From 672238ff6352fa388b54182d8ae1667f9e99c327 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 6 Feb 2024 11:05:00 +0900
Subject: [PATCH] MINOR: [Java] Bump io.grpc:grpc-bom from 1.60.0 to 1.61.1 in
 /java (#39950)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [io.grpc:grpc-bom](https://github.com/grpc/grpc-java) from 1.60.0 to 1.61.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/grpc/grpc-java/releases">io.grpc:grpc-bom's releases</a>.</em></p>
<blockquote>
<h2>v1.61.1</h2>
<h3>Bug Fixes</h3>
<p>xds: Fix a bug in <code>WeightedRoundRobinLoadBalancer</code> policy that could raise <code>NullPointerException</code> and further cause channel panic when picking a subchannel. This bug can only be triggered when connection can not be established and the channel reports <code>TRANSIENT_FAILURE</code> state. (<a href="https://redirect.github.com/grpc/grpc-java/issues/10868">#10868</a>)</p>
<h2>v1.61.0</h2>
<h3>API Changes</h3>
<ul>
<li>Remove unused experimental API ManagedChannelBuilder.enableFullStreamDecompression (<a href="https://redirect.github.com/grpc/grpc-java/issues/10744">#10744</a>)</li>
<li>api: Deprecate LoadBalancer.EMPTY_PICKER added in 1.58.0 in favor of FixedResultPicker (860b5cb1f)</li>
</ul>
<h3>New Features</h3>
<ul>
<li>binder: Experimental support for asynchronous security policies (<a href="https://redirect.github.com/grpc/grpc-java/issues/10566">#10566</a>)</li>
</ul>
<h3>Improvements</h3>
<ul>
<li>core: reduce CompositeReadableBuffer allocation (<a href="https://redirect.github.com/grpc/grpc-java/issues/3279">#3279</a>)</li>
<li>core: Improve error message clarity when a channel leak is detected (201893f5e)</li>
<li>util: use shared index across <code>round_robin</code> pickers (dca89b25b). This makes its implementation more similar to <code>weighted_round_robin</code>.</li>
<li>xds: Implement ADS stream flow control mechanism (<a href="https://redirect.github.com/grpc/grpc-java/issues/10674">#10674</a>). This limits the maximum memory consumed if the control plane sends updates more rapidly than they can be processed.</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>core: Check outbound maximum message size for the compressed size in addition to the already-checked uncompressed size (<a href="https://redirect.github.com/grpc/grpc-java/issues/10739">#10739</a>). Fixed the status code to be RESOURCE_EXHAUSTED instead of UNKNOWN.</li>
<li>util: Fix NPE when multiple addresses are in an address group for petiole load balancer policies (<a href="https://redirect.github.com/grpc/grpc-java/issues/10769">#10769</a>)</li>
<li>util: Disable publishing of fixtures (8ac43dd81). The Gradle test fixtures are for use by grpc-java's internal tests.</li>
<li>okhttp: Ignore known conscrypt socket close issue (<a href="https://redirect.github.com/grpc/grpc-java/issues/10812">#10812</a>). This stops an exception from being thrown when a known Conscrypt synchronization issue happens.</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>Drop support for Bazel 5 (55a9c012c). Bazel 7 is available, and Protobuf has already dropped support for Bazel 5.</li>
<li>Change many compile deps to runtime deps (d6830d7f9). This reduces the transitive classes &quot;leaked&quot; into the compile classpath. In particular, grpc-core (<code>io.grpc.internal</code>) will be less frequently included transitively at compile time.</li>
<li>Upgrade dependencies (c985797d9)
<ul>
<li>Protobuf to 3.25.1</li>
<li>auto-value-annotations to 1.10.4</li>
<li>error_prone_annotations to 2.23.0</li>
<li>proto-google-common-protos to 2.29.0</li>
<li>google-cloud-logging to 3.15.14</li>
<li>guava to 32.1.3-android</li>
<li>okio to 3.4.0</li>
</ul>
</li>
</ul>
<h3>Acknowledgements</h3>
<ul>
<li><a href="https://github.com/Gordiychuk"><code>@​Gordiychuk</code></a></li>
<li><a href="https://github.com/jroper"><code>@​jroper</code></a></li>
<li><a href="https://github.com/jyane"><code>@​jyane</code></a></li>
<li><a href="https://github.com/ulfjack"><code>@​ulfjack</code></a></li>
</ul>
<h2>v1.60.2</h2>
<h3>Bug Fixes</h3>
<p>xds: Fix a bug in <code>WeightedRoundRobinLoadBalancer</code> policy that could raise <code>NullPointerException</code> and further cause channel panic when picking a subchannel. This bug can only be triggered when connection can not be established and the channel reports <code>TRANSIENT_FAILURE</code> state. (<a href="https://redirect.github.com/grpc/grpc-java/issues/10868">#10868</a>)</p>
<h2>v1.60.1</h2>
<h1>Bug Fixes</h1>
<ul>
<li>util: Fix NPE when multiple addresses in an address group for petiole load balancer policies (<a href="https://redirect.github.com/grpc/grpc-java/issues/10770">#10770</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/grpc/grpc-java/commit/dfff9a9475a394c455742a9b45a69cf6d9640cf5"><code>dfff9a9</code></a> Bump version to 1.61.1</li>
<li><a href="https://github.com/grpc/grpc-java/commit/df1bb36ea4c3b51d23c78a6e64b41de9d57d81e8"><code>df1bb36</code></a> Update README etc to reference 1.61.1</li>
<li><a href="https://github.com/grpc/grpc-java/commit/1abdaf36e8c363b5f0d445b8c08f49cbb69dd55f"><code>1abdaf3</code></a> xds: fix NPE in wrr in TF state (<a href="https://redirect.github.com/grpc/grpc-java/issues/10875">#10875</a>)</li>
<li><a href="https://github.com/grpc/grpc-java/commit/529d0ab330395bf66a5e3942de314bedb95d8bd8"><code>529d0ab</code></a> Bump version to 1.61.1-SNAPSHOT</li>
<li><a href="https://github.com/grpc/grpc-java/commit/f06abeb6fda2985c19e9792edb6f2b071b6fd8b5"><code>f06abeb</code></a> Bump version to 1.61.0</li>
<li><a href="https://github.com/grpc/grpc-java/commit/77005107aaa1847cdbac0919d5e73752649c3485"><code>7700510</code></a> Update README protoc references to 3.25.1</li>
<li><a href="https://github.com/grpc/grpc-java/commit/c639b8161bd16d01ddec2a42ee3bf68c3a49e296"><code>c639b81</code></a> Update README etc to reference 1.61.0</li>
<li><a href="https://github.com/grpc/grpc-java/commit/560608100f3f69b2ff5716c969d20c6802f79451"><code>5606081</code></a> fix flaky xds test due to verification race (<a href="https://redirect.github.com/grpc/grpc-java/issues/10798">#10798</a>) (<a href="https://redirect.github.com/grpc/grpc-java/issues/10808">#10808</a>)</li>
<li><a href="https://github.com/grpc/grpc-java/commit/2531563a3eb59e154e3098d8a45f39f003bcd439"><code>2531563</code></a> okhttp: Ignore known conscrypt socket close issue (<a href="https://redirect.github.com/grpc/grpc-java/issues/10811">#10811</a>) (<a href="https://redirect.github.com/grpc/grpc-java/issues/10812">#10812</a>)</li>
<li><a href="https://github.com/grpc/grpc-java/commit/5b082ca6404bd7fddf2f88d030a756694d1879f8"><code>5b082ca</code></a> Do not cache failed futures for async security policies indefinitely. (<a href="https://redirect.github.com/grpc/grpc-java/issues/10743">#10743</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/grpc/grpc-java/compare/v1.60.0...v1.61.1">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=io.grpc:grpc-bom&package-manager=maven&previous-version=1.60.0&new-version=1.61.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@ dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@ dependabot rebase` will rebase this PR
- `@ dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@ dependabot merge` will merge this PR after your CI passes on it
- `@ dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@ dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@ dependabot reopen` will reopen this PR if it is closed
- `@ dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@ dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@ dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@ dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@ dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

Authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Sutou Kouhei <kou@clear-code.com>
---
 java/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/pom.xml b/java/pom.xml
index 258e45a519c59..6442987f5a192 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -34,7 +34,7 @@
     <dep.slf4j.version>2.0.11</dep.slf4j.version>
     <dep.guava-bom.version>33.0.0-jre</dep.guava-bom.version>
     <dep.netty-bom.version>4.1.106.Final</dep.netty-bom.version>
-    <dep.grpc-bom.version>1.60.0</dep.grpc-bom.version>
+    <dep.grpc-bom.version>1.61.1</dep.grpc-bom.version>
     <dep.protobuf-bom.version>3.23.1</dep.protobuf-bom.version>
     <dep.jackson-bom.version>2.16.1</dep.jackson-bom.version>
     <dep.hadoop.version>3.3.6</dep.hadoop.version>