workhorse: Update gRPC dependencies
This MR contains the following updates:
Package | Type | Update | Change |
---|---|---|---|
google.golang.org/grpc | require | minor |
v1.59.0 -> v1.60.1
|
google.golang.org/protobuf | require | minor |
v1.31.0 -> v1.32.0
|
MR created with the help of gitlab-org/frontend/renovate-gitlab-bot
Release Notes
grpc/grpc-go
v1.60.1
Bug Fixes
- server: fix two bugs that could lead to panics at shutdown when using NumStreamWorkers (experimental feature).
v1.60.0
: Release 1.60.0
Security
- credentials/tls: if not set, set TLS MinVersion to 1.2 and CipherSuites according to supported suites not forbidden by RFC7540.
- This is a behavior change to bring us into better alignment with RFC 7540.
API Changes
- resolver: remove deprecated and experimental
ClientConn.NewServiceConfig
(#6784) - client: remove deprecated
grpc.WithServiceConfig
DialOption
(#6800)
Bug Fixes
- client: fix race that could cause a deadlock while entering idle mode and receiving a name resolver update (#6804)
- client: always enable TCP keepalives with OS defaults (#6834)
- credentials/alts: fix a bug preventing ALTS from connecting to the metadata server if the default scheme is overridden (#6686)
- Special Thanks: @mjamaloney
Behavior Changes
- server: Do not return from Stop() or GracefulStop() until all resources are released (#6489)
- Special Thanks: @fho
Documentation
- codes: clarify that only codes defined by this package are valid and that users should not cast other values to
codes.Code
(#6701)
protocolbuffers/protobuf-go
v1.32.0
Full Changelog: https://github.com/protocolbuffers/protobuf-go/compare/v1.31.0...v1.32.0
This release contains commit https://github.com/protocolbuffers/protobuf-go/commit/bfcd6476a38e41247d6bb43dc8f00b23ec9fffc2, which fixes a denial of service vulnerability by preventing a stack overflow through a default maximum recursion limit. See https://github.com/golang/protobuf/issues/1583 and https://github.com/golang/protobuf/issues/1584 for details.
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.