Skip to content
This repository has been archived by the owner on Nov 16, 2023. It is now read-only.

build(deps): Bump google.golang.org/grpc from 1.49.0 to 1.51.0 in /orm #81

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Nov 21, 2022

Bumps google.golang.org/grpc from 1.49.0 to 1.51.0.

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.51.0

Behavior Changes

  • xds: NACK EDS resources with duplicate addresses in accordance with a recent spec change (#5715)
  • grpc: restrict status codes that can be generated by the control plane (gRFC A54) (#5653)

New Features

  • client: set grpc-accept-encoding header with all registered compressors (#5541)
  • xds/weightedtarget: return a more meaningful error when all child policies are in TRANSIENT_FAILURE (#5711)
  • gcp/observability: add "started rpcs" metric (#5768)
  • xds: de-experimentalize the google-c2p-resolver (#5707)
  • balancer: add experimental Producer types and methods (#5669)
  • orca: provide a way for LB policies to receive OOB load reports (#5669)

Bug Fixes

  • go.mod: upgrade x/text dependency to address CVE 2022-32149 (#5769)
  • client: fix race that could lead to an incorrect connection state if it was closed immediately after the server's HTTP/2 preface was received (#5714)
  • xds: ensure sum of the weights of all EDS localities at the same priority level does not exceed uint32 max (#5703)
  • client: fix binary logging bug which logs a server header on a trailers-only response (#5763)
  • balancer/priority: fix a bug where unreleased references to removed child policies (and associated state) was causing a memory leak (#5682)
  • xds/google-c2p: validate URI schema for no authorities (#5756)

Release 1.50.1

New Features

  • gcp/observability: support new configuration defined in public preview user guide

Release 1.50.0

Behavior Changes

  • client: use proper "@" semantics for connecting to abstract unix sockets. (#5678)
    • This is technically a bug fix; the result is that the address was including a trailing NULL byte, which it should not have. This may break users creating the socket in Go by prefixing a NULL instead of an "@", though, so calling it out as a behavior change.

New Features

  • metadata: add experimental ValueFromIncomingContext to more efficiently retrieve a single value (#5596)
  • stats: provide peer information in HandleConn context (#5589)
  • xds: add support for Outlier Detection, enabled by default (#5435, #5673)

Bug Fixes

  • client: fix deadlock in transport caused by GOAWAY racing with stream creation (#5652)

... (truncated)

Commits
  • eeb9afa Change version to 1.51.0 (#5782)
  • 72812fe gcp/observability: filter logging from cloud ops endpoints calls (#5765)
  • 0ae33e6 xdsclient: remove unused test code (#5772)
  • 824f449 go.mod: upgrade x/text to v0.4 to address CVE (#5769)
  • 7f23df0 xdsclient: switch xdsclient watch deadlock test to e2e style (#5697)
  • 32f969e o11y: Added started rpc metric in o11y plugin (#5768)
  • b597a8e xdsclient: improve authority watchers test (#5700)
  • e41e894 orca: create ORCA producer for LB policies to use to receive OOB load reports...
  • 36d14db Fix binary logging bug which logs a server header on a trailers only response...
  • fcb8bdf xds/google-c2p: validate url for no authorities (#5756)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.49.0 to 1.51.0.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.49.0...v1.51.0)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 21, 2022
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Nov 21, 2022

The following labels could not be found: A:automerge.

@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github Jan 16, 2023

Superseded by #114.

@dependabot dependabot bot closed this Jan 16, 2023
@dependabot dependabot bot deleted the dependabot/go_modules/orm/google.golang.org/grpc-1.51.0 branch January 16, 2023 02:03
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants