Bug Fixes
- api: Ignore
ClassCastExceptions
for hard-coded providers on Android (#9174). This avoids ServiceConfigurationError
in certain cases when an “SDK” includes a copy of gRPC that was renamed with Proguard-like tools that do precise class name rewriting (versus something like Maven Shade Plugin which uses coarse pattern matching)
- binder: respect requested message limits when provide received messages to listener (#9163)
- binder: Avoid an ISE from
asAndroidAppUri()
(#9169)
- okhttp: Use the user-provided
ScheduledExecutorService
for keepalive if provided. Previously the user-provided executor was used for deadlines, but not keepalive. Keepalive always used the default executor (#9073)
- bom: Reverted “bom: Removed protoc-gen-grpc-java from the BOM” in v1.46.0. There was a way to use it with Gradle (#9154)
- build: fix grpc-java build against protobuf 3.21 (#9218)
- grpclb: Adds missing META-INF resources to
libgrpclb.jar
produced by bazel //grpclb:grpclb
target (#9156)
- xds: Protect xdstp processing with federation env var. If the xds server uses xdstp:// resource names it was possible for federation code paths to be entered even without enabling the experimental federation support. This is now fixed and it is safe for xds servers to use xdstp:// resource names. (#9190)
- xds: fix bugs in ring-hash load balancer picking subchannel behavior per gRFC. The bug may cause connection not failing over from
TRANSIENT_FAILURE
status. (#9085)
- xds: NACK EDS resources with duplicate localities in the same priority (#9119)
New Features
- api: Add connection management APIs to
ServerBuilder
(#9176). This includes methods for keepalive, max connection age, and max connection idle. These APIs have been available on NettyServerBuilder since v1.4.0
- api: allow
NameResolver
to influence which transport to use (#9076)
- api: New API in ServerCall to expose SecurityLevel on server-side (#8943)
- netty: Add
NameResolver
for unix:
scheme, as defined in gRPC Name Resolution (#9113)
- binder: add
allOf
security policy, which allows access iff ALL given security policies allow access. (#9125)
- binder: add
anyOf
security policy, which allows access if ANY given security policy allows access. (#9147)
- binder: add
hasPermissions
security policy, which checks that a caller has all of the given package permissions. (#9117)
- build: Add Bazel build support for xds, googleapis, rls, and services. grpc-services previously had partial bazel support, but some parts were missing. These artifacts are now configured via
IO_GRPC_GRPC_JAVA_OVERRIDE_TARGETS
so maven_install will not use the artifacts from Maven Central (#9172)
- xds: New ability to configure custom load balancer implementations via the xDS
Cluster.load_balancing_policy
field. This implements gRFC A52: gRPC xDS Custom Load Balancer Configuration. (#9141)
- xds, orca: add support for custom backend metrics reporting: allow setting metrics at gRPC server and consuming metrics reports from a custom load balancing policy at the client. This implements gRFC A51: Custom Backend Metrics Support.
- xds: include node ID in RPC failure status messages from the XdsClient (#9099)
- xds: support for the
is_optional
logic in Cluster Specifier Plugins: if an unsupported Cluster Specifier Plugin is optional, don't NACK, and skip any routes that point to it. (#9168)
Behavior Changes
- xds: Allow unspecified listener traffic direction, to match other languages and to work with Istio (#9173)
- xds: change priority load balancer failover time behavior and
ring_hash
LB aggregation rule to better handle transient_failure channel status (#9084, #9093)
Dependencies
- Bump GSON to 2.9.0. Earlier versions of GSON are affected by CVE-2022-25647. gRPC was not impacted by the vulnerability. (#9215)
- gcp-observability: add grpc-census as a dependency and update opencensus version (#9140)
Acknowledgements
@caseyduquettesc
@cfredri4
@jvolkman
@mirlord
@ovidiutirla