jnewmano / grpc-json-proxy

gRPC proxy for Postman like tools
MIT License
517 stars 32 forks source link

Bump google.golang.org/grpc from 1.59.0 to 1.60.0 #88

Closed dependabot[bot] closed 11 months ago

dependabot[bot] commented 11 months ago

Bumps google.golang.org/grpc from 1.59.0 to 1.60.0.

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.60.0

Security

  • credentials/tls: if not set, set TLS MinVersion to 1.2 and CipherSuites according to supported suites not forbidden by RFC7540.
    • This is a behavior change to bring us into better alignment with RFC 7540.

API Changes

  • resolver: remove deprecated and experimental ClientConn.NewServiceConfig (#6784)
  • client: remove deprecated grpc.WithServiceConfig DialOption (#6800)

Bug Fixes

  • client: fix race that could cause a deadlock while entering idle mode and receiving a name resolver update (#6804)
  • client: always enable TCP keepalives with OS defaults (#6834)
  • credentials/alts: fix a bug preventing ALTS from connecting to the metadata server if the default scheme is overridden (#6686)

Behavior Changes

  • server: Do not return from Stop() or GracefulStop() until all resources are released (#6489)

Documentation

  • codes: clarify that only codes defined by this package are valid and that users should not cast other values to codes.Code (#6701)
Commits
  • 297d8dd Cherry-pick #6841 to v1.60.x release branch (#6847)
  • 3580447 Change version to 1.60.0 (#6792)
  • 71e67a9 Cherry-pick #6834 to v1.60.x release branch (#6839)
  • cb6581d Cherry-pick #6804 and dependencies to v1.60.x release branch (#6838)
  • dd39cdb credentials: if not set, restrict to TLS v1.2+ and CipherSuites per RFC7540 (...
  • 8645f95 resolver: remove ClientConn.NewServiceConfig (#6784)
  • 8b17a4d vet: various cleanups (#6780)
  • 591c481 internal/transport: Add LocalAddr to http2Client.getPeer() (#6779)
  • eb46b7d github: set top-level read-only workflow permissions (#6775)
  • be1d1c1 security/advancedtls: FileWatcher CRL provider initialization enhancement (#6...
  • Additional commits viewable in compare view


Most Recent Ignore Conditions Applied to This Pull Request | Dependency Name | Ignore Conditions | | --- | --- | | google.golang.org/grpc | [>= 1.44.a, < 1.45] | | google.golang.org/grpc | [>= 1.46.a, < 1.47] | | google.golang.org/grpc | [>= 1.48.a, < 1.49] | | google.golang.org/grpc | [>= 1.49.a, < 1.50] | | google.golang.org/grpc | [>= 1.51.a, < 1.52] | | google.golang.org/grpc | [>= 1.52.a, < 1.53] | | google.golang.org/grpc | [>= 1.53.a, < 1.54] | | google.golang.org/grpc | [>= 1.54.a, < 1.55] | | google.golang.org/grpc | [>= 1.55.a, < 1.56] |

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 11 months ago

Superseded by #89.