upgrading to avoid broken ingestion.
- Tempo is built with Go 1.26.3 in this release — review CI and build environments for compatibility before rolling the update out.
Share issues or your migration experience on the Tempo repository or community channels so others can benefit.


