Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
635: build(deps): Bump maven-dependency-plugin from 3.4.0 to 3.5.0 r=remcowesterhoud a=dependabot[bot] Bumps [maven-dependency-plugin](https://github.com/apache/maven-dependency-plugin) from 3.4.0 to 3.5.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/maven-dependency-plugin/commit/520f8fd6ba4a00a8a1174077d5610aa5ecae7595"><code>520f8fd</code></a> [maven-release-plugin] prepare release maven-dependency-plugin-3.5.0</li> <li><a href="https://github.com/apache/maven-dependency-plugin/commit/4b478d61e1e78f5bddda6d1256f91c357c2561a4"><code>4b478d6</code></a> [MDEP-841] Explicitly start and end tables with Doxia Sinks in report renderers</li> <li><a href="https://github.com/apache/maven-dependency-plugin/commit/799ff97da3130fe8dd1daf9e68405db066584080"><code>799ff97</code></a> [MDEP-831] Remove dependency on commons-lang3 (<a href="https://github-redirect.dependabot.com/apache/maven-dependency-plugin/issues/270">#270</a>)</li> <li><a href="https://github.com/apache/maven-dependency-plugin/commit/68b72723d3ece966078daec13567090b17280216"><code>68b7272</code></a> [MDEP-837] Ignore reformat commit from git blame</li> <li><a href="https://github.com/apache/maven-dependency-plugin/commit/cc082ea7d4af7db78c521d59360d261ffbc1b184"><code>cc082ea</code></a> [MDEP-837] Reformat code after parent 38</li> <li><a href="https://github.com/apache/maven-dependency-plugin/commit/803433bccf1bb4a562d05a6662189fde91184b6d"><code>803433b</code></a> [MDEP-837] Upgrade Parent to 38</li> <li><a href="https://github.com/apache/maven-dependency-plugin/commit/a05a2a4f5ce1e6d9053f6db9b84736e8bbc519b7"><code>a05a2a4</code></a> Bump junit from 4.13 to 4.13.2 in /src/it/projects/tree-verbose-small</li> <li><a href="https://github.com/apache/maven-dependency-plugin/commit/ea2a668dcb21e08c69d42c2cdbcf21483fdb3c01"><code>ea2a668</code></a> remove unused beanutils dependency (<a href="https://github-redirect.dependabot.com/apache/maven-dependency-plugin/issues/268">#268</a>)</li> <li><a href="https://github.com/apache/maven-dependency-plugin/commit/ea43fa6ae8b0504d12d794fdb6ff83e995f6a41a"><code>ea43fa6</code></a> [maven-release-plugin] prepare for next development iteration</li> <li>See full diff in <a href="https://github.com/apache/maven-dependency-plugin/compare/maven-dependency-plugin-3.4.0...maven-dependency-plugin-3.5.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> 636: build(deps): Bump grpc-bom from 1.51.1 to 1.52.0 r=remcowesterhoud a=dependabot[bot] Bumps [grpc-bom](https://github.com/grpc/grpc-java) from 1.51.1 to 1.52.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-java/releases">grpc-bom's releases</a>.</em></p> <blockquote> <h2>v1.52.0</h2> <h2>gRPC Java 1.52.0 Release Notes</h2> <p><strong>grpc-xds starting with 1.51.0 had a regression where resources might stop receiving updates. The trigger could happen hours or days after the binary had started. xDS users should avoid this release and use 1.50.x until patch releases with the fix are available. <a href="https://github-redirect.dependabot.com/grpc/grpc-java/pull/9809">grpc/grpc-java#9809</a></strong></p> <h3>API Changes</h3> <ul> <li>Fix CallOptions to be properly <code>`@Immutable</code>` (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9689">#9689</a>)</li> <li>binder: Promote out of experimental status (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9669">#9669</a>). Much of the API is now stable</li> </ul> <h3>New Features</h3> <ul> <li>xds: Support localities in multiple priorities (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9683">#9683</a>)</li> <li>xds: Log xDS node ID with verbosity INFO when environment variable GRPC_LOG_XDS_NODE_ID=true (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9731">#9731</a>)</li> </ul> <h4>Examples</h4> <ul> <li>Add examples for name resolver and load balancer (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9700">#9700</a>)</li> <li>Swap to ChannelCredentials/ServerCredentials API, as it is preferred</li> </ul> <h3>Bug Fixes</h3> <ul> <li>xds:Fix ConcurrentModificationException in PriorityLoadBalancer (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9728">#9728</a>)</li> <li>ManagedChannelImpl.SubchannelImpl fix args check to avoid NPE (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9651">#9651</a>)</li> <li>okhttp: Add missing server support for TLS ClientAuth (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9711">#9711</a>)</li> <li>binder: Ensure the security interceptor is always closest to the actual transport (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9716">#9716</a>)</li> <li>bazel: Include <a href="https://github.com/Generated"><code>`@Generated</code></a>` dep for autovalue. This fixes builds of xds and rls using Java 9+</li> <li>xds: Nack xds response when weighted cluster total weight sums zero (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9738">#9738</a>)</li> <li>core: Fix a bug about a retriable stream lifecycle. It stops using the call executor resource in a retriable stream when the client call is closed, thus preventing potential channel panics. (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9626">#9626</a>)</li> </ul> <h3>Behavior Changes</h3> <ul> <li>binder: Set default idle timeout to 60 seconds, and enable "strict lifecycle management". (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9486">#9486</a>)</li> <li>xds: Limit ring hash max size to 4K instead of 8M (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9709">#9709</a>). <code>RingHashOptions.setRingSizeCap()</code> can increase the limit</li> <li>binder: Set default idle timeout to 60 seconds, and add <code>BinderChannelBuilder.strictLifecycleManagement()</code> which disables idle timeout and prevents it from being changed (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9486">#9486</a>). Disabling idle timeout can be useful to find bugs in applications that fail to promptly shut down the channel and are particularly sensitive to keeping Binder instances alive.</li> <li>bazel: Replace ctx.host_configuration.host_path_separator with ctx.configuration.host_path_separator (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9742">#9742</a>). This changes no behavior today, but improves future compatibility with newer versions of Bazel</li> <li>xds: Refactor internal logics about LDS and CDS resource handling. It may cause minor log line changes about corresponding RDS and EDS subscriber event notification, but it should not change xds name resolution and LB behavior. (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9724">#9724</a>)</li> </ul> <h3>Dependencies</h3> <h3>Acknowledgement</h3> <p><a href="https://github.com/RapperCL"><code>`@RapperCL</code></a>` <a href="https://github.com/Smityz"><code>`@Smityz</code></a>` <a href="https://github.com/pandaapo"><code>`@pandaapo</code></a></p>` </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/grpc/grpc-java/commit/a1a6d4f35c31b18a35d0b7c2bfb4155093128b86"><code>a1a6d4f</code></a> Bump version to 1.52.0</li> <li><a href="https://github.com/grpc/grpc-java/commit/c450431bb05b7638bad5dbffdaa3fe7750a27024"><code>c450431</code></a> Update README etc to reference 1.52.0</li> <li><a href="https://github.com/grpc/grpc-java/commit/142078f1703696087d55af27ef63ec6d3e6b5b07"><code>142078f</code></a> Upgrade protobuf plugin version to 0.8.19. (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9801">#9801</a>)</li> <li><a href="https://github.com/grpc/grpc-java/commit/a75ed4d5ba7a874ef6c0344a36f4e16d947e4fd3"><code>a75ed4d</code></a> bazel: Export deps from maven stand-in targets</li> <li><a href="https://github.com/grpc/grpc-java/commit/f71447c077a86553a3e06a6c8b13e1af7fcc52b1"><code>f71447c</code></a> bazel: Include <code>`@Generated</code>` dep for autovalue</li> <li><a href="https://github.com/grpc/grpc-java/commit/e325dc9112079ecd64e3099093ff0615e7e72de5"><code>e325dc9</code></a> Replace ctx.host_configuration.host_path_separator with ctx.configuration.hos...</li> <li><a href="https://github.com/grpc/grpc-java/commit/2a0b86f7cd2a363cd1d19d56f9c47aead33261d6"><code>2a0b86f</code></a> binder: BinderInternal.setIBinder() is public static (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9743">#9743</a>)</li> <li><a href="https://github.com/grpc/grpc-java/commit/9b5ca70f85001cf0ba9e3f85789cb9e9d826297e"><code>9b5ca70</code></a> doc: add fake control plane xds test comments (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9735">#9735</a>)</li> <li><a href="https://github.com/grpc/grpc-java/commit/786417085c3d04aeab140885baba2399da7b1cc2"><code>7864170</code></a> xds: Nack xds response when weighted cluster total weight sums zero (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9738">#9738</a>)</li> <li><a href="https://github.com/grpc/grpc-java/commit/bf0b92a963a45cf66fe2cf553604ce2fc2f88eaa"><code>bf0b92a</code></a> Log xDS node ID with verbosity INFO (<a href="https://github-redirect.dependabot.com/grpc/grpc-java/issues/9731">#9731</a>)</li> <li>Additional commits viewable in <a href="https://github.com/grpc/grpc-java/compare/v1.51.1...v1.52.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Loading branch information
