Bump the java group in /java with 3 updates

[dependabot]

Bumps the java group in /java with 3 updates: org.apache.maven.plugins:maven-surefire-plugin, commons-validator:commons-validator and io.grpc:grpc-bom.

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.2.2 to 3.2.3

Commits

• ac9e574 [maven-release-plugin] prepare release surefire-3.2.3
• 2d6cbc6 [SUREFIRE-2220] SurefireForkChannel#getForkNodeConnectionString() returns inv...
• 05322d9 [SUREFIRE-2212] OutOfMemoryError raised when parsing files with huge stderr/s...
• 55ccd06 [SUREFIRE-2211] additionalClasspathElement with UNC path not working with Mav...
• aa864f4 [SUREFIRE-2216] Upgrade plugins and components (in ITs)
• 6662e07 [SUREFIRE-2215] Upgrade to Parent 41
• f5b73ab [SUREFIRE-2214] Uprade to HtmlUnit 3.8.0
• 47c5816 [SUREFIRE-2210] - Restore ordering of additional class path elements
• 9b7ecf1 [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates commons-validator:commons-validator from 1.7 to 1.8.0

Updates io.grpc:grpc-bom from 1.59.1 to 1.60.0

Release notes

Sourced from io.grpc:grpc-bom's releases.

v1.60.0

API Changes

• api: Stabilize ForwardingServerBuilder, ForwardingChannelBuilder2, and ForwardingChannelBuilder. Note that ForwardingChannelBuilder is stabilized (no changes will be made to it), but immediately deprecated in favor of ForwardingChannelBuilder2. (#10586)
• api: Deprecate ForwardingChannelBuilder.delegate(). De facto this deprecates the class itself, since all classes extending ForwardingChannelBuilder implement the delegate() method. See javadoc for details (#10587)
• api: Changed recently-introduced LoadBalancer.acceptResolvedAddresses() to return Status instead of boolean (#10636). This is part of continued work to align the LB API cross-language and API stabilization
• stub: Deprecate StreamObservers (#10654)
• alts: AltsChannelBuilder now extends ForwardingChannelBuilder2 (#10587)
• protobuf: Stabilize ProtoUtils.metadataMarshaller() (#10628)
• protobuf-lite: ProtoLiteUtils experimental comment (#10627)

Behavior Changes

• core: ManagedChannels now check the address types provided by the nameResolver (for the given target) with the address types supported by the channel transport and generate an error in case of mismatch. That dramatically improves the error message when an issue occurs
• core: When a server stream is closed due to user's code (an uncaught exception in halfClosed, messagesAvailable, onReady callback of a ServerStream's listener), the Status.UNKNOWN returned to the client will have Application error processing RPC description. Previously the description was empty. This is helpful to differentiate between server errors originated in user application, gRPC library, or even those injected by a proxy. (#10643)
• xds: Log ORCA UNIMPLEMENTED error to subchannel logger. This removes them from the normal application logs, reducing log spam

Improvements

• Change the underlying implementations of RingHash, RoundRobin, WeightedRoundRobin and LeastRequest load balancers to utilize the pick first load balancer rather than directly manage subchannels. This should only be noticeable if it introduced a bug
• core: Avoid flushing headers when the server returns a single response (#9314). This is a performance optimization to reduce the number of packets for non-streaming responses
• util: Make grpc-core an implementation dependency. This will prevent the io.grpc.internal classes in grpc-core from being visible during compilation when depending on just grpc-util
• netty: Implement Http2Headers.isEmpty(). This fixes compatibility with Netty 4.1.101.Final.
• netty: Add NettyServerBuilder.maxRstFramesPerWindow(). This can be used to limit impact of Rapid Reset
• netty: Disable huffman coding in headers (#10563). Huffman coding provides modest compression for relatively high CPU usage, especially within a data center. Rely just on the HPACK static and dynamic tables for compression, for higher performance. This only impacts header values 512 bytes or longer, as Netty already disabled Huffman for smaller values
• alts: Improve handshake failure error message by propagating original exception (#10644)

Bug Fixes

• util: Remove shutdown subchannels from OD tracking (#10683). This could have caused a memory leak on a long-lived channel. But we don’t think it could be triggered with our built-in load balancing policies.

Dependencies

• Bump Netty to 4.1.100.Final

Acknowledgements

@​anthonyjpratti @​fedorka @​jpd236 @​mateusazis @​pkoenig10 @​yannickepstein @​amirhadadi

Commits

• eb8b1d8 Bump version to 1.60.0
• 5b1bb8c Update README etc to reference 1.60.0
• 9400613 all: Add grpc-inprocess
• 69114bf inprocess: Add missing anonymous address as supported
• 24b3ca1 core: Detect NameResolverProviders passed as Factories
• 6c55cd0 util: Remove shutdown subchannels from OD tracking (#10683)
• 43e98d0 netty: Add option to limit RST_STREAM rate
• 2b65e66 netty: disable huffman coding in headers (#10563)
• 90e76a1 Implement Http2Headers.isEmpty (#10663)
• 0299788 util: Make grpc-core an implementation dependency
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions