Skip to content

build(deps): bump grpc-bom from 1.21.1 to 1.49.0#258

Closed
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/gradle/io.grpc-grpc-bom-1.49.0
Closed

build(deps): bump grpc-bom from 1.21.1 to 1.49.0#258
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/gradle/io.grpc-grpc-bom-1.49.0

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Aug 24, 2022

Bumps grpc-bom from 1.21.1 to 1.49.0.

Release notes

Sourced from grpc-bom's releases.

v1.49.0

New Features

  • okhttp: Add OkHttpServerBuilder. The server can be used directly, but is not yet available via ServerBuilder.forPort() and Grpc.newServerBuilderForPort(). It passes our tests, but has seen no real-world use. It is also lacking connection management features
  • okhttp: Add support for byte-based private keys via TlsChannelCredentials and TlsServerCredentials
  • core: New outlier detection load balancer
  • googleapis: google-c2p resolver is now stabilized

Bug Fixes

  • core: Fix retry causing memory leak for canceled RPCs. (#9360)
  • core: Use SyncContext for InProcess transport callbacks to avoid deadlocks. This fixes the long-standing issue #3084 which prevented using directExecutor() in some tests using streaming RPCs
  • core: Disable retries with in-process transport by default (#9361). In-process does not compute message sizes so can retain excessive amounts of memory
  • bazel: Use valid target name for services and xds when overriding Maven targets (#9422). This fixes an error of the form no such target '@io_grpc_grpc_java//services:services' for services and missing ORCA classes for xds. The wrong target names were introduced in 1.47.0
  • xds: channel_id hash policy now uses a random per-channel id instead of an incrementing one. The incrementing id was the same for every process of a binary, which was not the intention (#9453)
  • core: Fix a bug that the server stream should not deliver halfClose() when the call is immediately canceled. The bug causes a bad message INTERNAL, desc: Half-closed without a request at server call. (#9362)
  • xds: Remove shaded orca proto dependency in ORCA api. The shading was broken and couldn't really be used. (#9366)

Behavior Changes

  • gcp-observability: Interceptors are now injected in more situations, including for non-Netty transports and when using transport-specific APIs like NettyChannelBuilder. (#9309 #9312 #9424)
  • gcp-observability: custom tags now extended to metrics and traces (#9402 #9407)
  • gcp-observability: excludes RPCs into Google Cloud Ops backend for instrumentation (#9436)
  • xds: xdsNameResolver now matches channel overrideAuthority in virtualHost matching (#9405)

Acknowledgement

@​benjaminp @​j-min5u

v1.48.1

New Features

ORCA provides APIs to inject custom metrics at a gRPC server, and consume them at a gRPC client. It implements A51: Custom Backend Metrics Support. We changed the ORCA APIs; they had broken shading and couldn't really be used, so we fixed them in the patch release.

Bug Fixes

  • core: Fix a bug that the server stream should not deliver halfClose() when the call is immediately canceled. The bug causes a bad message INTERNAL, desc: Half-closed without a request at server call. (#9362)
  • core: Fix retry causing memory leak for cancelled RPCs. (#9415)
  • core: Disable retry by default for in-process transport's channel.(#9368)

v1.48.0

Bug Fixes

  • Removed the Class-Path manifest entry from jars generated with the gradle shadow plugin (#9270). This should prevent “[WARNING] [path] bad path element” compilation warnings
  • Fix Channelz HTTP/2 window reporting. Previously the sender and receiver windows were reversed
  • Service config parse failures should be UNAVAILABLE, not INVALID_ARGUMENT (#9346). This bug could cause RPCs to fail with INVALID_ARGUMENT if the service config was invalid when the channel started. RPCs were not failed if the channel had previously received no config or a valid config. Channels using xds were not exposed to this issue

New Features

Improvements

  • Changed the debug strings for many Attributes.Keys to reference the API of the key. This should make it easier to find the API the key is exposed when using attributes.toString()
  • api: Document Attributes.Key uses reference equality. This is to make it clear the behavior is on purpose, and mirrors other Key types in the API
  • api: Explain security constraints of EquivalentAddressGroup.ATTR_AUTHORITY_OVERRIDE, to avoid misuse by NameResolvers (#9281)

... (truncated)

Commits
  • dfbdfe8 Bump version to 1.49.0
  • 780a4a3 Update README etc to reference 1.49.0
  • 342690e core: Enable outlier detection by default. (#9479)
  • 6aea9a9 buildscripts: Add outlier_detection_test interop test. (#9461)
  • 050e615 xds: Fix outlier detection env flag name. (#9462)
  • b8b06dd core: [outlier detection] Get addresses from subchannel args. (#9468)
  • 3ebdfc7 core: [outlier detection] eject/uneject states to delegate listener. (#9469) ...
  • 184fdaa core: OutlierDetectionLoadBalancer to pass child LB config. (#9467) (#9474)
  • ac20c19 xds: Configure outlier detection. (#9456)
  • c7307ec Outlier detection load balancer (#9447)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump grpc-bom from 1.21.1 to 1.49.0
1124cb5 
Bumps [grpc-bom](https://github.com/grpc/grpc-java) from 1.21.1 to 1.49.0.
- [Release notes](https://github.com/grpc/grpc-java/releases)
- [Commits](grpc/grpc-java@v1.21.1...v1.49.0)

---
updated-dependencies:
- dependency-name: io.grpc:grpc-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added java Pull requests that update Java code java dependencies labels Aug 24, 2022
@viezly
Copy link
Copy Markdown

viezly bot commented Aug 24, 2022

Pull request by bot. No need to analyze

@auto-assign auto-assign bot requested a review from AlexRogalskiy August 24, 2022 22:16
@dependabot dependabot bot mentioned this pull request Aug 24, 2022
Closed
@dependabot @github
Copy link
Copy Markdown
Author

dependabot bot commented on behalf of github Sep 19, 2022

Superseded by #266.

@dependabot dependabot bot closed this Sep 19, 2022
@dependabot dependabot bot deleted the dependabot/gradle/io.grpc-grpc-bom-1.49.0 branch September 19, 2022 22:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AlexRogalskiy AlexRogalskiy Awaiting requested review from AlexRogalskiy

Assignees

No one assigned

Labels

java dependencies java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants