Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): Bump google.golang.org/grpc from 1.59.0 to 1.60.1 #3060

Merged
merged 5 commits into from
Jan 2, 2024
Merged

chore(deps): Bump google.golang.org/grpc from 1.59.0 to 1.60.1 #3060

merged 5 commits into from
Jan 2, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 25, 2023
edited
Loading

Bumps google.golang.org/grpc from 1.59.0 to 1.60.1.

Release notes

Sourced from google.golang.org/grpc's releases.

Release v1.60.1

Bug Fixes

  • server: fix two bugs that could lead to panics at shutdown when using NumStreamWorkers (experimental feature).

Release 1.60.0

Security

  • credentials/tls: if not set, set TLS MinVersion to 1.2 and CipherSuites according to supported suites not forbidden by RFC7540.
    • This is a behavior change to bring us into better alignment with RFC 7540.

API Changes

  • resolver: remove deprecated and experimental ClientConn.NewServiceConfig (#6784)
  • client: remove deprecated grpc.WithServiceConfig DialOption (#6800)

Bug Fixes

  • client: fix race that could cause a deadlock while entering idle mode and receiving a name resolver update (#6804)
  • client: always enable TCP keepalives with OS defaults (#6834)
  • credentials/alts: fix a bug preventing ALTS from connecting to the metadata server if the default scheme is overridden (#6686)

Behavior Changes

  • server: Do not return from Stop() or GracefulStop() until all resources are released (#6489)

Documentation

  • codes: clarify that only codes defined by this package are valid and that users should not cast other values to codes.Code (#6701)
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added the kind:deps Pull requests that update a dependency file label Dec 25, 2023
@codecov-commenter
Copy link

codecov-commenter commented Dec 25, 2023
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (77cc973) 51.19% compared to head (5407916) 51.10%.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #3060      +/-   ##
==========================================
- Coverage   51.19%   51.10%   -0.09%     
==========================================
  Files         177      177              
  Lines       11148    11148              
==========================================
- Hits         5707     5697      -10     
- Misses       4942     4953      +11     
+ Partials      499      498       -1

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

distractedm1nd
distractedm1nd previously approved these changes Jan 2, 2024
View reviewed changes
@dependabot
chore(deps): Bump google.golang.org/grpc from 1.59.0 to 1.60.1
7acd876 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.59.0 to 1.60.1.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.59.0...v1.60.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/go_modules/google.golang.org/grpc-1.60.1 branch from e1ef882 to 7acd876 Compare January 2, 2024 10:13
@ramin ramin requested a review from distractedm1nd January 2, 2024 10:31
@ramin ramin enabled auto-merge (squash) January 2, 2024 12:18
@ramin ramin merged commit b487830 into main Jan 2, 2024
15 of 17 checks passed
@ramin ramin deleted the dependabot/go_modules/google.golang.org/grpc-1.60.1 branch January 2, 2024 12:21
renaynay pushed a commit to renaynay/celestia-node that referenced this pull request Jan 15, 2024
@dependabot @ramin
@distractedm1nd @renaynay
chore(deps): Bump google.golang.org/grpc from 1.59.0 to 1.60.1 (celes…
94b316c 
…tiaorg#3060)

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from
1.59.0 to 1.60.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's
releases</a>.</em></p>
<blockquote>
<h2>Release v1.60.1</h2>
<h1>Bug Fixes</h1>
<ul>
<li>server: fix two bugs that could lead to panics at shutdown when
using <a
href="https://pkg.go.dev/google.golang.org/grpc#NumStreamWorkers">NumStreamWorkers</a>
(experimental feature).</li>
</ul>
<h2>Release 1.60.0</h2>
<h1>Security</h1>
<ul>
<li>credentials/tls: if not set, set TLS MinVersion to 1.2 and
CipherSuites according to supported suites not forbidden by RFC7540.
<ul>
<li>This is a behavior change to bring us into better alignment with RFC
7540.</li>
</ul>
</li>
</ul>
<h1>API Changes</h1>
<ul>
<li>resolver: remove deprecated and experimental
<code>ClientConn.NewServiceConfig</code> (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6784">#6784</a>)</li>
<li>client: remove deprecated <code>grpc.WithServiceConfig</code>
<code>DialOption</code> (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6800">#6800</a>)</li>
</ul>
<h1>Bug Fixes</h1>
<ul>
<li>client: fix race that could cause a deadlock while entering idle
mode and receiving a name resolver update (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6804">#6804</a>)</li>
<li>client: always enable TCP keepalives with OS defaults (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6834">#6834</a>)</li>
<li>credentials/alts: fix a bug preventing ALTS from connecting to the
metadata server if the default scheme is overridden (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6686">#6686</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/mjamaloney"><code>@​mjamaloney</code></a></li>
</ul>
</li>
</ul>
<h1>Behavior Changes</h1>
<ul>
<li>server: Do not return from Stop() or GracefulStop() until all
resources are released (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6489">#6489</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/fho"><code>@​fho</code></a></li>
</ul>
</li>
</ul>
<h1>Documentation</h1>
<ul>
<li>codes: clarify that only codes defined by this package are valid and
that users should not cast other values to <code>codes.Code</code> (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6701">#6701</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/grpc/grpc-go/commit/dbbcf59957fec0bd58063224cbf105b3b3698d4e"><code>dbbcf59</code></a>
Update version.go to 1.60.1 (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6865">#6865</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/6e384cfd437a759b6c21af9496c4e32bd890af2e"><code>6e384cf</code></a>
Cherry-pick <a
href="https://redirect.github.com/grpc/grpc-go/issues/6856">#6856</a> to
v1.60.x release branch (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6864">#6864</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/6430548ff97b036ffaea26b9381252b46352d385"><code>6430548</code></a>
Change version to 1.60.1-dev (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6793">#6793</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/297d8ddeb0d5834b47f40a5bd624aa0c2cfb9c7a"><code>297d8dd</code></a>
Cherry-pick <a
href="https://redirect.github.com/grpc/grpc-go/issues/6841">#6841</a> to
v1.60.x release branch (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6847">#6847</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/3580447e0cc2b9fb1c2f005b182d172c673fc0c6"><code>3580447</code></a>
Change version to 1.60.0 (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6792">#6792</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/71e67a93f46639f053cc83cd29e74d2a0248468e"><code>71e67a9</code></a>
Cherry-pick <a
href="https://redirect.github.com/grpc/grpc-go/issues/6834">#6834</a> to
v1.60.x release branch (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6839">#6839</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/cb6581dd1a407e1679498e9b304ae2000da7dd92"><code>cb6581d</code></a>
Cherry-pick <a
href="https://redirect.github.com/grpc/grpc-go/issues/6804">#6804</a>
and dependencies to v1.60.x release branch (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6838">#6838</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/dd39cdbddcfbc1ad1cf04910d8fba2b7201469ec"><code>dd39cdb</code></a>
credentials: if not set, restrict to TLS v1.2+ and CipherSuites per
RFC7540 (...</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/8645f95509d6c5d17a54621407f3ca717d4f8620"><code>8645f95</code></a>
resolver: remove ClientConn.NewServiceConfig (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6784">#6784</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/8b17a4dbc328e8ef7f9e5094ab5fe8a78efccbb8"><code>8b17a4d</code></a>
vet: various cleanups (<a
href="https://redirect.github.com/grpc/grpc-go/issues/6780">#6780</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/grpc/grpc-go/compare/v1.59.0...v1.60.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.59.0&new-version=1.60.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: ramin <[email protected]>
Co-authored-by: Ryan <[email protected]>
@faddat faddat mentioned this pull request Feb 22, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@distractedm1nd distractedm1nd distractedm1nd approved these changes

@ramin ramin ramin approved these changes

@renaynay renaynay Awaiting requested review from renaynay renaynay is a code owner

@Wondertan Wondertan Awaiting requested review from Wondertan Wondertan is a code owner

@vgonkivs vgonkivs Awaiting requested review from vgonkivs vgonkivs is a code owner

@walldiss walldiss Awaiting requested review from walldiss walldiss is a code owner

Assignees
No one assigned
Labels
kind:deps Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@codecov-commenter @ramin @distractedm1nd