socket-security[bot]
commented
3 months ago Removed dependencies detected. Learn more about Socket for GitHub ↗︎
🚮 Removed packages: npm/@grpc/grpc-js@1.3.1
Closed renovate[bot] closed 3 months ago
socket-security[bot]
commented
3 months ago Removed dependencies detected. Learn more about Socket for GitHub ↗︎
🚮 Removed packages: npm/@grpc/grpc-js@1.3.1
This PR contains the following updates:
1.3.1->1.8.22@grpc/grpc-js can allocate memory for incoming messages well above configured limits
CVE-2024-37168 / GHSA-7v5v-9h63-cj86
More information
#### Details ##### Impact There are two separate code paths in which memory can be allocated per message in excess of the `grpc.max_receive_message_length` channel option: 1. If an incoming message has a size on the wire greater than the configured limit, the entire message is buffered before it is discarded. 2. If an incoming message has a size within the limit on the wire but decompresses to a size greater than the limit, the entire message is decompressed into memory, and on the server is not discarded. ##### Patches This has been patched in versions 1.10.9, 1.9.15, and 1.8.22 #### Severity - CVSS Score: 5.3 / 10 (Medium) - Vector String: `CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L` #### References - [https://github.com/grpc/grpc-node/security/advisories/GHSA-7v5v-9h63-cj86](https://togithub.com/grpc/grpc-node/security/advisories/GHSA-7v5v-9h63-cj86) - [https://nvd.nist.gov/vuln/detail/CVE-2024-37168](https://nvd.nist.gov/vuln/detail/CVE-2024-37168) - [https://github.com/grpc/grpc-node/commit/08b0422dae56467ecae1007e899efe66a8c4a650](https://togithub.com/grpc/grpc-node/commit/08b0422dae56467ecae1007e899efe66a8c4a650) - [https://github.com/grpc/grpc-node/commit/674f4e351a619fd4532f84ae6dff96b8ee4e1ed3](https://togithub.com/grpc/grpc-node/commit/674f4e351a619fd4532f84ae6dff96b8ee4e1ed3) - [https://github.com/grpc/grpc-node/commit/a8a020339c7eab1347a343a512ad17a4aea4bfdb](https://togithub.com/grpc/grpc-node/commit/a8a020339c7eab1347a343a512ad17a4aea4bfdb) - [https://github.com/grpc/grpc-node](https://togithub.com/grpc/grpc-node) This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-7v5v-9h63-cj86) and the [GitHub Advisory Database](https://togithub.com/github/advisory-database) ([CC-BY 4.0](https://togithub.com/github/advisory-database/blob/main/LICENSE.md)).Release Notes
grpc/grpc-node (@grpc/grpc-js)
### [`v1.8.22`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.22): @grpc/grpc-js 1.8.22 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.21...@grpc/grpc-js@1.8.22) - Avoid buffering significantly more than `grpc.max_receive_message_size` per received message. ### [`v1.8.21`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.21) [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.20...@grpc/grpc-js@1.8.21) - Fix propagation of UNIMPLEMENTED error messages ([#2528](https://togithub.com/grpc/grpc-node/issues/2528)) ### [`v1.8.20`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.20): @grpc/grpc-js 1.8.20 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.19...@grpc/grpc-js@1.8.20) - Fix a crash when the channel option `grpc.keepalive_permit_without_calls` is set ([#2519](https://togithub.com/grpc/grpc-node/issues/2519)) ### [`v1.8.19`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.19): @grpc/grpc-js 1.8.19 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.18...@grpc/grpc-js@1.8.19) - Update keepalive behavior to more correctly handle short calls and long periods of inactivity ([#2513](https://togithub.com/grpc/grpc-node/issues/2513)) ### [`v1.8.18`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.18): @grpc/grpc-js 1.8.18 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.17...@grpc/grpc-js@1.8.18) - Fix reporting of call stacks in unary request errors ([#2503](https://togithub.com/grpc/grpc-node/issues/2503)) - Fix reporting of proxy info in channelz socket responses ([#2503](https://togithub.com/grpc/grpc-node/issues/2503)) ### [`v1.8.17`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.17): @grpc/grpc-js 1.8.17 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.16...@grpc/grpc-js@1.8.17) - Disallow `pick_first` LB policy as the direct child of an `outlier_detection` LB policy ([#2476](https://togithub.com/grpc/grpc-node/issues/2476)) ### [`v1.8.16`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.16): @grpc/grpc-js 1.8.16 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.15...@grpc/grpc-js@1.8.16) - Fix missing `transport` trace logs ([#2470](https://togithub.com/grpc/grpc-node/issues/2470)) ### [`v1.8.15`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.15): @grpc/grpc-js 1.8.15 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.14...@grpc/grpc-js@1.8.15) - Fix a memory leak that could result from a specific pattern of recursive function calls ([#2456](https://togithub.com/grpc/grpc-node/issues/2456)) - Ensure `status` and `error` events are consistently emitted asynchronously ([#2456](https://togithub.com/grpc/grpc-node/issues/2456)) ### [`v1.8.14`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.14): @grpc/grpc-js 1.8.14 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.13...@grpc/grpc-js@1.8.14) - Fix sequencing of some events related to connectivity state changes ([#2421](https://togithub.com/grpc/grpc-node/issues/2421)) ### [`v1.8.13`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.13): @grpc/grpc-js 1.8.13 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.12...@grpc/grpc-js@1.8.13) - Fix memory leak in channelz socket tracking ([#2394](https://togithub.com/grpc/grpc-node/issues/2394)) ### [`v1.8.12`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.12) [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.11...@grpc/grpc-js@1.8.12) - Fix an occasional type error when receiving DNS updates ([#2380](https://togithub.com/grpc/grpc-node/issues/2380)) - Fix ordering of events when handing requests on the server ([#2376](https://togithub.com/grpc/grpc-node/issues/2376) contributed by [@phoenix741](https://togithub.com/phoenix741)) ### [`v1.8.11`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.11): @grpc/grpc-js 1.8.11 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.10...@grpc/grpc-js@1.8.11) - Avoid accumulating placeholder objects when sending many messages on a long-running stream ([#2372](https://togithub.com/grpc/grpc-node/issues/2372)) ### [`v1.8.10`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.10): @grpc/grpc-js 1.8.10 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.9...@grpc/grpc-js@1.8.10) - Fix bugs in "pick first" load balancing policy that caused incorrect reconnection behavior ([#2369](https://togithub.com/grpc/grpc-node/issues/2369)) ### [`v1.8.9`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.9): @grpc/grpc-js 1.8.9 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.8...@grpc/grpc-js@1.8.9) - Fix a bug where clients would continue to send pings at the original configured rate after receiving a backoff request from the server ([#2363](https://togithub.com/grpc/grpc-node/issues/2363)) ### [`v1.8.8`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.8): @grpc/grpc-js 1.8.8 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.7...@grpc/grpc-js@1.8.8) - Remove `progress` field in returned status object ([#2350](https://togithub.com/grpc/grpc-node/issues/2350)) - Export `InterceptingListener` and `NextCall` types ([#2351](https://togithub.com/grpc/grpc-node/issues/2351)) - Fix a bug that could cause a crash when sending messages that exceed the outgoing message buffer size while a retry is in progress ([#2349](https://togithub.com/grpc/grpc-node/issues/2349)) ### [`v1.8.7`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.7): @grpc/grpc-js 1.8.7 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.6...@grpc/grpc-js@1.8.7) - Make handling of HTTP2 session references work independent of keepalive settings ([#2337](https://togithub.com/grpc/grpc-node/issues/2337)) ### [`v1.8.6`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.6): @grpc/grpc-js 1.8.6 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.5...@grpc/grpc-js@1.8.6) - Hold a reference to transport from call to avoid premature garbage collection ([#2336](https://togithub.com/grpc/grpc-node/issues/2336)) ### [`v1.8.5`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.5): @grpc/grpc-js 1.8.5 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.4...@grpc/grpc-js@1.8.5) - Cancel deadline timer when the call ends ([#2335](https://togithub.com/grpc/grpc-node/issues/2335)) ### [`v1.8.4`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.4) [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.3...@grpc/grpc-js@1.8.4) - Fix a bug that would sometimes allow the Node process to exit even though a gRPC request is active ([#2322](https://togithub.com/grpc/grpc-node/issues/2322)) ### [`v1.8.3`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.3): @grpc/grpc-js 1.8.3 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.2...@grpc/grpc-js@1.8.3) - Fix bug that caused streams to fail early when receiving a GOAWAY ([#2319](https://togithub.com/grpc/grpc-node/issues/2319)) ### [`v1.8.2`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.2) [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.1...@grpc/grpc-js@1.8.2) - Continue keepalive pings after receiving a GOAWAY on the client ([#2308](https://togithub.com/grpc/grpc-node/issues/2308)) - Fix handling of keepalive timers when the timeout is longer than the interval ([#2304](https://togithub.com/grpc/grpc-node/issues/2304) contributed by [@nicknotfun](https://togithub.com/nicknotfun), included in [#2308](https://togithub.com/grpc/grpc-node/issues/2308)) - Ensure the last received message is fully handled before outputting status ([#2316](https://togithub.com/grpc/grpc-node/issues/2316)) ### [`v1.8.1`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.1) [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.0...@grpc/grpc-js@1.8.1) - Implement support for the `grpc.service_config_disable_resolution` channel option ([#2277](https://togithub.com/grpc/grpc-node/issues/2277) contributed by [@kleinsch](https://togithub.com/kleinsch)) - Include standard headers in trailers-only responses ([#2305](https://togithub.com/grpc/grpc-node/issues/2305)) - Fix a memory leak in the retry implementation ([#2306](https://togithub.com/grpc/grpc-node/issues/2306)) ### [`v1.8.0`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.8.0): @grpc/grpc-js 1.8.0 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.7.3...@grpc/grpc-js@1.8.0) - Implement retries ([specified in gRFC A6](https://togithub.com/grpc/proposal/blob/master/A6-client-retries.md)) ([#2243](https://togithub.com/grpc/grpc-node/issues/2243), [#2278](https://togithub.com/grpc/grpc-node/issues/2278)) - Enable servers to send trailers-only responses ([#2278](https://togithub.com/grpc/grpc-node/issues/2278)) - Add server connection management options ([#2272](https://togithub.com/grpc/grpc-node/issues/2272)) ### [`v1.7.3`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.7.3): @grpc/grpc-js 1.7.3 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.7.2...@grpc/grpc-js@1.7.3) - Server performance improvements ([#2249](https://togithub.com/grpc/grpc-node/issues/2249) contributed by [@AVVS](https://togithub.com/AVVS)) ### [`v1.7.2`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.7.2): @grpc/grpc-js 1.7.2 [Compare Source](https://togithub.com/grpc/grpc-node/compare/v1.7.1...@grpc/grpc-js@1.7.2) - Make the default value of the `grpc-node.max_session_memory` option `Number.MAX_SAFE_INTEGER` on the server ([#2245](https://togithub.com/grpc/grpc-node/issues/2245)) ### [`v1.7.1`](https://togithub.com/grpc/grpc-node/releases/tag/v1.7.1): Node gRPC v1.7.1 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.7.0...v1.7.1) #### Changes - Publish prebuilt binaries for Node 9 - Fix file permissions issue with Linux prebuilt binaries (reported in [#76](https://togithub.com/grpc/grpc-node/issues/76)). ### [`v1.7.0`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.7.0): @grpc/grpc-js 1.7.0 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.6.12...@grpc/grpc-js@1.7.0) - Enable outlier detection support by default ([#2221](https://togithub.com/grpc/grpc-node/issues/2221)) - Expose `path` and `callEnd` event in `ServerSurfaceCall` ([#2132](https://togithub.com/grpc/grpc-node/issues/2132) contributed by [@ajmath](https://togithub.com/ajmath)) - Make graceful switch happen more quickly in some cases when service config is updated ([#2199](https://togithub.com/grpc/grpc-node/issues/2199)) ### [`v1.6.12`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.6.12): @grpc/grpc-js 1.6.12 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.6.11...@grpc/grpc-js@1.6.12) - Fix typo in the error handling fix released in 1.6.11 ([#2216](https://togithub.com/grpc/grpc-node/issues/2216), contributed by [@clww](https://togithub.com/clww) in [#2213](https://togithub.com/grpc/grpc-node/issues/2213)) ### [`v1.6.11`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.6.11) [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.6.10...@grpc/grpc-js@1.6.11) - Fix handling of malformed status messages ([#2210](https://togithub.com/grpc/grpc-node/issues/2210)) ### [`v1.6.10`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.6.10): @grpc/grpc-js 1.6.10 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.6.9...@grpc/grpc-js@1.6.10) - Fix a memory leak of Node http2 stream objects when cancelling streaming requests ([#2193](https://togithub.com/grpc/grpc-node/issues/2193)) ### [`v1.6.9`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.6.9): @grpc/grpc-js 1.6.9 - Fix bugs in the Outlier Detection implementation ([#2173](https://togithub.com/grpc/grpc-node/issues/2173), [#2181](https://togithub.com/grpc/grpc-node/issues/2181)) - Handle errors when sending keepalive pings ([#2188](https://togithub.com/grpc/grpc-node/issues/2188)) - Fix Typescript `reference` tag generation ([#2126](https://togithub.com/grpc/grpc-node/issues/2126)) ### [`v1.6.7`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.6.7): @grpc/grpc-js 1.6.7 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.6.6...@grpc/grpc-js@1.6.7) - Fix a bug that could cause double DNS requests in the DNS resolver in some rare cases ([#2100](https://togithub.com/grpc/grpc-node/issues/2100)) - Report request failures when a method expecting a unary response receives no messages ([#2102](https://togithub.com/grpc/grpc-node/issues/2102)) - Fix spurious subchannel shutdowns in channels with the `grpc.use_local_subchannel_pool` option set ([#2103](https://togithub.com/grpc/grpc-node/issues/2103)) ### [`v1.6.6`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.6.6): @grpc/grpc-js 1.6.6 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.6.5...@grpc/grpc-js@1.6.6) - Fail calls immediately when their connection's keepalive ping times out ([#2097](https://togithub.com/grpc/grpc-node/issues/2097)) - Fix a bug that would cause the DNS resolver to keep making DNS requests forever even if it was not needed ([#2098](https://togithub.com/grpc/grpc-node/issues/2098)) ### [`v1.6.5`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.6.5): @grpc/grpc-js 1.6.5 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.6.4...@grpc/grpc-js@1.6.5) - Consistently trigger name resolution when idle ([#2095](https://togithub.com/grpc/grpc-node/issues/2095)) ### [`v1.6.4`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.6.4): @grpc/grpc-js 1.6.4 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.6.3...@grpc/grpc-js@1.6.4) - Ensure that request failures due to name resolution failure are reported consistently ([#2092](https://togithub.com/grpc/grpc-node/issues/2092)) ### [`v1.6.3`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.6.3): @grpc/grpc-js 1.6.3 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.6.2...@grpc/grpc-js@1.6.3) - Disable per-session memory limit by default. ([#2084](https://togithub.com/grpc/grpc-node/issues/2084)) - Track existing ping timeouts even when there are no active requests on a connection ([#2087](https://togithub.com/grpc/grpc-node/issues/2087)) - Add more details to trace logs of keepalive pings ([#2085](https://togithub.com/grpc/grpc-node/issues/2085)) - Fix entity IDs in trace logs when channelz is disabled ([#2082](https://togithub.com/grpc/grpc-node/issues/2082)) ### [`v1.6.2`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.6.2): @grpc/grpc-js 1.6.2 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.6.1...@grpc/grpc-js@1.6.2) - Adjusted the behavior of exponential backoff timers ([#2077](https://togithub.com/grpc/grpc-node/issues/2077)) ### [`v1.6.1`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.6.1): @grpc/grpc-js 1.6.1 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.6.0...@grpc/grpc-js@1.6.1) - Enable support for the `grpc.dns_min_time_between_resolutions_ms` channel option, which controls the minimum time between successful DNS requests, with a default of 30,000 (30 seconds) ([#2076](https://togithub.com/grpc/grpc-node/issues/2076)) ### [`v1.6.0`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.6.0): @grpc/grpc-js 1.6.0 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.5.10...@grpc/grpc-js@1.6.0) - Add `credentials.createFromSecureContext`, as described in [gRFC L93](https://togithub.com/grpc/proposal/blob/master/L93-node-securecontext-creds.md) ([#1988](https://togithub.com/grpc/grpc-node/issues/1988)) - Set provided `serviceName` as property of generated `Client` subclasses ([#1993](https://togithub.com/grpc/grpc-node/issues/1993) contributed by [@DavyJohnes](https://togithub.com/DavyJohnes)) - Return `never` from functions that always throw ([#2056](https://togithub.com/grpc/grpc-node/issues/2056) contributed by [@dacioromero](https://togithub.com/dacioromero)) - Add experimental Outlier Detection load balancing policy, as described in [gRFC A50](https://togithub.com/grpc/proposal/blob/master/A50-xds-outlier-detection.md) (disabled by default, enabled by setting the environment variable `GRPC_EXPERIMENTAL_ENABLE_OUTLIER_DETECTION=true`) ([#2058](https://togithub.com/grpc/grpc-node/issues/2058)) - Expose `MetadataOptions` interface ([#2071](https://togithub.com/grpc/grpc-node/issues/2071) contributed by [@kskalski](https://togithub.com/kskalski)) - Surface stream writing errors as standard gRPC errors ([#2073](https://togithub.com/grpc/grpc-node/issues/2073)) ### [`v1.5.10`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.5.10): @grpc/grpc-js 1.5.10 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.5.9...@grpc/grpc-js@1.5.10) - Fix inconsistent checks for `grpc.enable_channelz` in the server ([#2069](https://togithub.com/grpc/grpc-node/issues/2069)) ### [`v1.5.9`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.5.9): @grpc/grpc-js 1.5.9 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.5.8...@grpc/grpc-js@1.5.9) - Add transparent retries for "The session has been destroyed" errors ([#2063](https://togithub.com/grpc/grpc-node/issues/2063)) - Add `channel_stacktrace` tracer to log stacktraces of channel construction ([#2061](https://togithub.com/grpc/grpc-node/issues/2061)) - Move a log line to eliminate misleading double call "ended with status" trace lines ([#2062](https://togithub.com/grpc/grpc-node/issues/2062)) ### [`v1.5.8`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.5.8): @grpc/grpc-js 1.5.8 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.5.7...@grpc/grpc-js@1.5.8) - Add subchannel and call ID numbers to relevant trace logs for better cross-referencing ([#2059](https://togithub.com/grpc/grpc-node/issues/2059)) ### [`v1.5.7`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.5.7): @grpc/grpc-js 1.5.7 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.5.6...@grpc/grpc-js@1.5.7) - Improve handling of some disconnection events ([#2052](https://togithub.com/grpc/grpc-node/issues/2052)) ### [`v1.5.6`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.5.6): @grpc/grpc-js 1.5.6 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.5.5...@grpc/grpc-js@1.5.6) - Add debug logging for http2 session state when starting calls ([#2051](https://togithub.com/grpc/grpc-node/issues/2051)) ### [`v1.5.5`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.5.5): @grpc/grpc-js 1.5.5 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.5.4...@grpc/grpc-js@1.5.5) - Add HTTP/2 settings frame tracing ([#2040](https://togithub.com/grpc/grpc-node/issues/2040)) - Add HTTP/2 flow control tracing ([#2041](https://togithub.com/grpc/grpc-node/issues/2041)) ### [`v1.5.4`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.5.4): @grpc/grpc-js 1.5.4 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.5.3...@grpc/grpc-js@1.5.4) - Fix `exitIdle` propagation and DNS IP result backoff ([#2037](https://togithub.com/grpc/grpc-node/issues/2037)) ### [`v1.5.3`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.5.3): @grpc/grpc-js 1.5.3 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.5.2...@grpc/grpc-js@1.5.3) - Fix a null reference exception when closing a channel that was constructed using the `grpc.use_local_subchannel_pool` option ([#2029](https://togithub.com/grpc/grpc-node/issues/2029)) ### [`v1.5.2`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.5.2): @grpc/grpc-js 1.5.2 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.5.1...@grpc/grpc-js@1.5.2) - Prevent `TLSWrap` errors from being surfaced to server applications ([#2027](https://togithub.com/grpc/grpc-node/issues/2027)) ### [`v1.5.1`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.5.1): @grpc/grpc-js 1.5.1 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.5.0...@grpc/grpc-js@1.5.1) - Don't use http_proxy for uds connections ([#2022](https://togithub.com/grpc/grpc-node/issues/2022) contributed by [@raksooo](https://togithub.com/raksooo)) - Add backoff to DNS resolution attempts ([#2024](https://togithub.com/grpc/grpc-node/issues/2024)) ### [`v1.5.0`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.5.0): @grpc/grpc-js 1.5.0 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.4.6...@grpc/grpc-js@1.5.0) - Add support for request compression on clients and request decompression on servers ([#1952](https://togithub.com/grpc/grpc-node/issues/1952) contributed by [@b0b3rt](https://togithub.com/b0b3rt)) - Improve messaging for some RESOURCE_EXHAUSTED errors ([#1946](https://togithub.com/grpc/grpc-node/issues/1946)) - Export TypeScript types for `ServiceClientConstructor` and `ProtobufTypeDefinition` ([#1951](https://togithub.com/grpc/grpc-node/issues/1951) contributed by [@howyi](https://togithub.com/howyi)) - Provide the full certificate object in the `checkServerIdentity` callback ([#1968](https://togithub.com/grpc/grpc-node/issues/1968)) - Remove `@types/semver` from the production dependencies list ([#1989](https://togithub.com/grpc/grpc-node/issues/1989)) - Add information about supported channel options to the README ([#1996](https://togithub.com/grpc/grpc-node/issues/1996) contributed by [@josephharrington](https://togithub.com/josephharrington)) ### [`v1.4.6`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.4.6): @grpc/grpc-js 1.4.6 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.4.5...@grpc/grpc-js@1.4.6) - Fix compatibility with [@types/node](https://togithub.com/types/node) 17.0.6 ([#2007](https://togithub.com/grpc/grpc-node/issues/2007)) ### [`v1.4.5`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.4.5): @grpc/grpc-js 1.4.5 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.4.4...@grpc/grpc-js@1.4.5) - Use configured backoff options when retrying name resolution ([#1987](https://togithub.com/grpc/grpc-node/issues/1987) contributed by [@cloverheap](https://togithub.com/cloverheap)) - Preserve order of metadata, messages, and call end with async interceptors ([#1986](https://togithub.com/grpc/grpc-node/issues/1986)) ### [`v1.4.4`](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.4.3...@grpc/grpc-js@1.4.4) [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.4.3...@grpc/grpc-js@1.4.4) ### [`v1.4.3`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.4.3): @grpc/grpc-js 1.4.3 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.4.2...@grpc/grpc-js@1.4.3) - Fix a bug that caused requests to not progress properly when the option `grpc.enable_channelz` was set to 0 ([#1961](https://togithub.com/grpc/grpc-node/issues/1961)) - Fix a bug causing channelz to generate the wrong binary representation for IPv6 addresses in some cases ([#1960](https://togithub.com/grpc/grpc-node/issues/1960)) ### [`v1.4.2`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.4.2): @grpc/grpc-js 1.4.2 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.4.1...@grpc/grpc-js@1.4.2) - Limit the number of channelz trace events retained per channel/subchannel/server ([#1943](https://togithub.com/grpc/grpc-node/issues/1943)) - Enable support for the `grpc.enable_channelz` option, allowing users to disable channelz stats tracking and tracing for a channel (and corresponding subchannels) or server ([#1944](https://togithub.com/grpc/grpc-node/issues/1944)) - Handle undefined `socket.localAddress` in channelz stats gathering code ([#1954](https://togithub.com/grpc/grpc-node/issues/1954)) ### [`v1.4.1`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.4.1): @grpc/grpc-js 1.4.1 [Compare Source](https://togithub.com/grpc/grpc-node/compare/@grpc/grpc-js@1.4.0...@grpc/grpc-js@1.4.1) - Publish channelz files missing from the previous release ([#1937](https://togithub.com/grpc/grpc-node/issues/1937)) ### [`v1.4.0`](https://togithub.com/grpc/grpc-node/releases/tag/%40grpc/grpc-js%401.4.0): @grpc/grpc-js 1.4.0 - Add Channelz support ([specification here](https://togithub.com/grpc/proposal/blob/master/A14-channelz.md)) ([#1915](https://togithub.com/grpc/grpc-node/issues/1915)) This adds the following public APIs: - `getChannelzServiceDefinition(): ServiceDefinition` - `getChannelzHandlers(): ServiceHandler` These two can be used together to serve the channelz service as follows: ```ts server.addService(getChannelzServiceDefinition(), getChannelzHandlers()); ``` - `Channel#getChannelzRef(): ChannelRef` - `Server#getChannelzRef(): ServerRef` - Add the admin interface ([specification here](https://togithub.com/grpc/proposal/blob/master/A38-admin-interface-api.md)) ([#1915](https://togithub.com/grpc/grpc-node/issues/1915)) Currently the only admin service is Channelz, but more can be added in the future. This adds the following public api: - `addAdminServicesToServer(server: Server): void` - Add support for timeouts in service configs ([#1785](https://togithub.com/grpc/grpc-node/issues/1785)) - Remove type restrictions on Channel options ([#1916](https://togithub.com/grpc/grpc-node/issues/1916)) - Report `ECONNRESET` errors with the `UNAVAILABLE` status code ([#1878](https://togithub.com/grpc/grpc-node/issues/1878)) - Tighten type checking for credentials argument to `Server#bindAsync` ([#1852](https://togithub.com/grpc/grpc-node/issues/1852)) - Pass log messages to different log functions based on severity in custom loggers, and note the severity in the default logger output ([#1851](https://togithub.com/grpc/grpc-node/issues/1851)) - Add logging for TLS errors when connecting through a proxy ([#1842](https://togithub.com/grpc/grpc-node/issues/1842)) - Refactor code to eliminate runtime dependency cycles ([#1829](https://togithub.com/grpc/grpc-node/issues/1829)) #### Changes to experimental APIs - Added exports of the following: - `Duration` - `registerAdminService` - `createChildChannelControlHelper` - `Picker#extraFilterFactory` has been replaced with `Picker#extraFilterFactories` with type `FilterFactoryConfiguration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.