dependabot[bot] opened a new pull request, #2074: URL: https://github.com/apache/dubbo-go/pull/2074
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.49.0 to 1.50.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases";>google.golang.org/grpc's releases</a>.</em></p> <blockquote> <h2>Release 1.50.0</h2> <h1>Behavior Changes</h1> <ul> <li>client: use proper "@" semantics for connecting to abstract unix sockets. (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5678";>#5678</a>) <ul> <li>This is technically a bug fix; the result is that the address was including a trailing NULL byte, which it should not have. This may break users creating the socket in Go by prefixing a NULL instead of an "@", though, so calling it out as a behavior change.</li> </ul> <ul> <li>Special Thanks: <a href="https://github.com/jachor";><code>@jachor</code></a></li> </ul> </li> </ul> <h1>New Features</h1> <ul> <li>metadata: add experimental <code>ValueFromIncomingContext</code> to more efficiently retrieve a single value (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5596";>#5596</a>) <ul> <li>Special Thanks: <a href="https://github.com/horpto";><code>@horpto</code></a></li> </ul> </li> <li>stats: provide peer information in <code>HandleConn</code> context (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5589";>#5589</a>) <ul> <li>Special Thanks: <a href="https://github.com/feihu-stripe";><code>@feihu-stripe</code></a></li> </ul> </li> <li>xds: add support for Outlier Detection, enabled by default (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5435";>#5435</a>, <a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5673";>#5673</a>)</li> </ul> <h1>Bug Fixes</h1> <ul> <li>client: fix deadlock in transport caused by GOAWAY racing with stream creation (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5652";>#5652</a>) <ul> <li>This should only occur with an HTTP/2 server that does not follow best practices of an advisory GOAWAY (not a grpc-go server).</li> </ul> </li> <li>xds/xdsclient: fix a bug which was causing routes with <code>cluster_specifier_plugin</code> set to be NACKed when GRPC_EXPERIMENTAL_XDS_RLS_LB was off (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5670";>#5670</a>)</li> <li>xds/xdsclient: NACK cluster resource if <code>config_source_specifier</code> in <code>lrs_server</code> is not <code>self</code> (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5613";>#5613</a>)</li> <li>xds/ringhash: fix a bug which sometimes prevents the LB policy from retrying connection attempts (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5601";>#5601</a>)</li> <li>xds/ringhash: do nothing when asked to exit <code>IDLE</code> instead of falling back on the default channel behavior of connecting to all addresses (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5614";>#5614</a>)</li> <li>xds/rls: fix a bug which was causing the channel to be stuck in <code>IDLE</code> (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5656";>#5656</a>)</li> <li>alts: fix a bug which was setting <code>WaitForReady</code> on handshaker service RPCs, thereby delaying fallback when required (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5620";>#5620</a>)</li> <li>gcp/observability: fix End() to cleanup global state correctly (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5623";>#5623</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/grpc/grpc-go/commit/c1d7d7acc3d14788d07ded8be9cd74c136084294";><code>c1d7d7a</code></a> Change version to 1.50.0 (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5685";>#5685</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/1451c62ccdce325a1f2fdbcc90db89518a36dc06";><code>1451c62</code></a> internal/transport: optimize grpc-message encoding/decoding (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5654";>#5654</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/be4b63b1fcab082f7e19b540abfbbaf13958addd";><code>be4b63b</code></a> test: minor test cleanup (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5679";>#5679</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/d83070ec0d9043f713b6a63e1963c593b447208c";><code>d83070e</code></a> Changed Outlier Detection Env Var to default true (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5673";>#5673</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/54521b22e01f52e6e112b33bbca8b2255915dd40";><code>54521b2</code></a> client: remove trailing null from unix abstract socket address (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5678";>#5678</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/36e481079b224e01fc3134ba7f1b2717f0c4d4ef";><code>36e4810</code></a> orca: cleanup old code, and get grpc package to use new code (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5627";>#5627</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/e8866a83edf51f5a5dcd8097c6d4fe4cdef49cdd";><code>e8866a8</code></a> build: harden GitHub Workflow permissions (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5660";>#5660</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/8458251c6b35036b90788223f67fc9e4396cd32c";><code>8458251</code></a> xdsclient: ignore routes with cluster_specifier_plugin when GRPC_EXPERIMENTAL...</li> <li><a href="https://github.com/grpc/grpc-go/commit/a238cebacde409d423d0116523523deb9fe0bdc7";><code>a238ceb</code></a> xDS: Outlier Detection Env Var not hardcoded to false (<a href="https://github-redirect.dependabot.com/grpc/grpc-go/issues/5664";>#5664</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/b1d7f56b81b7902d871111b82dec6ba45f854ede";><code>b1d7f56</code></a> transport: Fix deadlock in transport caused by GOAWAY race with new stream cr...</li> <li>Additional commits viewable in <a href="https://github.com/grpc/grpc-go/compare/v1.49.0...v1.50.0";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
