Bug Fixes
- api: Ignore
ClassCastExceptionsfor hard-coded providers on Android (#9174). This avoidsServiceConfigurationErrorin certain cases when an “SDK” includes a copy of gRPC that was renamed with Proguard-like tools that do precise class name rewriting (versus something like Maven Shade Plugin which uses coarse pattern matching) - binder: respect requested message limits when provide received messages to listener (#9163)
- binder: Avoid an ISE from
asAndroidAppUri()(#9169) - okhttp: Use the user-provided
ScheduledExecutorServicefor keepalive if provided. Previously the user-provided executor was used for deadlines, but not keepalive. Keepalive always used the default executor (#9073) - bom: Reverted “bom: Removed protoc-gen-grpc-java from the BOM” in v1.46.0. There was a way to use it with Gradle (#9154)
- build: fix grpc-java build against protobuf 3.21 (#9218)
- grpclb: Adds missing META-INF resources to
libgrpclb.jarproduced by bazel//grpclb:grpclbtarget (#9156) - xds: Protect xdstp processing with federation env var. If the xds server uses xdstp:// resource names it was possible for federation code paths to be entered even without enabling the experimental federation support. This is now fixed and it is safe for xds servers to use xdstp:// resource names. (#9190)
- xds: fix bugs in ring-hash load balancer picking subchannel behavior per gRFC. The bug may cause connection not failing over from
TRANSIENT_FAILUREstatus. (#9085) - xds: NACK EDS resources with duplicate localities in the same priority (#9119)
New Features
- api: Add connection management APIs to
ServerBuilder(#9176). This includes methods for keepalive, max connection age, and max connection idle. These APIs have been available on NettyServerBuilder since v1.4.0 - api: allow
NameResolverto influence which transport to use (#9076) - api: New API in ServerCall to expose SecurityLevel on server-side (#8943)
- netty: Add
NameResolverforunix:scheme, as defined in gRPC Name Resolution (#9113) - binder: add
allOfsecurity policy, which allows access iff ALL given security policies allow access. (#9125) - binder: add
anyOfsecurity policy, which allows access if ANY given security policy allows access. (#9147) - binder: add
hasPermissionssecurity policy, which checks that a caller has all of the given package permissions. (#9117) - build: Add Bazel build support for xds, googleapis, rls, and services. grpc-services previously had partial bazel support, but some parts were missing. These artifacts are now configured via
IO_GRPC_GRPC_JAVA_OVERRIDE_TARGETSso maven_install will not use the artifacts from Maven Central (#9172) - xds: New ability to configure custom load balancer implementations via the xDS
Cluster.load_balancing_policyfield. This implements gRFC A52: gRPC xDS Custom Load Balancer Configuration. (#9141) - xds, orca: add support for custom backend metrics reporting: allow setting metrics at gRPC server and consuming metrics reports from a custom load balancing policy at the client. This implements gRFC A51: Custom Backend Metrics Support.
- xds: include node ID in RPC failure status messages from the XdsClient (#9099)
- xds: support for the
is_optionallogic in Cluster Specifier Plugins: if an unsupported Cluster Specifier Plugin is optional, don't NACK, and skip any routes that point to it. (#9168)
Behavior Changes
- xds: Allow unspecified listener traffic direction, to match other languages and to work with Istio (#9173)
- xds: change priority load balancer failover time behavior and
ring_hashLB aggregation rule to better handle transient_failure channel status (#9084, #9093)
Dependencies
- Bump GSON to 2.9.0. Earlier versions of GSON are affected by CVE-2022-25647. gRPC was not impacted by the vulnerability. (#9215)
- gcp-observability: add grpc-census as a dependency and update opencensus version (#9140)