Update dependency io.grpc:grpc-stub to v1.39.0

[renovate[bot]]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
io.grpc:grpc-stub	1.37.0 -> 1.39.0

---

Release Notes

grpc/grpc-java

### [`v1.39.0`](https://togithub.com/grpc/grpc-java/releases/v1.39.0) [Compare Source](https://togithub.com/grpc/grpc-java/compare/v1.38.1...v1.39.0) ##### API Changes - Static methods in Builders that always throw are now annotated [@​DoNotCall](https://togithub.com/DoNotCall). This annotation can be noticed by ErrorProne and inform you of a mistake at compile time instead of runtime. This applies to static methods like InProcessServerBuilder.forPort(int) which are inherited from base classes like ServerBuilder/ManagedChannelBuilder yet are a bug if used. - api, core: Support zero copy into protobuf. New APIs have been added to support the custom implementation of a zero-copy Protobuf deserialization marshaller. The `HasByteBuffer` API exposes ByteBuffers underlying the InputStream being passed to the `Marshaller` and the `Detachable` API allows custom Marshaller to take over the ownership of buffers for performing delayed deserialization. - NettyChannelBuilder supports SocketAddress with ChannelCredentials. ##### Bug Fixes - netty: Remove Maven pom.properties from netty-shaded jar. The properties don’t add much value and mainly confuse tools in a shaded jar. - netty-shaded: Modify the shading operation to transform native-image resources so they correctly reference shaded class names ([#​7540](https://togithub.com/grpc/grpc-java/issues/7540)) - xds: Shut down the scheduledExecutorService in the CertificateProvider when it is shutdown. - xds: Close the SslContexrProviderSupplier when a CDS LoadBalancer is shut down to prevent leakage. - xds, grpclb: Use a standalone Context for control plane RPCs. The existing behavior of implicitly using the Context in ThreadLocal can cause control plane RPCs to be cancelled prematurely, in cases the data plane RPC is made within a gRPC service to another service. To avoid being impacted by data plane RPC lifecycle, the fix creates standalone Context for control plane RPCs. - xds: cluster_resolver LB policy should wait until all clusters are resolved before propagating endpoints to child LB policy. Previously, the cluster_resolver LB policy propagated partially resolved results (endpoints for a subset of clusters) to its child LB policy, which can cause RPCs to be sent to less favored clusters before endpoints of more favored clusters are discovered. - xds: use load assignment endpoint address in Cluster as the DNS hostname for LOGICAL_DNS. The LOGICAL_DNS concept was misunderstood previously. Instead of using the channel authority, the hostname should be given by Cluster resource in CDS responses. - grpclb: skip fallback if the LB is already in fallback mode. An invariant check for gRPCLB LB policy’s internal state introduced by [#​8035](https://togithub.com/grpc/grpc-java/issues/8035) is broken in case the LB policy is in fallback mode while receiving an address update without remote balancer addresses. The fix mitigated the temporal invariant violation. ##### New Features - compiler: Add support for ppc64le on RHEL8. ##### Dependencies - Protobuf upgraded to 3.17.2 - We now use custom Gradle logic to determine if Maven’s requireUpperBoundDeps would fail for our published artifacts instead of Gradle’s failOnVersionConflict. This means we now make use of fewer dependency exclusions ([#​8238](https://togithub.com/grpc/grpc-java/issues/8238)). failOnVersionConflict has similar behavior to dependencyConvergence but we previously lacked a more precise tool to detect cases where Maven would downgrade dependencies. We strongly encourage all Maven users to use Maven Enforcer’s requireUpperBoundDeps and continue to discourage using dependencyConvergence Acknowledgements [@​lepistone](https://togithub.com/lepistone) Leonardo Pistone [@​shirodkara](https://togithub.com/shirodkara) Amit Shirodkar [@​cfredri4](https://togithub.com/cfredri4) ### [`v1.38.1`](https://togithub.com/grpc/grpc-java/releases/v1.38.1) [Compare Source](https://togithub.com/grpc/grpc-java/compare/v1.38.0...v1.38.1) ##### Bug Fixes - grpclb: skip fallback if the LB is already in fallback mode. An invariant check for gRPCLB LB policy’s internal state introduced by [#​8035](https://togithub.com/grpc/grpc-java/issues/8035) is broken in case the LB policy is in fallback mode while receiving an address update without remote balancer addresses. It caused a channel panic (`INTERNAL: Panic! This is a bug!`) due to the exception `IllegalStateException: already in fallback`. The fix mitigated the temporal invariant violation. - xds: shut down the scheduledExecutorService in the CertificateProvider when it is shutdown ### [`v1.38.0`](https://togithub.com/grpc/grpc-java/releases/v1.38.0) [Compare Source](https://togithub.com/grpc/grpc-java/compare/v1.37.1...v1.38.0) ##### gRPC Java 1.38.0 Release Notes ##### API Changes - services: move classes with protobuf dependency into io.grpc.protobuf.services. Users currently using BinaryLogging, HealthChecking, Channelz should migrate to use the corresponding classes in io.grpc.protobuf.services. ([#​8056](https://togithub.com/grpc/grpc-java/issues/8056)) - ChannelCredentials and ServerCredentials and are now stable. Notably, this also includes TlsChannelCredentials and TlsServerCredentials that allow mTLS configuration without a direct dependency on Netty. The description of the new API can be found in [gRFC L74](https://togithub.com/grpc/proposal/blob/master/L74-java-channel-creds.md#proposal). These APIs are intended to “replace” the implicit security defaults of channels/servers as well as the `usePlaintext()` and `useTransportSecurity()` methods on the channel and server builders. The previous APIs are stable so will not be removed. Over time, documentation and examples will be migrated to the new API ##### Bug Fixes - xds: Fixed a bug that xDS users may experience null pointer exception in rare cases ([#​8087](https://togithub.com/grpc/grpc-java/issues/8087)) - netty: Fixed a bug that client RPCs may fail with a wrong exception with message "Maximum active streams violated for this endpoint" when receiving GOAWAY while MAX_CONCURRENT_STREAMS is reached. After the fix the client RPC should fail with UNAVAILABLE status in such a scenario. ([#​8020](https://togithub.com/grpc/grpc-java/issues/8020)) - xds: Fixed a bug that xDS LB policies may process and propagate load balancing state update from its child LB policy after itself being shut down. This can be cascaded and result in hard-to-reason behaviors if any one layer of the LB policies does not clean up its internal state after shutdown. ##### Behavior Changes - core, grpclb, xds: let leaf LB policies explicitly refresh name resolution when subchannel connection is broken. Custom LoadBalancer implementations should refresh name resolution (with `Helper.refreshNameResolution()`) when seeing its created subchannel becomes IDLE or TRANSIENT_FAILURE. Currently the Channel will do it for you and log a warning. But this operation will be removed in the future releases. ([#​8048](https://togithub.com/grpc/grpc-java/issues/8048)) - netty: Added support for OpenJSSE ##### Dependencies - Upgrade Guava to 30.1 ([#​8100](https://togithub.com/grpc/grpc-java/issues/8100)). As part of [#​4671](https://togithub.com/grpc/grpc-java/issues/4671) grpc-java will drop support for Java 7, with no impact to Android API levels supported. Guava is going through the same process and in this Guava release it warns when used on Java 7. If you are using Java 7 and are impacted, please comment on [#​4671](https://togithub.com/grpc/grpc-java/issues/4671). The Java 7 check may be noticed by Android builds and fail without language-level desugaring. We expect most users have already enabled language-level desugaring, but if not it would be necessary to add to your build.gradle: android { compileOptions { sourceCompatibility JavaVersion.VERSION_1_8 targetCompatibility JavaVersion.VERSION_1_8 } } - auth: Allow pre- and post-0.25.0 behavior from google-auth-library-java, for Bazel users. google-auth-library-java 0.25.0 changed its behavior for JWT that caused a gRPC test to fail. The failure was benign but prevented Bazel users from using newer versions of the library ### [`v1.37.1`](https://togithub.com/grpc/grpc-java/releases/v1.37.1) [Compare Source](https://togithub.com/grpc/grpc-java/compare/v1.37.0...v1.37.1) #### Bug Fixes - netty: fixed a bug that client RPCs may fail with a wrong exception with message "Maximum active streams violated for this endpoint" when receiving GOAWAY while MAX_CONCURRENT_STREAMS is reached. After the fix the client RPC should fail with UNAVAILABLE status in such a scenario. - grpclb, xds: fixed a day-one issue that the control plane RPC are using the same Context as the inbound application RPC, which can cause control plane RPC aborted when the inbound application RPC completes. - xds: fixed a bug that xDS LB policies may process and propagate load balancing state update from its child LB policy after itself being shut down. This can be cascaded and result in hard-to-reason behaviors if any one layer of the LB policies does not clean up its internal state after shutdown.

---

Configuration

📅 Schedule: At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• [ ] If you want to rebase/retry this PR, check this box.

---

This PR has been generated by WhiteSource Renovate. View repository job log here.

[codecov[bot]]

Codecov Report

Merging #879 (9662b86) into master (4025c72) will increase coverage by 1.84%. The diff coverage is n/a.

:exclamation: Current head 9662b86 differs from pull request most recent head 261f879. Consider uploading reports for the commit 261f879 to get more accurate results

@@            Coverage Diff             @@
##           master     #879      +/-   ##
==========================================
+ Coverage   80.16%   82.01%   +1.84%     
==========================================
  Files          43       44       +1     
  Lines        5370     5481     +111     
==========================================
+ Hits         4305     4495     +190     
+ Misses       1065      986      -79     

Flag	Coverage Δ
ata	62.64% <ø> (ø)
aux	68.24% <ø> (+0.01%)	:arrow_up:
base	66.18% <ø> (ø)
dhcp	67.48% <ø> (ø)
many	67.35% <ø> (-0.25%)	:arrow_down:
mud	72.43% <ø> (+0.07%)	:arrow_up:
switch	67.46% <ø> (ø)
topo	66.49% <ø> (+0.01%)	:arrow_up:
unit	30.99% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
daq/host.py	90.98% <0.00%> (-0.15%)	:arrow_down:
bin/python/combine_reports.py	84.68% <0.00%> (ø)
daq/configurator.py	89.60% <0.00%> (+0.79%)	:arrow_up:
daq/runner.py	84.63% <0.00%> (+1.92%)	:arrow_up:
daq/traffic_analyzer.py	89.68% <0.00%> (+3.17%)	:arrow_up:
daq/acl_state_collector.py	83.56% <0.00%> (+9.58%)	:arrow_up:
daq/proto/session_server_pb2_grpc.py	78.94% <0.00%> (+21.05%)	:arrow_up:
daq/session_server.py	87.70% <0.00%> (+52.45%)	:arrow_up:

---

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 4025c72...261f879. Read the comment docs.