Skip to content

Bump google.golang.org/grpc from 1.79.2 to 1.79.3#1977

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/google.golang.org/grpc-1.79.3
Closed

Bump google.golang.org/grpc from 1.79.2 to 1.79.3#1977
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/google.golang.org/grpc-1.79.3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 18, 2026
edited
Loading

Bumps google.golang.org/grpc from 1.79.2 to 1.79.3.

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.79.3

Security

  • server: fix an authorization bypass where malformed :path headers (missing the leading slash) could bypass path-based restricted "deny" rules in interceptors like grpc/authz. Any request with a non-canonical path is now immediately rejected with an Unimplemented error. (#8981)
Commits

@dependabot dependabot Bot added dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. labels Mar 18, 2026
@tekton-robot tekton-robot added the size/L Denotes a PR that changes 100-499 lines, ignoring generated files. label Mar 18, 2026
khrm
khrm reviewed Mar 19, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@khrm khrm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Mar 19, 2026
@khrm
Copy link
Copy Markdown
Contributor

khrm commented Mar 30, 2026

@dependabot rebase

@dependabot dependabot Bot force-pushed the dependabot/go_modules/google.golang.org/grpc-1.79.3 branch from b18b471 to 8f8def4 Compare March 30, 2026 14:06
@tekton-robot tekton-robot removed the lgtm Indicates that a PR is ready to be merged. label Mar 30, 2026
@tekton-robot
Copy link
Copy Markdown

tekton-robot commented Mar 30, 2026

New changes are detected. LGTM label has been removed.

@khrm
Copy link
Copy Markdown
Contributor

khrm commented Mar 31, 2026

@dependabot rebase

@tekton-robot tekton-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Mar 31, 2026
@tekton-robot
Copy link
Copy Markdown

tekton-robot commented Mar 31, 2026

@dependabot[bot]: rebase

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@dependabot
Bump google.golang.org/grpc from 1.79.1 to 1.79.3
6f75d7a 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.79.1 to 1.79.3.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.79.1...v1.79.3)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-version: 1.79.3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump google.golang.org/grpc from 1.79.1 to 1.79.3 Bump google.golang.org/grpc from 1.79.2 to 1.79.3 Mar 31, 2026
@dependabot dependabot Bot force-pushed the dependabot/go_modules/google.golang.org/grpc-1.79.3 branch from 8f8def4 to 6f75d7a Compare March 31, 2026 17:03
@tekton-robot tekton-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/L Denotes a PR that changes 100-499 lines, ignoring generated files. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. labels Mar 31, 2026
@khrm
Copy link
Copy Markdown
Contributor

khrm commented Apr 1, 2026

/approve

@tekton-robot
Copy link
Copy Markdown

tekton-robot commented Apr 1, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: infernus01, khrm

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Apr 1, 2026
@khrm
Copy link
Copy Markdown
Contributor

khrm commented Apr 1, 2026

@dependabot rebase

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 1, 2026

Looks like google.golang.org/grpc is up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this Apr 1, 2026
@dependabot dependabot Bot deleted the dependabot/go_modules/google.golang.org/grpc-1.79.3 branch April 1, 2026 08:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@khrm khrm khrm left review comments

@savitaashture savitaashture Awaiting requested review from savitaashture

+1 more reviewer

@infernus01 infernus01 infernus01 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

@khrm khrm

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@khrm @tekton-robot @infernus01