chore(deps): bump go.temporal.io/server from 1.30.1 to 1.30.2

[dependabot]

Bumps go.temporal.io/server from 1.30.1 to 1.30.2.

Release notes

Sourced from go.temporal.io/server's releases.

v1.30.2

What's Changed

Worker Versioning

• Upgrade-on-Continue-as-New (Public Preview) - New feature enables Pinned workflows to find out when a new worker version is available for them to upgrade to. Use this to Pin long-running workflows and let them upgrade-on-continue-as-new to the Target Worker Deployment Version (#9239)
• System protection caches to reduce excessive GetTaskQueueUserData lookups (#9168, #9262)
• Track version drainage properly with VersioningOverride for automated worker controllers (#9147)
• Fix approximate_backlog_count metric for Current and Ramping version tasks (#9300, #9316, #8957)
• Fix task rescheduling edge case during AutoUpgrade Transition (#9250)

Bug Fixes

• Fix bug in retrieving archived workflows from Google Cloud Store (#9329)
• Fix race in fairTaskReader (#9467)
• Bump Temporal CLI version to 1.6.1 in Docker image build (#9433)

Security

• Bump google.golang.org/grpc v1.72.2 → v1.79.3 (CVE-2026-33186, CRITICAL)
• Bump go.opentelemetry.io/otel/sdk v1.34.0 → v1.40.0 (CVE-2026-24051, HIGH)
• Bump Go 1.25.7 → 1.25.8 (CVE-2026-25679, HIGH)
• Bump Alpine zlib 1.3.1-r2 → 1.3.2-r0 (CVE-2026-22184, HIGH)

Full Changelog: temporalio/temporal@v1.30.1...v1.30.2

Helpful links to get you started with Temporal

Temporal Docs Server Docker Compose Helm Chart

Docker images for this release (use the tag 1.30.2)

Server Server With Auto Setup (what is Auto-Setup?) Admin-Tools

Commits

• df877a8 Bump dependencies to address security CVEs for v1.30.2 (#9610)
• 8086c0a Bump ServerVersion to 1.30.2 (#9579)
• ec8693f Cherry-pick remaining fixes for OSS v1.30.2 (#9578)
• 7eb0080 Versioning cherry-pick for OSS v1.30.2 (#9543)
• de47044 fix: resolve docker image tags from git and auto-detect CLI version (backport...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #749.