Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
11840: deps(maven): bump grpc-bom from 1.52.1 to 1.53.0 r=oleschoenburg a=dependabot[bot] Bumps [grpc-bom](https://github.com/grpc/grpc-java) from 1.52.1 to 1.53.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-java/releases">grpc-bom's releases</a>.</em></p> <blockquote> <h2>v1.53.0</h2> <h3>New Features</h3> <ul> <li>googleapis: Allow user set c2p bootstrap config (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9856">#9856</a>)</li> <li>xds: Add contain and stringMatcher in <code>RouteConfiguration</code> (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9845">#9845</a>)</li> <li>core: Add <code>grpc-previous-rpc-attempts</code> to the initial response metadata (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9686">#9686</a>)</li> <li>servlet: Implement gRPC server as a Servlet (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/8596">#8596</a>)</li> <li>authz: Implement static authorization server interceptor (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/8934">#8934</a>)</li> </ul> <h4>Examples</h4> <ul> <li>servlet: Add servlet example (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/8596">#8596</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li>xds: Update xds error handling logic. Specifically: <ul> <li>When the ads stream is closed only send errors to subscribers that haven't yet gotten results</li> <li>Timers to detect missing resources don’t start until the adsStream is ready (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9745">#9745</a>)</li> <li>Call subscriber onError callback when xds client fails to connect to server (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9827">#9827</a>)</li> </ul> </li> <li>core: Delay retriable stream master listener close until all sub streams are closed. This fixes the call executor lifecycle and prevents potential <code>RejectedExecutionException</code>. (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9754">#9754</a>)</li> <li>core: Free unused <code>MessageProducer</code> in <code>RetriableStream</code> (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9853">#9853</a>), fixing a Netty buffer memory leak for cancelled RPCs</li> <li>api: Fail with <code>NullPointerException</code> when a Metadata.Marshaller returns null bytes (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9781">#9781</a>). This would previously cause a <code>NullPointerException</code> later during the RPC. Now the return value of the Marshaller is checked immediately, to help find the broken Marshaller</li> </ul> <h3>Behavior Changes</h3> <ul> <li>xds: Disallow duplicate addresses in the RingHashLB. (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9776">#9776</a>)</li> <li>xds: EDS weight sums are allowed up to max unsigned int (was max signed int) (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9765">#9765</a>)</li> <li>xds: Drop xds v2 support (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9760">#9760</a>)</li> </ul> <h3>Dependencies</h3> <ul> <li>JUnit upgraded to 4.13.2</li> <li>bazel: Dropped support for Bazel 4. We track the two most recent major versions of Bazel, Bazel 5 and 6. Bazel 4 may still work, but we are no longer testing it</li> <li>bazel: Include Tomcat annotations dependency for <code>`@Generated</code>` as used by autovalue (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9762">#9762</a>). Necessary for building xds and rls on Java 9+</li> <li>bazel: Export deps from Maven Central-specific stand-in targets (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9780">#9780</a>). Some Maven Central artifacts are a combination of multiple Bazel targets, like grpc-core is composed of //core:inprocess, //core:internal, //core:util, //api. There is a “//core:core_maven” target used by maven_install that uses the other targets. Previously the target used <code>runtime_deps</code> to discourage their use by Bazel users, but that could cause compilation failures from lack of hjars. These targets now use <code>exports</code></li> </ul> <h3>Acknowledgement</h3> <p><a href="https://github.com/cpovirk"><code>`@cpovirk</code></a>` <a href="https://github.com/niloc132"><code>`@niloc132</code></a>` <a href="https://github.com/stephenh"><code>`@stephenh</code></a>` <a href="https://github.com/olderwei"><code>`@olderwei</code></a>` <a href="https://github.com/pandaapo"><code>`@pandaapo</code></a>` <a href="https://github.com/panxuefeng"><code>`@panxuefeng</code></a></p>` </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/grpc/grpc-java/commit/4ca6de0e8e52386301890b2860fb7a9a7c2c9b7c"><code>4ca6de0</code></a> Bump version to 1.53.0</li> <li><a href="https://github.com/grpc/grpc-java/commit/2a1bb12d6492efcdcbe81383c64a05b8d6ae5927"><code>2a1bb12</code></a> Update README etc to reference 1.53.0</li> <li><a href="https://github.com/grpc/grpc-java/commit/b1b2424f308d09882f49e88bf3a8353776a81f0f"><code>b1b2424</code></a> rls:Fix throttling in route lookup (b/262779100) (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9874">#9874</a>) (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9879">#9879</a>)</li> <li><a href="https://github.com/grpc/grpc-java/commit/501ca8f7b4f9c5288ca6deaa9191d1b2ee930cc8"><code>501ca8f</code></a> xds: Update logic so that an error being reported when stream is closed gets ...</li> <li><a href="https://github.com/grpc/grpc-java/commit/b0635fa1d40dec3132c38517c6b2f9a8eb4c8cf2"><code>b0635fa</code></a> googleapis: Allow user set c2p bootstrap config (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9856">#9856</a>)</li> <li><a href="https://github.com/grpc/grpc-java/commit/b2895198c3992e668d9ba312fcdaaaf5b9e0d1f0"><code>b289519</code></a> xds: fixed RouteConfiguration not supporting contain and stringMatcher (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9845">#9845</a>)</li> <li><a href="https://github.com/grpc/grpc-java/commit/706646f8bb2dd55b76b6158db77b31d0e6ee4e73"><code>706646f</code></a> servlet: Implement gRPC server as a Servlet (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/8596">#8596</a>)</li> <li><a href="https://github.com/grpc/grpc-java/commit/44847bf4e9628aea2e2ae64abf8438082d3ebe30"><code>44847bf</code></a> Upgrade JUnit to 4.13.2</li> <li><a href="https://github.com/grpc/grpc-java/commit/5a2c94bca1eed13d74fe13ce0d0b534b6e4b26a5"><code>5a2c94b</code></a> core: Free unused MessageProducer in RetriableStream</li> <li><a href="https://github.com/grpc/grpc-java/commit/9de989bd64e5f95301dfb4258ca0184cb270f110"><code>9de989b</code></a> okhttp: Avoid DNS lookup in test</li> <li>Additional commits viewable in <a href="https://github.com/grpc/grpc-java/compare/v1.52.1...v1.53.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=io.grpc:grpc-bom&package-manager=maven&previous-version=1.52.1&new-version=1.53.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Loading branch information