v1.26.0

Dependencies

• Bump protobuf-java to 3.11.0.
• Bump protobuf-javalite to 3.11.0. This brings lite in-line with full protobuf. Be aware that the Maven artifact name changed for Protobuf lite. The dependency is now com.google.protobuf:protobuf-javalite instead of com.google.protobuf:protobuf-lite
• Bump gson to 2.8.6
• Bump google-auth-library-credentials and google-auth-library-oauth2-http to 0.18.0 (#6360)
• Bump mockito to 2.28.2 (#6355)

Bug Fixes

• netty, okhttp: Known IOExceptions are logged as FINE level
• interop-testing, benchmarks: missing executables (since 1.19.0) is now published again
• cronet: grpc-cronet artifact contains empty .aar due to code shrinking was enabled, now it is fixed.
• alts: fix lazychannel close (#6475)

API Changes

• api, core: make channel logger accessible through NameResolver.Args (#6430)
• api, core: make scheduled executor service accessible for NameResolver.Args (#6455)
• stub, compiler: generated stubs are now extended from AbstractStub to indicate stub type (AbstractAsyncStub, AbstractFutureStub, AbstractFutureStub)
• api: the deprecated API ManagedChannelBuilder.usePlaintext(boolean) is removed (#1772, #6440).

New Features

• Pre-build binaries for the aarch64 platform
• Add s390x cross-compiling support

Acknowledgements

• Carl Mastrangelo (@carl-mastrangelo)
• Elliotte Rusty Harold (@elharo)
• Liu sheng (@liusheng)
• Nayana Thorat (@Nayana-ibm)
• Steve Rao (@steverao)
• Tomo Suzuki (@suztomo)
• Yongwoo Noh (@yonguno)

v1.24.2

Dependencies

• Bumped perfmark to 0.19.0
• Bumped error_prone_annotations to 2.3.3

Bug Fixes

• alts: fixed wrong ComputeEngineChannelBuilder class signature (#6381)

New Features

• grpclb: Add dns NameResolver to io.grpc.grpclb that has SRV record lookup enabled by default (#6298). This allows using grpclb without the -Dio.grpc.internal.DnsNameResolverProvider.enable_grpclb=true system property. Note that grpclb is still experimental and deprecated. In particular, we plan to change grpclb policy selection which together with this change provides a path forward for grpclb to function without custom support in grpc-core; see gRFC A26

v1.25.0

Dependencies

• Bumped netty to 4.1.42
• Bumped error_prone_annotations to 2.3.3
• Bumped perfmark to 0.19.0
• Bumped guava to 28.1
• Bumped gson to 2.8.5
• Bumped protobuf to 3.10.0
• Tests bumped truth to 1.0

Bug Fixes

• Rolled forward the fix for “ClientCall.Listener.onClose never called when the call is interrupted” (#6255)
• netty: fixed the bug that users using proxy may experience hang when starting channel (#6159)
• alts: fixed potential memory leak when alts negotiation is aborted (#6186)
• alts: fixed wrong ComputeEngineChannelBuilder class signature (#6367)
• bom: now specifying pom type for protoc-gen-grpc-java (#6247)
• netty: Check for TE: trailers header after checking Content-Type. This prevents confusing warnings when a non-grpc client contacts a grpc server
• bazel: Fixed typo in repositories.bzl for maven_install override_targets; io.grpc:grpc-core was pointing to a non-existent target name
• okhttp: fixed header scheme that did not match transport type (#6264). OkHttp users using plaintext may experience errors when communicating with dotnet gRPC server is fixed.

API Changes

• api: MethodDescriptor’s safe and idempotent methods are now considered stable and set appropriately by the generated code when the proto contains the RPC option option idempotency_level = NO_SIDE_EFFECTS; or option idempotency_level = IDEMPOTENT;. grpc-java is not using these values directly, but interceptors are free to observe them
• protobuf: StatusProto.fromStatusAndTrailers fall-back to status if trailers are not available (#6278). Previously it returned null
• bazel: Removed deps from grpc_java_repositories() that protobuf_deps() provides
• ManageChannelBuilder.usePlaintext() (with no argument) is now stabilized.

New Features

• okhttp: add full implementation of HPACK header compression (#6026). Patched HTTP header compression implementation for writer from OkHttp3, which was missing in OkHttp2.
• bazel: added support for --incompatible_load_cc_rules_from_bzl and --incompatible_load_proto_rules_from_bzl
• netty: Implicitly use Conscrypt when it is available and is necessary. If tcnative is not available and the JVM is Java 7 or 8, then grpc will use Conscrypt if present. This allows using Conscrypt by just adding Conscrypt to the classpath
• alts: Use Conscrypt when available. This provides Java 7 support and gives a huge performance boost on Java 8. Java 7 update 121 and Java 8 update 111 (released three years ago) are required.
• api: Add EquivalentAddressGroup.ATTR_AUTHORITY_OVERRIDE which allows NameResolvers to specify different names for different backends within one Channel which may be especially useful for certain TLS deployments (#6126). Note that NameResolvers must receive the authority names from a trusted source (e.g., local file, remote server with TLS)
• core: Propagate EquivalentAddressGroup Attributes in RoundRobinLoadBalancer. This allows NameResolvers to set attributes like ATTR_AUTHORITY_OVERRIDE with round robin
• api: Added ManagedChannelBuilder.offloadExecutor() for expensive or blocking operations like DNS resolution. Previously an internal executor was used that couldn’t be overridden. The executor is also passed to NameResolvers via Args.getOffloadExecutor()
• grpclb: Add dns NameResolver to io.grpc.grpclb that has SRV record lookup enabled by default (#6298). This allows using grpclb without the -Dio.grpc.internal.DnsNameResolverProvider.enable_grpclb=true system property. Note that grpclb is still experimental and deprecated. In particular, we plan to change grpclb policy selection which together with this change provides a path forward for grpclb to function without custom support in grpc-core; see gRFC A26

Acknowledgements

• Anar Sultanov (@anarsultanov)
• Elliotte Rusty Harold (@elharo)
• Grant Oakley (@groakley)
• Przemek Piotrowski (@ppiotrow)
• Steve Rao (@steverao)
• edr (@enguerrand)

v1.24.1

This release resolves proxy hang issue during initial protocol negotiation, users using proxy should upgrade.
ADDED: please upgrade to 1.24.2 or 1.25.0, see known issues for more details.

Known Issues

• grpclb change described in new features is not part of this release, users should upgrade to 1.24.2 or 1.25.0.
• Users may see dependency failing error about error_prone_annotations version requirement when building the application (#6217). Adding perkmark 0.19.0 (io.perfmark:perfmark-api:0.19.0) to dependency can workaround this issue.

Dependencies

• Bump perfmark to 0.19.0 correction: didn't made the cut

Bug Fixes

• netty: Users using proxy may experience hang is fixed (#6159).
• bom: specify pom type for protoc-gen-grpc-java (#6247).
• okhttp: fix header scheme does not match transport type (#6264). OkHttp users using plaintext may experienced error when communicate with dotnet gRPC server is fixed.

New Features

• grpclb: Add dns NameResolver to io.grpc.grpclb that has SRV record lookup enabled by default (#6298). This allows using grpclb without the -Dio.grpc.internal.DnsNameResolverProvider.enable_grpclb=true system property. Note that grpclb is still experimental and deprecated. In particular, we plan to change grpclb policy selection which together with this change provides a path forward for grpclb to function without custom support in grpc-core; see gRFC A26 correction: didn't made the cut, please use 1.25.0 or 1.24.2.

v1.23.1

This release resolves proxy hang issue during initial protocol negotiation, users using proxy should upgrade.

Known Issues

• Users may see dependency failing error about error_prone_annotations version requirement when building the application (#6217). Adding perkmark 0.19.0 (io.perfmark:perfmark-api:0.19.0) to dependency can workaround this issue.

Bug Fixes

• netty: Users using proxy may experience hang is fixed (#6159).
• bom: specify pom type for protoc-gen-grpc-java (#6247).
• okhttp: fix header scheme does not match transport type (#6264). OkHttp users using plaintext may experienced error when communicate with dotnet gRPC server is fixed.

v1.22.3

This release resolves proxy hang issue during initial protocol negotiation, users using proxy should upgrade.

Known Issues

• Users may see dependency failing error about error_prone_annotations version requirement when building the application (#6217). Adding perkmark 0.19.0 (io.perfmark:perfmark-api:0.19.0) to dependency can workaround this issue.

Bug Fixes

• netty: Users using proxy may experience hang is fixed (#6172).
• bom: specify pom type for protoc-gen-grpc-java (#6246).
• okhttp: fix header scheme does not match transport type (#6265). OkHttp users using plaintext may experienced error when communicate with dotnet gRPC server is fixed.

v1.24.0

Dependencies

• core: Migrate to new OpenCensus method & status tags (#5996)

Bug Fixes

• core: handle removing partially-closed resources for throwing on close. Fixes #6002. (#6044)
• auth: fix builder invocation for converting Google service account to Jwt access credential (#6106)
• netty: netty client using http proxy may experienced hang is fixed (#6159). This issue was introduced in 1.22.0.
• bazel: Fix java path separator bug on Windows (#6054)
• grpclb: fix pick_first mode shutdown without subchannels. (#6072)

API Changes

• The deprecated API ManagedChannelBuilder.usePlaintext(boolean skipNegotiation) will be removed in the next release. If you are still using it, please plan a migration (#1772)
• android: final stabilization of AndroidChannelBuilder (#6097). AndroidChannelBuilder is stabilized. Deprecated APIs are deleted. fromBuilder(...) is deprecated with replacement of usingBuilder(...).
• core: allow setting custom Deadline.Ticker to InProcessServerBuilder (#6034)

New Features

• bazel: Added //netty:shaded_maven target, similar to netty-shaded. It is only intended as a dependency for pre-compiled JARs
• bazel: Added IO_GRPC_GRPC_JAVA_OVERRIDE_TARGETS for use with maven_install. See repositories.bzl for how to use
• cronet: add grpc-cronet artifact publishing configurations (#6130). grpc-cronet is published as a standalone artifact in maven central.

Documentation

• doc: explicitly mention that Deadline might saturate (#6085)

Acknowledgements

• @aadityasg Aaditya Gavandalkar
• @dharmeshjogadia Dharmesh Jogadia
• @igorbernstein2 Igor Bernstein
• @KangZhiDong 康智冬
• @laurentlb Laurent Le Brun
• @ST-DDT
• @Xjs Jannis Andrija Schnitzer

v1.23.0

This release resolves the DoS vulnerability CVE-2019-9515 (SETTINGS flood). Users using the grpc-netty server with untrusted clients should upgrade.

Dependencies

• Bump netty to 4.1.38
• Bump PerfMark to 0.17.0
• Bump protobuf to 3.9.0

Bug Fixes

• netty: Limit number of frames a client can cause the server to enqueue (#6056). Addresses CVE-2019-9515 (Settings flood). While grpc-java was not vulnerable to CVE-2019-9512 (Ping flood) nor CVE-2019-9514 (Reset flood), the fix provides protections against these attacks as well
• alts: Fix server hang (#5900)
• context: Fix race between CancellableContext and Context (#5981)
• stub: Avoid race in onHalfClose server StreamObserver (#5991)
• core: Avoid using partially-closed resources that threw during close in SharedResourceHolder (#6048). This avoids a permanent hang when using google-cloud-java. See googleapis/google-cloud-java#5810 and googleapis/google-cloud-java#5801

API Changes

• core: Add @Nullable to getter for trailers on StatusRuntimeException (#5951)
• core: ClientStream.getAttributes() can be called at any time (#5904)
• core,netty: Block server shutdown until the socket is unbound (#5905)
• netty: Users providing EventLoopGroup and/or ChannelType for NettyServerBuilder and NettyChannelBuilder requires to provide all of them or none. Otherwise, it will throw an IllegalStateException (#6014)
• stub,core: avoid calling onReady if the call is UNARY or SERVER_STREAMING for performance optimization. Users relying on onReady need to migrate. (Note: ADDED on 2/3/20)

New Features

• Make //compiler:grpc_java_plugin publicly visible again (#5947)
• java_grpc_library.bzl: Work with proto_library rules using strip_import_prefix / import_prefix (#5959)
• Make .proto import path computation work with virtual protos in the main repository (#5967)
• core: Attach debug information about stream to DEADLINE_EXCEEDED (#5892)

Documentation

• Provide an example of hedging in examples
• compiler: Add note about where to download precompiled version of plugin (#6022)

Acknowledgements

@aaliddell Adam Liddell
@DarrienG Darrien Glasser
@jadekler Jean de Klerk
@lberki Lukacs T. Berki
@liym stbridge
@mkobit Mike Kobit
@tiggerlee2 Shuangtai Li
@zhaonian Zhaonian Luan

v1.22.2

This release resolves the DoS vulnerability CVE-2019-9515 (SETTINGS flood). Users using the grpc-netty server with untrusted clients should upgrade.

Bug fixes

• netty: Limit number of frames a client can cause the server to enqueue (#6056). Addresses CVE-2019-9515 (Settings flood). While grpc-java was not vulnerable to CVE-2019-9512 (Ping flood) nor CVE-2019-9514 (Reset flood), the fix provides protections against these attacks as well
• core: Avoid using partially-closed resources that threw during close in SharedResourceHolder (#6048). This avoids a permanent hang when using google-cloud-java. See googleapis/google-cloud-java#5810 and googleapis/google-cloud-java#5801

v1.21.1

This release resolves the DoS vulnerability CVE-2019-9515 (SETTINGS flood). Users using the grpc-netty server with untrusted clients should upgrade.

Bug fixes

• netty: Limit number of frames a client can cause the server to enqueue (#6056). Addresses CVE-2019-9515 (Settings flood). While grpc-java was not vulnerable to CVE-2019-9512 (Ping flood) nor CVE-2019-9514 (Reset flood), the fix provides protections against these attacks as well
• bazel: fixed a regression in v1.21 where java_grpc_library ignored custom java toolchains (#5844)
• bazel target //compiler:grpc_java_plugin is publicly visible again (#5953). The target wasn't publicly visible since v1.21.0. This target was used by rules_proto.
• core: Avoid using partially-closed resources that threw during close in SharedResourceHolder (#6048). This avoids a permanent hang when using google-cloud-java. See googleapis/google-cloud-java#5810 and googleapis/google-cloud-java#5801