v1.42.1

Bug fixes:

• xds: fix a bug that invalid resources from the control plane was internally classified as missing configuration, but instead it should be classified as a transient error. This will change load balancing states on failure handling behavior: for example, missing LDS at xDS server would make it enter “not serving” mode but a transient error does not affect serving status. #8690
• xds: fix a bug where XdsServer didn’t block start() when configuration is missing, and instead errored. #8690
• xds: stop generating UUIDs for filter chains that lack them. The UUID was preventing the XdsServer from noticing when a control plane sent a needless duplicate update, causing XdsServer to drain all its existing connections to use the “new” configuration #8688

New feature:

• netty: Add ability to set system property -Dio.grpc.netty.disableConnectionHeaderCheck=false to disable HTTP Connection header check. This is a temporary workaround to allow fixing out-of-spec HTTP/2 clients #8683
• compiler: Protoc plugin for macOS x86 is duplicated to be used on the aarch architecture, to ease use on arm64 macs. The plugin is not actually ARM64, just named as such. Future work will need to compile it appropriately #8680

v1.40.2

grpclb: Fix “IllegalStateException: already in fallback” channel panic, by not starting fallback timer if already in fallback (#8646). This builds on the fix in 1.38.1. The bug was introduced in 1.38.0.

v1.42.0

In this release we drop support for Android API level 18 or lower (Jelly Bean or earlier), following Google Play Service’s discontinued updates for Jelly Bean (API levels 16, 17 & 18).

API Changes

• xds: Added XdsServerBuilder.overrideBootstrapForTest() to provide bootstrap override for testing purposes. This way, the test does not need to use the shared environment variable for bootstrap injection. (#8575)
• api: Stabilize the Status.asException(Metadata) method. (#8520)
• core/auth: Remove CallCredentials2 (#8572). CallCredentials2 was introduced in 1.16.0 to ease migration of CallCredentials to an abstract class. CallCredentials has been preferred over CallCredentials2 since 1.19.0

Bug Fixes

• netty: Requests with Connection header are malformed. This is required per HTTP/2. The server now rejects such requests. To improve debuggability for clients, Metadata.Key will log if creating a key for “Connection”
• grpclb: Fix “IllegalStateException: already in fallback” channel panic, by not starting fallback timer if already in fallback (#8646). This builds on the fix in 1.38.1. The bug was introduced in 1.38.0.
• core, netty, okhttp: Fix AbstractManagedChannelImplBuilder#maxInboundMessageSize(int) ABI (#8607). Solves the issue with NettyChannelBuilder.maxInboundMessageSize(int) and OkHttpChannelBuilder.maxInboundMessageSize(int) not working in rare cases when pre-1.33 builds combined with post-1.33. See issue #8313 for the details.

New Features

• binder: A new transport with channel and server builders which support cross-process and cross-application communication on Android. BinderChannel is production ready and in use by several Google applications, though the APIs are still experimental and subject to change. It does not currently support rpc-level flow control for streaming RPCs. See gRFC L73 for background.
• xds: implemented rbac filter per A41 xDS RBAC. This is the first HTTP filter supported on server-side.
• stub: add ServerCallStreamObserver.setOnCloseHandler(Runnable). Notified when gRPC has completed processing the RPC. (#8452)

Behavior Changes

• core: gRPC-Java library discards any Content-Length header set by the application because in most cases this header is blindly forwarded from some other source and is incorrect for gRPC payload.
• netty: Use Host header on server-side if :authority is not present
• rls: the cache_size in route lookup config is limited to 5M
• core: changed the level mapping ChannelLogger uses for java.util.logging.Level (#8531). It is now possible to enable Java logging for Channelz’s INFO without also enabling DEBUG (previously they were both FINEST).

Dependencies

• Compatibility with the upcoming Bazel 5 added. This required dropping support for Bazel 1-3. Bazel 4 or later is required (#7598)
• netty: bump netty to 4.1.63.Final and tcnative to 2.0.38.Final. (#8167)

Improvements

• core: io.grpc.util.AdvancedTlsX509KeyManager and AdvancedTlsX509TrustManager support loading configuration from static files. (#8525)
• core: io.grpc.util.CertificateUtils.getPrivateKey() now supports RSA and EC key algorithms

v1.41.1

Bug Fixes

• grpclb: Fix “IllegalStateException: already in fallback” channel panic, by not starting fallback timer if already in fallback (#8646). This builds on the fix in 1.38.1. The bug was introduced in 1.38.0.

v1.41.0

For users requiring Java 7, the later grpc-java 1.44 release dropped support for Java 7. This v1.41.x branch is the selected gathering point for users continuing to require Java 7. See gRFC P5.

API Changes

• stub: Mark Stub-based MetadataUtils methods deprecated (#8395). The interceptor-based versions have been stable for a long time and are preferred

Bug Fixes

• census: Fixed a data race in CensusStatsModule which in rare cases may cause NullPointerException (#8459)
• xds: Fixed a bug in SharedCallCounterMap which in rare cases may cause NullPointerException (#8397)
• core: ServerCall.isCancelled() and ServerCallStreamObserver.isCancelled() implementations no longer incorrectly return true at the end of every RPC (#8408)
• core: ManagedChannel no longer immediately exits idle mode after an enterIdle() call when it has any calls in progress
• netty-shaded: Modify the shading operation to transform native-image resources so they correctly reference shaded class names (#7540)
• netty-shaded: Rename native-image resources to avoid collisions with Netty’s copy, which were modified starting in 1.39.0
• rls: avoid NullPointerException in RLS in certain circumstances when calling channel.getState(true) or if a parent load balancer requests a connection (#8379)

New Features

• xds: xDS-based TLS security (gRFC 29) is now stable
• util: Added new classes AdvancedTlsX509TrustManager and AdvancedTlsX509KeyManager, which support reloading keys and trust roots as they change. They also can make custom verification easier by handling the hostname verification. (#8175)
• xds: Added XdsNameResolverProvider.createForTest() to allow using a different bootstrap configuration in tests (#8358)

Behavior Changes

• rls: migrated the deprecated server and path fields in RouteLookupRequest to using the new extra_keys field in RLS config

Improvements

• api: Document that NameResolvers shouldn’t block within their methods (#8398). The offload executor should be used for blocking operations
• stub: Document StreamObserver is an async API, and how it internally may buffer (#8449)

Dependencies

• Upgraded error_prone_annotations to 2.9.0
• cronet: Cronet upgraded to version 92.4515.131

v1.40.1

Bug Fixes

• xds: fixed channel panic with NullPointerException if a cluster is configured with RING_HASH LB policy.

v1.40.0

API Changes

• api: Removed deprecated method ClientStreamTracer.Factory.newClientStreamTracer(CallOptions callOptions, Metadata headers).
• api: Deprecated ClientStreamTracer.StreamInfo.getTransportAttrs() and ClientStreamTracer.StreamInfo.Builder.setTransportAttrs().
• api: Added new method ClientStreamTracer.streamCreated(Attributes transportAttrs, Metadata headers).
• core: Stabilized ManagedChannelBuilder.enableRetry() and ManagedChannelBuilder.disableRetry().

Bug Fixes

• core: Fix a flow control issue if retry is enabled (#8401).
• core: Fix a race between client call cancel() and start() if retry is enabled (#8386).
• xds: Fix the race condition in SslContextProviderSupplier's updateSslContext and close (#8294).
• xds: If “server_listener_resource_name_template” is not set or xds_v3 is not in use, log an error and fail XdsServer start() instead of NPE.
• netty: The Netty server produces plain-text error messages for non-gRPC clients. The error pages’ Content-Type incorrectly had encoding=utf-8. It now has charset=utf-8.

New Features

• compiler: Added GrpcGenerated annotation with CLASS retention to the top-level generated class. This can be used by annotation processors to detect or ignore the generated code.
• api: Added ServerCallExecutorSupplier experimental API. This allows for a per-service/method executor to handle the server call based on each RPC call information at runtime. (#8266).
• xds: Added xDS retry support (gRFC-A44).

Behavior Changes

• core: The gRPC built-in retry feature is enabled by default. (Users can call ManagedChannelBuilder.disableRetry() to turn off retry if they do not want this feature, for example if they have already implemented an application level retry.) ManagedChannelBuilder.enableRetry() will no longer have the side that disables Census stats and tracing as in previous versions.

Dependencies

• xds: Envoy proto updated to commit 62ca8bd (#8346).

Improvements

• api: Clarify the ServerCallHandler API contract in Javadoc (#8339).
• netty: Allow transparent retries for servers that lack graceful two-stage GOAWAY connection shutdown, such as nginx and gRPC C core. This refined a workaround introduced in 1.34.0 for a Netty header processing GOAWAY bug fixed in 4.1.54.Final, but that we are giving time for the fix to work its way through the ecosystem (#8359).
• testing: Make more obvious in Javadoc that GrpcServerRule has been replaced.
• api: Use <scheme,provider> map in nameResoverRegistry. This makes scheme matching more clear and explicit in name resolver API.(#8323).

v1.39.0

API Changes

• Static methods in Builders that always throw are now annotated @DoNotCall. This annotation can be noticed by ErrorProne and inform you of a mistake at compile time instead of runtime. This applies to static methods like InProcessServerBuilder.forPort(int) which are inherited from base classes like ServerBuilder/ManagedChannelBuilder yet are a bug if used.
• api, core: Support zero copy into protobuf. New APIs have been added to support the custom implementation of a zero-copy Protobuf deserialization marshaller. The HasByteBuffer API exposes ByteBuffers underlying the InputStream being passed to the Marshaller and the Detachable API allows custom Marshaller to take over the ownership of buffers for performing delayed deserialization.
• NettyChannelBuilder supports SocketAddress with ChannelCredentials.

Bug Fixes

• netty: Remove Maven pom.properties from netty-shaded jar. The properties don’t add much value and mainly confuse tools in a shaded jar.
• netty-shaded: Modify the shading operation to transform native-image resources so they correctly reference shaded class names (#7540)
• xds: Shut down the scheduledExecutorService in the CertificateProvider when it is shutdown.
• xds: Close the SslContexrProviderSupplier when a CDS LoadBalancer is shut down to prevent leakage.
• xds, grpclb: Use a standalone Context for control plane RPCs. The existing behavior of implicitly using the Context in ThreadLocal can cause control plane RPCs to be cancelled prematurely, in cases the data plane RPC is made within a gRPC service to another service. To avoid being impacted by data plane RPC lifecycle, the fix creates standalone Context for control plane RPCs.
• xds: cluster_resolver LB policy should wait until all clusters are resolved before propagating endpoints to child LB policy. Previously, the cluster_resolver LB policy propagated partially resolved results (endpoints for a subset of clusters) to its child LB policy, which can cause RPCs to be sent to less favored clusters before endpoints of more favored clusters are discovered.
• xds: use load assignment endpoint address in Cluster as the DNS hostname for LOGICAL_DNS. The LOGICAL_DNS concept was misunderstood previously. Instead of using the channel authority, the hostname should be given by Cluster resource in CDS responses.
• grpclb: skip fallback if the LB is already in fallback mode. An invariant check for gRPCLB LB policy’s internal state introduced by #8035 is broken in case the LB policy is in fallback mode while receiving an address update without remote balancer addresses. The fix mitigated the temporal invariant violation.

New Features

• compiler: Add support for ppc64le on RHEL8.

Dependencies

• Protobuf upgraded to 3.17.2
• We now use custom Gradle logic to determine if Maven’s requireUpperBoundDeps would fail for our published artifacts instead of Gradle’s failOnVersionConflict. This means we now make use of fewer dependency exclusions (#8238). failOnVersionConflict has similar behavior to dependencyConvergence but we previously lacked a more precise tool to detect cases where Maven would downgrade dependencies. We strongly encourage all Maven users to use Maven Enforcer’s requireUpperBoundDeps and continue to discourage using dependencyConvergence

Acknowledgements

@lepistone Leonardo Pistone
@shirodkara Amit Shirodkar
@cfredri4

v1.38.1

Bug Fixes

• grpclb: skip fallback if the LB is already in fallback mode. An invariant check for gRPCLB LB policy’s internal state introduced by #8035 is broken in case the LB policy is in fallback mode while receiving an address update without remote balancer addresses. It caused a channel panic (INTERNAL: Panic! This is a bug!) due to the exception IllegalStateException: already in fallback. The fix mitigated the temporal invariant violation.
• xds: shut down the scheduledExecutorService in the CertificateProvider when it is shutdown

v1.36.2

Bug Fixes

• grpclb: fixed a day-one issue that the control plane RPC are using the same Context as the inbound application RPC, which can cause control plane RPC aborted when the inbound application RPC completes.
• netty: Fixed a bug that client RPCs may fail with a wrong exception with message "Maximum active streams violated for this endpoint" when receiving GOAWAY while MAX_CONCURRENT_STREAMS is reached. After the fix the client RPC should fail with UNAVAILABLE status in such a scenario. (#8020)
• xds: Fixed a bug that xDS users may experience null pointer exception in rare cases (#8087)
• xds: the xDS resolver did not clear its state when control plane resources were revoked before offloading the xDS LB plugin. It would treat the next update as duplicate if the control plane recovers and never comes back to use those resources. Now this is fixed.