Bump google.golang.org/grpc from 1.50.1 to 1.51.0 #137

Merged
dependabot[bot] merged 1 commits from dependabot/go_modules/google.golang.org/grpc-1.51.0 into v3 2022-11-28 22:17:21 +03:00
dependabot[bot] commented 2022-11-21 10:27:57 +03:00 (Migrated from github.com)

Bumps google.golang.org/grpc from 1.50.1 to 1.51.0.

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.51.0

Behavior Changes

  • xds: NACK EDS resources with duplicate addresses in accordance with a recent spec change (#5715)
  • grpc: restrict status codes that can be generated by the control plane (gRFC A54) (#5653)

New Features

  • client: set grpc-accept-encoding header with all registered compressors (#5541)
  • xds/weightedtarget: return a more meaningful error when all child policies are in TRANSIENT_FAILURE (#5711)
  • gcp/observability: add "started rpcs" metric (#5768)
  • xds: de-experimentalize the google-c2p-resolver (#5707)
  • balancer: add experimental Producer types and methods (#5669)
  • orca: provide a way for LB policies to receive OOB load reports (#5669)

Bug Fixes

  • go.mod: upgrade x/text dependency to address CVE 2022-32149 (#5769)
  • client: fix race that could lead to an incorrect connection state if it was closed immediately after the server's HTTP/2 preface was received (#5714)
  • xds: ensure sum of the weights of all EDS localities at the same priority level does not exceed uint32 max (#5703)
  • client: fix binary logging bug which logs a server header on a trailers-only response (#5763)
  • balancer/priority: fix a bug where unreleased references to removed child policies (and associated state) was causing a memory leak (#5682)
  • xds/google-c2p: validate URI schema for no authorities (#5756)
Commits
  • eeb9afa Change version to 1.51.0 (#5782)
  • 72812fe gcp/observability: filter logging from cloud ops endpoints calls (#5765)
  • 0ae33e6 xdsclient: remove unused test code (#5772)
  • 824f449 go.mod: upgrade x/text to v0.4 to address CVE (#5769)
  • 7f23df0 xdsclient: switch xdsclient watch deadlock test to e2e style (#5697)
  • 32f969e o11y: Added started rpc metric in o11y plugin (#5768)
  • b597a8e xdsclient: improve authority watchers test (#5700)
  • e41e894 orca: create ORCA producer for LB policies to use to receive OOB load reports...
  • 36d14db Fix binary logging bug which logs a server header on a trailers only response...
  • fcb8bdf xds/google-c2p: validate url for no authorities (#5756)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.50.1 to 1.51.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p> <blockquote> <h2>Release 1.51.0</h2> <h1>Behavior Changes</h1> <ul> <li>xds: NACK EDS resources with duplicate addresses in accordance with a recent spec change (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5715">#5715</a>) <ul> <li>Special Thanks: <a href="https://github.com/erni27"><code>@​erni27</code></a></li> </ul> </li> <li>grpc: restrict status codes that can be generated by the control plane (gRFC A54) (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5653">#5653</a>)</li> </ul> <h1>New Features</h1> <ul> <li>client: set grpc-accept-encoding header with all registered compressors (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5541">#5541</a>) <ul> <li>Special Thanks: <a href="https://github.com/jronak"><code>@​jronak</code></a></li> </ul> </li> <li>xds/weightedtarget: return a more meaningful error when all child policies are in <code>TRANSIENT_FAILURE</code> (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5711">#5711</a>)</li> <li>gcp/observability: add &quot;started rpcs&quot; metric (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5768">#5768</a>)</li> <li>xds: de-experimentalize the google-c2p-resolver (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5707">#5707</a>)</li> <li>balancer: add experimental Producer types and methods (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5669">#5669</a>)</li> <li>orca: provide a way for LB policies to receive OOB load reports (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5669">#5669</a>)</li> </ul> <h1>Bug Fixes</h1> <ul> <li>go.mod: upgrade x/text dependency to address <a href="https://www.cve.org/CVERecord?id=CVE-2022-32149">CVE 2022-32149</a> (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5769">#5769</a>)</li> <li>client: fix race that could lead to an incorrect connection state if it was closed immediately after the server's HTTP/2 preface was received (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5714">#5714</a>) <ul> <li>Special Thanks: <a href="https://github.com/fuweid"><code>@​fuweid</code></a></li> </ul> </li> <li>xds: ensure sum of the weights of all EDS localities at the same priority level does not exceed uint32 max (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5703">#5703</a>) <ul> <li>Special Thanks: <a href="https://github.com/erni27"><code>@​erni27</code></a></li> </ul> </li> <li>client: fix binary logging bug which logs a server header on a trailers-only response (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5763">#5763</a>)</li> <li>balancer/priority: fix a bug where unreleased references to removed child policies (and associated state) was causing a memory leak (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5682">#5682</a>)</li> <li>xds/google-c2p: validate URI schema for no authorities (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5756">#5756</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/grpc/grpc-go/commit/eeb9afa1f6b6388152955eeca8926e36ca94c768"><code>eeb9afa</code></a> Change version to 1.51.0 (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5782">#5782</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/72812fe3aa93756aca9382ff07d0a3a54eff0b96"><code>72812fe</code></a> gcp/observability: filter logging from cloud ops endpoints calls (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5765">#5765</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/0ae33e69dc6542a4e7a92f30e335376431d2ea4d"><code>0ae33e6</code></a> xdsclient: remove unused test code (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5772">#5772</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/824f44910d8c300989893d0b3a8ddbea6bee9c8f"><code>824f449</code></a> go.mod: upgrade x/text to v0.4 to address CVE (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5769">#5769</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/7f23df022299ea52c9cd00ebe77f5f5cccbb85dc"><code>7f23df0</code></a> xdsclient: switch xdsclient watch deadlock test to e2e style (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5697">#5697</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/32f969e8f3f94359b589d85d27a8dd5cbd5c003b"><code>32f969e</code></a> o11y: Added started rpc metric in o11y plugin (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5768">#5768</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/b597a8e1d0ce3f63ef8a7b62a23ca1fcc3a60678"><code>b597a8e</code></a> xdsclient: improve authority watchers test (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5700">#5700</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/e41e8940c0c481d954a7c23973cd5440b2f0d138"><code>e41e894</code></a> orca: create ORCA producer for LB policies to use to receive OOB load reports...</li> <li><a href="https://github.com/grpc/grpc-go/commit/36d14dbf6665119337650b37629beced691661c4"><code>36d14db</code></a> Fix binary logging bug which logs a server header on a trailers only response...</li> <li><a href="https://github.com/grpc/grpc-go/commit/fcb8bdf7219c76d2b608d45317427cbbd6e69d6c"><code>fcb8bdf</code></a> xds/google-c2p: validate url for no authorities (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5756">#5756</a>)</li> <li>Additional commits viewable in <a href="https://github.com/grpc/grpc-go/compare/v1.50.1...v1.51.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.50.1&new-version=1.51.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
github-actions[bot] (Migrated from github.com) reviewed 2022-11-21 10:28:11 +03:00
github-actions[bot] (Migrated from github.com) reviewed 2022-11-28 10:12:13 +03:00
github-actions[bot] (Migrated from github.com) approved these changes 2022-11-28 16:30:50 +03:00
Sign in to join this conversation.
No Milestone
No project
No Assignees
1 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: unistack-org/micro-server-grpc#137
No description provided.