Skip to content

chore(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.3#1505

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/google.golang.org/grpc-1.79.3
Open

chore(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.3#1505
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/google.golang.org/grpc-1.79.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 18, 2026

Copy link
Copy Markdown
Contributor

Bumps google.golang.org/grpc from 1.78.0 to 1.79.3.

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.79.3

Security

  • server: fix an authorization bypass where malformed :path headers (missing the leading slash) could bypass path-based restricted "deny" rules in interceptors like grpc/authz. Any request with a non-canonical path is now immediately rejected with an Unimplemented error. (#8981)

Release 1.79.2

Bug Fixes

  • stats: Prevent redundant error logging in health/ORCA producers by skipping stats/tracing processing when no stats handler is configured. (grpc/grpc-go#8874)

Release 1.79.1

Bug Fixes

Release 1.79.0

API Changes

  • mem: Add experimental API SetDefaultBufferPool to change the default buffer pool. (#8806)
  • experimental/stats: Update MetricsRecorder to require embedding the new UnimplementedMetricsRecorder (a no-op struct) in all implementations for forward compatibility. (#8780)

Behavior Changes

  • balancer/weightedtarget: Remove handling of Addresses and only handle Endpoints in resolver updates. (#8841)

New Features

  • experimental/stats: Add support for asynchronous gauge metrics through the new AsyncMetricReporter and RegisterAsyncReporter APIs. (#8780)
  • pickfirst: Add support for weighted random shuffling of endpoints, as described in gRFC A113.
    • This is enabled by default, and can be turned off using the environment variable GRPC_EXPERIMENTAL_PF_WEIGHTED_SHUFFLING. (#8864)
  • xds: Implement :authority rewriting, as specified in gRFC A81. (#8779)
  • balancer/randomsubsetting: Implement the random_subsetting LB policy, as specified in gRFC A68. (#8650)

Bug Fixes

  • credentials/tls: Fix a bug where the port was not stripped from the authority override before validation. (#8726)
  • xds/priority: Fix a bug causing delayed failover to lower-priority clusters when a higher-priority cluster is stuck in CONNECTING state. (#8813)
  • health: Fix a bug where health checks failed for clients using legacy compression options (WithDecompressor or RPCDecompressor). (#8765)
  • transport: Fix an issue where the HTTP/2 server could skip header size checks when terminating a stream early. (#8769)
  • server: Propagate status detail headers, if available, when terminating a stream during request header processing. (#8754)

Performance Improvements

  • credentials/alts: Optimize read buffer alignment to reduce copies. (#8791)
  • mem: Optimize pooling and creation of buffer objects. (#8784)
  • transport: Reduce slice re-allocations by reserving slice capacity. (#8797)
Commits

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Mar 18, 2026
@snyk-io

snyk-io Bot commented Mar 18, 2026

Copy link
Copy Markdown

Snyk checks have passed. No issues have been found so far.

Status Scan Engine Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues
Licenses 0 0 0 0 0 issues
Code Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

@konflux-ci-qe-bot

Copy link
Copy Markdown

@dependabot[bot]: The following test has Failed, say /retest to rerun failed tests.

PipelineRun Name Status Rerun command Build Log Test Log
konflux-e2e-zfssz Failed /retest View Pipeline Log View Test Logs

Inspecting Test Artifacts

To inspect your test artifacts, follow these steps:

  1. Install ORAS (see the ORAS installation guide).
  2. Download artifacts with the following commands:
mkdir -p oras-artifacts
cd oras-artifacts
oras pull quay.io/konflux-test-storage/konflux-team/integration-service:konflux-e2e-zfssz

Test results analysis

🚨 Error occurred while running the E2E tests, list of failed Spec(s):

➡️ [failed] [It] [integration-service-suite Creation of group snapshots for monorepo and multiple repos] with status reporting of Integration tests in CheckRuns when both the init PaC PRs are merged get all group snapshots and check if pr-group annotation contains all components [integration-service, group-snapshot-creation]

Click to view logs

Timed out after 1800.000s.
Timeout while waiting for group snapshot creation
Expected success, but got an error:
    <*errors.errorString | 0xc000084a20>: 
    group snapshots not yet created from component snapshots
    {
        s: "group snapshots not yet created from component snapshots",
    }

OCI Artifact Browser URL

View in Artifact Browser

@codecov-commenter

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 45.54%. Comparing base (9b742d0) to head (540566f).

❗ There is a different number of reports uploaded between BASE (9b742d0) and HEAD (540566f). Click for more details.

HEAD has 1 upload less than BASE
Flag BASE (9b742d0) HEAD (540566f)
unit-tests 1 0
Additional details and impacted files
@@             Coverage Diff             @@
##             main    #1505       +/-   ##
===========================================
- Coverage   65.12%   45.54%   -19.58%     
===========================================
  Files          56       53        -3     
  Lines        7722     7333      -389     
===========================================
- Hits         5029     3340     -1689     
- Misses       2085     3459     +1374     
+ Partials      608      534       -74     
Flag Coverage Δ
e2e-tests 45.54% <ø> (?)
unit-tests ?

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.78.0 to 1.79.3.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.78.0...v1.79.3)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-version: 1.79.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/google.golang.org/grpc-1.79.3 branch from 540566f to 9c5846e Compare April 16, 2026 14:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code size: XXL

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants