Commit 936a31a
authored
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4&size=40){kind=avatar}
MINOR: Bump io.grpc:grpc-bom from 1.73.0 to 1.78.0 (#958)
Bumps [io.grpc:grpc-bom](https://github.com/grpc/grpc-java) from 1.73.0
to 1.78.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/grpc/grpc-java/releases">io.grpc:grpc-bom's
releases</a>.</em></p>
<blockquote>
<h2>V1.78.0</h2>
<h3>Bug Fixes</h3>
<ul>
<li>core: Fix shutdown failing accepted RPCs during channel startup
(02e98a806). This fixes a race where RPCs could fail with
"UNAVAILABLE: Channel shutdown invoked" even though they were
created before channel.shutdown()</li>
<li>okhttp: Fix race condition overwriting MAX_CONCURRENT_STREAMS (<a
href="https://redirect.github.com/grpc/grpc-java/issues/12548">#12548</a>)
(8d49dc1c9)</li>
<li>binder: Stop leaking <code>this</code> from BinderServerTransport's
ctor (<a
href="https://redirect.github.com/grpc/grpc-java/issues/12453">#12453</a>)
(89d77e062)</li>
<li>rls: Avoid missed config update from reentrancy (55ae1d054). This
fixes a regression since 1.75.0 triggered by CdsLb being converted to
XdsDepManager. Without this fix, a second channel to the same target may
hang when starting, causing DEADLINE_EXCEEDED, and unhang when the
control plane delivers an update (e.g., endpoint address update)</li>
</ul>
<h3>Improvements</h3>
<ul>
<li>xds: gRFC A88 - Changes to XdsClient Watcher APIs (<a
href="https://redirect.github.com/grpc/grpc-java/issues/12446">#12446</a>)
(f385add31). We now have improved xDS error handling and this provides a
clearer mechanism for the xDS server to report per-resource errors to
the client, resulting in better error messages for debugging and faster
detection of non-existent resources. This also improves the handling of
all xDS-related data errors and the behavior of the xDS resource
timer.</li>
<li>rls: Control plane channel monitor state and back off handling (<a
href="https://redirect.github.com/grpc/grpc-java/issues/12460">#12460</a>)
(26c1c1341). Resets RLS request backoff timers when the Control plane
channel state transitions to READY. Also when the backoff timer expires,
instead of making a RLS request immediately, it just causes a picker
update to allow making rpc again to the RLS target.</li>
<li>core: simplify DnsNameResolver.resolveAddresses() (4843256af)</li>
<li>netty: Run handshakeCompleteRunnable in success cases
(283f1031f)</li>
<li>api,netty: Add custom header support for HTTP CONNECT proxy
(bbc0aa369)</li>
<li>binder: Pre-factor out the guts of the BinderClientTransport
handshake. (9313e87df)</li>
<li>compiler: Add RISC-V 64-bit architecture support to compiler build
configuration (725ab22f3)</li>
<li>core: Release lock before closing shared resource (cb73f217e).
Shared resources are internal to gRPC for sharing expensive objects
across channels and servers, like threads. This reduces the chances of
forming a deadlock, like seen with s2a in d50098f</li>
<li>Upgrade gson to 2.12.1 (6dab2ceab)</li>
<li>Upgrade dependencies (f36defa2d). proto-google-common-protos to
2.63.1, google-auth-library to 1.40.0, error-prone annotations to
2.44.0, guava to 33.5.0-android, opentelemetry to 1.56.0</li>
<li>compiler: Update maximum supported protobuf edition to EDITION_2024
(2f64092b8)</li>
<li>binder: Introduce server authorization strategy v2 (d9710725d). Adds
support for <code>android:isolatedProcess</code> Services and moves all
security checks to the handshake, making subsequent transactions more
efficient.</li>
</ul>
<h3>New Features</h3>
<ul>
<li>compiler: Upgrade to C++ protobuf 33.1 (<a
href="https://redirect.github.com/grpc/grpc-java/issues/12534">#12534</a>)
(58ae5f808).</li>
<li>util: Add gRFC A68 random subsetting LB (48a42889d). The policy uses
the name <code>random_subsetting_experimental</code>. If it is working
for you, tell us so we can gauge marking it stable. While the xDS
portions haven’t yet landed, it is possible to use with xDS with
JSON-style Structs as supported by gRFC A52</li>
<li>xds: Support for System Root Certs (<a
href="https://redirect.github.com/grpc/grpc-java/issues/12499">#12499</a>)
(51611bad1). Most service mesh workloads use mTLS, as described in gRFC
A29. However, there are cases where it is useful for applications to use
normal TLS rather than using certificates for workload identity, such as
when a mesh wants to move some workloads behind a reverse proxy. The xDS
<code>CertificateValidationContext</code> message (see <a
href="https://redirect.github.com/envoyproxy/envoy/pull/34235">envoyproxy/envoy#34235</a>)
has a <code>system_root_certs</code> field. In the gRPC client, if this
field is present and the <code>ca_certificate_provider_instance</code>
field is unset, system root certificates will be used for validation.
This implements <a
href="https://github.com/grpc/proposal/blob/master/A82-xds-system-root-certs.md">gRFC
A82</a>.</li>
<li>xds: Support for GCP Authentication Filter (<a
href="https://redirect.github.com/grpc/grpc-java/issues/12499">#12499</a>)
(51611bad1). In service mesh environments, there are cases where
intermediate proxies make it impossible to rely on mTLS for end-to-end
authentication. These cases can be addressed instead by the use of
service account identity JWT tokens. The xDS <a
href="https://www.envoyproxy.io/docs/envoy/latest/configuration/http/http_filters/gcp_authn_filter">GCP
Authentication filter</a> provides a mechanism for attaching such JWT
tokens as gRPC call credentials on GCP. gRPC already supports a
framework for xDS HTTP filters, as described in <a
href="https://github.com/grpc/proposal/blob/master/A39-xds-http-filters.md">gRFC
A39</a>. This release supports the GCP Authentication filter under this
framework as described in <a
href="https://github.com/grpc/proposal/blob/master/A83-xds-gcp-authn-filter.md">gRFC
A83</a>.</li>
<li>xds: Support for xDS-based authority rewriting (<a
href="https://redirect.github.com/grpc/grpc-java/issues/12499">#12499</a>)
(51611bad1). gRPC supports getting routing configuration from an xDS
server, as described in gRFCs <a
href="https://github.com/grpc/proposal/blob/master/A27-xds-global-load-balancing.md">A27</a>
and <a
href="https://github.com/grpc/proposal/blob/master/A28-xds-traffic-splitting-and-routing.md">A28</a>.
The xDS configuration can configure the client to rewrite the authority
header on requests. This functionality can be useful in cases where the
server is using the authority header to make decisions about how to
process the request, such as when multiple hosts are handled via a
reverse proxy. Note that this feature is solely about rewriting the
authority header on data plane RPCs; it does not affect the authority
used in the TLS handshake.<br />
As mentioned in <a
href="https://github.com/grpc/proposal/blob/master/A29-xds-tls-security.md">gRFC
A29</a>, there are use-cases for gRPC that prohibit trusting the xDS
server to control security-centric configuration. The authority
rewriting feature falls under the same umbrella as mTLS configuration.
As a result, the authority rewriting feature will only be enabled when
the bootstrap config for the xDS server has
<code>trusted_xds_server</code> in the <code>server_features</code>
field.</li>
<li>xds: xDS based SNI setting and SAN validation (<a
href="https://redirect.github.com/grpc/grpc-java/issues/12378">#12378</a>)
(0567531). When using xDS credentials make SNI for the Tls handshake to
be configured via xDS, rather than use the channel authority as the SNI,
and make SAN validation to be able to use the SNI sent when so
instructed via xDS. Implements gRFC <a
href="https://github.com/grpc/proposal/blob/master/A101-SNI-setting-and-SNI-SAN-validation.md">A101</a>.</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>api: Document gRFC A18 TCP_USER_TIMEOUT handling for keepalive
(da7038782)</li>
<li>core: Fix AbstractClientStream Javadoc (28a6130e8)</li>
<li>examples: Document how to preserve META-INF/services in uber jars
(97695d523)</li>
</ul>
<h3>Thanks to</h3>
<ul>
<li><a
href="https://github.com/panchenko"><code>@panchenko</code></a></li>
<li><a
href="https://github.com/Dayuxiaoshui"><code>@Dayuxiaoshui</code></a></li>
<li><a
href="https://github.com/becomeStar"><code>@becomeStar</code></a></li>
<li><a href="https://github.com/kssumin"><code>@kssumin</code></a></li>
<li><a
href="https://github.com/marcindabrowski"><code>@marcindabrowski</code></a></li>
<li><a
href="https://github.com/MariusVolkhart"><code>@MariusVolkhart</code></a></li>
<li><a href="https://github.com/Zgoda91"><code>@Zgoda91</code></a></li>
<li><a
href="https://github.com/devalkone"><code>@devalkone</code></a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/grpc/grpc-java/commit/8fa6000259958fd3b2bdba579ea7dc002ad95777"><code>8fa6000</code></a>
Bump version to 1.78.0</li>
<li><a
href="https://github.com/grpc/grpc-java/commit/87df333f8ebd23669734b19c16e2cb7a187fded3"><code>87df333</code></a>
Update README etc to reference 1.78.0</li>
<li><a
href="https://github.com/grpc/grpc-java/commit/283f1031f7b48ce32a2f91bb92bac93a0ca29bdd"><code>283f103</code></a>
netty: Run handshakeCompleteRunnable in success cases</li>
<li><a
href="https://github.com/grpc/grpc-java/commit/eb8a63cefb827337cc9fd4c5a3877d96a238c1d6"><code>eb8a63c</code></a>
Introduce io.grpc.Uri. (<a
href="https://redirect.github.com/grpc/grpc-java/issues/12535">#12535</a>)</li>
<li><a
href="https://github.com/grpc/grpc-java/commit/58ae5f808cf8e20c5864033c9a8f485b237f9dfc"><code>58ae5f8</code></a>
compiler: Upgrade to protobuf 33.1 (<a
href="https://redirect.github.com/grpc/grpc-java/issues/12534">#12534</a>)</li>
<li><a
href="https://github.com/grpc/grpc-java/commit/8d49dc1c9129fc42c6b80584f5dbad1a543009b5"><code>8d49dc1</code></a>
okhttp: Fix race condition overwriting MAX_CONCURRENT_STREAMS (<a
href="https://redirect.github.com/grpc/grpc-java/issues/12548">#12548</a>)</li>
<li><a
href="https://github.com/grpc/grpc-java/commit/b1a94a410e1926fb870e9717d11c7d8f85c62cb6"><code>b1a94a4</code></a>
xds: implement server feature fail_on_data_errors (<a
href="https://redirect.github.com/grpc/grpc-java/issues/12544">#12544</a>)</li>
<li><a
href="https://github.com/grpc/grpc-java/commit/55ae1d0541c3482cf9fa2cadb156b1da6852deb4"><code>55ae1d0</code></a>
rls: Avoid missed config update from reentrancy</li>
<li><a
href="https://github.com/grpc/grpc-java/commit/53a092646a0883c29d3bc8f05277b9f0c15a1ce6"><code>53a0926</code></a>
xds: fix race in simpleFlowControl (<a
href="https://redirect.github.com/grpc/grpc-java/issues/12547">#12547</a>)</li>
<li><a
href="https://github.com/grpc/grpc-java/commit/f36defa2d3950de103d2a2dc73fc7f308d35f624"><code>f36defa</code></a>
Upgrade dependencies</li>
<li>Additional commits viewable in <a
href="https://github.com/grpc/grpc-java/compare/v1.73.0...v1.78.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>1 parent 3206fe5 commit 936a31a
1 file changed
+1
-1
lines changed| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
98 | 98 | | |
99 | 99 | | |
100 | 100 | | |
101 | | - | |
| 101 | + | |
102 | 102 | | |
103 | 103 | | |
104 | 104 | | |
| |||
0 commit comments