fullstorydev / grpcurl

Like cURL, but for gRPC: Command-line tool for interacting with gRPC servers
MIT License
10.96k stars 508 forks source link

Bump github.com/jhump/protoreflect from 1.15.4 to 1.15.5 #443

Closed dependabot[bot] closed 10 months ago

dependabot[bot] commented 10 months ago

Bumps github.com/jhump/protoreflect from 1.15.4 to 1.15.5.

Release notes

Sourced from github.com/jhump/protoreflect's releases.

v1.15.5

This is a bugfix release to address bugs in the desc/builder, desc/protoparse, and grpcreflect packages and a compatibility issue with the most recent version of github.com/bufbuild/protocompile.

"github.com/jhump/protoreflect/desc/builder"

Changes/fixes:

  • A regression was introduced in v1.15.0 of this package that could cause it to fail to include some imports in a file for custom options. If the custom option in question was in a known transitive dependency, the builder could fail to add the necessary import. This has been fixed.

"github.com/jhump/protoreflect/desc/protoparse"

Changes/fixes:

  • As of v1.15.0, this package uses the github.com/bufbuild/protocompile package under the hood as the parser. But that package is still using major version zero, since it's API has not completely stabilized. A recent release (v0.8.0) included backwards-incompatible changes that caused this repo to no longer compile. This release addresses the compile errors: this repo now uses that latest release of protocompile and correctly compiles against it.
  • The use of v0.8.0 of protocompile fixes some issues in the desc/protoparse package that could cause it to incorrectly accept or reject some Protobuf source files. See the release notes for protocompile v0.8.0 for more details.

"github.com/jhump/protoreflect/grpcreflect"

Changes/fixes:

  • The grpcreflect.NewClientAuto function (added in v1.14.0) returns a client that automatically falls back to using v1alpha of the reflection protocol if the server does not support v1. However, it relied on the server returning an "unimplemented" error to decide to fall back, but this condition has been observed to sometimes instead manifest as an "unavailable" error (in proxies that fail to write a 404 error before closing the connection). In those cases, the client was not correctly falling back to v1alpha. This release remedies that, so it can fallback to v1alpha when this category of error occurs.
Commits
  • 7000dd2 update to work with latest v0.8.0 release of bufbuild/protocompile (#593)
  • 058e6ca Fix issue with missing imports for custom options in desc/builder (#592)
  • bf8a7d8 grpcreflect: Fallback from v1 to v1alpha on "unavailable" error code (#588)
  • See full diff in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)