Bump google.golang.org/grpc from 1.59.0 to 1.60.0 #179

dependabot · 2023-12-12T15:39:29Z

Bumps google.golang.org/grpc from 1.59.0 to 1.60.0.

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.60.0

Security

credentials/tls: if not set, set TLS MinVersion to 1.2 and CipherSuites according to supported suites not forbidden by RFC7540.

This is a behavior change to bring us into better alignment with RFC 7540.

API Changes

resolver: remove deprecated and experimental ClientConn.NewServiceConfig (#6784)

client: remove deprecated grpc.WithServiceConfig DialOption (#6800)

Bug Fixes

client: fix race that could cause a deadlock while entering idle mode and receiving a name resolver update (#6804)

client: always enable TCP keepalives with OS defaults (#6834)

credentials/alts: fix a bug preventing ALTS from connecting to the metadata server if the default scheme is overridden (#6686)

Special Thanks: @mjamaloney

Behavior Changes

server: Do not return from Stop() or GracefulStop() until all resources are released (#6489)

Special Thanks: @fho

Documentation

codes: clarify that only codes defined by this package are valid and that users should not cast other values to codes.Code (#6701)

Commits

297d8dd Cherry-pick #6841 to v1.60.x release branch (#6847)
3580447 Change version to 1.60.0 (#6792)
71e67a9 Cherry-pick #6834 to v1.60.x release branch (#6839)
cb6581d Cherry-pick #6804 and dependencies to v1.60.x release branch (#6838)
dd39cdb credentials: if not set, restrict to TLS v1.2+ and CipherSuites per RFC7540 (...
8645f95 resolver: remove ClientConn.NewServiceConfig (#6784)
8b17a4d vet: various cleanups (#6780)
591c481 internal/transport: Add LocalAddr to http2Client.getPeer() (#6779)
eb46b7d github: set top-level read-only workflow permissions (#6775)
be1d1c1 security/advancedtls: FileWatcher CRL provider initialization enhancement (#6...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.59.0 to 1.60.0. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.59.0...v1.60.0) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

codecov · 2023-12-14T01:57:03Z

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (fe7b6ea) 43.15% compared to head (8a87969) 43.15%.

Additional details and impacted files

@@           Coverage Diff           @@
##              dev     #179   +/-   ##
=======================================
  Coverage   43.15%   43.15%           
=======================================
  Files          38       38           
  Lines        5585     5585           
=======================================
  Hits         2410     2410           
  Misses       3045     3045           
  Partials      130      130

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

dependabot bot added the dependencies Pull requests that update a dependency file label Dec 12, 2023

github-actions bot enabled auto-merge December 12, 2023 15:39

dependabot bot force-pushed the dependabot/go_modules/dev/google.golang.org/grpc-1.60.0 branch from 6680384 to a28f373 Compare December 13, 2023 15:08

dependabot bot force-pushed the dependabot/go_modules/dev/google.golang.org/grpc-1.60.0 branch from a28f373 to 8a87969 Compare December 14, 2023 01:55

github-actions bot merged commit 19c14e8 into dev Dec 14, 2023
9 checks passed

github-actions bot deleted the dependabot/go_modules/dev/google.golang.org/grpc-1.60.0 branch December 14, 2023 01:58

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump google.golang.org/grpc from 1.59.0 to 1.60.0 #179

Bump google.golang.org/grpc from 1.59.0 to 1.60.0 #179

dependabot bot commented on behalf of github Dec 12, 2023 •

edited

Loading

codecov bot commented Dec 14, 2023 •

edited

Loading

Bump google.golang.org/grpc from 1.59.0 to 1.60.0 #179

Bump google.golang.org/grpc from 1.59.0 to 1.60.0 #179

Conversation

dependabot bot commented on behalf of github Dec 12, 2023 • edited Loading

Release 1.60.0

Security

API Changes

Bug Fixes

Behavior Changes

Documentation

codecov bot commented Dec 14, 2023 • edited Loading

Codecov Report

dependabot bot commented on behalf of github Dec 12, 2023 •

edited

Loading

codecov bot commented Dec 14, 2023 •

edited

Loading