v1.43.3

Bugfixes

• android: fix for app coming to foreground #8850
• xds: fix the validation code to accept new-style CertificateProviderPluginInstance wherever used

Dependencies

• Bump protobuf to 3.19.6

v1.42.3

Dependencies

• Bump protobuf to 3.19.6

v1.41.3

Dependencies

• Bump protobuf to 3.19.6

v1.36.3

Dependencies

• Bump protobuf to 3.16.3

v1.48.2

Bug Fixes

• xds: Fix a bug in ring-hash load balancing policy that, during TRANSIENT_FAILURE state, it might cause unnecessary internal connection requests on subchannels. (#9537)
• auth: Fix AppEngine failing while retrieving access token when instantiating a blocking stub using AppEngineCredentials (#9524)
• xds: channel_id hash policy now uses a random per-channel id instead of an incrementing one. The incrementing id was the same for every process of a binary, which was not the intention (#9453)
• bazel: Use valid target name for services and xds when overriding Maven targets (#9422). This fixes an error of the form no such target '@io_grpc_grpc_java//services:services' for services and missing ORCA classes for xds. The wrong target names were introduced in 1.47.0

Dependencies

• Bump protobuf to 3.21.7

v1.49.2

Dependencies

• Bump protobuf to 3.21.7

v1.49.1

Bug Fixes

• xds: Fix a bug in ring-hash load balancing policy that, during TRANSIENT_FAILURE state, it might cause unnecessary internal connection requests on subchannels. (#9537)
• auth: Fix AppEngine failing while retrieving access token when instantiating a blocking stub using AppEngineCredentials (#9524)

Behavior Changes

• core: Update outlier detection max ejection logics, and min host request volume logics. (#9550, #9551, #9552)

v1.49.0

New Features

• okhttp: Add OkHttpServerBuilder. The server can be used directly, but is not yet available via ServerBuilder.forPort() and Grpc.newServerBuilderForPort(). It passes our tests, but has seen no real-world use. It is also lacking connection management features
• okhttp: Add support for byte-based private keys via TlsChannelCredentials and TlsServerCredentials
• core: New outlier detection load balancer
• googleapis: google-c2p resolver is now stabilized

Bug Fixes

• core: Fix retry causing memory leak for canceled RPCs. (#9360)
• core: Use SyncContext for InProcess transport callbacks to avoid deadlocks. This fixes the long-standing issue #3084 which prevented using directExecutor() in some tests using streaming RPCs
• core: Disable retries with in-process transport by default (#9361). In-process does not compute message sizes so can retain excessive amounts of memory
• bazel: Use valid target name for services and xds when overriding Maven targets (#9422). This fixes an error of the form no such target '@io_grpc_grpc_java//services:services' for services and missing ORCA classes for xds. The wrong target names were introduced in 1.47.0
• xds: channel_id hash policy now uses a random per-channel id instead of an incrementing one. The incrementing id was the same for every process of a binary, which was not the intention (#9453)
• core: Fix a bug that the server stream should not deliver halfClose() when the call is immediately canceled. The bug causes a bad message INTERNAL, desc: Half-closed without a request at server call. (#9362)
• xds: Remove shaded orca proto dependency in ORCA api. The shading was broken and couldn't really be used. (#9366)

Behavior Changes

• gcp-observability: Interceptors are now injected in more situations, including for non-Netty transports and when using transport-specific APIs like NettyChannelBuilder. (#9309 #9312 #9424)
• gcp-observability: custom tags now extended to metrics and traces (#9402 #9407)
• gcp-observability: excludes RPCs into Google Cloud Ops backend for instrumentation (#9436)
• xds: xdsNameResolver now matches channel overrideAuthority in virtualHost matching (#9405)

Acknowledgement

@benjaminp
@j-min5u

v1.48.1

New Features

ORCA provides APIs to inject custom metrics at a gRPC server, and consume them at a gRPC client. It implements A51: Custom Backend Metrics Support. We changed the ORCA APIs; they had broken shading and couldn't really be used, so we fixed them in the patch release.

Bug Fixes

• core: Fix a bug that the server stream should not deliver halfClose() when the call is immediately canceled. The bug causes a bad message INTERNAL, desc: Half-closed without a request at server call. (#9362)
• core: Fix retry causing memory leak for cancelled RPCs. (#9415)
• core: Disable retry by default for in-process transport's channel.(#9368)

v1.48.0

Bug Fixes

• Removed the Class-Path manifest entry from jars generated with the gradle shadow plugin (#9270). This should prevent “[WARNING] [path] bad path element” compilation warnings
• Fix Channelz HTTP/2 window reporting. Previously the sender and receiver windows were reversed
• Service config parse failures should be UNAVAILABLE, not INVALID_ARGUMENT (#9346). This bug could cause RPCs to fail with INVALID_ARGUMENT if the service config was invalid when the channel started. RPCs were not failed if the channel had previously received no config or a valid config. Channels using xds were not exposed to this issue

New Features

• xds: implement ignore_resource_deletion server feature as defined in the gRFC A53: Option for Ignoring xDS Resource Deletion. (#9339)
• bazel: Support maven_install's strict_visibility=True by including direct dependencies explicitly

Improvements

• Changed the debug strings for many Attributes.Keys to reference the API of the key. This should make it easier to find the API the key is exposed when using attributes.toString()
• api: Document Attributes.Key uses reference equality. This is to make it clear the behavior is on purpose, and mirrors other Key types in the API
• api: Explain security constraints of EquivalentAddressGroup.ATTR_AUTHORITY_OVERRIDE, to avoid misuse by NameResolvers (#9281)
• testing: GrpcCleanupRule now extends ExternalResource. This makes it usable with JUnit 5
• core: Clear ConfigSelector when the channel enters panic mode (#9272). This prevents hanging RPCs if panic mode is entered very early in the channel lifetime and makes panic mode more predictable when xds is in use. Panic mode is a Channel feature used when a bug causes an unrecoverable error
• core: Avoid unnecessary flushes for unary responses. It optimizes the response flow (#9273)
• core: Use the offload executor in CallCredentials rather than the executor from CallOptions (#9313)
• compiler: support protoc compiling on loongarch_64 and ppc64le platform (#9178 #9284)
• binder: Add security Policy for verifying signature using sha-256 hash (#9305)
• xds: clusterresolver reuses child policy names for the same locality to avoid subchannel connection churns (#9287)
• xds: Fail RPCs with error details when resources are deleted instead of “NameResolver returned no usable address errors” (#9337)
• xds: Support least_request LB in LoadBalancingPolicy (#9262)
• xds: weighted target to delay picker updates while updating children (#9306)
• xds: delete the permanent error logic in processing LDS updates in XdsServerWrapper (#9268)
• xds: when delegate server throws on start communicate the error to statusListener (#9277)

Dependencies

• Bump Guava to 31.1
• Bump protobuf to 3.21.1 (#9311)
• Bump Error Prone annotations to 2.14.0
• Bump Animal Sniffer annotations to 1.21
• Bump Netty to 4.1.77.Final and netty_tcnative to 2.0.53.Final
• protobuf: Bump com.google.api.grpc:proto-google-common-protos to 2.9.0
• alts: Bump Conscrypt to 2.5.2
• xds: Bump RE2J to 1.6
• xds: Remove unused org.bouncycastle:bcpkix-jdk15on dependency
• xds: Update xDS protos (#9223)

Acknowledgements

@mirlord
@zhangwenlong8911
@adilansari
@amirhadadi
@jader-eero
@jvolkman
@sumitd2