build(deps): bump the dependencies group with 23 updates

[dependabot]

Bumps the dependencies group with 23 updates:

Package	From	To
com.fasterxml.jackson:jackson-bom	2.21.2	2.21.3
tools.jackson:jackson-bom	3.1.2	3.1.3
com.github.ben-manes.caffeine:caffeine	3.2.3	3.2.4
com.typesafe:config	1.4.6	1.4.7
io.swagger.core.v3:swagger-annotations	2.2.48	2.2.49
io.swagger.core.v3:swagger-models	2.2.48	2.2.49
io.swagger.parser.v3:swagger-parser	2.1.40	2.1.41
org.jdbi:jdbi3-core	3.52.1	3.53.0
com.puppycrawl.tools:checkstyle	13.4.0	13.4.2
dev.langchain4j:langchain4j-bom	1.13.1	1.14.0
io.grpc:grpc-protobuf	1.80.0	1.81.0
io.grpc:grpc-stub	1.80.0	1.81.0
io.grpc:grpc-inprocess	1.80.0	1.81.0
io.grpc:grpc-services	1.80.0	1.81.0
io.grpc:grpc-servlet	1.80.0	1.81.0
io.grpc:grpc-netty-shaded	1.80.0	1.81.0
io.grpc:grpc-okhttp	1.80.0	1.81.0
gg.jte:jte	3.2.3	3.2.4
gg.jte:jte-models	3.2.3	3.2.4
software.amazon.awssdk:bom	2.42.41	2.44.0
org.jline:jline	3.30.9	3.30.12
org.jline:jline-terminal-jna	3.30.9	3.30.12
io.smallrye.reactive:mutiny	3.1.1	3.2.0

Updates com.fasterxml.jackson:jackson-bom from 2.21.2 to 2.21.3

Commits

• 374fbd0 [maven-release-plugin] prepare release jackson-bom-2.21.3
• 7059df7 Prep for 2.21.3 release
• 2fd60bd Merge branch '2.20' into 2.21
• b82a364 Merge branch '2.19' into 2.20
• ef4e013 Merge branch '2.18' into 2.19
• 536ae51 Post-release dep version bump
• 536c533 [maven-release-plugin] prepare for next development iteration
• 426b778 [maven-release-plugin] prepare release jackson-bom-2.18.7
• a73cda9 Prep for 2.18.7 release
• 76b4a05 Post-release dep version bump
• Additional commits viewable in compare view

Updates tools.jackson:jackson-bom from 3.1.2 to 3.1.3

Commits

• c2ea79e [maven-release-plugin] prepare release jackson-bom-3.1.3
• 3906b27 Prep for 3.1.3 release
• b17b616 Post-release dep version bump
• 36cf999 [maven-release-plugin] prepare for next development iteration
• See full diff in compare view

Updates com.github.ben-manes.caffeine:caffeine from 3.2.3 to 3.2.4

Release notes

Sourced from com.github.ben-manes.caffeine:caffeine's releases.

3.2.4

• Improved access expiration's read performance by avoiding false sharing effects caused by the timestamp update
• Fixed head-of-line blocking of expiration queues caused by in-flight async entries (#1954)
• Fixed various minor issues found using AI audits
• Added ObjectInputFilter support to JCache

Commits

• 836b65c use a consistent expiration tolerance calculation
• 0dc7daf resurrect in-flight async entries on expiration
• 0bac8b5 handle head-of-line blocking of expiration queues (fixes #1954)
• ff25836 test polish
• f3a6176 Fix JCache close/createCache races and recursive teardown
• 622fbe7 Fix removal in identity views and widen hill-climber counters
• 8da5a7a defer weighing the entry until after the putIfAbsent hit fast-path
• 94ad0ff Record eviction stats before notifying the removal listener consistently
• f94c011 Auto-assert eviction stats alongside notifications.withCause.exclusively
• 2e945e0 Skip timestamp writes within tolerance on the read path.
• Additional commits viewable in compare view

Updates com.typesafe:config from 1.4.6 to 1.4.7

Release notes

Sourced from com.typesafe:config's releases.

v1.4.7

What's Changed

• docs: adjust description of release process by @​sebastian-alfers in lightbend/config#834
• docs: Update NEWS with latest two releases by @​johanandren in lightbend/config#835
• CI fixes by @​jsoref in lightbend/config#843
• Fix spelling by @​jsoref in lightbend/config#840
• fix: rendering of substituted list with space by @​johanandren in lightbend/config#841
• fix: Don't evaluate substitutions hidden by values from resolved objects by @​johanandren in lightbend/config#839
• Drop the broken Maven chip in Readme by @​ennru in lightbend/config#844

New Contributors

• @​jsoref made their first contribution in lightbend/config#843

Full Changelog: lightbend/config@v1.4.6...v1.4.7

Commits

• eb80714 Drop the broken Maven chip in Readme (#844)
• 833bacb fix: Don't evaluate substitutions hidden by values from resolved objects (#839)
• dd3a0df fix: rendering of substituted list with spacce (#841)
• eb46e0e chore: Fix spelling here and there (#840)
• affd59d build: update actions, replace deprecated apt-key
• 93dbc6f docs: Update NEWS with latest two releases (#835)
• c995aa0 docs: adjust description of release process (#834)
• See full diff in compare view

Updates io.swagger.core.v3:swagger-annotations from 2.2.48 to 2.2.49

Updates io.swagger.core.v3:swagger-models from 2.2.48 to 2.2.49

Updates io.swagger.core.v3:swagger-models from 2.2.48 to 2.2.49

Updates io.swagger.parser.v3:swagger-parser from 2.1.40 to 2.1.41

Release notes

Sourced from io.swagger.parser.v3:swagger-parser's releases.

Swagger-parser 2.1.41 released!

• Bump org.jacoco:jacoco-maven-plugin from 0.8.11 to 0.8.14 (#2317)
• chore: update v2 parser to 1.0.76 (#2314)
• Prevent StackOverflowError in ResolverFully (#2297)
• Fix thread-safety bug in OpenAPIDereferencer31 (#2294)
• fix(converter): keep x-nullable in shared $ref responses (#2276)

Commits

• 1d86e4a prepare release 2.1.41 (#2322)
• f0cb8e5 Fix thread-safety bug in OpenAPIDereferencer31 (#2294)
• 9e2ff91 Prevent StackOverflowError in ResolverFully (#2297)
• 57c0edb Bump org.jacoco:jacoco-maven-plugin from 0.8.11 to 0.8.14 (#2317)
• bb8a82c fix(converter): keep x-nullable in shared $ref responses (#2276)
• b6ed0cc chore: update v2 parser to 1.0.76 (#2314)
• afc1742 Bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.2 to 3.6.3 (#2025)
• 370c009 Bump org.apache.maven.plugins:maven-surefire-plugin from 3.2.2 to 3.2.5 (#2045)
• bfd616c Bump org.jacoco:jacoco-maven-plugin from 0.8.8 to 0.8.11 (#2027)
• 81d8790 bump snapshot 2.1.41-SNAPSHOT (#2310)
• See full diff in compare view

Updates org.jdbi:jdbi3-core from 3.52.1 to 3.53.0

Release notes

Sourced from org.jdbi:jdbi3-core's releases.

3.53.0

Fixes: Jdbi-Freemarker Security Advisory GHSA-mggx-p7jf-jgw4

The Freemarker configuration allows templates to construct arbitrary Java types, including freemarker.template.utility.Execute.

While exploiting this requires other unsafe practices (letting a user dictate template input), it seems prudent to disable template class resolution.

Please see GHSA-mggx-p7jf-jgw4 for more details.

Upgrade to testcontainers 2.x

While this required no code changes, the testcontainers project has renamed a number of their jar files. Jdbi still supports testcontainers 1.x and now also testcontainers 2.x:

If you are using testcontainers with Jdbi today and can not update to 2.x, make sure that you reference the org.testcontainers:jdbc and org.testcontainers:junit-jupiter dependencies. Those used to be available as transitive dependency from jdbi3-testcontainers.

If you upgrade to testcontainers 2.x, the org.testcontainers:testcontainers-jdbc and org.testcontainers:testcontainers-junit-jupiter dependencies must be available.

• Update testcontainers dependency to 2.0.5 (from 1.21.4)
• Add StatementContext parameter to SqlExceptionHandler and remove return value

Changelog

Sourced from org.jdbi:jdbi3-core's changelog.

3.53.0

Fixes: Jdbi-Freemarker Security Advisory GHSA-mggx-p7jf-jgw4

The Freemarker configuration allows templates to construct arbitrary Java types, including freemarker.template.utility.Execute.

While exploiting this requires other unsafe practices (letting a user dictate template input), it seems prudent to disable template class resolution.

Please see GHSA-mggx-p7jf-jgw4 for more details.

Upgrade to testcontainers 2.x

While this required no code changes, the testcontainers project has renamed a number of their jar files. Jdbi still supports testcontainers 1.x and now also testcontainers 2.x:

If you are using testcontainers with Jdbi today and can not update to 2.x, make sure that you reference the org.testcontainers:jdbc and org.testcontainers:junit-jupiter dependencies. Those used to be available as transitive dependency from jdbi3-testcontainers.

If you upgrade to testcontainers 2.x, the org.testcontainers:testcontainers-jdbc and org.testcontainers:testcontainers-junit-jupiter dependencies must be available.

• Update testcontainers dependency to 2.0.5 (from 1.21.4)
• Add StatementContext parameter to SqlExceptionHandler and remove return value

Commits

• 5361840 [maven-release-plugin] prepare release v3.53.0
• 59a8376 Release notes 3.53.0
• 1f1a5c5 freemarker: disable template class resolution
• 83465ac Merge remote-tracking branch 'origin/master' into sqlexception-handler-statem...
• 5d4191f Merge pull request #2969 from hgschmie/testcontainers2
• 05f9bdb align mysql docker image property name
• ce9f12c align oracle docker image property name
• ebceb8a move to testcontainers 2.x
• 9a42863 add documentation and example
• d53118f SqlExceptionHandler: add StatementContext parameter, remove confusing return ...
• Additional commits viewable in compare view

Updates com.puppycrawl.tools:checkstyle from 13.4.0 to 13.4.2

Release notes

Sourced from com.puppycrawl.tools:checkstyle's releases.

checkstyle-13.4.2

Checkstyle 13.4.2 - https://checkstyle.org/releasenotes.html#Release_13.4.2

Bug fixes:

#19709 - False-positive in Indentation check with yield switch statements. #19755 - Add checks for OpenJDK Style §4.3 - Method Names. #18438 - False positive: EmptyLineSeparator reports violation on method call.

checkstyle-13.4.1

Checkstyle 13.4.1 - https://checkstyle.org/releasenotes.html#Release_13.4.1

Bug fixes:

#5460 - ImportOrder: option=under; doesn't allow empty line between 'import' and 'import static'. #19641 - Add checks for OpenJDK Style §3.10 - Variable Declarations. #19620 - Add checks for OpenJDK Style §3.14 - Literals. #19619 - Add checks for OpenJDK Style §3.7 - Indentation. #19617 - Add checks for OpenJDK Style §2 - Java Source Files. #19662 - Add checks for OpenJDK Style §3.12 - Lambda Expressions. #19559 - AnnotationLocation allows same-line parameterless annotation on class declarations (violates Google Style §4.8.5.2). #19608 - False negative: VariableDeclarationUsageDistance does not flag variable usage inside try blocks. #19682 - Add RECORD_DEF and COMPACT_CTOR_DEF to AtclauseOrder target in google_checks.xml.

... (truncated)

Commits

• 7fade3b [maven-release-plugin] prepare release checkstyle-13.4.2
• 559c008 doc: release notes for 13.4.2
• 8ff1f4f Issue #19772: Excluded plexus-utils due to vulnerability
• 7de1768 dependency: bump checkerframework.version from 4.0.0 to 4.1.0
• ff75c20 Issue #19764: Move violation comments out of Javadoc for javadoctype input files
• 3db5753 Issue #19729: added formatting
• 56c54ad Issue #19709: Fix Indentation false positive for nested yield switch expression
• 04a55f7 Issue #19755: Added checks for OpenJDK Style §4.3 - Method Names
• c1a3c48 Issue #12843: Activate disabled no-error validation jobs in CI
• 2dce8d2 Issue #13740: Find a way to make example message skip par or message without ...
• Additional commits viewable in compare view

Updates dev.langchain4j:langchain4j-bom from 1.13.1 to 1.14.0

Commits

• 4917afa Release versions 1.14.0 and 1.14.0-beta24
• 0c605c5 make release resumable from specific phase
• 07be83b AI Services: support polymorphic return types and tool parameters (#5060)
• a628e7a Allow ClassPathSkillLoader to load skills packaged in JAR files (#5066)
• 7c1a474 Allow to independently generate the html reports of topology and execution of...
• 205cb5a AI Services: support polymorphic return types and tool parameters (#5060)
• 7e02347 build(deps): bump org.apache.httpcomponents.client5:httpclient5 from 5.6 to 5...
• c648906 AI Services: support polymorphic return types and tool parameters (#5060)
• eca856a fix: expose Bedrock Cohere embedding token usage (#5064)
• 03e7552 fix: add null/empty choices guard in OpenAiChatModel and aiMessageFrom (#4813)
• Additional commits viewable in compare view

Updates io.grpc:grpc-protobuf from 1.80.0 to 1.81.0

Release notes

Sourced from io.grpc:grpc-protobuf's releases.

V1.81.0

In this release we drop support for Android API level 22 or lower (Lollipop or earlier), following Google Play Service’s discontinued updates for Lollipop (API levels 21 & 22) and now requires a minimum of API level 23 (Android 6.0 Marshmallow).

API Changes

• api: Deprecate LoadBalancer.handleResolvedAddresses(). Developers maintaining custom LoadBalancer implementations should transition to using LoadBalancer.acceptResolvedAddresses(). Unlike the deprecated method, acceptResolvedAddresses() returns a Status object, allowing the load balancer to explicitly report success or reject the update if the provided addresses or configuration are invalid. (#11623)

Behavior Changes

• core: Enable dns "caching" on Android for 30 seconds to reduce CPU impact of a refresh loop with an LB policy (0675f70af). DnsNameResolver ignores re-resolution requests on OpenJDK-like platforms if it has been too soon since the last DNS query because InetAddress.getAllByName() has a cache with a fixed entry lifetime, but this logic was disabled for Android which does not have that style of cache. Android’s cache uses the result TTL, which will rarely be less than 30 seconds. This change would probably be most noticeable when 1) changing to a different network (e.g., from wifi to mobile), 2) the server has different addresses for different networks, and 3) the app is not using AndroidChannelBuilder with an android.context.Context. For reference, it seems Chrome caches for 1 minute

Bug Fixes

• opentelemetry: Fix baggage propagation, the baggage propagation for opentelemetry introduced in #12389 was broken. The context is decided once and used for all recording for the call, thus guaranteeing all record()s have consistent information.
• core: Address a race condition where ManagedChannelOrphanWrapper could incorrectly log a "not shutdown properly" warning during garbage collection when using directExecutor(). (#12705) (d459338d9)
• xds: Fix xDS HTTP CONNECT's transport socket name bug which is now corrected to use typeUrl. (#12740) (eac9fe961)
• xds: Fix an issue where subchannel metrics were dropping their association with the backend_service. This ensures xDS load balancing metrics are reported accurately. (#12735)

New Features

• netty: Add tcp metrics, by implementing a few of the metrics defined in A80.
• api: Add a CallOption for a custom label on per-RPC metrics (0e39b2967). This CallOption is copied by grpc-opentelemetry to the grpc.client.call.custom label as defined by gRFC A108. See also the gRPC OpenTelemetry Metrics guide (update in-progress)
• xds: Add support for Weighted Round Robin (WRR) load balancing driven by custom backend metrics, implementing the behavior defined in gRFC A114. (#12645)
• utils: Update AdvancedTlsX509KeyManager so that developers can now preserve and use key aliases when dynamically reloading TLS certificates. (#12686)

Documentation

• Update the "Outgoing Flow Control" section in the Manual Flow Control example to say onNext() does not block, but rather queues the messages in memory and advises developers to use CallStreamObserver.isReady() to prevent this memory exhaustion (#12700) (a3a9ffcbe) (#12726) (65ae2efda)
• examples: Clean up Health example, and document need for grpc-services (3ed732fc0)

Dependencies

• Upgrade Dependencies (#12719) (16e17abba). Google-auth-library: 1.42.1, animal-sniffer: 1.27, assertj-core:3.27.7, error_prone_annotations:2.48.0, proto-google-common-protos:2.64.1, google-cloud-logging:3.23.10, jetty-http2-server:12.1.7, jetty-ee10-servlet:12.1.7, lincheck:3.4, opentelemetry-api:1.60.1, opentelemetry-exporter-prometheus:1.60.1-alpha, opentelemetry-gcp-resources:1.54.0-alpha, opentelemetry-sdk-extension-autoconfigure:1.60.1, opentelemetry-sdk-testing:1.60.1, robolectric:4.16.1, tomcat-embed-core:10.1.52, tomcat-embed-core9: 9.0.115,
• Upgrade Netty to 4.1.132 and netty-tcnative to 2.0.75 (1528f809c)

Thanks to

• @​becomeStar
• @​benjaminp
• @​JoeCqupt
• @​Kainsin
• @​merlimat
• @​SreeramdasLavanya
• @​themechbro
• @​zhangweikop

Commits

• 6951542 Bump version to 1.81.0
• e94188e Update README etc to reference 1.81.0
• 4813c6d core,xds: Fix backend_service plumbing for subchannel metrics (#12735)
• 6737eb5 Revert "Replace javax ThreadSafe annotation with errorprone ThreadSafe (#1274...
• ef35313 Replace javax ThreadSafe annotation with errorprone ThreadSafe (#12742)
• 3ed732f examples: Clean up Health, and document need for grpc-services
• eac9fe9 xds: fix xDS HTTP CONNECT's transport socket name bug (#12740)
• 1528f80 Upgrade Netty to 4.1.132 and netty-tcnative to 2.0.75
• d057a7e [xds] Implement A114: WRR support for custom backend metrics (#12645)
• 842636f xds: Add configuration objects for ExtAuthz, GrpcService and Bootstrap change...
• Additional commits viewable in compare view

Updates io.grpc:grpc-stub from 1.80.0 to 1.81.0

Release notes

Sourced from io.grpc:grpc-stub's releases.

V1.81.0

In this release we drop support for Android API level 22 or lower (Lollipop or earlier), following Google Play Service’s discontinued updates for Lollipop (API levels 21 & 22) and now requires a minimum of API level 23 (Android 6.0 Marshmallow).

API Changes

• api: Deprecate LoadBalancer.handleResolvedAddresses(). Developers maintaining custom LoadBalancer implementations should transition to using LoadBalancer.acceptResolvedAddresses(). Unlike the deprecated method, acceptResolvedAddresses() returns a Status object, allowing the load balancer to explicitly report success or reject the update if the provided addresses or configuration are invalid. (#11623)

Behavior Changes

• core: Enable dns "caching" on Android for 30 seconds to reduce CPU impact of a refresh loop with an LB policy (0675f70af). DnsNameResolver ignores re-resolution requests on OpenJDK-like platforms if it has been too soon since the last DNS query because InetAddress.getAllByName() has a cache with a fixed entry lifetime, but this logic was disabled for Android which does not have that style of cache. Android’s cache uses the result TTL, which will rarely be less than 30 seconds. This change would probably be most noticeable when 1) changing to a different network (e.g., from wifi to mobile), 2) the server has different addresses for different networks, and 3) the app is not using AndroidChannelBuilder with an android.context.Context. For reference, it seems Chrome caches for 1 minute

Bug Fixes

• opentelemetry: Fix baggage propagation, the baggage propagation for opentelemetry introduced in #12389 was broken. The context is decided once and used for all recording for the call, thus guaranteeing all record()s have consistent information.
• core: Address a race condition where ManagedChannelOrphanWrapper could incorrectly log a "not shutdown properly" warning during garbage collection when using directExecutor(). (#12705) (d459338d9)
• xds: Fix xDS HTTP CONNECT's transport socket name bug which is now corrected to use typeUrl. (#12740) (eac9fe961)
• xds: Fix an issue where subchannel metrics were dropping their association with the backend_service. This ensures xDS load balancing metrics are reported accurately. (#12735)

New Features

• netty: Add tcp metrics, by implementing a few of the metrics defined in A80.
• api: Add a CallOption for a custom label on per-RPC metrics (0e39b2967). This CallOption is copied by grpc-opentelemetry to the grpc.client.call.custom label as defined by gRFC A108. See also the gRPC OpenTelemetry Metrics guide (update in-progress)
• xds: Add support for Weighted Round Robin (WRR) load balancing driven by custom backend metrics, implementing the behavior defined in gRFC A114. (#12645)
• utils: Update AdvancedTlsX509KeyManager so that developers can now preserve and use key aliases when dynamically reloading TLS certificates. (#12686)

Documentation

• Update the "Outgoing Flow Control" section in the Manual Flow Control example to say onNext() does not block, but rather queues the messages in memory and advises developers to use CallStreamObserver.isReady() to prevent this memory exhaustion (#12700) (a3a9ffcbe) (#12726) (65ae2efda)
• examples: Clean up Health example, and document need for grpc-services (3ed732fc0)

Dependencies

• Upgrade Dependencies (#12719) (16e17abba). Google-auth-library: 1.42.1, animal-sniffer: 1.27, assertj-core:3.27.7, error_prone_annotations:2.48.0, proto-google-common-protos:2.64.1, google-cloud-logging:3.23.10, jetty-http2-server:12.1.7, jetty-ee10-servlet:12.1.7, lincheck:3.4, opentelemetry-api:1.60.1, opentelemetry-exporter-prometheus:1.60.1-alpha, opentelemetry-gcp-resources:1.54.0-alpha, opentelemetry-sdk-extension-autoconfigure:1.60.1, opentelemetry-sdk-testing:1.60.1, robolectric:4.16.1, tomcat-embed-core:10.1.52, tomcat-embed-core9: 9.0.115,
• Upgrade Netty to 4.1.132 and netty-tcnative to 2.0.75 (1528f809c)

Thanks to

• @​becomeStar
• @​benjaminp
• @​JoeCqupt
• @​Kainsin
• @​merlimat
• @​SreeramdasLavanya
• @​themechbro
• @​zhangweikop

Commits

• 6951542 Bump version to 1.81.0
• e94188e Update README etc to reference 1.81.0
• 4813c6d core,xds: Fix backend_service plumbing for subchannel metrics (#12735)
• 6737eb5 Revert "Replace javax ThreadSafe annotation with errorprone ThreadSafe (#1274...
• ef35313 Replace javax ThreadSafe annotation with errorprone ThreadSafe (#12742)
• 3ed732f examples: Clean up Health, and document need for grpc-services
• eac9fe9 xds: fix xDS HTTP CONNECT's transport socket name bug (#12740)
• 1528f80 Upgrade Netty to 4.1.132 and netty-tcnative to 2.0.75
• d057a7e [xds] Implement A114: WRR support for custom backend metrics (#12645)
• 842636f xds: Add configuration objects for ExtAuthz, GrpcService and Bootstrap change...
• Additional commits viewable in compare view

Updates io.grpc:grpc-inprocess from 1.80.0 to 1.81.0

Release notes

Sourced from io.grpc:grpc-inprocess's releases.

V1.81.0

In this release we drop support for Android API level 22 or lower (Lollipop or earlier), following Google Play Service’s discontinued updates for Lollipop (API levels 21 & 22) and now requires a minimum of API level 23 (Android 6.0 Marshmallow).

API Changes

• api: Deprecate LoadBalancer.handleResolvedAddresses(). Developers maintaining custom LoadBalancer implementations should transition to using LoadBalancer.acceptResolvedAddresses(). Unlike the deprecated method, acceptResolvedAddresses() returns a Status object, allowing the load balancer to explicitly report success or reject the update if the provided addresses or configuration are invalid. (#11623)

Behavior Changes

• core: Enable dns "caching" on Android for 30 seconds to reduce CPU impact of a refresh loop with an LB policy (0675f70af). DnsNameResolver ignores re-resolution requests on OpenJDK-like platforms if it has been too soon since the last DNS query because InetAddress.getAllByName() has a cache with a fixed entry lifetime, but this logic was disabled for Android which does not have that style of cache. Android’s cache uses the result TTL, which will rarely be less than 30 seconds. This change would probably be most noticeable when 1) changing to a different network (e.g., from wifi to mobile), 2) the server has different addresses for different networks, and 3) the app is not using AndroidChannelBuilder with an android.context.Context. For reference, it seems Chrome caches for 1 minute

Bug Fixes

• opentelemetry: Fix baggage propagation, the baggage propagation for opentelemetry introduced in #12389 was broken. The context is decided once and used for all recording for the call, thus guaranteeing all record()s have consistent information.
• core: Address a race condition where ManagedChannelOrphanWrapper could incorrectly log a "not shutdown properly" warning during garbage collection when using directExecutor(). (#12705) (d459338d9)
• xds: Fix xDS HTTP CONNECT's transport socket name bug which is now corrected to use typeUrl. (#12740) (eac9fe961)
• xds: Fix an issue where subchannel metrics were dropping their association with the backend_service. This ensures xDS load balancing metrics are reported accurately. (#12735)

New Features

• netty: Add tcp metrics, by implementing a few of the metrics defined in A80.
• api: Add a CallOption for a custom label on per-RPC metrics (0e39b2967). This CallOption is copied by grpc-opentelemetry to the grpc.client.call.custom label as defined by gRFC A108. See also the gRPC OpenTelemetry Metrics guide (update in-progress)
• xds: Add support for Weighted Round Robin (WRR) load balancing driven by custom backend metrics, implementing the behavior defined in gRFC A114. (#12645)
• utils: Update AdvancedTlsX509KeyManager so that developers can now preserve and use key aliases when dynamically reloading TLS certificates. (#12686)

Documentation

• Update the "Outgoing Flow Control" section in the Manual Flow Control example to say onNext() does not block, but rather queues the messages in memory and advises developers to use CallStreamObserver.isReady() to prevent this memory exhaustion (#12700) (a3a9ffcbe) (#12726) (65ae2efda)
• examples: Clean up Health example, and document need for grpc-services (3ed732fc0)

Dependencies

• Upgrade Dependencies (#12719) (16e17abba). Google-auth-library: 1.42.1, animal-sniffer: 1.27, assertj-core:3.27.7, error_prone_annotations:2.48.0, proto-google-common-protos:2.64.1, google-cloud-logging:3.23.10, jetty-http2-server:12.1.7, jetty-ee10-servlet:12.1.7, lincheck:3.4, opentelemetry-api:1.60.1, opentelemetry-exporter-prometheus:1.60.1-alpha, opentelemetry-gcp-resources:1.54.0-alpha, opentelemetry-sdk-extension-autoconfigure:1.60.1, opentelemetry-sdk-testing:1.60.1, robolectric:4.16.1, tomcat-embed-core:10.1.52, tomcat-embed-core9: 9.0.115,
• Upgrade Netty to 4.1.132 and netty-tcnative to 2.0.75 (1528f809c)

Thanks to

• @​becomeStar
• @​benjaminp
• @​JoeCqupt
• @​Kainsin
• @​merlimat
• @​SreeramdasLavanya
• @​themechbro
• @​zhangweikop

Commits

• 6951542 Bump version to 1.81.0
• e94188e Update README etc to reference 1.81.0
• 4813c6d core,xds: Fix backend_service plumbing for subchannel metrics (#12735)
• 6737eb5 Revert "Replace javax ThreadSafe annotation with errorprone ThreadSafe (#1274...
• ef35313 Replace javax ThreadSafe annotation with errorprone ThreadSafe (#12742)
• 3ed732f examples: Clean up Health, and document need for grpc-services
• eac9fe9 xds: fix xDS HTTP CONNECT's transport socket name bug (#12740)
• 1528f80 Upgrade Netty to 4.1.132 and netty-tcnative to 2.0.75
• d057a7e [xds] Implement A114: WRR support for custom backend metrics (#12645)
• 842636f xds: Add configuration objects for ExtAuthz, GrpcService and Bootstrap change...
• Additional commits viewable in compare view

Updates io.grpc:grpc-services from 1.80.0 to 1.81.0

Release notes

Sourced from io.grpc:grpc-services's releases.

V1.81.0

In this release we drop support for Android API level 22 or lower (Lollipop or earlier), following Google Play Service’s discontinued updates for Lollipop (API levels 21 & 22) and now requires a minimum of API level 23 (Android 6.0 Marshmallow).

API Changes

• api: Deprecate LoadBalancer.handleResolvedAddresses(). Developers maintaining custom LoadBalancer implementations should transition to using LoadBalancer.acceptResolvedAddresses(). Unlike the deprecated method, acceptResolvedAddresses() returns a Status object, allowing the load balancer to explicitly report success or reject the update if the provided addresses or configuration are invalid. (#11623)

Behavior Changes

• core: Enable dns "caching" on Android for 30 seconds to reduce CPU impact of a refresh loop with an LB policy (0675f70af). DnsNameResolver ignores re-resolution requests on OpenJDK-like platforms if it has been too soon since the last DNS query because InetAddress.getAllByName() has a cache with a fixed entry lifetime, but this logic was disabled for Android which does not have that style of cache. Android’s cache uses the result TTL, which will rarely be less than 30 seconds. This change would probably be most noticeable when 1) changing to a different network (e.g., from wifi to mobile), 2) the server has different addresses for different networks, and 3) the app is not using AndroidChannelBuilder with an android.context.Context. For reference, it seems Chrome caches for 1 minute

Bug Fixes

• opentelemetry: Fix baggage propagation, the baggage propagation for opentelemetry introduced in #12389 was broken. The context is decided once and used for all recording for the call, thus guaranteeing all record()s have consistent information.
• core: Address a race condition where ManagedChannelOrphanWrapper could incorrectly log a "not shutdown properly" warning during garbage collection when using directExecutor(). (#12705) (d459338d9)
• xds: Fix xDS HTTP CONNECT's transport socket name bug which is now corrected to use typeUrl. (#12740) (eac9fe961)
• xds: Fix an issue where subchannel metrics were dropping their association with the backend_service. This ensures xDS load balancing metrics are reported accurately. (#12735)

New Features

• netty: Add tcp metrics, by implementing a few of the metrics defined in A80.
• api: Add a CallOption for a custom label on per-RPC metrics (0e39b2967). This CallOption is copied by grpc-opentelemetry to the grpc.client.call.custom label as defined by gRFC A108. See also the gRPC OpenTelemetry Metrics guide (update in-progress)
• xds: Add support for Weighted Round Robin (WRR) load balancing driven by custom backend metrics, implementing the behavior defined in gRFC A114. (#12645)
• utils: Update AdvancedTlsX509KeyManager so that developers can now preserve and use key aliases when dynamically reloading TLS certificates. (#12686)

Documentation

• Update the "Outgoing Flow Control" section in the Manual Flow Control example to say onNext() does not block, but rather queues the messages in memory and advises developers to use CallStreamObserver.isReady() to prevent this memory exhaustion (#12700) (a3a9ffcbe) (#12726) (65ae2efda)
• examples: Clean up Health example, and document need for grpc-services (3ed732fc0)

Dependencies

• Upgrade Dependencies (#12719) (16e17abba). Google-auth-library: 1.42.1, animal-sniffer: 1.27, assertj-core:3.27.7, error_prone_annotations:2.48.0, proto-google-common-protos:2.64.1, google-cloud-logging:3.23.10, jetty-http2-server:12.1.7, jetty-ee10-servlet:12.1.7, lincheck:3.4, opentelemetry-api:1.60.1, opentelemetry-exporter-prometheus:1.60.1-alpha, opentelemetry-gcp-resources:1.54.0-alpha, opentelemetry-sdk-extension-autoconfigure:1.60.1, opentelemetry-sdk-testing:1.60.1, robolectric:4.16.1, tomcat-embed-core:10.1.52, tomcat-embed-core9: 9.0.115,
• Upgrade Netty to 4.1.132 and netty-tcnative to 2.0.75 (1528f809c)

Thanks to

• @​becomeStar
• @​benjaminp
• @​JoeCqupt
• @​Kainsin
• @​merlimat
• @​SreeramdasLavanya
• @​themechbro
• @​zhangweikop

Commits

• 6951542 Bump version to 1.81.0
• e94188e Update README etc to reference 1.81.0
• 4813c6d core,xds: Fix backend_service plumbing for subchannel metrics (#12735)
• 6737eb5 Revert "Replace javax ThreadSafe annotation with errorprone ThreadSafe (#1274...
• ef35313 Replace javax ThreadSafe annotation with errorprone ThreadSafe (#12742)
• 3ed732f examples: Clean up Health, and document need for grpc-services
• eac9fe9 xds: fix xDS HTTP CONNECT's transport socket name bug (#12740)
• 1528f80 Upgrade Netty to 4.1.132 and netty-tcnative to 2.0.75
• d057a7e [xds] Implement A114: WRR support for custom backend metrics (#12645)
• 842636f xds: Add configuration objects for ExtAuthz, GrpcService and Bootstrap change...
• Additional commits viewable in compare view

Updates io.grpc:grpc-servlet from 1.80.0 to 1.81.0

Release notes

Sourced from io.grpc:grpc-servlet's releases.

V1.81.0

In this release we drop support for Android API level 22 or lower (Lollipop or earlier), following Google Play Service’s discontinued updates for Lollipop (API levels 21 & 22) and now requires a minimum of API level 23 (Android 6.0 Marshmallow).

API Changes

• api: Deprecate LoadBalancer.handleResolvedAddresses(). Developers maintaining custom LoadBalancer implementations should transition to using...

  Description has been truncated