gRPC Java 1.34.1 is released and resolves the CompositeChannelCredentials issue present in the 1.34.0 release, and thus googleapis.com compatibility is restored as well. Please use it instead of 1.34.0 if you communicate with googleapis.com, *even if you don't notice any problems*.
On Tue, Dec 8, 2020 at 10:21 AM Eric Anderson <[email protected]> wrote: > This release appears to have a severe bug that can be triggered for > googleapis.com (#7643 <https://github.com/grpc/grpc-java/issues/7643>). > The bug can be "dormant" and trigger at any point in the future. *Even if > you don't see any issues*, please avoid this release if you use gRPC with > Google services. > > The problem requires using the new CompositeChannelCredentials class > introduced in this release. Avoid using CompositeChannelCredentials until > the problem is resolved. GoogleDefaultChannelBuilder and > ComputeEngineChannelBuilder were updated to use > CompositeChannelCredentials, which is why Google properties are impacted. > > We'll provide more information as we know more. We're still verifying the > impact and our understanding of the issue. > > On Tue, Dec 1, 2020 at 4:18 PM 'Chengyuan Zhang' via grpc.io < > [email protected]> wrote: > >> gRPC Java 1.34.0 is released and should be available on Maven Central and >> JCenter. >> >> https://github.com/grpc/grpc-java/releases/tag/v1.34.0 >> >> gRPC Java 1.34.0 Release NotesAPI Changes >> >> api: added io.grpc.ForwardingServerBuilder (#7633 >> <https://github.com/grpc/grpc-java/pull/7633>) >> New Features >> >> - Added ChannelCredentials and ServerCredentials. They are safe for >> production but are Experimental APIs to resolve issues discovered as they >> see usage. The rationale and description of the new API can be found in >> gRFC >> L74 >> <https://github.com/grpc/proposal/blob/master/L74-java-channel-creds.md>. >> In short, these APIs are intended to “replace” the implicit security >> defaults of channels/servers as well as >> the usePlaintext() and useTransportSecurity() methods on the channel and >> server builders. The previous APIs are stable so will not be removed, but >> are expected to be deprecated in the future. Since these new APIs will be >> widely used, we encourage users to try the APIs out and report any >> problems >> experienced so they can be corrected before the APIs become stable ( >> #7294 <https://github.com/grpc/grpc-java/pull/7294>, #7601 >> <https://github.com/grpc/grpc-java/pull/7601>) >> - As part of ChannelCredentials and ServerCredentials there are now >> XdsChannelCredentials and XdsServerCredentials added that can be used to >> enable use of XDS provided credentials on the channel and server. A >> File-watcher certificate provider has been implemented to support these >> Xds >> Credentials. The example in example-xds has been enhanced to be a full xDS >> example with XdsChannelCredentials and XdsServerCredentials to illustrate >> their usage. (#7497 <https://github.com/grpc/grpc-java/pull/7497>, >> #7636 <https://github.com/grpc/grpc-java/pull/7636>) >> - xds: added support for setting bootstrap file with java system >> property (#7620 <https://github.com/grpc/grpc-java/pull/7620>) >> >> Bug Fixes >> >> - netty: abrupt GOAWAY should not cause INTERNAL status. It is now >> UNAVAILABLE. This was a regression introduced in v1.33.0. The error was in >> the form StatusRuntimeException: INTERNAL: http2 exception with a cause >> similar to Http2Exception$StreamException: Cannot create stream 222691 >> greater than Last-Stream-ID 222689 from GOAWAY. This was mainly observed >> when a C core-based gRPC server shut down. (#7501 >> <https://github.com/grpc/grpc-java/pull/7501>) >> - core, netty, okhttp, cronet: fixed builders ABI backward >> compatibility broken in v1.33.0 (#7552 >> <https://github.com/grpc/grpc-java/issues/7552>). For details, see >> v1.33.1 release note. >> - core: round robin should ignore name resolution error for channel >> state change when there are READY subchannels (#7595 >> <https://github.com/grpc/grpc-java/pull/7595>). Previously the >> round_robin load balancing policy puts the Channel into TRANSIENT_FAILURE >> if encountering name resolution failures even if it has received usable >> addresses. >> - core: fixed floating-point number formatting Locale in error >> messages (#7473 <https://github.com/grpc/grpc-java/pull/7473>) >> - android: make Channel always enterIdle() upon network recover (#7611 >> <https://github.com/grpc/grpc-java/pull/7611>). This is for >> AndroidChannelBuilder. It avoids failing new RPCs prematurely when the >> device detects the network has recovered while resuming connections. >> - xds: only reschedule time for unresolved resources upon ADS stream >> restarts (#7582 <https://github.com/grpc/grpc-java/pull/7582>). The >> management server can choose not to send resources it has previously sent >> when the RPC stream is recreated. So the client will keep using resources >> it has saved previously. >> - alts: create handshaker RPC lazily (#7630 >> <https://github.com/grpc/grpc-java/pull/7630>). Previously the >> handshake RPCs start before the TCP connection is established, which might >> be leaked forever if the connection is never established. >> >> Documentation >> >> - api: added implementation note regarding server interceptors and >> thread locals (#7482 <https://github.com/grpc/grpc-java/pull/7482>) >> - api: clarify expectations regarding ServerCall#close (#7580 >> <https://github.com/grpc/grpc-java/pull/7580>) >> >> Behavior Changes >> >> - netty: differentiate GOAWAY closure status descriptions (#7502 >> <https://github.com/grpc/grpc-java/pull/7502>). Previously many >> different GOAWAY-related errors all produced the same status description. >> Now they each should use their own specific description which should allow >> distinguishing between issues like weak server GOAWAY behavior, >> MAX_CONCURRENT_STREAMS interfering with eager transport selection, and >> local races. We now also use UNAVAILABLE in more cases, although the cases >> that benefit should be rare >> - xds: added support case insensitive path matching (#7506 >> <https://github.com/grpc/grpc-java/pull/7506>). The xDS traffic >> splitting now supports the case-insensitive option for path matching. >> - alts: add a timeout to AltsHandshakerStub. A default of 20 seconds >> is used (#7589 <https://github.com/grpc/grpc-java/pull/7589>) >> >> Dependencies >> >> - all: bumped google auth libraries to version 0.22.0 (#6652 >> <https://github.com/grpc/grpc-java/pull/6652>) >> >> Acknowledgements >> >> @attila123 <https://github.com/attila123> >> @erikjoh <https://github.com/erikjoh> >> @jbdeboer <https://github.com/jbdeboer> >> @ST-DDT <https://github.com/ST-DDT> >> @sullis <https://github.com/sullis> >> @susinmotion <https://github.com/susinmotion> >> >> -- >> You received this message because you are subscribed to the Google Groups >> "grpc.io" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/grpc-io/5b7f796b-2537-4bdc-8ea6-f272c8588294n%40googlegroups.com >> <https://groups.google.com/d/msgid/grpc-io/5b7f796b-2537-4bdc-8ea6-f272c8588294n%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> > -- You received this message because you are subscribed to the Google Groups "grpc.io" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/grpc-io/CA%2B4M1oNO67%3D9cK0iui%2BfkL8fY5SO1wRHO37m%3D4TAQkddhkjK6A%40mail.gmail.com.
smime.p7s
Description: S/MIME Cryptographic Signature
