chore(deps): bump grpc from 1.75.0 to 1.76.0 in /hiero-dependency-versions

[dependabot]

Bumps grpc from 1.75.0 to 1.76.0.
Updates io.grpc:grpc-api from 1.75.0 to 1.76.0

Release notes

Sourced from io.grpc:grpc-api's releases.

v1.76.0

Bug Fixes

• xds: ClusterResolverLb has been converted to use XdsDepManager, which finishes the changes for gRFC A74 xDS Config Tears. This change should resolve some unnecessary reconnections introduced in v1.75.0 when using weighted_round_robin and maybe other policies.
• netty: Remove Netty version detection since grpc-netty-shaded can't reliably determine its Netty version when multiple copies of Netty are present (even when shaded). This fixes the resurfacing of the Netty 4.1.111 corruption fixed in 1.65.0. That version fixed grpc-netty, but v1.75.0 upgraded grpc-netty-shaded to Netty 4.1.111 and exposed the Netty version detection problem. This fixes corruption, so the error messages range wildly, but one of them is "RESOURCE_EXHAUSTED: gRPC message exceeds maximum size"
• compiler: A fix has been implemented for the blockingV2 stub to mangle generated method names that conflict with java.lang.Object methods.
• servlet: A race condition in AsyncServletOutputStreamWriter has been fixed to prevent threads from getting stuck.
• servlet: An issue where AsyncContext.complete() was called multiple times, causing an IllegalStateException, has been resolved.
• binder: The REMOTE_UID is now required to hold the exact UID passed to the SecurityPolicy.
• binder: The server will now only accept post-setup transactions from the authorized server UID.
• util: AdvancedTlsX509TrustManager now errors with a message to say that files don’t exist instead of the previous “Files were unmodified before their initial update. Probably a bug.”
• android: A fix has been implemented for network change handling on API levels below 24.

Improvements

• api: Allocations of Attributes.Builder have been reduced. This mostly benefits attributes.toBuilder(), but that’s not expected to be visible in regular workloads.
• api: An empty array allocation in LoadBalancer.CreateSubchannelArgs.Builder has been avoided. It is a small optimization and is not expected to have any performance impact.
• servlet: A configurable methodNameResolver has been added to configure the mapping from servlet request paths to gRPC method name
• servlet: Avoid a race by increasing the AsyncContext timeout by 5 seconds. The gRPC Context timeout should trigger first
• xds: Pretty-print envoy.service.discovery.v3.Resource in debug logs
• bazel: The java/proto rules from rules_java/rules_proto are now used instead of native rules.
• bazel: Unnecessary direct build dependencies were removed from some targets
• netty: Support for the BCJSSE provider has been added in GrpcSslContexts.
• netty: Huffman coding in server response headers has been disabled; it was already disabled for client request headers
• netty: Include allow header for HTTP response code 405
• okhttp: Include allow header for HTTP response code 405
• binder: Error descriptions for ServiceConnection callbacks have been improved
• binder: Apps can now call SecurityPolicy.checkAuthorization() by PeerUid.

New Features

• stub: Trailers are now propagated in StatusException when thrown by BlockingClientCall.
• compiler: Support for macOS aarch64 with a universal binary has been added.
• opentelemetry: grpc.subchannel.* metrics as described in gRFC A94 OTel metrics for Subchannels have been added. grpc.disconnect_error will show as “unknown” until transports implement support
• binder: A NameResolver for Android's intent: URIs has been introduced.
• binder: A basic SocketStats with just the local and remote addresses has been added for channelz.

Documentation

• SECURITY.md: The documentation now describes how to use gcompat with LD_PRELOAD for Alpine.
• examples: The documentation now explains Bazel BCR releases and the git_override option.

Dependencies

• Upgraded Guava version to 33.4.8.
• The org.apache.tomcat:annotations-api dependency has been removed from the examples.

Thanks to

@JoeCqupt

... (truncated)

Commits

• d0db129 Bump version to 1.76.0
• aa672ca Update README etc to reference 1.76.0
• 70b7249 netty: Unconditionally disable adaptive cumulator (#12390)
• f89d1d8 api: remove nullable from StatusOr value methods (#12338)
• 040665f examples: Explain Bazel BCR releases and git_override option
• 4995700 xds: Remove verify TODO for onResult2 error status
• afe7222 SECURITY.md: Mention gcompat for Alpine (#12365)
• 1a7042a android: fix network change handling on API levels < 24
• 8f0db07 api: Avoid allocating empty array in LoadBalancer (#12337)
• 0c179e3 xds: Convert ClusterResolverLb to XdsDepManager
• Additional commits viewable in compare view

Updates io.grpc:grpc-inprocess from 1.75.0 to 1.76.0

Release notes

Sourced from io.grpc:grpc-inprocess's releases.

v1.76.0

Bug Fixes

• xds: ClusterResolverLb has been converted to use XdsDepManager, which finishes the changes for gRFC A74 xDS Config Tears. This change should resolve some unnecessary reconnections introduced in v1.75.0 when using weighted_round_robin and maybe other policies.
• netty: Remove Netty version detection since grpc-netty-shaded can't reliably determine its Netty version when multiple copies of Netty are present (even when shaded). This fixes the resurfacing of the Netty 4.1.111 corruption fixed in 1.65.0. That version fixed grpc-netty, but v1.75.0 upgraded grpc-netty-shaded to Netty 4.1.111 and exposed the Netty version detection problem. This fixes corruption, so the error messages range wildly, but one of them is "RESOURCE_EXHAUSTED: gRPC message exceeds maximum size"
• compiler: A fix has been implemented for the blockingV2 stub to mangle generated method names that conflict with java.lang.Object methods.
• servlet: A race condition in AsyncServletOutputStreamWriter has been fixed to prevent threads from getting stuck.
• servlet: An issue where AsyncContext.complete() was called multiple times, causing an IllegalStateException, has been resolved.
• binder: The REMOTE_UID is now required to hold the exact UID passed to the SecurityPolicy.
• binder: The server will now only accept post-setup transactions from the authorized server UID.
• util: AdvancedTlsX509TrustManager now errors with a message to say that files don’t exist instead of the previous “Files were unmodified before their initial update. Probably a bug.”
• android: A fix has been implemented for network change handling on API levels below 24.

Improvements

• api: Allocations of Attributes.Builder have been reduced. This mostly benefits attributes.toBuilder(), but that’s not expected to be visible in regular workloads.
• api: An empty array allocation in LoadBalancer.CreateSubchannelArgs.Builder has been avoided. It is a small optimization and is not expected to have any performance impact.
• servlet: A configurable methodNameResolver has been added to configure the mapping from servlet request paths to gRPC method name
• servlet: Avoid a race by increasing the AsyncContext timeout by 5 seconds. The gRPC Context timeout should trigger first
• xds: Pretty-print envoy.service.discovery.v3.Resource in debug logs
• bazel: The java/proto rules from rules_java/rules_proto are now used instead of native rules.
• bazel: Unnecessary direct build dependencies were removed from some targets
• netty: Support for the BCJSSE provider has been added in GrpcSslContexts.
• netty: Huffman coding in server response headers has been disabled; it was already disabled for client request headers
• netty: Include allow header for HTTP response code 405
• okhttp: Include allow header for HTTP response code 405
• binder: Error descriptions for ServiceConnection callbacks have been improved
• binder: Apps can now call SecurityPolicy.checkAuthorization() by PeerUid.

New Features

• stub: Trailers are now propagated in StatusException when thrown by BlockingClientCall.
• compiler: Support for macOS aarch64 with a universal binary has been added.
• opentelemetry: grpc.subchannel.* metrics as described in gRFC A94 OTel metrics for Subchannels have been added. grpc.disconnect_error will show as “unknown” until transports implement support
• binder: A NameResolver for Android's intent: URIs has been introduced.
• binder: A basic SocketStats with just the local and remote addresses has been added for channelz.

Documentation

• SECURITY.md: The documentation now describes how to use gcompat with LD_PRELOAD for Alpine.
• examples: The documentation now explains Bazel BCR releases and the git_override option.

Dependencies

• Upgraded Guava version to 33.4.8.
• The org.apache.tomcat:annotations-api dependency has been removed from the examples.

Thanks to

@JoeCqupt

... (truncated)

Commits

• d0db129 Bump version to 1.76.0
• aa672ca Update README etc to reference 1.76.0
• 70b7249 netty: Unconditionally disable adaptive cumulator (#12390)
• f89d1d8 api: remove nullable from StatusOr value methods (#12338)
• 040665f examples: Explain Bazel BCR releases and git_override option
• 4995700 xds: Remove verify TODO for onResult2 error status
• afe7222 SECURITY.md: Mention gcompat for Alpine (#12365)
• 1a7042a android: fix network change handling on API levels < 24
• 8f0db07 api: Avoid allocating empty array in LoadBalancer (#12337)
• 0c179e3 xds: Convert ClusterResolverLb to XdsDepManager
• Additional commits viewable in compare view

Updates io.grpc:grpc-protobuf-lite from 1.75.0 to 1.76.0

Release notes

Sourced from io.grpc:grpc-protobuf-lite's releases.

v1.76.0

Bug Fixes

• xds: ClusterResolverLb has been converted to use XdsDepManager, which finishes the changes for gRFC A74 xDS Config Tears. This change should resolve some unnecessary reconnections introduced in v1.75.0 when using weighted_round_robin and maybe other policies.
• netty: Remove Netty version detection since grpc-netty-shaded can't reliably determine its Netty version when multiple copies of Netty are present (even when shaded). This fixes the resurfacing of the Netty 4.1.111 corruption fixed in 1.65.0. That version fixed grpc-netty, but v1.75.0 upgraded grpc-netty-shaded to Netty 4.1.111 and exposed the Netty version detection problem. This fixes corruption, so the error messages range wildly, but one of them is "RESOURCE_EXHAUSTED: gRPC message exceeds maximum size"
• compiler: A fix has been implemented for the blockingV2 stub to mangle generated method names that conflict with java.lang.Object methods.
• servlet: A race condition in AsyncServletOutputStreamWriter has been fixed to prevent threads from getting stuck.
• servlet: An issue where AsyncContext.complete() was called multiple times, causing an IllegalStateException, has been resolved.
• binder: The REMOTE_UID is now required to hold the exact UID passed to the SecurityPolicy.
• binder: The server will now only accept post-setup transactions from the authorized server UID.
• util: AdvancedTlsX509TrustManager now errors with a message to say that files don’t exist instead of the previous “Files were unmodified before their initial update. Probably a bug.”
• android: A fix has been implemented for network change handling on API levels below 24.

Improvements

• api: Allocations of Attributes.Builder have been reduced. This mostly benefits attributes.toBuilder(), but that’s not expected to be visible in regular workloads.
• api: An empty array allocation in LoadBalancer.CreateSubchannelArgs.Builder has been avoided. It is a small optimization and is not expected to have any performance impact.
• servlet: A configurable methodNameResolver has been added to configure the mapping from servlet request paths to gRPC method name
• servlet: Avoid a race by increasing the AsyncContext timeout by 5 seconds. The gRPC Context timeout should trigger first
• xds: Pretty-print envoy.service.discovery.v3.Resource in debug logs
• bazel: The java/proto rules from rules_java/rules_proto are now used instead of native rules.
• bazel: Unnecessary direct build dependencies were removed from some targets
• netty: Support for the BCJSSE provider has been added in GrpcSslContexts.
• netty: Huffman coding in server response headers has been disabled; it was already disabled for client request headers
• netty: Include allow header for HTTP response code 405
• okhttp: Include allow header for HTTP response code 405
• binder: Error descriptions for ServiceConnection callbacks have been improved
• binder: Apps can now call SecurityPolicy.checkAuthorization() by PeerUid.

New Features

• stub: Trailers are now propagated in StatusException when thrown by BlockingClientCall.
• compiler: Support for macOS aarch64 with a universal binary has been added.
• opentelemetry: grpc.subchannel.* metrics as described in gRFC A94 OTel metrics for Subchannels have been added. grpc.disconnect_error will show as “unknown” until transports implement support
• binder: A NameResolver for Android's intent: URIs has been introduced.
• binder: A basic SocketStats with just the local and remote addresses has been added for channelz.

Documentation

• SECURITY.md: The documentation now describes how to use gcompat with LD_PRELOAD for Alpine.
• examples: The documentation now explains Bazel BCR releases and the git_override option.

Dependencies

• Upgraded Guava version to 33.4.8.
• The org.apache.tomcat:annotations-api dependency has been removed from the examples.

Thanks to

@JoeCqupt

... (truncated)

Commits

• d0db129 Bump version to 1.76.0
• aa672ca Update README etc to reference 1.76.0
• 70b7249 netty: Unconditionally disable adaptive cumulator (#12390)
• f89d1d8 api: remove nullable from StatusOr value methods (#12338)
• 040665f examples: Explain Bazel BCR releases and git_override option
• 4995700 xds: Remove verify TODO for onResult2 error status
• afe7222 SECURITY.md: Mention gcompat for Alpine (#12365)
• 1a7042a android: fix network change handling on API levels < 24
• 8f0db07 api: Avoid allocating empty array in LoadBalancer (#12337)
• 0c179e3 xds: Convert ClusterResolverLb to XdsDepManager
• Additional commits viewable in compare view

Updates io.grpc:grpc-protobuf from 1.75.0 to 1.76.0

Release notes

Sourced from io.grpc:grpc-protobuf's releases.

v1.76.0

Bug Fixes

• xds: ClusterResolverLb has been converted to use XdsDepManager, which finishes the changes for gRFC A74 xDS Config Tears. This change should resolve some unnecessary reconnections introduced in v1.75.0 when using weighted_round_robin and maybe other policies.
• netty: Remove Netty version detection since grpc-netty-shaded can't reliably determine its Netty version when multiple copies of Netty are present (even when shaded). This fixes the resurfacing of the Netty 4.1.111 corruption fixed in 1.65.0. That version fixed grpc-netty, but v1.75.0 upgraded grpc-netty-shaded to Netty 4.1.111 and exposed the Netty version detection problem. This fixes corruption, so the error messages range wildly, but one of them is "RESOURCE_EXHAUSTED: gRPC message exceeds maximum size"
• compiler: A fix has been implemented for the blockingV2 stub to mangle generated method names that conflict with java.lang.Object methods.
• servlet: A race condition in AsyncServletOutputStreamWriter has been fixed to prevent threads from getting stuck.
• servlet: An issue where AsyncContext.complete() was called multiple times, causing an IllegalStateException, has been resolved.
• binder: The REMOTE_UID is now required to hold the exact UID passed to the SecurityPolicy.
• binder: The server will now only accept post-setup transactions from the authorized server UID.
• util: AdvancedTlsX509TrustManager now errors with a message to say that files don’t exist instead of the previous “Files were unmodified before their initial update. Probably a bug.”
• android: A fix has been implemented for network change handling on API levels below 24.

Improvements

• api: Allocations of Attributes.Builder have been reduced. This mostly benefits attributes.toBuilder(), but that’s not expected to be visible in regular workloads.
• api: An empty array allocation in LoadBalancer.CreateSubchannelArgs.Builder has been avoided. It is a small optimization and is not expected to have any performance impact.
• servlet: A configurable methodNameResolver has been added to configure the mapping from servlet request paths to gRPC method name
• servlet: Avoid a race by increasing the AsyncContext timeout by 5 seconds. The gRPC Context timeout should trigger first
• xds: Pretty-print envoy.service.discovery.v3.Resource in debug logs
• bazel: The java/proto rules from rules_java/rules_proto are now used instead of native rules.
• bazel: Unnecessary direct build dependencies were removed from some targets
• netty: Support for the BCJSSE provider has been added in GrpcSslContexts.
• netty: Huffman coding in server response headers has been disabled; it was already disabled for client request headers
• netty: Include allow header for HTTP response code 405
• okhttp: Include allow header for HTTP response code 405
• binder: Error descriptions for ServiceConnection callbacks have been improved
• binder: Apps can now call SecurityPolicy.checkAuthorization() by PeerUid.

New Features

• stub: Trailers are now propagated in StatusException when thrown by BlockingClientCall.
• compiler: Support for macOS aarch64 with a universal binary has been added.
• opentelemetry: grpc.subchannel.* metrics as described in gRFC A94 OTel metrics for Subchannels have been added. grpc.disconnect_error will show as “unknown” until transports implement support
• binder: A NameResolver for Android's intent: URIs has been introduced.
• binder: A basic SocketStats with just the local and remote addresses has been added for channelz.

Documentation

• SECURITY.md: The documentation now describes how to use gcompat with LD_PRELOAD for Alpine.
• examples: The documentation now explains Bazel BCR releases and the git_override option.

Dependencies

• Upgraded Guava version to 33.4.8.
• The org.apache.tomcat:annotations-api dependency has been removed from the examples.

Thanks to

@JoeCqupt

... (truncated)

Commits

• d0db129 Bump version to 1.76.0
• aa672ca Update README etc to reference 1.76.0
• 70b7249 netty: Unconditionally disable adaptive cumulator (#12390)
• f89d1d8 api: remove nullable from StatusOr value methods (#12338)
• 040665f examples: Explain Bazel BCR releases and git_override option
• 4995700 xds: Remove verify TODO for onResult2 error status
• afe7222 SECURITY.md: Mention gcompat for Alpine (#12365)
• 1a7042a android: fix network change handling on API levels < 24
• 8f0db07 api: Avoid allocating empty array in LoadBalancer (#12337)
• 0c179e3 xds: Convert ClusterResolverLb to XdsDepManager
• Additional commits viewable in compare view

Updates io.grpc:grpc-stub from 1.75.0 to 1.76.0

Release notes

Sourced from io.grpc:grpc-stub's releases.

v1.76.0

Bug Fixes

• xds: ClusterResolverLb has been converted to use XdsDepManager, which finishes the changes for gRFC A74 xDS Config Tears. This change should resolve some unnecessary reconnections introduced in v1.75.0 when using weighted_round_robin and maybe other policies.
• netty: Remove Netty version detection since grpc-netty-shaded can't reliably determine its Netty version when multiple copies of Netty are present (even when shaded). This fixes the resurfacing of the Netty 4.1.111 corruption fixed in 1.65.0. That version fixed grpc-netty, but v1.75.0 upgraded grpc-netty-shaded to Netty 4.1.111 and exposed the Netty version detection problem. This fixes corruption, so the error messages range wildly, but one of them is "RESOURCE_EXHAUSTED: gRPC message exceeds maximum size"
• compiler: A fix has been implemented for the blockingV2 stub to mangle generated method names that conflict with java.lang.Object methods.
• servlet: A race condition in AsyncServletOutputStreamWriter has been fixed to prevent threads from getting stuck.
• servlet: An issue where AsyncContext.complete() was called multiple times, causing an IllegalStateException, has been resolved.
• binder: The REMOTE_UID is now required to hold the exact UID passed to the SecurityPolicy.
• binder: The server will now only accept post-setup transactions from the authorized server UID.
• util: AdvancedTlsX509TrustManager now errors with a message to say that files don’t exist instead of the previous “Files were unmodified before their initial update. Probably a bug.”
• android: A fix has been implemented for network change handling on API levels below 24.

Improvements

• api: Allocations of Attributes.Builder have been reduced. This mostly benefits attributes.toBuilder(), but that’s not expected to be visible in regular workloads.
• api: An empty array allocation in LoadBalancer.CreateSubchannelArgs.Builder has been avoided. It is a small optimization and is not expected to have any performance impact.
• servlet: A configurable methodNameResolver has been added to configure the mapping from servlet request paths to gRPC method name
• servlet: Avoid a race by increasing the AsyncContext timeout by 5 seconds. The gRPC Context timeout should trigger first
• xds: Pretty-print envoy.service.discovery.v3.Resource in debug logs
• bazel: The java/proto rules from rules_java/rules_proto are now used instead of native rules.
• bazel: Unnecessary direct build dependencies were removed from some targets
• netty: Support for the BCJSSE provider has been added in GrpcSslContexts.
• netty: Huffman coding in server response headers has been disabled; it was already disabled for client request headers
• netty: Include allow header for HTTP response code 405
• okhttp: Include allow header for HTTP response code 405
• binder: Error descriptions for ServiceConnection callbacks have been improved
• binder: Apps can now call SecurityPolicy.checkAuthorization() by PeerUid.

New Features

• stub: Trailers are now propagated in StatusException when thrown by BlockingClientCall.
• compiler: Support for macOS aarch64 with a universal binary has been added.
• opentelemetry: grpc.subchannel.* metrics as described in gRFC A94 OTel metrics for Subchannels have been added. grpc.disconnect_error will show as “unknown” until transports implement support
• binder: A NameResolver for Android's intent: URIs has been introduced.
• binder: A basic SocketStats with just the local and remote addresses has been added for channelz.

Documentation

• SECURITY.md: The documentation now describes how to use gcompat with LD_PRELOAD for Alpine.
• examples: The documentation now explains Bazel BCR releases and the git_override option.

Dependencies

• Upgraded Guava version to 33.4.8.
• The org.apache.tomcat:annotations-api dependency has been removed from the examples.

Thanks to

@JoeCqupt

... (truncated)

Commits

• d0db129 Bump version to 1.76.0
• aa672ca Update README etc to reference 1.76.0
• 70b7249 netty: Unconditionally disable adaptive cumulator (#12390)
• f89d1d8 api: remove nullable from StatusOr value methods (#12338)
• 040665f examples: Explain Bazel BCR releases and git_override option
• 4995700 xds: Remove verify TODO for onResult2 error status
• afe7222 SECURITY.md: Mention gcompat for Alpine (#12365)
• 1a7042a android: fix network change handling on API levels < 24
• 8f0db07 api: Avoid allocating empty array in LoadBalancer (#12337)
• 0c179e3 xds: Convert ClusterResolverLb to XdsDepManager
• Additional commits viewable in compare view

Updates io.grpc:grpc-netty from 1.75.0 to 1.76.0

Release notes

Sourced from io.grpc:grpc-netty's releases.

v1.76.0

Bug Fixes

• xds: ClusterResolverLb has been converted to use XdsDepManager, which finishes the changes for gRFC A74 xDS Config Tears. This change should resolve some unnecessary reconnections introduced in v1.75.0 when using weighted_round_robin and maybe other policies.
• netty: Remove Netty version detection since grpc-netty-shaded can't reliably determine its Netty version when multiple copies of Netty are present (even when shaded). This fixes the resurfacing of the Netty 4.1.111 corruption fixed in 1.65.0. That version fixed grpc-netty, but v1.75.0 upgraded grpc-netty-shaded to Netty 4.1.111 and exposed the Netty version detection problem. This fixes corruption, so the error messages range wildly, but one of them is "RESOURCE_EXHAUSTED: gRPC message exceeds maximum size"
• compiler: A fix has been implemented for the blockingV2 stub to mangle generated method names that conflict with java.lang.Object methods.
• servlet: A race condition in AsyncServletOutputStreamWriter has been fixed to prevent threads from getting stuck.
• servlet: An issue where AsyncContext.complete() was called multiple times, causing an IllegalStateException, has been resolved.
• binder: The REMOTE_UID is now required to hold the exact UID passed to the SecurityPolicy.
• binder: The server will now only accept post-setup transactions from the authorized server UID.
• util: AdvancedTlsX509TrustManager now errors with a message to say that files don’t exist instead of the previous “Files were unmodified before their initial update. Probably a bug.”
• android: A fix has been implemented for network change handling on API levels below 24.

Improvements

• api: Allocations of Attributes.Builder have been reduced. This mostly benefits attributes.toBuilder(), but that’s not expected to be visible in regular workloads.
• api: An empty array allocation in LoadBalancer.CreateSubchannelArgs.Builder has been avoided. It is a small optimization and is not expected to have any performance impact.
• servlet: A configurable methodNameResolver has been added to configure the mapping from servlet request paths to gRPC method name
• servlet: Avoid a race by increasing the AsyncContext timeout by 5 seconds. The gRPC Context timeout should trigger first
• xds: Pretty-print envoy.service.discovery.v3.Resource in debug logs
• bazel: The java/proto rules from rules_java/rules_proto are now used instead of native rules.
• bazel: Unnecessary direct build dependencies were removed from some targets
• netty: Support for the BCJSSE provider has been added in GrpcSslContexts.
• netty: Huffman coding in server response headers has been disabled; it was already disabled for client request headers
• netty: Include allow header for HTTP response code 405
• okhttp: Include allow header for HTTP response code 405
• binder: Error descriptions for ServiceConnection callbacks have been improved
• binder: Apps can now call SecurityPolicy.checkAuthorization() by PeerUid.

New Features

• stub: Trailers are now propagated in StatusException when thrown by BlockingClientCall.
• compiler: Support for macOS aarch64 with a universal binary has been added.
• opentelemetry: grpc.subchannel.* metrics as described in gRFC A94 OTel metrics for Subchannels have been added. grpc.disconnect_error will show as “unknown” until transports implement support
• binder: A NameResolver for Android's intent: URIs has been introduced.
• binder: A basic SocketStats with just the local and remote addresses has been added for channelz.

Documentation

• SECURITY.md: The documentation now describes how to use gcompat with LD_PRELOAD for Alpine.
• examples: The documentation now explains Bazel BCR releases and the git_override option.

Dependencies

• Upgraded Guava version to 33.4.8.
• The org.apache.tomcat:annotations-api dependency has been removed from the examples.

Thanks to

@JoeCqupt

... (truncated)

Commits

• d0db129 Bump version to 1.76.0
• aa672ca Update README etc to reference 1.76.0
• 70b7249 netty: Unconditionally disable adaptive cumulator (#12390)
• f89d1d8 api: remove nullable from StatusOr value methods (#12338)
• 040665f examples: Explain Bazel BCR releases and git_override option
• 4995700 xds: Remove verify TODO for onResult2 error status
• afe7222 SECURITY.md: Mention gcompat for Alpine (#12365)
• 1a7042a android: fix network change handling on API levels < 24
• 8f0db07 api: Avoid allocating empty array in LoadBalancer (#12337)
• 0c179e3 xds: Convert ClusterResolverLb to XdsDepManager
• Additional commits viewable in compare view

Updates io.grpc:grpc-netty-shaded from 1.75.0 to 1.76.0

Release notes

Sourced from io.grpc:grpc-netty-shaded's releases.

v1.76.0

Bug Fixes

• xds: ClusterResolverLb has been converted to use XdsDepManager, which finishes the changes for gRFC A74 xDS Config Tears. This change should resolve some unnecessary reconnections introduced in v1.75.0 when using weighted_round_robin and maybe other policies.
• netty: Remove Netty version detection since grpc-netty-shaded can't reliably determine its Netty version when multiple copies of Netty are present (even when shaded). This fixes the resurfacing of the Netty 4.1.111 corruption fixed in 1.65.0. That version fixed grpc-netty, but v1.75.0 upgraded grpc-netty-shaded to Netty 4.1.111 and exposed the Netty version detection problem. This fixes corruption, so the error messages range wildly, but one of them is "RESOURCE_EXHAUSTED: gRPC message exceeds maximum size"
• compiler: A fix has been implemented for the blockingV2 stub to mangle generated method names that conflict with java.lang.Object methods.
• servlet: A race condition in AsyncServletOutputStreamWriter has been fixed to prevent threads from getting stuck.
• servlet: An issue where AsyncContext.complete() was called multiple times, causing an IllegalStateException, has been resolved.
• binder: The REMOTE_UID is now required to hold the exact UID passed to the SecurityPolicy.
• binder: The server will now only accept post-setup transactions from the authorized server UID.
• util: AdvancedTlsX509TrustManager now errors with a message to say that files don’t exist instead of the previous “Files were unmodified before their initial update. Probably a bug.”
• android: A fix has been implemented for network change handling on API levels below 24.

Improvements

• api: Allocations of Attributes.Builder have been reduced. This mostly benefits attributes.toBuilder(), but that’s not expected to be visible in regular workloads.
• api: An empty array allocation in LoadBalancer.CreateSubchannelArgs.Builder has been avoided. It is a small optimization and is not expected to have any performance impact.
• servlet: A configurable methodNameResolver has been added to configure the mapping from servlet request paths to gRPC method name
• servlet: Avoid a race by increasing the AsyncContext timeout by 5 seconds. The gRPC Context timeout should trigger first
• xds: Pretty-print envoy.service.discovery.v3.Resource in debug logs
• bazel: The java/proto rules from rules_java/rules_proto are now used instead of native rules.
• bazel: Unnecessary direct build dependencies were removed from some targets
• netty: Support for the BCJSSE provider has been added in GrpcSslContexts.
• netty: Huffman coding in server response headers has been disabled; it was already disabled for client request headers
• netty: Include allow header for HTTP response code 405
• okhttp: Include allow header for HTTP response code 405
• binder: Error descriptions for ServiceConnection callbacks have been improved
• binder: Apps can now call SecurityPolicy.checkAuthorization() by PeerUid.

New Features

• stub: Trailers are now propagated in StatusException when thrown by BlockingClientCall.
• compiler: Support for macOS aarch64 with a universal binary has been added.
• opentelemetry: grpc.subchannel.* metrics as described in gRFC A94 OTel metrics for Subchannels have been added. grpc.disconnect_error will show as “unknown” until transports implement support
• binder: A NameResolver for Android's intent: URIs has been introduced.
• binder: A basic SocketStats with just the local and remote addresses has been added for channelz.

Documentation

• SECURITY.md: The documentation now describes how to use gcompat with LD_PRELOAD for Alpine.
• examples: The documentation now explains Bazel BCR releases and the git_override option.

Dependencies

• Upgraded Guava version to 33.4.8.
• The org.apache.tomcat:annotations-api dependency has been removed from the examples.

Thanks to

@JoeCqupt

... (truncated)

Commits

• d0db129 Bump version to 1.76.0
• aa672ca Update README etc to reference 1.76.0
• 70b7249 netty: Unconditionally disable adaptive cumulator (#12390)
• f89d1d8 api: remove nullable from StatusOr value methods (#12338)
• 040665f examples: Explain Bazel BCR releases and git_override option
• 4995700 xds: Remove verify TODO for onResult2 error status
• afe7222 SECURITY.md: Mention gcompat for Alpine (#12365)
• 1a7042a android: fix network change handling on API levels < 24
• 8f0db07 api: Avoid allocating empty array in LoadBalancer (#12337)
• 0c179e3 xds: Convert ClusterResolverLb to XdsDepManager
• Additional commits viewable in compare view

Updates io.grpc:grpc-okhttp from 1.75.0 to 1.76.0

Release notes

Sourced from io.grpc:grpc-okhttp's releases.

v1.76.0

Bug Fixes

• xds: ClusterResolverLb has been converted to use XdsDepManager, which finishes the changes for gRFC A74 xDS Config Tears. This change should resolve some unnecessary reconnections introduced in v1.75.0 when using weighted_round_robin and maybe other policies.
• netty: Remove Netty version detection since grpc-netty-shaded can't reliably determine its Netty version when multiple copies of Netty are present (even when shaded). This fixes the resurfacing of the Netty 4.1.111 corruption fixed in 1.65.0. That version fixed grpc-netty, but v1.75.0 upgraded grpc-netty-shaded to Netty 4.1.111 and exposed the Netty version detection problem. This fixes corruption, so the error messages range wildly, but one of them is "RESOURCE_EXHAUSTED: gRPC message exceeds maximum size"
• compiler: A fix has been implemented for the blockingV2 stub to mangle generated method names that conflict with java.lang.Object methods.
• servlet: A race condition in AsyncServletOutputStreamWriter has been fixed to prevent threads from getting stuck.
• servlet: An issue where AsyncContext.complete() was called multiple times, causing an IllegalStateException, has been resolved.
• binder: The REMOTE_UID is now required to hold the exact UID passed to the SecurityPolicy.
• binder: The server will now only accept post-setup transactions from the authorized server UID.
• util: AdvancedTlsX509TrustManager now errors with a message to say that files don’t exist instead of the previous “Files were unmodified before their initial update. Probably a bug.”
• android: A fix has been implemented for network change handling on API levels below 24.

Improvements

• api: Allocations of Attributes.Builder have been reduced. This mostly benefits attributes.toBuilder(), but that’s not expected to be visible in regular workloads.
• api: An empty array allocation in LoadBalancer.CreateSubchannelArgs.Builder has been avoided. It is a small optimization and is not expected to have any performance impact.
• servlet: A configurable methodNameResolver has been added to configure the mapping from servlet request paths to gRPC method name
• servlet: Avoid a race by increasing the AsyncContext timeout by 5 seconds. The gRPC Context timeout should trigger first
• xds: Pretty-print envoy.service.discovery.v3.Resource in debug logs
• bazel: The java/proto rules from rules_java/rules_proto are now used instead of native rules.
• bazel: Unnecessary direct build dependencies were removed from some targets
• netty: Support for the BCJSSE provider has been added in GrpcSslContexts.
• netty: Huffman coding in server response headers has been disabled; it was already disabled for client request headers
• netty: Include allow header for HTTP response code 405
• okhttp: Include allow header for HTTP response code 405
• binder: Error descriptions for ServiceConnection callbacks have been improved
• binder: Apps can now call SecurityPolicy.checkAuthorization() by PeerUid.

New Features

• stub: Trailers are now propagated in StatusException when thrown by BlockingClientCall.
• compiler: Support for macOS aarch64 with a universal binary has been added.
• opentelemetry: grpc.subchannel.* metrics as described in gRFC A94 OTel metrics for Subchannels have been added. grpc.disconnect_error will show as “unknown” until transports implement support
• binder: A NameResolver for Android's intent: URIs has been introduced.
• binder: A basic SocketStats with just the local and remote addresses has been added for channelz.

Documentation

• SECURITY.md: The documentation now describes how to use gcompat with LD_PRELOAD for Alpine.
• examples: The documentation now explains Bazel BCR releases and the git_override option.

Dependencies

• Upgraded Guava version to 33.4.8.
• The org.apache.tomcat:annotations-api dependency has been removed from the examples.

Thanks to

@JoeCqupt

... (truncated)

Commits

• d0db129 Bump version to 1.76.0
• aa672ca Update README etc to reference 1.76.0
• 70b7249 netty: Unconditionally disable adaptive cumulator (#12390)
• f89d1d8 api: remove nullable from StatusOr value methods (#12338)
• 040665f examples: Explain Bazel BCR releases and git_override option
• 4995700 xds: Remove verify TODO for onResult2 error status
• afe7222 SECURITY.md: Mention gcompat for Alpine (#12365)
• 1a7042a android: fix network change handling on API levels < 24
• 8f0db07 api: Avoid allocating empty array in LoadBalancer (#12337)
• 0c179e3 xds: Convert ClusterResolverLb to XdsDepManager
• Additional commits viewable in compare view

Updates io.grpc:protoc-gen-grpc-java from 1.75.0 to 1.76.0

Release notes

Sourced from io.grpc:protoc-gen-grpc-java's releases.

v1.76.0

Bug Fixes

• xds: ClusterResolverLb has been converted to use XdsDepManager, which finishes the changes for gRFC A74 xDS Config Tears. This change should resolve some unnecessary reconnections introduced in v1.75.0 when using weighted_round_robin and maybe other policies.
• netty: Remove Netty version detection since grpc-netty-shaded can't reliably determine its Netty version when multiple copies of Netty are present (even when shaded). This fixes the resurfacing of the Netty 4.1.111 corruption fixed in 1.65.0. That version fixed grpc-netty, but v1.75.0 upgraded grpc-netty-shaded to Netty 4.1.111 and exposed the Netty version detection problem. This fixes corruption, so the error messages range wildly, but one of them is "RESOURCE_EXHAUSTED: gRPC message exceeds maximum size"
• compiler: A fix has been implemented for the blockingV2 stub to mangle generated method names that conflict with java.lang.Object methods.
• servlet: A race condition in AsyncServletOutputStreamWriter has been fixed to prevent threads from getting stuck.
• servlet: An issue where AsyncContext.complete() was called multiple times, causing an IllegalStateException, has been resolved.
• binder: The REMOTE_UID is now required to hold the exact UID passed to the SecurityPolicy.
• binder: The server will now only accept post-setup transactions from the authorized server UID.
• util: AdvancedTlsX509TrustManager now errors with a message to say that files don’t exist instead of the previous “Files were unmodified before their initial update. Probably a bug.”
• android: A fix has been implemented for network change handling on API levels below 24.

Improvements

• api: Allocations of Attributes.Builder have been reduced. This mostly benefits attributes.toBuilder(), but that’s not expected to be visible in regular workloads.
• api: An empty array allocation in LoadBalancer.CreateSubchannelArgs.Builder has been avoided. It is a small optimization and is not expected to have any performance impact.
• servlet: A configurable methodNameResolver has been added to configure the mapping from servlet request paths to gRPC method name
• servlet: Avoid a race by increasing the AsyncContext timeout by 5 seconds. The gRPC Context timeout should trigger first
• xds: Pretty-print envoy.service.discovery.v3.Resource in debug logs
• bazel: The java/proto rules from rules_java/rules_proto are now used instead of native rules.
• bazel: Unnecessary direct build dependencies were removed from some targets
• netty: Support for the BCJSSE provider has been added in GrpcSslContexts.
• netty: Huffman coding in server response headers has been disabled; it was already disabled for client request headers
• netty: Include allow header for HTTP response code 405
• okhttp: Include allow header for HTTP response code 405
• binder: Error descriptions for ServiceConnection callbacks have been improved
• binder: Apps can now call SecurityPolicy.checkAuthorization() by PeerUid.

New Features

• stub: Trailers are now propagated in StatusException when thrown by BlockingClientCall.
• compiler: Support for macOS aarch64 with a universal binary has been added.
• opentelemetry: grpc.subchannel.* metrics as described in gRFC A94 OTel metrics for Subchannels have been added. grpc.disconnect_error will show as “unknown” until transports implement support
• binder: A NameResolver for Android's intent: URIs has been introduced.
• binder: A basic SocketStats with just the local and remote addresses has been added for channelz.

Documentation

• SECURITY.md: The documentation now describes how to use gcompat with LD_PRELOAD for Alpine.
• examples: The documentation now explains Bazel BCR releases and the git_override option.

Dependencies

• Upgraded Guava version to 33.4.8.
• The org.apache.tomcat:annotations-api dependency has been removed from the examples.

Thanks to

@JoeCqupt

... (truncated)

Commits

• d0db129 Bump version to 1.76.0
• aa672ca Update README etc to reference 1.76.0