dependabot[bot] opened a new pull request, #43924: URL: https://github.com/apache/arrow/pull/43924
Bumps [io.grpc:grpc-bom](https://github.com/grpc/grpc-java) from 1.65.0 to 1.66.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/grpc/grpc-java/releases";>io.grpc:grpc-bom's releases</a>.</em></p> <blockquote> <h2>v1.66.0</h2> <h2>gRPC Java 1.66.0 Release Notes</h2> <h3>API Changes</h3> <ul> <li>stub: Support setting onReadyThreshold through AbstractStub. (<a href="https://redirect.github.com/grpc/grpc-java/issues/11320";>#11320</a>) (25a8b7c50)</li> <li>util: Stabilize <code>AdvancedTlsX509TrustManager</code>, an <code>X509ExtendedTrustManager</code> that allows users to configure advanced TLS features, such as root certificate reloading and peer cert custom verification. (658cbf6cf)</li> <li>util: Align AdvancedTlsX509{Key and Trust}Manager. (<a href="https://redirect.github.com/grpc/grpc-java/issues/11385";>#11385</a>)</li> <li>util: Add <code>GracefulSwitchLoadBalancer</code> config (ebed04798) and mark switchTo() deprecated. (85e0a01ec). <code>GracefulSwitchLoadBalancer</code> now receives its configuration like a regular load balancer.</li> <li>binder: Introduce <code>AllowSecurityPolicy</code> to allow calling code to not have to wait on async/slow implementations. <code>BinderTransport</code> now submits async implementations to an executor. (<a href="https://redirect.github.com/grpc/grpc-java/issues/11272";>#11272</a>) (7fee6a3fe)</li> <li>api: Add convenience method in <code>ServerBuilder</code> for adding a list of service implementations to the handler registry together. (<a href="https://redirect.github.com/grpc/grpc-java/issues/11285";>#11285</a>) (85ed05300)</li> </ul> <h3>Improvements</h3> <ul> <li>examples: Improve example Bazel WORKSPACE to demonstrate referencing grpc-xds. (5ec0187e2)</li> <li>examples: Include Bazel bzlmod configuration (36e687f9d). There are now examples for both non-bzlmod and bzlmod.</li> <li>core: Fixes to <code>PickFirstLeafLoadBalancer</code> <ul> <li>Eliminate NPE after recovering from a temporary name resolution failure. (<a href="https://redirect.github.com/grpc/grpc-java/issues/11298";>#11298</a>)</li> <li>Deduplicate addresses. (<a href="https://redirect.github.com/grpc/grpc-java/issues/11342";>#11342</a>, <a href="https://redirect.github.com/grpc/grpc-java/issues/11345";>#11345</a>)</li> </ul> </li> <li>core: Change default to use the new pick first load balancer (<code>PickFirstLeafLoadBalancer</code>). (<a href="https://redirect.github.com/grpc/grpc-java/issues/11348";>#11348</a>)</li> <li>core: Use retryThrottling from defaultServiceConfig when the name resolver config doesn't provide this config. (<a href="https://redirect.github.com/grpc/grpc-java/issues/11274";>#11274</a>) (062ebb4d7)</li> <li>netty: Enable use of Netty 4.1.111 by avoiding the optimization provided by <code>NettyAdaptiveCumulator</code> if Netty is on version 4.1.111 or later. (<a href="https://redirect.github.com/grpc/grpc-java/issues/11367";>#11367</a>)</li> <li>binder: Set a default connect timeout of 60 seconds. (<a href="https://redirect.github.com/grpc/grpc-java/issues/11359";>#11359</a>) (21dec3092)</li> <li>binder: Make <code>BinderServer</code> own <code>ServerAuthInterceptor</code>'s executor that helps avoid leaks. (<a href="https://redirect.github.com/grpc/grpc-java/issues/11293";>#11293</a>) (15ad9f546)</li> <li>services:: Added <code>ProtoReflectionServiceV1</code> for the v1 reflection protocol. The preexisting <code>ProtoReflectionService</code> implements the v1alpha reflection protocol. (<a href="https://redirect.github.com/grpc/grpc-java/issues/11237";>#11237</a>) (0aa976c4e)</li> </ul> <h3>Bug Fixes</h3> <ul> <li>binder: Add missing synchronization to prevent races when calling awaitTermination(). (<a href="https://redirect.github.com/grpc/grpc-java/issues/11277";>#11277</a>) (14fd81f59)</li> <li>util: Fix <code>AdvancedTlsX509TrustManager</code> validation on servers when using SSLSocket. Previously it would try to use a null SSLEngine . (dcb1c018c)</li> </ul> <h3>Dependencies</h3> <ul> <li>compiler: Upgrade from CentOS 7 to AlmaLinux 8 for the pre-compiled Linux protoc-gen-grpc-java (71eb5fb9f). This adds a runtime dependency on libstdc++</li> <li>Upgrade animal-sniffer-annotations to 1.24 (a97738518)</li> <li>Upgrade error_prone_annotations to 2.28.0 (a97738518)</li> <li>Upgrade proto-google-common-protos to 2.41.0 (a97738518)</li> <li>Upgrade google-auth-library to 1.23.0 (a97738518)</li> <li>Upgrade gson to 2.11.0 (a97738518)</li> <li>Upgrade guava to 33.2.1 (a97738518)</li> <li>Upgrade opentelemetry to 1.40.0 (a97738518)</li> <li>Upgrade perfmark-api to 0.27.0 (a97738518)</li> <li>Upgrade protobuf-java to 3.25.3 (a97738518)</li> <li>xds: Remove unused opencensus-proto dependency (e7c3803b5)</li> <li>bazel: Replace <code>@com_github_cncf_udpa</code> usage with preexisting <code>@com_github_cncf_xds</code>; delete <code>@com_github_cncf_udpa</code> repo alias for xds (6dd6ca9f9)</li> <li>bazel: Upgrade envoyproxy/data-plane-api to 1611a730 (c540993aa). The version used by Gradle had been updated in 1.62.0 (68334a01), but the bazel version had not</li> <li>bazel: Use com_google_protobuf instead of com_google_protobuf_javalite (7a25e6895). Bazel’s protobuf rules no longer use the old com_google_protobuf_javalite repository name</li> <li>bazel: Don't require protobuf to be in maven_install (d3c2f5a2d). Protobuf’s targets are generally just used directly; this fixed the only place that used maven’s <code>artifact()</code> syntax</li> </ul> <h3>Thanks to</h3> <p><a href="https://github.com/hlx502";><code>@hlx502</code></a> <a href="https://github.com/erm-g";><code>@erm-g</code></a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/grpc/grpc-java/commit/cf784069508fc5767a85c915e43bb43ccfc84c76";><code>cf78406</code></a> Bump version to 1.66.0</li> <li><a href="https://github.com/grpc/grpc-java/commit/33af0a75fda4dcf2ff166ab400fc89b9066a7641";><code>33af0a7</code></a> Update README etc to reference 1.66.0</li> <li><a href="https://github.com/grpc/grpc-java/commit/19c9b998b1efd8bee3fb40335e1a5f7360859cfb";><code>19c9b99</code></a> xds: XdsClient should unsubscribe on last resource (<a href="https://redirect.github.com/grpc/grpc-java/issues/11264";>#11264</a>)</li> <li><a href="https://github.com/grpc/grpc-java/commit/752a045f10d59286d196c203d9177c6fb191241f";><code>752a045</code></a> Revert "Start 1.67.0 development cycle (<a href="https://redirect.github.com/grpc/grpc-java/issues/11416";>#11416</a>)" (<a href="https://redirect.github.com/grpc/grpc-java/issues/11428";>#11428</a>)</li> <li><a href="https://github.com/grpc/grpc-java/commit/ef09d94fe8d51aca13f3490f599ebbfabf3299ab";><code>ef09d94</code></a> Revert "Introduce onResult2 in NameResolver Listener2 that returns Status (<a href="https://redirect.github.com/grpc/grpc-java/issues/1";>#1</a>...</li> <li><a href="https://github.com/grpc/grpc-java/commit/c37fb181a4a803a0d4c4ad2733468c12004be59c";><code>c37fb18</code></a> Start 1.67.0 development cycle</li> <li><a href="https://github.com/grpc/grpc-java/commit/9ba2f9dec5c71a5d0afbba0f196331a47844bc07";><code>9ba2f9d</code></a> Introduce onResult2 in NameResolver Listener2 that returns Status (<a href="https://redirect.github.com/grpc/grpc-java/issues/11313";>#11313</a>)</li> <li><a href="https://github.com/grpc/grpc-java/commit/786523dca4461597072cc2b86e827d18a34e6440";><code>786523d</code></a> xds: WRR rr_fallback should trigger with one endpoint weight</li> <li><a href="https://github.com/grpc/grpc-java/commit/b108ed3ddf08d20926cab1ea4ddd75264aff8c18";><code>b108ed3</code></a> api: Give instruments a toString() including their name</li> <li><a href="https://github.com/grpc/grpc-java/commit/eb4cdf7959795d70c44aa74d572ddc5f8bd2ac5e";><code>eb4cdf7</code></a> Update MAINTAINERS.md (<a href="https://redirect.github.com/grpc/grpc-java/issues/11241";>#11241</a>)</li> <li>Additional commits viewable in <a href="https://github.com/grpc/grpc-java/compare/v1.65.0...v1.66.0";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: github-unsubscr...@arrow.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
