chore: bump the gradle-production-dependencies group across 1 directory with 13 updates

[dependabot]

Bumps the gradle-production-dependencies group with 13 updates in the /src/adservice directory:

Package	From	To
io.opentelemetry:opentelemetry-bom	1.44.1	1.46.0
io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom	2.10.0	2.12.0
com.google.api.grpc:proto-google-common-protos	2.49.0	2.51.0
io.grpc:grpc-protobuf	1.68.2	1.70.0
io.grpc:grpc-stub	1.68.2	1.70.0
io.grpc:grpc-netty	1.68.2	1.70.0
io.grpc:grpc-services	1.68.2	1.70.0
io.grpc:protoc-gen-grpc-java	1.68.2	1.70.0
org.apache.logging.log4j:log4j-core	2.24.2	2.24.3
dev.openfeature.contrib.providers:flagd	0.10.2	0.10.5
dev.openfeature:sdk	1.12.2	1.14.0
com.google.protobuf:protoc	3.25.3	4.29.3
com.github.ben-manes.versions	0.51.0	0.52.0

Updates io.opentelemetry:opentelemetry-bom from 1.44.1 to 1.46.0

Release notes

Sourced from io.opentelemetry:opentelemetry-bom's releases.

Version 1.46.0

SDK

• Remove unused dependencies, cleanup code after stabilizing Value (#6948)
• Explicitly allow null into CompletableResultCode.failExceptionally() (#6963)

Traces

• Fix span setStatus (#6990)

Logs

• Add getters/accessors for readable fields in ReadWriteLogRecord. (#6924)

Exporters

• OTLP: Update to opentelemetry-proto 1.5 (#6999)
• Bugfix - OTLP: Ensure Serializer runtime exceptions are rethrown as IOException (#6969)
• BREAKING - OTLP: Delete experimental OTLP authenticator concept. See OTLP authentication docs for supported solutions. (#6984)

Extensions

• BREAKING - Autoconfigure: Remove support for deprecated otel.experimental.resource.disabled.keys (#6931)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​breedx-splk @​celikrecep @​happysiddharth @​jack-berg @​jaydeluca @​jhalliday @​jkwatson @​laurit @​robsunday @​steverao @​trask @​zeitlinger

Version 1.45.0

API

• Add convenience method setAttribute(Attribute<Long>, int) to SpanBuilder (matching the existing convenience method in Span) (#6884)
• Extends TextMapGetter with experimental GetAll() method, implement usage in W3CBaggagePropagator (#6852)

SDK

Traces

... (truncated)

Changelog

Sourced from io.opentelemetry:opentelemetry-bom's changelog.

Version 1.46.0 (2025-01-10)

SDK

• Remove unused dependencies, cleanup code after stabilizing Value (#6948)
• Explicitly allow null into CompletableResultCode.failExceptionally() (#6963)

Traces

• Fix span setStatus (#6990)

Logs

• Add getters/accessors for readable fields in ReadWriteLogRecord. (#6924)

Exporters

• OTLP: Update to opentelemetry-proto 1.5 (#6999)
• Bugfix - OTLP: Ensure Serializer runtime exceptions are rethrown as IOException (#6969)
• BREAKING - OTLP: Delete experimental OTLP authenticator concept. See OTLP authentication docs for supported solutions. (#6984)

Extensions

• BREAKING - Autoconfigure: Remove support for deprecated otel.experimental.resource.disabled.keys (#6931)

Version 1.45.0 (2024-12-06)

API

• Add convenience method setAttribute(Attribute<Long>, int) to SpanBuilder (matching the existing convenience method in Span) (#6884)
• Extends TextMapGetter with experimental GetAll() method, implement usage in W3CBaggagePropagator (#6852)

SDK

Traces

• Add synchronization to SimpleSpanProcessor to ensure thread-safe export of spans

... (truncated)

Commits

• 5640314 [release/v1.46.x] Prepare release 1.46.0 (#7010)
• 0920d11 Prepare 1.46.0 (#7007)
• 2e0b315 fix(deps): update dependency com.google.protobuf:protobuf-bom to v4.29.3 (#7003)
• d74e277 fix(deps): update dependency com.squareup.okio:okio-bom to v3.10.2 (#7001)
• ccb6346 fix(deps): update dependency nl.jqno.equalsverifier:equalsverifier to v3.18.1...
• 43b38e2 Update profiling exporters for proto 1.5 (#6999)
• 330881a fix(deps): update dependency com.google.api.grpc:proto-google-common-protos t...
• 6f8d491 fix(deps): update spotless packages to v7.0.1 (#6998)
• 5f90b03 Fix span setStatus (#6990)
• d3e3807 fix(deps): update dependency com.squareup.okio:okio-bom to v3.10.1 (#6997)
• Additional commits viewable in compare view

Updates io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom from 2.10.0 to 2.12.0

Release notes

Sourced from io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom's releases.

Version 2.12.0

This release targets the OpenTelemetry SDK 1.46.0.

Note that many artifacts have the -alpha suffix attached to their version number, reflecting that they are still alpha quality and will continue to have breaking changes. Please see the VERSIONING.md for more details.

Migration notes

• Some Java agent instrumentation suppression keys have been renamed to match their module names: - elasticsearch-rest-6.0 --> elasticsearch-rest-6.4 - internal-application-logging --> internal-application-logger - javalin-5 -> javalin-5.0 - pulsar-2.8.0 -> pulsar-2.8
• In preparation for stabilizing HTTP library instrumentation soon: - setCaptured*Headers(List) methods in *TelemetryBuilder classes were changed to setCaptured*Headers(Collection) (#12901) - setKnownMethods(Set) methods in *TelemetryBuilder classes were changed to setKnownMethods(Collection) (#12902)

📈 Enhancements

• Support ExtendedTextMapGetter in gRPC instrumentation (#13011)
• Add database client metrics in DynamoDB instrumentation (#13033)
• Propagate context into async http client CompletableFuture callbacks (#13041)
• Exclude spring routing data source from Spring Starter instrumentation (#13054)
• Instrument jdbc batch queries (#12797)

🛠️ Bug fixes

• Fix incorrect dubbo trace caused by using rpcContext.isProviderSide() (#12930)
• Fix ClickHouse query failing with syntax error (#13020)
• Fix instrumentation module not loading silently when duplicate helper classnames are detected (#13005)
• Fix compatibility problem due to DubboHeadersGetter#keys in Dubbo 2.7.6 and 2.7.7 (#12982)
• Fix appender install for async Logback appenders (#13047)

🙇 Thank you

This release was possible thanks to the following contributors who shared their brilliant ideas and awesome pull requests:

@​AlbumenJ @​annettejanewilson @​ataraxis @​cleverchuk @​FlorianBruckner @​jamesmoessis @​jaydeluca @​jeanbisutti @​johnbley @​JonasKunz @​laurit @​markAtAthena @​rghugikar @​shalk @​steverao @​SylvainJuge @​trask @​xiepuhuan @​zeitlinger

... (truncated)

Changelog

Sourced from io.opentelemetry.instrumentation:opentelemetry-instrumentation-bom's changelog.

Version 2.12.0 (2025-01-17)

Migration notes

• Some Java agent instrumentation suppression keys have been renamed to match their module names:
  • elasticsearch-rest-6.0 --> elasticsearch-rest-6.4
  • internal-application-logging --> internal-application-logger
  • javalin-5 -> javalin-5.0
  • pulsar-2.8.0 -> pulsar-2.8
• In preparation for stabilizing HTTP library instrumentation soon:
  • setCaptured*Headers(List) methods in *TelemetryBuilder classes were changed to setCaptured*Headers(Collection) (#12901)
  • setKnownMethods(Set) methods in *TelemetryBuilder classes were changed to setKnownMethods(Collection) (#12902)

📈 Enhancements

• Support ExtendedTextMapGetter in gRPC instrumentation (#13011)
• Add database client metrics in DynamoDB instrumentation (#13033)
• Propagate context into async http client CompletableFuture callbacks (#13041)
• Exclude spring routing data source from Spring Starter instrumentation (#13054)
• Instrument jdbc batch queries (#12797)

🛠️ Bug fixes

• Fix incorrect dubbo trace caused by using rpcContext.isProviderSide() (#12930)
• Fix ClickHouse query failing with syntax error (#13020)
• Fix instrumentation module not loading silently when duplicate helper classnames are detected (#13005)
• Fix compatibility problem due to DubboHeadersGetter#keys in Dubbo 2.7.6 and 2.7.7 (#12982)
• Fix appender install for async Logback appenders (#13047)

Version 2.11.0 (2024-12-23)

Migration notes

In preparation for stabilizing HTTP library instrumentation soon:

• addAttributeExtractor methods in a few *TelemetryBuilder classes have been deprecated

... (truncated)

Commits

• 65f2b92 [release/v2.12.x] Prepare release 2.12.0 (#13056)
• 9fc83aa Update changelog for upcoming release (#13045)
• 467dfc0 Instrument jdbc batch queries (#12797)
• aaed8ac Spring starter: exclude spring routing data source from instrumentation (#13054)
• 93bca06 make rmi instrumentation indy-compatible + add module opener (#12585)
• 2da1d1f Logback: fix otel appender install for async appenders (#13047)
• ebdd5af fix(deps): update dependency org.snakeyaml:snakeyaml-engine to v2.9 (#13048)
• 93dd4c8 Propagate context into async http client CompletableFuture callbacks (#13041)
• 44bea8d add db client metrics for dynamo db (#13033)
• 4d2ea25 Rename another setSet... (#13046)
• Additional commits viewable in compare view

Updates com.google.api.grpc:proto-google-common-protos from 2.49.0 to 2.51.0

Release notes

Sourced from com.google.api.grpc:proto-google-common-protos's releases.

v2.51.0

2.51.0 (2024-12-12)

Features

• [iam] add ResourcePolicyMember to google/iam/v1 (b8e2859)

Bug Fixes

• #3381 (75dcb96)
• graalvm missing build time class when using protobuf 4.x (#3438) (f0236cf)
• return all library names if repo-level parameter changes (#3379) (75dcb96), closes #3381

Dependencies

• update dependency com.fasterxml.jackson:jackson-bom to v2.18.2 (#3422) (fdc3a54)
• update dependency com.google.api-client:google-api-client-bom to v2.7.1 (#3450) (35f1310)
• update dependency com.google.auth:google-auth-library-oauth2-http to v1.30.0 (#3428) (78cbff1)
• update dependency com.google.errorprone:error_prone_annotations to v2.36.0 (#3425) (52dcc0d)
• update dependency com.google.errorprone:error_prone_annotations to v2.36.0 (#3426) (77dd85d)
• update dependency dev.cel:cel to v0.8.0 (#3429) (79cde20)
• update dependency io.github.java-diff-utils:java-diff-utils to v4.15 (#3430) (91fd5cb)
• update dependency net.bytebuddy:byte-buddy to v1.15.10 (#3298) (7b503de)
• update dependency org.checkerframework:checker-qual to v3.48.3 (#3278) (c5fd1b4)
• update dependency org.easymock:easymock to v5.5.0 (#3431) (3c22f5e)
• update dependency packaging to v24.2 (#3432) (c1e7c81)
• update docker.io/library/alpine docker tag to v3.21.0 (#3433) (c8318c2)
• update docker.io/library/alpine:3.20.3 docker digest to 1e42bbe (#3417) (0f4ef19)
• update docker.io/library/maven:3.9.9-eclipse-temurin-11-alpine docker digest to 3bab9f2 (#3447) (ccf7eac)
• update docker.io/library/maven:3.9.9-eclipse-temurin-11-alpine docker digest to cdfb386 (#3418) (2559ff8)
• update docker.io/library/python docker tag to v3.13.1 (#3434) (feefd27)
• update google api dependencies (#3435) (3a1e8f2)
• update google auth library dependencies to v1.30.1 (#3453) (d7b7dd9)
• update google http client dependencies to v1.45.2 (#3394) (f8ee892)
• update google http client dependencies to v1.45.3 (#3454) (a112559)
• update google.cloud.opentelemetry.version to v0.33.0 (#3436) (e519626)
• update googleapis/java-cloud-bom digest to 93740d5 (#3280) (f987db5)
• update grpc dependencies to v1.68.2 (#3420) (6d0a169)
• update grpc dependencies to v1.69.0 (#3451) (0effb37)
• update junit5 monorepo to v5.11.3 (#3310) (4e33f2b)
• update netty dependencies (#3423) (22ea7b5)
• update opentelemetry-java monorepo to v1.44.1 (#3437) (66b85da)
• update opentelemetry-java monorepo to v1.45.0 (#3439) (d29475a)
• update repo-automation-bots digest to 6662ddc (#3421) (dec5de0)
• update repo-automation-bots digest to 8230b4e (#3448) (e53199b)
• update repo-automation-bots digest to ae0a72f (#3452) (331bacf)
• update repo-automation-bots digest to f3fbbab (#3419) (343a029)

... (truncated)

Changelog

Sourced from com.google.api.grpc:proto-google-common-protos's changelog.

2.51.0 (2024-12-12)

Features

• [iam] add ResourcePolicyMember to google/iam/v1 (b8e2859)

Bug Fixes

• #3381 (75dcb96)
• graalvm missing build time class when using protobuf 4.x (#3438) (f0236cf)
• return all library names if repo-level parameter changes (#3379) (75dcb96), closes #3381

Dependencies

• update dependency com.fasterxml.jackson:jackson-bom to v2.18.2 (#3422) (fdc3a54)
• update dependency com.google.api-client:google-api-client-bom to v2.7.1 (#3450) (35f1310)
• update dependency com.google.auth:google-auth-library-oauth2-http to v1.30.0 (#3428) (78cbff1)
• update dependency com.google.errorprone:error_prone_annotations to v2.36.0 (#3425) (52dcc0d)
• update dependency com.google.errorprone:error_prone_annotations to v2.36.0 (#3426) (77dd85d)
• update dependency dev.cel:cel to v0.8.0 (#3429) (79cde20)
• update dependency io.github.java-diff-utils:java-diff-utils to v4.15 (#3430) (91fd5cb)
• update dependency net.bytebuddy:byte-buddy to v1.15.10 (#3298) (7b503de)
• update dependency org.checkerframework:checker-qual to v3.48.3 (#3278) (c5fd1b4)
• update dependency org.easymock:easymock to v5.5.0 (#3431) (3c22f5e)
• update dependency packaging to v24.2 (#3432) (c1e7c81)
• update docker.io/library/alpine docker tag to v3.21.0 (#3433) (c8318c2)
• update docker.io/library/alpine:3.20.3 docker digest to 1e42bbe (#3417) (0f4ef19)
• update docker.io/library/maven:3.9.9-eclipse-temurin-11-alpine docker digest to 3bab9f2 (#3447) (ccf7eac)
• update docker.io/library/maven:3.9.9-eclipse-temurin-11-alpine docker digest to cdfb386 (#3418) (2559ff8)
• update docker.io/library/python docker tag to v3.13.1 (#3434) (feefd27)
• update google api dependencies (#3435) (3a1e8f2)
• update google auth library dependencies to v1.30.1 (#3453) (d7b7dd9)
• update google http client dependencies to v1.45.2 (#3394) (f8ee892)
• update google http client dependencies to v1.45.3 (#3454) (a112559)
• update google.cloud.opentelemetry.version to v0.33.0 (#3436) (e519626)
• update googleapis/java-cloud-bom digest to 93740d5 (#3280) (f987db5)
• update grpc dependencies to v1.68.2 (#3420) (6d0a169)
• update grpc dependencies to v1.69.0 (#3451) (0effb37)
• update junit5 monorepo to v5.11.3 (#3310) (4e33f2b)
• update netty dependencies (#3423) (22ea7b5)
• update opentelemetry-java monorepo to v1.44.1 (#3437) (66b85da)
• update opentelemetry-java monorepo to v1.45.0 (#3439) (d29475a)
• update repo-automation-bots digest to 6662ddc (#3421) (dec5de0)
• update repo-automation-bots digest to 8230b4e (#3448) (e53199b)
• update repo-automation-bots digest to ae0a72f (#3452) (331bacf)
• update repo-automation-bots digest to f3fbbab (#3419) (343a029)

... (truncated)

Commits

• 1e73a4a chore(main): release 2.51.0 (#3382)
• b8e2859 chore: update googleapis commit at Thu Dec 12 16:36:20 UTC 2024 (#3459)
• a971cd7 chore: close repo after use (#3457)
• 18473a7 chore: push current branch to remote (#3455)
• d7579ba ci: Add Downstream Protobuf-Java Source Compatibility Test (#3405)
• 35f1310 deps: update dependency com.google.api-client:google-api-client-bom to v2.7.1...
• d7b7dd9 deps: update google auth library dependencies to v1.30.1 (#3453)
• a112559 deps: update google http client dependencies to v1.45.3 (#3454)
• 331bacf deps: update repo-automation-bots digest to ae0a72f (#3452)
• e53199b deps: update repo-automation-bots digest to 8230b4e (#3448)
• Additional commits viewable in compare view

Updates io.grpc:grpc-protobuf from 1.68.2 to 1.70.0

Release notes

Sourced from io.grpc:grpc-protobuf's releases.

v1.70.0

Bug Fixes

• Re-enable animalsniffer, fixing most violations (8ea362937). Violations would only have triggered on API level 23 and earlier, and the violations fixed here were highly unlikely to be triggered
• api: Fix Android API level 23 and earlier compatibility for StatusRuntimeException without stacktrace (#11072) (ebe2b4867). This fixes a regression introduced in 1.64.0. The regression should have caused failures on API level 23 and earlier when a StatusRuntimeException or StatusException was created. However, for unknown reasons tests on old devices didn’t notice issues
• okhttp: Improve certificate handling by rejecting non-ASCII subject alternative names and hostnames as seen in CVE-2021-0341 (#11749) (a0982ca0a). Hostnames are considered trusted and CAs are required to use punycode for non-ASCII hostnames, so this is expected to provide defense-in-depth. See also the related GoSecure blog post and the AOSP fix
• okhttp: Fix for ipv6 link local with scope (#11725) (65b32e60e)
• xds: Preserve nonce when unsubscribing last watcher of a particular type so that new discovery requests of that type are handled correctly (1cf1927d1). This (along with 6c12c2bd2) fixes a nonce-handling regression introduced in 1.66.0 that could cause resources to appear to not exist until re-creating the ADS stream. Triggering the behavior required specific config changes. It is easiest to trigger when clusters use EDS and routes are changed from one cluster to another. The error “found 0 leaf (logical DNS or EDS) clusters for root cluster” might then be seen
• xds: Remember nonces for unknown types (6c12c2bd2)
• xds: Unexpected types in the bootstrap’s server_features should be ignored (e8ff6da2c). They were previously required to be strings
• xds: Remove xds authority label from metric registration (#11760) (6516c7387). This fixes the error “Incorrect number of required labels provided. Expected: 4” introduced in 1.69.0
• xds: Fixed unsupported unsigned 32 bits issue for circuit breaker (#11735) (f8f613984). This fixes clients treating large max_requests as “no requests” and failing all requests

Improvements

• api: Introduce custom NameResolver.Args (#11669) (0b2d44098)
• stub: Introduce new API: BlockingStubV2 which supports Bidi streaming, Client streaming, a cleaner Server streaming and Unary RPCs (#10318) (ea8c31c30)
• bazel: Remove workaround for DoNotCall fixed in Bazel 3.4 (805cad378)
• binder: A standard API for pointing resolvers at a different Android User. (#11775) (1126a8e30)
• xds: Fix XDS control plane client retry timer backoff duration when connection closes after results are received (#11766) (ef7c2d59c)
• xds: Parsing xDS Cluster Metadata (#11741) (1edc4d84d). Not used actively, but this adds validation. The validation is unlikely to fail but may reject invalid resources.
• xds: Use "#server" as dataplane target value for xDS enabled gRPC servers (#11715) (ebb43a69e). This only impacts the grpc.target label in grpc.xds_client.* metrics. Previously the empty string was used
• rls: Reduce RLS debug channel logging (7f9c1f39f). This only matters when debug logging is enabled

Documentation

• examples: Simplify graceful shutdown in Hostname example (f1109e421)
• examples: Remove references to maven-central.storage-download.googleapis.com (c96e926e6)
• examples: Updated the attachHeaders to newAttachHeadersInterceptor in HeaderClientInterceptor (#11759) (5e8abc677)

Dependencies

• Bazel 8 is released, so replace Bazel 6 testing with Bazel 7 (8a5f7776d)

Thanks to

• @​panchenko
• @​benjaminp
• @​ZachChuba
• @​vinodhabib

v1.69.1

Bug Fixes

• okhttp: Improve certificate handling by rejecting non-ASCII subject alternative names and hostnames as seen in CVE-2021-0341 (#11749) (a0982ca0a). Hostnames are considered trusted and CAs are required to use punycode for non-ASCII hostnames, so this is expected to provide defense-in-depth. See also the related GoSecure blog post and the AOSP fix
• xds: Preserve nonce when unsubscribing last watcher of a particular type so that new discovery requests of that type are handled correctly (1cf1927d1). This (along with 6c12c2bd2) fixes a nonce-handling regression introduced in 1.66.0 that could cause resources to appear to not exist until re-creating the ADS stream. Triggering the behavior required specific config changes. It is easiest to trigger when clusters use EDS and routes are changed from one cluster to another. The error “found 0 leaf (logical DNS or EDS) clusters for root cluster” might then be seen
• xds: Remember nonces for unknown types (6c12c2bd2)
• xds: Unexpected types in the bootstrap’s server_features should be ignored (e8ff6da2c). They were previously required to be strings
• xds: Fixed unsupported unsigned 32 bits issue for circuit breaker (#11735) (f8f613984). This fixes clients treating large max_requests as “no requests” and failing all requests
• xds: Remove xds authority label from metric registration (#11760) (6516c7387). This fixes the error “Incorrect number of required labels provided. Expected: 4” introduced in 1.69.0

... (truncated)

Commits

• 22a42c8 Bump version to 1.70.0
• e015a74 Update README etc to reference 1.70.0
• 4412054 xds: Rename grpc.xds.cluster to grpc.lb.backend_service
• 7dada7d xds: Pass grpc.xds.cluster label to tracer
• 1edc4d8 xds: Parsing xDS Cluster Metadata (#11741)
• 4222f77 xds:Move creating the retry timer in handleRpcStreamClosed to as late as poss...
• 6c12c2b xds: Remember nonces for unknown types
• 4a0f707 xds: Avoid depending on io.grpc.xds.Internal* classes
• 1cf1927 xds: Preserve nonce when unsubscribing type
• 9a712c3 xds: Make XdsClient.ResourceStore package-private
• Additional commits viewable in compare view

Updates io.grpc:grpc-stub from 1.68.2 to 1.70.0

Release notes

Sourced from io.grpc:grpc-stub's releases.

v1.70.0

Bug Fixes

• Re-enable animalsniffer, fixing most violations (8ea362937). Violations would only have triggered on API level 23 and earlier, and the violations fixed here were highly unlikely to be triggered
• api: Fix Android API level 23 and earlier compatibility for StatusRuntimeException without stacktrace (#11072) (ebe2b4867). This fixes a regression introduced in 1.64.0. The regression should have caused failures on API level 23 and earlier when a StatusRuntimeException or StatusException was created. However, for unknown reasons tests on old devices didn’t notice issues
• okhttp: Improve certificate handling by rejecting non-ASCII subject alternative names and hostnames as seen in CVE-2021-0341 (#11749) (a0982ca0a). Hostnames are considered trusted and CAs are required to use punycode for non-ASCII hostnames, so this is expected to provide defense-in-depth. See also the related GoSecure blog post and the AOSP fix
• okhttp: Fix for ipv6 link local with scope (#11725) (65b32e60e)
• xds: Preserve nonce when unsubscribing last watcher of a particular type so that new discovery requests of that type are handled correctly (1cf1927d1). This (along with 6c12c2bd2) fixes a nonce-handling regression introduced in 1.66.0 that could cause resources to appear to not exist until re-creating the ADS stream. Triggering the behavior required specific config changes. It is easiest to trigger when clusters use EDS and routes are changed from one cluster to another. The error “found 0 leaf (logical DNS or EDS) clusters for root cluster” might then be seen
• xds: Remember nonces for unknown types (6c12c2bd2)
• xds: Unexpected types in the bootstrap’s server_features should be ignored (e8ff6da2c). They were previously required to be strings
• xds: Remove xds authority label from metric registration (#11760) (6516c7387). This fixes the error “Incorrect number of required labels provided. Expected: 4” introduced in 1.69.0
• xds: Fixed unsupported unsigned 32 bits issue for circuit breaker (#11735) (f8f613984). This fixes clients treating large max_requests as “no requests” and failing all requests

Improvements

• api: Introduce custom NameResolver.Args (#11669) (0b2d44098)
• stub: Introduce new API: BlockingStubV2 which supports Bidi streaming, Client streaming, a cleaner Server streaming and Unary RPCs (#10318) (ea8c31c30)
• bazel: Remove workaround for DoNotCall fixed in Bazel 3.4 (805cad378)
• binder: A standard API for pointing resolvers at a different Android User. (#11775) (1126a8e30)
• xds: Fix XDS control plane client retry timer backoff duration when connection closes after results are received (#11766) (ef7c2d59c)
• xds: Parsing xDS Cluster Metadata (#11741) (1edc4d84d). Not used actively, but this adds validation. The validation is unlikely to fail but may reject invalid resources.
• xds: Use "#server" as dataplane target value for xDS enabled gRPC servers (#11715) (ebb43a69e). This only impacts the grpc.target label in grpc.xds_client.* metrics. Previously the empty string was used
• rls: Reduce RLS debug channel logging (7f9c1f39f). This only matters when debug logging is enabled

Documentation

• examples: Simplify graceful shutdown in Hostname example (f1109e421)
• examples: Remove references to maven-central.storage-download.googleapis.com (c96e926e6)
• examples: Updated the attachHeaders to newAttachHeadersInterceptor in HeaderClientInterceptor (#11759) (5e8abc677)

Dependencies

• Bazel 8 is released, so replace Bazel 6 testing with Bazel 7 (8a5f7776d)

Thanks to

• @​panchenko
• @​benjaminp
• @​ZachChuba
• @​vinodhabib

v1.69.1

Bug Fixes

• okhttp: Improve certificate handling by rejecting non-ASCII subject alternative names and hostnames as seen in CVE-2021-0341 (#11749) (a0982ca0a). Hostnames are considered trusted and CAs are required to use punycode for non-ASCII hostnames, so this is expected to provide defense-in-depth. See also the related GoSecure blog post and the AOSP fix
• xds: Preserve nonce when unsubscribing last watcher of a particular type so that new discovery requests of that type are handled correctly (1cf1927d1). This (along with 6c12c2bd2) fixes a nonce-handling regression introduced in 1.66.0 that could cause resources to appear to not exist until re-creating the ADS stream. Triggering the behavior required specific config changes. It is easiest to trigger when clusters use EDS and routes are changed from one cluster to another. The error “found 0 leaf (logical DNS or EDS) clusters for root cluster” might then be seen
• xds: Remember nonces for unknown types (6c12c2bd2)
• xds: Unexpected types in the bootstrap’s server_features should be ignored (e8ff6da2c). They were previously required to be strings
• xds: Fixed unsupported unsigned 32 bits issue for circuit breaker (#11735) (f8f613984). This fixes clients treating large max_requests as “no requests” and failing all requests
• xds: Remove xds authority label from metric registration (#11760) (6516c7387). This fixes the error “Incorrect number of required labels provided. Expected: 4” introduced in 1.69.0

... (truncated)

Commits

• 22a42c8 Bump version to 1.70.0
• e015a74 Update README etc to reference 1.70.0
• 4412054 xds: Rename grpc.xds.cluster to grpc.lb.backend_service
• 7dada7d xds: Pass grpc.xds.cluster label to tracer
• 1edc4d8 xds: Parsing xDS Cluster Metadata (#11741)
• 4222f77 xds:Move creating the retry timer in handleRpcStreamClosed to as late as poss...
• 6c12c2b xds: Remember nonces for unknown types
• 4a0f707 xds: Avoid depending on io.grpc.xds.Internal* classes
• 1cf1927 xds: Preserve nonce when unsubscribing type
• 9a712c3 xds: Make XdsClient.ResourceStore package-private
• Additional commits viewable in compare view

Updates `io.grpc:g...

Description has been truncated