build(deps): bump grpc-bom from 1.21.1 to 1.43.1

[dependabot]

Bumps grpc-bom from 1.21.1 to 1.43.1.

Release notes

Sourced from grpc-bom's releases.

v1.43.0

API Changes

• alts: Make GoogleDefaultChannelCredentials take a CallCredentials (#8548)
• binder: Support BinderChannelBuilder.forTarget (#8633)
• inprocess: Add support for anonymous in-process servers (#8589)

Bug Fixes

• census: fixed a bug which in rare cases, a NullPointerException may be thrown by recordFinishedAttempt(). Users not enabling grpc-census are not impacted by this bug (#8706)
• xds: stop generating UUIDs for filter chains that lack them. The UUID was preventing the XdsServer from noticing when a control plane sent a needless duplicate update, causing XdsServer to drain all its existing connections to use the “new” configuration #8663
• xds: fix a bug where XdsServer didn’t block start() when configuration is missing, and instead errored. #8660

New Features

• protoc-gen-grpc-java plugin support for Apple M1 architecture (#7690)
• okhttp: introduced new TLS1.2 cipher suites and internal okhttp implementation for TLS1.3 prepared (#8650)
• netty: Add ability to set system property -Dio.grpc.netty.disableConnectionHeaderCheck=false to disable HTTP Connection header check. This is a temporary workaround to allow fixing out-of-spec HTTP/2 clients (#8683)

Dependencies

• bump guava to 30.1.1-android (#8748)
• bump protobuf to 3.19.1 (#8748)

Acknowledgement

@​beatrausch @​benjaminp Benjamin Peterson @​cfredri4 @​kdubb Kevin Wooten

v1.42.1

Bug fixes:

• xds: fix a bug that invalid resources from the control plane was internally classified as missing configuration, but instead it should be classified as a transient error. This will change load balancing states on failure handling behavior: for example, missing LDS at xDS server would make it enter “not serving” mode but a transient error does not affect serving status. #8690
• xds: fix a bug where XdsServer didn’t block start() when configuration is missing, and instead errored. #8690
• xds: stop generating UUIDs for filter chains that lack them. The UUID was preventing the XdsServer from noticing when a control plane sent a needless duplicate update, causing XdsServer to drain all its existing connections to use the “new” configuration #8688

New feature:

• netty: Add ability to set system property -Dio.grpc.netty.disableConnectionHeaderCheck=false to disable HTTP Connection header check. This is a temporary workaround to allow fixing out-of-spec HTTP/2 clients #8683
• compiler: Protoc plugin for macOS x86 is duplicated to be used on the aarch architecture, to ease use on arm64 macs. The plugin is not actually ARM64, just named as such. Future work will need to compile it appropriately #8680

v1.42.0

In this release we drop support for Android API level 18 or lower (Jelly Bean or earlier), following Google Play Service’s discontinued updates for Jelly Bean (API levels 16, 17 & 18).

API Changes

• xds: Added XdsServerBuilder.overrideBootstrapForTest() to provide bootstrap override for testing purposes. This way, the test does not need to use the shared environment variable for bootstrap injection. (#8575)
• api: Stabilize the Status.asException(Metadata) method. (#8520)
• core/auth: Remove CallCredentials2 (#8572). CallCredentials2 was introduced in 1.16.0 to ease migration of CallCredentials to an abstract class. CallCredentials has been preferred over CallCredentials2 since 1.19.0

Bug Fixes

• netty: Requests with Connection header are malformed. This is required per HTTP/2. The server now rejects such requests. To improve debuggability for clients, Metadata.Key will log if creating a key for “Connection”
• grpclb: Fix “IllegalStateException: already in fallback” channel panic, by not starting fallback timer if already in fallback (#8646). This builds on the fix in 1.38.1. The bug was introduced in 1.38.0.
• core, netty, okhttp: Fix AbstractManagedChannelImplBuilder#maxInboundMessageSize(int) ABI (#8607). Solves the issue with NettyChannelBuilder.maxInboundMessageSize(int) and OkHttpChannelBuilder.maxInboundMessageSize(int) not working in rare cases when pre-1.33 builds combined with post-1.33. See issue #8313 for the details.

... (truncated)

Commits

• 3ef0d33 Bump version to 1.43.1
• 288d7ef Update README etc to reference 1.43.1
• 736b398 core: fix race condition in idleTimer & ManagedChannel#enterIdle
• d50b704 Bump GSON to 2.8.9
• debbbbf Bump version to 1.43.1-SNAPSHOT
• 977145f Bump version to 1.43.0
• 02711b4 Update README etc to reference 1.43.0
• 43d01db Upgrade Protobuf to 3.19.1 and Guava to 30.1.1
• 766ed87 Replace C2P resolver env var with experimental scheme suffix (#8744) (#8747)
• 2330922 rls: overhaul RouteLookupConfig validation (#8645)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[viezly]

Pull request by bot. No need to analyze

[dependabot]

Superseded by #187.