AirPlayAuth icon indicating copy to clipboard operation
AirPlayAuth copied to clipboard

Published 20 hours ago verified publisher icon openairplay

fix(deps): update dependency io.grpc:grpc-netty-shaded to v1.49.1

Open renovate-bot opened this issue 3 years ago • 0 comments

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
io.grpc:grpc-netty-shaded 1.20.0 -> 1.49.1 age adoption passing confidence

⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.

Release Notes

grpc/grpc-java

v1.49.1

Bug Fixes
  • xds: Fix a bug in ring-hash load balancing policy that, during TRANSIENT_FAILURE state, it might cause unnecessary internal connection requests on subchannels. (#​9537)
  • auth: Fix AppEngine failing while retrieving access token when instantiating a blocking stub using AppEngineCredentials (#​9524)
Behavior Changes

v1.49.0

New Features
  • okhttp: Add OkHttpServerBuilder. The server can be used directly, but is not yet available via ServerBuilder.forPort() and Grpc.newServerBuilderForPort(). It passes our tests, but has seen no real-world use. It is also lacking connection management features
  • okhttp: Add support for byte-based private keys via TlsChannelCredentials and TlsServerCredentials
  • core: New outlier detection load balancer
  • googleapis: google-c2p resolver is now stabilized
Bug Fixes
  • core: Fix retry causing memory leak for canceled RPCs. (#​9360)
  • core: Use SyncContext for InProcess transport callbacks to avoid deadlocks. This fixes the long-standing issue #​3084 which prevented using directExecutor() in some tests using streaming RPCs
  • core: Disable retries with in-process transport by default (#​9361). In-process does not compute message sizes so can retain excessive amounts of memory
  • bazel: Use valid target name for services and xds when overriding Maven targets (#​9422). This fixes an error of the form no such target '@​io_grpc_grpc_java//services:services' for services and missing ORCA classes for xds. The wrong target names were introduced in 1.47.0
  • xds: channel_id hash policy now uses a random per-channel id instead of an incrementing one. The incrementing id was the same for every process of a binary, which was not the intention (#​9453)
  • core: Fix a bug that the server stream should not deliver halfClose() when the call is immediately canceled. The bug causes a bad message INTERNAL, desc: Half-closed without a request at server call. (#​9362)
  • xds: Remove shaded orca proto dependency in ORCA api. The shading was broken and couldn't really be used. (#​9366)
Behavior Changes
  • gcp-observability: Interceptors are now injected in more situations, including for non-Netty transports and when using transport-specific APIs like NettyChannelBuilder. (#​9309 #​9312 #​9424)
  • gcp-observability: custom tags now extended to metrics and traces (#​9402 #​9407)
  • gcp-observability: excludes RPCs into Google Cloud Ops backend for instrumentation (#​9436)
  • xds: xdsNameResolver now matches channel overrideAuthority in virtualHost matching (#​9405)
Acknowledgement

@​benjaminp @​j-min5u

v1.48.1

New Features

ORCA provides APIs to inject custom metrics at a gRPC server, and consume them at a gRPC client. It implements A51: Custom Backend Metrics Support. We changed the ORCA APIs; they had broken shading and couldn't really be used, so we fixed them in the patch release.

Bug Fixes
  • core: Fix a bug that the server stream should not deliver halfClose() when the call is immediately canceled. The bug causes a bad message INTERNAL, desc: Half-closed without a request at server call. (#​9362)
  • core: Fix retry causing memory leak for cancelled RPCs. (#​9415)
  • core: Disable retry by default for in-process transport's channel.(#​9368)

v1.48.0

Bug Fixes
  • Removed the Class-Path manifest entry from jars generated with the gradle shadow plugin (#​9270). This should prevent “[WARNING] [path] bad path element” compilation warnings
  • Fix Channelz HTTP/2 window reporting. Previously the sender and receiver windows were reversed
  • Service config parse failures should be UNAVAILABLE, not INVALID_ARGUMENT (#​9346). This bug could cause RPCs to fail with INVALID_ARGUMENT if the service config was invalid when the channel started. RPCs were not failed if the channel had previously received no config or a valid config. Channels using xds were not exposed to this issue
New Features
Improvements
  • Changed the debug strings for many Attributes.Keys to reference the API of the key. This should make it easier to find the API the key is exposed when using attributes.toString()
  • api: Document Attributes.Key uses reference equality. This is to make it clear the behavior is on purpose, and mirrors other Key types in the API
  • api: Explain security constraints of EquivalentAddressGroup.ATTR_AUTHORITY_OVERRIDE, to avoid misuse by NameResolvers (#​9281)
  • testing: GrpcCleanupRule now extends ExternalResource. This makes it usable with JUnit 5
  • core: Clear ConfigSelector when the channel enters panic mode (#​9272). This prevents hanging RPCs if panic mode is entered very early in the channel lifetime and makes panic mode more predictable when xds is in use. Panic mode is a Channel feature used when a bug causes an unrecoverable error
  • core: Avoid unnecessary flushes for unary responses. It optimizes the response flow (#​9273)
  • core: Use the offload executor in CallCredentials rather than the executor from CallOptions (#​9313)
  • compiler: support protoc compiling on loongarch_64 and ppc64le platform (#​9178 #​9284)
  • binder: Add security Policy for verifying signature using sha-256 hash (#​9305)
  • xds: clusterresolver reuses child policy names for the same locality to avoid subchannel connection churns (#​9287)
  • xds: Fail RPCs with error details when resources are deleted instead of “NameResolver returned no usable address errors” (#​9337)
  • xds: Support least_request LB in LoadBalancingPolicy (#​9262)
  • xds: weighted target to delay picker updates while updating children (#​9306)
  • xds: delete the permanent error logic in processing LDS updates in XdsServerWrapper (#​9268)
  • xds: when delegate server throws on start communicate the error to statusListener (#​9277)
Dependencies
  • Bump Guava to 31.1
  • Bump protobuf to 3.21.1 (#​9311)
  • Bump Error Prone annotations to 2.14.0
  • Bump Animal Sniffer annotations to 1.21
  • Bump Netty to 4.1.77.Final and netty_tcnative to 2.0.53.Final
  • protobuf: Bump com.google.api.grpc:proto-google-common-protos to 2.9.0
  • alts: Bump Conscrypt to 2.5.2
  • xds: Bump RE2J to 1.6
  • xds: Remove unused org.bouncycastle:bcpkix-jdk15on dependency
  • xds: Update xDS protos (#​9223)
Acknowledgements

@​mirlord @​zhangwenlong8911 @​adilansari @​amirhadadi @​jader-eero @​jvolkman @​sumitd2

v1.47.0

Bug Fixes
  • api: Ignore ClassCastExceptions for hard-coded providers on Android (#​9174). This avoids ServiceConfigurationError in certain cases when an “SDK” includes a copy of gRPC that was renamed with Proguard-like tools that do precise class name rewriting (versus something like Maven Shade Plugin which uses coarse pattern matching)
  • binder: respect requested message limits when provide received messages to listener (#​9163)
  • binder: Avoid an ISE from asAndroidAppUri() (#​9169)
  • okhttp: Use the user-provided ScheduledExecutorService for keepalive if provided. Previously the user-provided executor was used for deadlines, but not keepalive. Keepalive always used the default executor (#​9073)
  • bom: Reverted “bom: Removed protoc-gen-grpc-java from the BOM” in v1.46.0. There was a way to use it with Gradle (#​9154)
  • build: fix grpc-java build against protobuf 3.21 (#​9218)
  • grpclb: Adds missing META-INF resources to libgrpclb.jar produced by bazel //grpclb:grpclb target (#​9156)
  • xds: Protect xdstp processing with federation env var. If the xds server uses xdstp:// resource names it was possible for federation code paths to be entered even without enabling the experimental federation support. This is now fixed and it is safe for xds servers to use xdstp:// resource names. (#​9190)
  • xds: fix bugs in ring-hash load balancer picking subchannel behavior per gRFC. The bug may cause connection not failing over from TRANSIENT_FAILURE status. (#​9085)
  • xds: NACK EDS resources with duplicate localities in the same priority (#​9119)
New Features
  • api: Add connection management APIs to ServerBuilder (#​9176). This includes methods for keepalive, max connection age, and max connection idle. These APIs have been available on NettyServerBuilder since v1.4.0
  • api: allow NameResolver to influence which transport to use (#​9076)
  • api: New API in ServerCall to expose SecurityLevel on server-side (#​8943)
  • netty: Add NameResolver for unix: scheme, as defined in gRPC Name Resolution (#​9113)
  • binder: add allOf security policy, which allows access iff ALL given security policies allow access. (#​9125)
  • binder: add anyOf security policy, which allows access if ANY given security policy allows access. (#​9147)
  • binder: add hasPermissions security policy, which checks that a caller has all of the given package permissions. (#​9117)
  • build: Add Bazel build support for xds, googleapis, rls, and services. grpc-services previously had partial bazel support, but some parts were missing. These artifacts are now configured via IO_GRPC_GRPC_JAVA_OVERRIDE_TARGETS so maven_install will not use the artifacts from Maven Central (#​9172)
  • xds: New ability to configure custom load balancer implementations via the xDS Cluster.load_balancing_policy field. This implements gRFC A52: gRPC xDS Custom Load Balancer Configuration. (#​9141)
  • xds, orca: add support for custom backend metrics reporting: allow setting metrics at gRPC server and consuming metrics reports from a custom load balancing policy at the client. This implements gRFC A51: Custom Backend Metrics Support.
  • xds: include node ID in RPC failure status messages from the XdsClient (#​9099)
  • xds: support for the is_optional logic in Cluster Specifier Plugins: if an unsupported Cluster Specifier Plugin is optional, don't NACK, and skip any routes that point to it. (#​9168)
Behavior Changes
  • xds: Allow unspecified listener traffic direction, to match other languages and to work with Istio (#​9173)
  • xds: change priority load balancer failover time behavior and ring_hash LB aggregation rule to better handle transient_failure channel status (#​9084, #​9093)
Dependencies
  • Bump GSON to 2.9.0. Earlier versions of GSON are affected by CVE-2022-25647. gRPC was not impacted by the vulnerability. (#​9215)
  • gcp-observability: add grpc-census as a dependency and update opencensus version (#​9140)
Acknowledgements

@​caseyduquettesc @​cfredri4 @​jvolkman @​mirlord @​ovidiutirla

v1.46.0

Bug Fixes
  • netty: Fixed incompatibility with Netty 4.1.75.Final that caused COMPRESSION_ERROR (#​9004)
  • xds: Fix LBs blindly propagating control plane errors (#​9012). This change forces the use of UNAVAILABLE for any xDS communication failures, which otherwise could greatly confuse an application. This is essentially a continuation of the fix in 1.45.0 for XdsNameResolver, but for other similar cases
  • xds: Fix ring_hash reconnecting behavior. Previously a TRANSIENT_FAILURE subchannel would remain failed forever
  • xds: Fix ring_hash defeating priority’s failover connection timeout. grpc/proposal#​296
  • binder: Work around an Android Intent bug for consistent AndroidComponentAndress hashCode() and equals() (#​9061)
  • binder: Fix deadlock when using process-local Binder (#​8987). Process-local binder has a different threading model than normal FLAG_ONEWAY, so this case is now detected and the FLAG_ONEWAY threading model is emulated
  • okhttp: Removed dead code in io.grpc.okhttp.internal.Util. This should have no impact except for static code analysis. This code was never used and was from the process of forking okhttp. It calculated things like MD5 which can trigger security scanners (#​9071)
Behavior Changes
  • java_grpc_library.bzl: Pass use_default_shell_env = True for protoc (#​8984). This allows using MinGW on Windows
  • xds: Unconditionally apply backoff on ADS and LDS stream recreation. Previously if a message had been received on the stream no backoff wait would be performed. This limits QPS to a buggy server to 1 QPS, instead of a closed loop
  • xds: Skip Routes within VirtualHosts whose RouteAction has no cluster_specifier. This probably means the control plane is using a cluster_specifier field unknown/unsupported by gRPC. The control plane can repeat the Route with a different cluster_specifier for compatibility with older clients
  • xds: Support xds.config.resource-in-sotw client capability. Resources wrapped in a io.envoyproxy.envoy.service.discovery.v3.Resource message are now supported (#​8997)
New Features
  • gcp-observability: A new experimental module for improving visibility into gRPC workloads. Initially supports logging RPCs to Google Cloud Logging
  • grpclb: Support setting initial fallback timeout by service config (#​8980)
Dependencies
  • PerfMark bumped to 0.25.0 (#​8948)
  • okhttp: the okhttp dependency is now compile only (#​8971). Okhttp’s internal HTTP/2 implementation was forked inside grpc-okhttp a long time ago, but there had been a few stray internal classes that had not been forked but should have been. That has now been fixed in preparation for OkHttp 3/4 support. Compile-only may cause a runtime failure for code using reflection on OkHttpChannelBuilder; add a dependency on okhttp 2.7.4 to resolve
  • bom: Removed protoc-gen-grpc-java from the BOM, as the classifier was confusing and it provided no value (#​9020)
Acknowledgements

@​jesseschalken @​kluever @​beatrausch

v1.45.1

Bug Fixes

  • netty: Fixed incompatibility with Netty 4.1.75.Final that caused COMPRESSION_ERROR (#​9004)
  • xds: Fix LBs blindly propagating control plane errors (#​9012). This change forces the use of UNAVAILABLE for any xDS communication failures, which otherwise could greatly confuse an application. This is essentially a continuation of the fix in 1.45.0 for XdsNameResolver, but for other similar cases

v1.45.0

gRPC Java 1.45.0 Release Notes
Bug Fixes
  • rls: fix child lb leak when client channel is shutdown (#​8750)
  • rls: fix RLS lb policy name (#​8867)
  • testing: fix GrpcCleanupRule issue when retrying tests (#​8918)
  • xds: Fix XdsNameResolver blindly propagates control plane errors (#​8953). This change forces the use of UNAVAILABLE for any xDS communication failures, which otherwise could greatly confuse an application
  • xds: fix validation code to accept new-style CertificateProviderPluginInstance (#​8892)
  • xds: fix a concurrency issue in CSDS ClientStatus responses (#​8795)
  • xds: Squelch "Failed to resolve name" ADS reconnection error logs. Workaround for #​8886 (#​8942)
  • xds: Improve priority failover handling for IDLE subpolicies (#​8926). This mainly improves behavior with ring_hash
  • bom: Include grpc-binder
  • binder: Fix a ServiceConnection leak (#​8861)
  • binder: Increase fairness across streams when limited by flow control. This can dramatically reduce latency when channel is being used for high throughput (#​8835)
  • android: fix for app coming to foreground (#​8855)
Behavior Changes
  • Local-only transparent retry is (practically) unlimited now. Previously it was at most once per RPC.
  • xds: implement least_request load balancing policy (#​8739)
Dependencies
  • Bump Error Prone Annotations to 2.10.0
  • Bump Guava to 31.0.1-android
  • Bump Google Auth Library to 1.4.0
  • Bump Auto Value to 1.9
  • netty: Include both x86 and Arm64 epoll as dependency for grpc-netty-shaded
  • testing: remove opencensus dependency from grpc-testing (#​8833)

v1.44.1

Bug Fixes
  • xds: fix the validation code to accept new-style CertificateProviderPluginInstance wherever used (#​8901 fixes #​8885)
  • binder: Fix a ServiceConnection leak (#​8861 closes #​8726)
  • android: fix for app coming to foreground (#​8904 closes #​8850)

v1.44.0

gRPC Java 1.44.0 Release Notes

Java 7 is no longer supported. This release uses Java 8 bytecode, except for grpc-context which remains on Java 7 bytecode. Users requiring Java 7 are encouraged to use the v1.41.x branch. See gRFC P5. Android support remains API level 19+. If this is expected to cause undue hardship or community issues, please contact us via a GitHub issue or [email protected].

Java 8 users pay note: per gRFC P5, gRPC may drop Java 8 support as soon as March this year. If this is expected to cause undue hardship or community issues, please contact us via a GitHub issue or [email protected].

API Changes
  • Removed deprecated StreamInfo.transportAttrs (#​8768)
Bug Fixes
Behavior Changes
  • Binder: Enclose all operations in BinderTransport even when an exception was thrown. (#​8733)*
  • Binder: Fix a bug that might cause memory leaks in binder. (#​8728)
Dependencies
  • Upgraded Protobuf to 3.19.2 to avoid CVE-2021-22569. See the protobuf advisory
  • Bump GSON to 2.8.9 (#​8759)
  • Bump Netty to 4.1.72.Final and tcnative to 2.0.46.Final (#​8780)
Acknowledgement
  • groakley@
  • apolcyn@
  • beatrausch@
  • danielnorberg@
  • jdcormie@

v1.43.2

Dependencies

v1.43.1

Bug Fixes
  • core: fix a race condition when calling ManagedChannel#enterIdle() (#​8761)
Dependencies

v1.43.0

API Changes
  • alts: Make GoogleDefaultChannelCredentials take a CallCredentials (#​8548)
  • binder: Support BinderChannelBuilder.forTarget (#​8633)
  • inprocess: Add support for anonymous in-process servers (#​8589)
Bug Fixes
  • census: fixed a bug which in rare cases, a NullPointerException may be thrown by recordFinishedAttempt(). Users not enabling grpc-census are not impacted by this bug (#​8706)
  • xds: stop generating UUIDs for filter chains that lack them. The UUID was preventing the XdsServer from noticing when a control plane sent a needless duplicate update, causing XdsServer to drain all its existing connections to use the “new” configuration #​8663
  • xds: fix a bug where XdsServer didn’t block start() when configuration is missing, and instead errored. #​8660
New Features
  • protoc-gen-grpc-java plugin support for Apple M1 architecture (#​7690)
  • okhttp: introduced new TLS1.2 cipher suites and internal okhttp implementation for TLS1.3 prepared (#​8650)
  • netty: Add ability to set system property -Dio.grpc.netty.disableConnectionHeaderCheck=false to disable HTTP Connection header check. This is a temporary workaround to allow fixing out-of-spec HTTP/2 clients (#​8683)
Dependencies
Acknowledgement

@​beatrausch @​benjaminp Benjamin Peterson @​cfredri4 @​kdubb Kevin Wooten

v1.42.2

Bug Fixes
  • census: fixed a bug which in rare cases, a NullPointerException may be thrown by recordFinishedAttempt(). Users not enabling grpc-census are not impacted by this bug (#​8706)
  • core: fix a race condition when calling ManagedChannel.enterIdle() (#​8746)
Dependencies
  • Upgraded Protobuf to 3.18.2 to avoid CVE-2021-22569. See the protobuf advisory
  • Upgraded Guava to 30.1.1-android

v1.42.1

Bug fixes:

  • xds: fix a bug that invalid resources from the control plane was internally classified as missing configuration, but instead it should be classified as a transient error. This will change load balancing states on failure handling behavior: for example, missing LDS at xDS server would make it enter “not serving” mode but a transient error does not affect serving status. #​8690
  • xds: fix a bug where XdsServer didn’t block start() when configuration is missing, and instead errored. #​8690
  • xds: stop generating UUIDs for filter chains that lack them. The UUID was preventing the XdsServer from noticing when a control plane sent a needless duplicate update, causing XdsServer to drain all its existing connections to use the “new” configuration #​8688

New feature:

  • netty: Add ability to set system property -Dio.grpc.netty.disableConnectionHeaderCheck=false to disable HTTP Connection header check. This is a temporary workaround to allow fixing out-of-spec HTTP/2 clients #​8683
  • compiler: Protoc plugin for macOS x86 is duplicated to be used on the aarch architecture, to ease use on arm64 macs. The plugin is not actually ARM64, just named as such. Future work will need to compile it appropriately #​8680

v1.42.0

In this release we drop support for Android API level 18 or lower (Jelly Bean or earlier), following Google Play Service’s discontinued updates for Jelly Bean (API levels 16, 17 & 18).

API Changes
  • xds: Added XdsServerBuilder.overrideBootstrapForTest() to provide bootstrap override for testing purposes. This way, the test does not need to use the shared environment variable for bootstrap injection. (#​8575)
  • api: Stabilize the Status.asException(Metadata) method. (#​8520)
  • core/auth: Remove CallCredentials2 (#​8572). CallCredentials2 was introduced in 1.16.0 to ease migration of CallCredentials to an abstract class. CallCredentials has been preferred over CallCredentials2 since 1.19.0
Bug Fixes
  • netty: Requests with Connection header are malformed. This is required per HTTP/2. The server now rejects such requests. To improve debuggability for clients, Metadata.Key will log if creating a key for “Connection”
  • grpclb: Fix “IllegalStateException: already in fallback” channel panic, by not starting fallback timer if already in fallback (#​8646). This builds on the fix in 1.38.1. The bug was introduced in 1.38.0.
  • core, netty, okhttp: Fix AbstractManagedChannelImplBuilder#maxInboundMessageSize(int) ABI (#​8607). Solves the issue with NettyChannelBuilder.maxInboundMessageSize(int) and OkHttpChannelBuilder.maxInboundMessageSize(int) not working in rare cases when pre-1.33 builds combined with post-1.33. See issue #​8313 for the details.
New Features
  • binder: A new transport with channel and server builders which support cross-process and cross-application communication on Android. BinderChannel is production ready and in use by several Google applications, though the APIs are still experimental and subject to change. It does not currently support rpc-level flow control for streaming RPCs. See gRFC L73 for background.
  • xds: implemented rbac filter per A41 xDS RBAC. This is the first HTTP filter supported on server-side.
  • stub: add ServerCallStreamObserver.setOnCloseHandler(Runnable). Notified when gRPC has completed processing the RPC. (#​8452)
Behavior Changes
  • core: gRPC-Java library discards any Content-Length header set by the application because in most cases this header is blindly forwarded from some other source and is incorrect for gRPC payload.
  • netty: Use Host header on server-side if :authority is not present
  • rls: the cache_size in route lookup config is limited to 5M
  • core: changed the level mapping ChannelLogger uses for java.util.logging.Level (#​8531). It is now possible to enable Java logging for Channelz’s INFO without also enabling DEBUG (previously they were both FINEST).
Dependencies
  • Compatibility with the upcoming Bazel 5 added. This required dropping support for Bazel 1-3. Bazel 4 or later is required (#​7598)
  • netty: bump netty to 4.1.63.Final and tcnative to 2.0.38.Final. (#​8167)
Improvements
  • core: io.grpc.util.AdvancedTlsX509KeyManager and AdvancedTlsX509TrustManager support loading configuration from static files. (#​8525)
  • core: io.grpc.util.CertificateUtils.getPrivateKey() now supports RSA and EC key algorithms

v1.41.2

Bug Fixes
  • core: fix a race condition when calling ManagedChannel.enterIdle() (#​8763)
  • xds: stop generating UUIDs for filter chains that lack them. The UUID was preventing the XdsServer from noticing when a control plane sent a needless duplicate update, causing XdsServer to drain all its existing connections to use the “new” configuration #​8736
Dependencies
  • Upgraded Protobuf to 3.18.2 to avoid CVE-2021-22569. See the protobuf advisory
  • Upgraded Guava to 30.1.1-android

v1.41.1

Bug Fixes
  • grpclb: Fix “IllegalStateException: already in fallback” channel panic, by not starting fallback timer if already in fallback (#​8646). This builds on the fix in 1.38.1. The bug was introduced in 1.38.0.

v1.41.0

For users requiring Java 7, the later grpc-java 1.44 release dropped support for Java 7. This v1.41.x branch is the selected gathering point for users continuing to require Java 7. See gRFC P5.

API Changes
  • stub: Mark Stub-based MetadataUtils methods deprecated (#​8395). The interceptor-based versions have been stable for a long time and are preferred
Bug Fixes
  • census: Fixed a data race in CensusStatsModule which in rare cases may cause NullPointerException (#​8459)
  • xds: Fixed a bug in SharedCallCounterMap which in rare cases may cause NullPointerException (#​8397)
  • core: ServerCall.isCancelled() and ServerCallStreamObserver.isCancelled() implementations no longer incorrectly return true at the end of every RPC (#​8408)
  • core: ManagedChannel no longer immediately exits idle mode after an enterIdle() call when it has any calls in progress
  • netty-shaded: Modify the shading operation to transform native-image resources so they correctly reference shaded class names (#​7540)
  • netty-shaded: Rename native-image resources to avoid collisions with Netty’s copy, which were modified starting in 1.39.0
  • rls: avoid NullPointerException in RLS in certain circumstances when calling channel.getState(true) or if a parent load balancer requests a connection (#​8379)
New Features
  • xds: xDS-based TLS security (gRFC 29) is now stable
  • util: Added new classes AdvancedTlsX509TrustManager and AdvancedTlsX509KeyManager, which support reloading keys and trust roots as they change. They also can make custom verification easier by handling the hostname verification. (#​8175)
  • xds: Added XdsNameResolverProvider.createForTest() to allow using a different bootstrap configuration in tests (#​8358)
Behavior Changes
  • rls: migrated the deprecated server and path fields in RouteLookupRequest to using the new extra_keys field in RLS config
Improvements
  • api: Document that NameResolvers shouldn’t block within their methods (#​8398). The offload executor should be used for blocking operations
  • stub: Document StreamObserver is an async API, and how it internally may buffer (#​8449)
Dependencies
  • Upgraded error_prone_annotations to 2.9.0
  • cronet: Cronet upgraded to version 92.4515.131

v1.40.2

grpclb: Fix “IllegalStateException: already in fallback” channel panic, by not starting fallback timer if already in fallback (#​8646). This builds on the fix in 1.38.1. The bug was introduced in 1.38.0.

v1.40.1

Bug Fixes
  • xds: fixed channel panic with NullPointerException if a cluster is configured with RING_HASH LB policy.

v1.40.0

API Changes
  • api: Removed deprecated method ClientStreamTracer.Factory.newClientStreamTracer(CallOptions callOptions, Metadata headers).
  • api: Deprecated ClientStreamTracer.StreamInfo.getTransportAttrs() and ClientStreamTracer.StreamInfo.Builder.setTransportAttrs().
  • api: Added new method ClientStreamTracer.streamCreated(Attributes transportAttrs, Metadata headers).
  • core: Stabilized ManagedChannelBuilder.enableRetry() and ManagedChannelBuilder.disableRetry().
Bug Fixes
  • core: Fix a flow control issue if retry is enabled (#​8401).
  • core: Fix a race between client call cancel() and start() if retry is enabled (#​8386).
  • xds: Fix the race condition in SslContextProviderSupplier's updateSslContext and close (#​8294).
  • xds: If “server_listener_resource_name_template” is not set or xds_v3 is not in use, log an error and fail XdsServer start() instead of NPE.
  • netty: The Netty server produces plain-text error messages for non-gRPC clients. The error pages’ Content-Type incorrectly had encoding=utf-8. It now has charset=utf-8.
New Features
  • compiler: Added GrpcGenerated annotation with CLASS retention to the top-level generated class. This can be used by annotation processors to detect or ignore the generated code.
  • api: Added ServerCallExecutorSupplier experimental API. This allows for a per-service/method executor to handle the server call based on each RPC call information at runtime. (#​8266).
  • xds: Added xDS retry support (gRFC-A44).
Behavior Changes
  • core: The gRPC built-in retry feature is enabled by default. (Users can call ManagedChannelBuilder.disableRetry() to turn off retry if they do not want this feature, for example if they have already implemented an application level retry.) ManagedChannelBuilder.enableRetry() will no longer have the side that disables Census stats and tracing as in previous versions.
Dependencies
Improvements
  • api: Clarify the ServerCallHandler API contract in Javadoc (#​8339).
  • netty: Allow transparent retries for servers that lack graceful two-stage GOAWAY connection shutdown, such as nginx and gRPC C core. This refined a workaround introduced in 1.34.0 for a Netty header processing GOAWAY bug fixed in 4.1.54.Final, but that we are giving time for the fix to work its way through the ecosystem (#​8359).
  • testing: Make more obvious in Javadoc that GrpcServerRule has been replaced.
  • api: Use <scheme,provider> map in nameResoverRegistry. This makes scheme matching more clear and explicit in name resolver API.(#​8323).

v1.39.0

API Changes
  • Static methods in Builders that always throw are now annotated @DoNotCall. This annotation can be noticed by ErrorProne and inform you of a mistake at compile time instead of runtime. This applies to static methods like InProcessServerBuilder.forPort(int) which are inherited from base classes like ServerBuilder/ManagedChannelBuilder yet are a bug if used.
  • api, core: Support zero copy into protobuf. New APIs have been added to support the custom implementation of a zero-copy Protobuf deserialization marshaller. The HasByteBuffer API exposes ByteBuffers underlying the InputStream being passed to the Marshaller and the Detachable API allows custom Marshaller to take over the ownership of buffers for performing delayed deserialization.
  • NettyChannelBuilder supports SocketAddress with ChannelCredentials.
Bug Fixes
  • netty: Remove Maven pom.properties from netty-shaded jar. The properties don’t add much value and mainly confuse tools in a shaded jar.
  • netty-shaded: Modify the shading operation to transform native-image resources so they correctly reference shaded class names (#​7540)
  • xds: Shut down the scheduledExecutorService in the CertificateProvider when it is shutdown.
  • xds: Close the SslContexrProviderSupplier when a CDS LoadBalancer is shut down to prevent leakage.
  • xds, grpclb: Use a standalone Context for control plane RPCs. The existing behavior of implicitly using the Context in ThreadLocal can cause control plane RPCs to be cancelled prematurely, in cases the data plane RPC is made within a gRPC service to another service. To avoid being impacted by data plane RPC lifecycle, the fix creates standalone Context for control plane RPCs.
  • xds: cluster_resolver LB policy should wait until all clusters are resolved before propagating endpoints to child LB policy. Previously, the cluster_resolver LB policy propagated partially resolved results (endpoints for a subset of clusters) to its child LB policy, which can cause RPCs to be sent to less favored clusters before endpoints of more favored clusters are discovered.
  • xds: use load assignment endpoint address in Cluster as the DNS hostname for LOGICAL_DNS. The LOGICAL_DNS concept was misunderstood previously. Instead of using the channel authority, the hostname should be given by Cluster resource in CDS responses.
  • grpclb: skip fallback if the LB is already in fallback mode. An invariant check for gRPCLB LB policy’s internal state introduced by #​8035 is broken in case the LB policy is in fallback mode while receiving an address update without remote balancer addresses. The fix mitigated the temporal invariant violation.
New Features
  • compiler: Add support for ppc64le on RHEL8.
Dependencies
  • Protobuf upgraded to 3.17.2
  • We now use custom Gradle logic to determine if Maven’s requireUpperBoundDeps would fail for our published artifacts instead of Gradle’s failOnVersionConflict. This means we now make use of fewer dependency exclusions (#​8238). failOnVersionConflict has similar behavior to dependencyConvergence but we previously lacked a more precise tool to detect cases where Maven would downgrade dependencies. We strongly encourage all Maven users to use Maven Enforcer’s requireUpperBoundDeps and continue to discourage using dependencyConvergence

Acknowledgements

@​lepistone Leonardo Pistone @​shirodkara Amit Shirodkar @​cfredri4

v1.38.1

Bug Fixes

  • grpclb: skip fallback if the LB is already in fallback mode. An invariant check for gRPCLB LB policy’s internal state introduced by #​8035 is broken in case the LB policy is in fallback mode while receiving an address update without remote balancer addresses. It caused a channel panic (INTERNAL: Panic! This is a bug!) due to the exception IllegalStateException: already in fallback. The fix mitigated the temporal invariant violation.
  • xds: shut down the scheduledExecutorService in the CertificateProvider when it is shutdown

v1.38.0

gRPC Java 1.38.0 Release Notes
API Changes
  • services: move classes with protobuf dependency into io.grpc.protobuf.services. Users currently using BinaryLogging, HealthChecking, Channelz should migrate to use the corresponding classes in io.grpc.protobuf.services. (#​8056)
  • ChannelCredentials and ServerCredentials and are now stable. Notably, this also includes TlsChannelCredentials and TlsServerCredentials that allow mTLS configuration without a direct dependency on Netty. The description of the new API can be found in gRFC L74. These APIs are intended to “replace” the implicit security defaults of channels/servers as well as the usePlaintext() and useTransportSecurity() methods on the channel and server builders. The previous APIs are stable so will not be removed. Over time, documentation and examples will be migrated to the new API
Bug Fixes
  • xds: Fixed a bug that xDS users may experience null pointer exception in rare cases (#​8087)
  • netty: Fixed a bug that client RPCs may fail with a wrong exception with message "Maximum active streams violated for this endpoint" when receiving GOAWAY while MAX_CONCURRENT_STREAMS is reached. After the fix the client RPC should fail with UNAVAILABLE status in such a scenario. (#​8020)
  • xds: Fixed a bug that xDS LB policies may process and propagate load balancing state update from its child LB policy after itself being shut down. This can be cascaded and result in hard-to-reason behaviors if any one layer of the LB policies does not clean up its internal state after shutdown.
Behavior Changes
  • core, grpclb, xds: let leaf LB policies explicitly refresh name resolution when subchannel connection is broken. Custom LoadBalancer implementations should refresh name resolution (with Helper.refreshNameResolution()) when seeing its created subchannel becomes IDLE or TRANSIENT_FAILURE. Currently the Channel will do it for you and log a warning. But this operation will be removed in the future releases. (#​8048)
  • netty: Added support for OpenJSSE
Dependencies
  • Upgrade Guava to 30.1 (#​8100). As part of #​4671 grpc-java will drop support for Java 7, with no impact to Android API levels supported. Guava is going through the same process and in this Guava release it warns when used on Java 7. If you are using Java 7 and are impacted, please comment on #​4671. The Java 7 check may be noticed by Android builds and fail without language-level desugaring. We expect most users have already enabled language-level desugaring, but if not it would be necessary to add to your build.gradle:
android {
    compileOptions {
        sourceCompatibility JavaVersion.VERSION_1_8
        targetCompatibility JavaVersion.VERSION_1_8
    }
}
  • auth: Allow pre- and post-0.25.0 behavior from google-auth-library-java, for Bazel users. google-auth-library-java 0.25.0 changed its behavior for JWT that caused a gRPC test to fail. The failure was benign but prevented Bazel users from using newer versions of the library

v1.37.1

Bug Fixes
  • netty: fixed a bug that client RPCs may fail with a wrong exception with message "Maximum active streams violated for this endpoint" when receiving GOAWAY while MAX_CONCURRENT_STREAMS is reached. After the fix the client RPC should fail with UNAVAILABLE status in such a scenario.
  • grpclb, xds: fixed a day-one issue that the control plane RPC are using the same Context as the inbound application RPC, which can cause control plane RPC aborted when the inbound application RPC completes.
  • xds: fixed a bug that xDS LB policies may process and propagate load balancing state update from its child LB policy after itself being shut down. This can be cascaded and result in hard-to-reason behaviors if any one layer of the LB policies does not clean up its internal state after shutdown.

v1.37.0

Behavior Changes
  • alts: make both GoogleDefaultChannelCredentials and ComputeEngineChannelCredentials choose ALTS for backends given by xDS TD. Changes for ComputeEngineChannelCredentials were missing, but they really should be the same.
  • api: added a convenient ServerBuilder.addServices() API that allows adding a list of services instead of iterating through list and calling addService().
  • api: deleted some NameResolver APIs that have been marked as deprecated since 1.21 release.
  • api: implemented admin interface API, which automatically loads available admin services in a given binary. Currently, it only includes Channelz and CSDS with dependencies required at runtime.
  • context: move pendingDeadline.cancel out of synchronized block.
  • netty: allow connection handshakes (e.g., TCP, TLS) to be interrupted by channel.shutdown(). Previously shutdownNow() was required for prompt shutdown if a connection was handshaking.
  • xds: change in parsing ADS responses for LDS, RDS, CDS, and EDS resources. Before this release, gRPC parsing logic for ADS response containing multiple resources was to stop resource processing on the first encountered error, followed by NACK with the details of this single error. With this change, the parsing logic processes all resources and collects all processing errors. If any error occurred, a NACK is issued with concatenated error messages of all errors encountered. The rationale and the detailed design can be found in gRFC A40 — ADS Parsing Logic Update: Continue After First Error.
  • xds: change system property name for reading bootstrap config from io.grpc.xds.bootstrapValue to io.grpc.xds.bootstrapConfig.
  • xds: circuit breaking, timeout and fault injection are enabled by default. Previously they were protected by environment variables.
  • xds: use the new server_listener_resource_name_template property from the bootstrap file for server side xDS processing as per the gRFC A36-xds-for-servers.md.
New Features
  • api: TlsChannelCredentials and TlsServerCredentials now support client certificates and custom KeyManagers/TrustManagers. grpc-netty fully supports these options. grpc-okhttp does not support keyfile-based configuration; you’d need to use a KeyManager. Most users of Netty’s SslContext and GrpcSslContexts should be able to migrate and are encouraged to do so, because this API does not have a Netty dependency and so is planned to become stable.
  • netty: added support for OpenJSSE.
  • okhttp: support compiling with okio 2.x API for Bazel users. grpc-okhttp was already compatible with okio 2 at runtime.
  • xds: XdsServingStatusListener has been implemented as per the gRFC A36-xds-for-servers.md.
  • xds: add proto leakage check at gradle build. Create a new Gradle task depends on shadowJar. It examines the outputs of shadowJar package prefix to make sure it is inside within the package.
  • xds: added CsdsService. It is safe for production but are Experimental APIs to resolve issues discovered as they see usage. The rationale and description of the new API can be found in gRFC A40: xDS Configuration Dump via Client Status Discovery Service in gRPC.
  • xds: implement gRPC server side validations and filterChain match of xDS configuration as per the gRFC A36-xds-for-servers.md.
  • xds: WeightedTargetLoadBalancer collect all failure child pickers to log more error details.
Bug Fixes
  • grpclb: gRPCLB would buffer RPCs indefinitely if failing to fallback because the resolver provides no fallback addresses. Now it turns into TRANSIENT_FAILURE for such cases.
  • xds: fix CdsLoadBalancer2 childLb shutdown behavior. Previously these childLbs are not properly shutdown, which might cause channel panic as client channel is referenced by those childLbs.
  • Fixed an UnsupportedOperationException incompatibility with Netty 4.1.60.Final (#​7953). This allows users of grpc-netty that may be using Netty elsewhere in their application to upgrade their Netty version to avoid exposure to recent Netty CVEs. gRPC itself is not impacted by those CVEs.
  • grpclb: fixed a race between address update and LB stream recreation, which would cause channel panic if the resolver refreshes the result while gRPCLB is in LB stream backoff.
  • grpclb: gRPCLB ignored CONNECTING subchannels when aggregating the overall LB state, which would cause RPCs to fail prematurely if there are subchannels in its initial connection.
  • grpclb: now we allow multiple authorities in lb backends instead of flattening to the first authority.
  • interop-testing: fix alts handshaking race: add proper synchronization on the AltsTestServer object lock, this way, alts client and alts server won’t race on the `Al

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • [ ] If you want to rebase/retry this PR, click this checkbox.

This PR has been generated by Mend Renovate. View repository job log here.

renovate-bot avatar Aug 30 '21 16:08 renovate-bot