Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): Bump io.grpc:grpc-bom from 1.56.1 to 1.57.1 #851

Merged
1 commit merged into from
Aug 2, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 2, 2023

Bumps io.grpc:grpc-bom from 1.56.1 to 1.57.1.

Release notes

Sourced from io.grpc:grpc-bom's releases.

v1.57.1

Bug fixes

  • Fix compatibility with Java 8. This fixes the NoSuchMethodError for ByteBuffer methods present in 1.57.0 (#10441)
  • xds: Remove debug assert in WeightedRoundRobinLoadBalancer. The assert was to detect breakages in the static stride algorithm causing too much looping. However, with multithreading it is possible to trigger even in legitimate scenarios (#10437)

v1.57.0

gRPC Java 1.57.0 Release Notes

This release accidentally broke Java 8: NoSuchMethodError for some ByteBuffer methods. The issue is tracked in grpc/grpc-java#10432

API Changes

  • Use fully qualified java.lang.String in all cases in generated code. This fixes compilation if a protobuf message is named “String”.
  • Stabilize two io.grpc.Status methods (asRuntimeException & trailersFromThrowable)
  • Stabilize io.grpc.ManagedChannelBuilder.useTransportSecurity (#10244)
  • Stabilize io.grpc.util.MutableHandlerRegistry (#10348)

Behavior Changes

  • xds: Handle loops and duplicates in xds Aggregate clusters
  • core: Change delay for hedging retry after a non-fatal error to be 0 to match the gRFC (A6).
  • api: CheckedForwardingClientCall now passes trailers from the caught exception
  • xds: require EDS service name in CDS resources with an xdstp name
  • xds: Use Rule order instead of RuleChain
  • Wrap other name resolver types in a RetryingNameResolver . Previously, if authority was not overridden, then some name resolvers (such as grpclb) had no retry.
  • xds: Environment variable "GRPC_XDS_EXPERIMENTAL_SECURITY_SUPPORT" is no longer respected, so xDS security cannot be disabled any more (#10243)
  • context, api: Package io.grpc is now consolidated into a single artifact grpc-api by moving classes from grpc-context to grpc-api. grpc-context now has a dependency on grpc-api (but excludes other dependencies of grpc-api) so any application previously using only grpc-context will now also bring in grpc-api. This fixes #3522 which was the major issue preventing support of Java modules. We are not done fixing support, as some artifacts need to be split and Automatic-Module-Name needs to be added. The next release is likely to be more stable for modules.

New Features

  • binder: Add UserHandle and BinderChannelCredentials to support cross-user communication (#10197)
  • xds,orca: LRS named metrics support

Improvements

  • core: Resolve isAndroid only once on class loading. This can improve channel creation performance on Android.
  • xds: Pick a subchannel with new static stride scheduler in WeightedRoundRobinLoadBalancer

Bug Fixes

  • xds: Fix the server sending a GOAWAY when an LDS update with no changes other than ordering is received.
  • netty: Fix NPE when a header with errors is received with endStream=true. This was causing logs to be filled with errors when health checkers didn’t specify a content type.
  • okhttp: Fix the Socket data race when shutdown/closed during connecting that was causing a significant delay

Dependencies

  • Upgraded Netty to 4.1.93-Final
  • Update guava dependency to 32.0.1 to address CVE-2023-2976

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [io.grpc:grpc-bom](https://github.com/grpc/grpc-java) from 1.56.1 to 1.57.1.
- [Release notes](https://github.com/grpc/grpc-java/releases)
- [Commits](grpc/grpc-java@v1.56.1...v1.57.1)

---
updated-dependencies:
- dependency-name: io.grpc:grpc-bom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Aug 2, 2023
Copy link

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

bors merge

@github-actions
Copy link

github-actions bot commented Aug 2, 2023

Test Results

  47 files  ±0    47 suites  ±0   1m 56s ⏱️ -17s
100 tests ±0  100 ✔️ ±0  0 💤 ±0  0 ±0 
323 runs  ±0  323 ✔️ ±0  0 💤 ±0  0 ±0 

Results for commit 19c4e1c. ± Comparison against base commit 15c1ee9.

@ghost
Copy link

ghost commented Aug 2, 2023

Build succeeded:

@ghost ghost merged commit 04e1c03 into main Aug 2, 2023
@ghost ghost deleted the dependabot/maven/io.grpc-grpc-bom-1.57.1 branch August 2, 2023 16:33
This pull request was closed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants