Bump google.golang.org/grpc from 1.71.0 to 1.71.1 #1478

Merged

dependabot[bot] merged 1 commit from refs/pull/1478/head into main

2025-04-07 16:13:27 +00:00

dependabot[bot] commented

2025-04-07 02:17:01 +00:00

(Migrated from github.com)

Owner

Imported from GitHub pull request.

Original GitHub pull request: #562
Original author: @dependabot[bot]
Original URL: https://github.com/carverauto/serviceradar/pull/562
Original created: 2025-04-07T02:17:01Z
Original updated: 2025-04-07T16:13:31Z
Original head: carverauto/serviceradar:dependabot/go_modules/google.golang.org/grpc-1.71.1
Original base: main
Original merged: 2025-04-07T16:13:27Z by @mfreeman451

Bumps google.golang.org/grpc from 1.71.0 to 1.71.1.

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.71.1

Bug Fixes

grpc: fix a bug causing an extra Read from the compressor if a compressed message is the same size as the limit. This could result in a panic with the built-in gzip compressor (#8178)

xds: restore the behavior of reading the bootstrap config before creating the first xDS client instead of at package init time (#8164)

stats/opentelemetry: use TextMapPropagator and TracerProvider from TraceOptions instead of OpenTelemetry globals (#8166)

client: fix races when an http proxy is configured that could lead to deadlocks or panics (#8195)

client: fix bug causing RPC failures with message "no children to pick from" when using a custom resolver that calls the deprecated NewAddress API (#8149)

wrr: fix slow processing of address updates that could result in problems including RPC failures for servers with a large number of backends (#8179)

Commits

cdbdb75 Change version to v1.71.1 (#8206)
3a93562 Cherry-pick #8195 into v1.71.x (#8202)
208e03b Cherry-pick #8164 #8166 to v1.71.x (#8182)
8b7d2fe grpc: fix bug causing an extra Read if a compressed message is the same size ...
9c81a91 resolver: Make EndpointMap's Get, Set and Delete operations O(1) (#8179) (#8184)
8d46b21 grpc: Add endpoints in resolverWrapper.NewAddress (#8149) (#8151)
4775bba Change version to 1.71.1-dev (#8106)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Imported from GitHub pull request. Original GitHub pull request: #562 Original author: @dependabot[bot] Original URL: https://github.com/carverauto/serviceradar/pull/562 Original created: 2025-04-07T02:17:01Z Original updated: 2025-04-07T16:13:31Z Original head: carverauto/serviceradar:dependabot/go_modules/google.golang.org/grpc-1.71.1 Original base: main Original merged: 2025-04-07T16:13:27Z by @mfreeman451 --- Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.71.0 to 1.71.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's releases</a>.</em></p> <blockquote> <h2>Release 1.71.1</h2> <h1>Bug Fixes</h1> <ul> <li>grpc: fix a bug causing an extra Read from the compressor if a compressed message is the same size as the limit. This could result in a panic with the built-in gzip compressor (<a href="https://redirect.github.com/grpc/grpc-go/issues/8178">#8178</a>)</li> <li>xds: restore the behavior of reading the bootstrap config before creating the first xDS client instead of at package init time (<a href="https://redirect.github.com/grpc/grpc-go/issues/8164">#8164</a>)</li> <li>stats/opentelemetry: use <code>TextMapPropagator</code> and <code>TracerProvider</code> from <code>TraceOptions</code> instead of OpenTelemetry globals (<a href="https://redirect.github.com/grpc/grpc-go/issues/8166">#8166</a>)</li> <li>client: fix races when an http proxy is configured that could lead to deadlocks or panics (<a href="https://redirect.github.com/grpc/grpc-go/issues/8195">#8195</a>)</li> <li>client: fix bug causing RPC failures with message "no children to pick from" when using a custom resolver that calls the deprecated <code>NewAddress</code> API (<a href="https://redirect.github.com/grpc/grpc-go/issues/8149">#8149</a>)</li> <li>wrr: fix slow processing of address updates that could result in problems including RPC failures for servers with a large number of backends (<a href="https://redirect.github.com/grpc/grpc-go/issues/8179">#8179</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/grpc/grpc-go/commit/cdbdb759dd67c89544f9081f854c284493b5461c"><code>cdbdb75</code></a> Change version to v1.71.1 (<a href="https://redirect.github.com/grpc/grpc-go/issues/8206">#8206</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/3a935629e7458b16d26d5ef96117e3fe40e99e9c"><code>3a93562</code></a> Cherry-pick <a href="https://redirect.github.com/grpc/grpc-go/issues/8195">#8195</a> into v1.71.x (<a href="https://redirect.github.com/grpc/grpc-go/issues/8202">#8202</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/208e03b3bae218afa575a96a207958c7c812c71e"><code>208e03b</code></a> Cherry-pick <a href="https://redirect.github.com/grpc/grpc-go/issues/8164">#8164</a> <a href="https://redirect.github.com/grpc/grpc-go/issues/8166">#8166</a> to v1.71.x (<a href="https://redirect.github.com/grpc/grpc-go/issues/8182">#8182</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/8b7d2fe0de8eaccee372a05643af033455a4f023"><code>8b7d2fe</code></a> grpc: fix bug causing an extra Read if a compressed message is the same size ...</li> <li><a href="https://github.com/grpc/grpc-go/commit/9c81a910a50b8d2a02f545635e0e2007d3c97816"><code>9c81a91</code></a> resolver: Make EndpointMap's Get, Set and Delete operations O(1) (<a href="https://redirect.github.com/grpc/grpc-go/issues/8179">#8179</a>) (<a href="https://redirect.github.com/grpc/grpc-go/issues/8184">#8184</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/8d46b21d1973d66026e5c825c6dec8d0e01ee918"><code>8d46b21</code></a> grpc: Add endpoints in resolverWrapper.NewAddress (<a href="https://redirect.github.com/grpc/grpc-go/issues/8149">#8149</a>) (<a href="https://redirect.github.com/grpc/grpc-go/issues/8151">#8151</a>)</li> <li><a href="https://github.com/grpc/grpc-go/commit/4775bbabf88aeae7e0f31f81e398157fc8a8a609"><code>4775bba</code></a> Change version to 1.71.1-dev (<a href="https://redirect.github.com/grpc/grpc-go/issues/8106">#8106</a>)</li> <li>See full diff in <a href="https://github.com/grpc/grpc-go/compare/v1.71.0...v1.71.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.71.0&new-version=1.71.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>