arrow icon indicating copy to clipboard operation
arrow copied to clipboard
verified publisher icon apache

MINOR: [Java] Bump io.grpc:grpc-bom from 1.63.0 to 1.65.0 in /java

Open dependabot[bot] opened this issue 1 year ago • 1 comments

Bumps io.grpc:grpc-bom from 1.63.0 to 1.65.0.

Release notes

Sourced from io.grpc:grpc-bom's releases.

v1.65.0

grpc-netty in this release is compatible with Netty 4.1.111; it fixes the incompatibility that caused data corruption. grpc-netty-shaded is still using Netty 4.1.100.

New Features

  • New module grpc-gcp-csm-observability (df8cfe9dd)

Improvements

  • api: Add ClientStreamTracer.inboundHeaders(Metadata) (960012d76). This is the same as the existing inboundHeaders(), but is provided the Metadata
  • api: Fix various typos in the documentation (#11144) (6ec744f2a)
  • core: When queuing RPCs, don’t request picks from the LB twice (8844cf7b8). This could be viewed as a small performance optimization, but mainly reduces the amount of race-handling code
  • util: Improve AdvancedTlsX509KeyManager’s documentation, verification, and testing. (#11139) (781b4c457) This change shows @ExperimentalApi being removed, but it was re-added in 3c97245 before the release
  • examples: Fix broken command in reflection readme (#11131) (c31dbf48a)
  • binder: Add a connection timeout (#11255) (791f894e2)

Bug fixes

  • core: Exit idle mode when delayed transport is in use (fea577c80). This was a long-standing race that could cause RPCs to hang, but was very unlikely to be hit. Avoiding the double-picking (8844cf7b8) made the race more visible
  • netty: Fix Netty composite buffer merging to be compatible with Netty 4.1.111 (#11294) (0fea7dd). The previous behavior easily caused data corruption
  • okhttp: Workaround SSLSocket not noticing socket is closed (a28357e19). Previously, shutting down when a new connection was being established could result in the server never becoming terminated
  • inprocess: Fix listener race if transport is shutdown while starting (e4e7f3a06). This issue was unlikely to be hit outside of specialized tests
  • services: restore //services:binarylog bazel target (#11292) (d57f271). This fixes a regression introduced in 1.62.2
  • binder: Wait for all server transports to terminate before returning the security policy executor to the object pool (#11240) (34ee600dc)
  • binder: Reject further SETUP_TRANSPORT requests post-BinderServer shutdown (#11260) (1670e97f7)
  • bazel: Include missing com_google_protobuf_javalite in MODULE.bazel (#11147) (f995c121e)

Thanks to

@​hakusai22 @​firov @​mateusazis @​Mir3605 @​niloc132

v1.64.1

What's Changed

v1.64.0

Avoid upgrading your application to Netty 4.1.111, as there is a possible corruption. Still investigating. See grpc/grpc-java#11284 .

API Changes

  • compiler: the option jakarta_omit was renamed @generated=omit (#11086) (8a21afcc9)

New Features

  • New API LoadBalancer.getChannelTarget() (4561bb5b8)
  • opentelemetry: Publish new module grpc-opentelemetry (5ba1a5563). The feature is still missing documentation and an example. It only supports metrics; tracing and logs will be future enhancements. See gRFC A66
  • bazel: Add support for bzlmod (#11046) (d1890c0ac)
  • bazel: Replace usages of the old compatibility maven targets with @maven targets (00649913b)
  • okhttp: Support serverBuilder.maxConcurrentCallsPerConnection (Fixes #11062). (#11063) (805072339)
  • xds: Experimental metrics recording in WRR LB (06df25b65, 35a171bc1, 2897b3939), to be exported by grpc-opentelemetry if explicitly enabled in GrpcOpenTelemetry. See gRFC A78
  • rls: Experimental metrics recording in RLS LB (a9fb272b7, a1d19327f, 813331837), to be exported by grpc-opentelemetry if explicitly enabled in GrpcOpenTelemetry

... (truncated)

Commits
  • 6296726 Bump version to 1.65.0
  • 4d25c34 Update README etc to reference 1.65.0
  • fb761a1 services: restore //services:binarylog bazel target (#11292)
  • 3c97245 util: Add ExperimentalApi to AdvancedTlsX509KeyManager
  • c11b560 Remove unused imports from CSM Observability example (#11307) (#11310)
  • 4824eaf all:Add GCP CSM Observability (#11305) (#11308)
  • d6ce8c5 examples: Add gRPC OpenTelemetry example (v1.65.x backport) (#11309)
  • b9927b0 netty:Fix Netty composite buffer merging to be compatible with Netty 4.1.111 ...
  • 71eca4e opentelemetry: Add explicit histogram buckets for per-call metrics (#11281) (...
  • f54cdf0 examples: Add GCP CSM Observability example (v1.65.x backport) (#11286)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Jul 01 '24 16:07 dependabot[bot]

@lidavidm I think we encountered this issue earlier as well. We shouldn't upgrade at this moment right?

vibhatha avatar Jul 02 '24 00:07 vibhatha

This change is currently included in the proposed Java 8 deprecation PR: https://github.com/apache/arrow/pull/43139

danepitkin avatar Jul 03 '24 21:07 danepitkin

~I think I add to update grpc to address some module declaration issue but I now realize that it may causing some integration test issues. I'll try and check~

Switching from maven-assembly-plugin to maven-shade-plugin allows to use transformers for service manifests and solves the issue

laurentgo avatar Jul 03 '24 21:07 laurentgo

We can close this in favor of the other PR then?

lidavidm avatar Jul 04 '24 01:07 lidavidm

grpc was updated in a separate PR.

danepitkin avatar Jul 25 '24 16:07 danepitkin

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

dependabot[bot] avatar Jul 25 '24 16:07 dependabot[bot]