credentials/tls: clients and servers will now reject connections that don't support ALPN when environment variable GRPC_ENFORCE_ALPN_ENABLED is set to "true" (case insensitive). (#7184)
NOTE: this behavior will become the default in a future release.
metadata: remove String method from MD to make printing more consistent (#7373)
New Features
grpc: add WithMaxCallAttempts to configure gRPC's retry behavior per-channel. (#7229)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Click to read mergecats review!
## 😼 Mergecat review of go.mod
```diff
@@ -54,7 +54,7 @@ require (
golang.org/x/exp v0.0.0-20240112132812-db7319d0e0e3
golang.org/x/net v0.26.0
golang.org/x/oauth2 v0.20.0
- google.golang.org/grpc v1.64.0
+ google.golang.org/grpc v1.65.0
gopkg.in/dealancer/validate.v2 v2.1.0
gopkg.in/yaml.v3 v3.0.1
k8s.io/api v0.26.15
```
### Feedback & Suggestions:
1. **Dependency Update Verification**: Ensure that the update from `google.golang.org/grpc v1.64.0` to `v1.65.0` is compatible with your codebase. Check the release notes for any breaking changes or deprecations that might affect your project.
2. **Security Considerations**: Verify if the new version addresses any security vulnerabilities. It's always good practice to keep dependencies up-to-date, but ensure that the update does not introduce new vulnerabilities.
3. **Testing**: After updating the dependency, run your test suite to ensure that everything works as expected. This will help catch any issues introduced by the new version.
4. **Documentation**: If your project has documentation that specifies dependency versions, make sure to update it to reflect this change.
---
Overall, the diff looks good, but always ensure thorough testing and verification when updating dependencies. 🚀
Dependency Review
Click to read mergecats review!
No suggestions found
Bumps google.golang.org/grpc from 1.64.0 to 1.65.0.
Release notes
Sourced from google.golang.org/grpc's releases.
Commits
2da9769
Change version to 1.65.0 (#7306)ede96b7
metadata: remove String method (#7373)64be203
grpc: Readd pick first name (#7336) (#7341)25e33a6
examples: Add CSM Observability example (#7302) (#7318)04a5f46
xds/internal/xdsclient: Emit unknown for CSM Labels if not present in CDS (#7...cff5c3e
stats/opentelemetry: Add e2e testing for CSM Observability (#7279) (#7316)9b970fd
dns: fix constant 30s backoff for re-resolution (#7262) (#7311)6d23620
documentation: on server, use FromIncomingContext for retrieving context and...7e5898e
xds: unify xDS client creation APIs meant for testing (#7268)5d7bd7a
interop/xds: Interop client and server changes for CSM Observability (#7280)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show