Skip to content

[dependency] Upgrade Grpc to 1.45.1#15222

Closed
gaoran10 wants to merge 1 commit intoapache:masterfrom
gaoran10:bump-grpc-1.45.1
Closed

[dependency] Upgrade Grpc to 1.45.1#15222
gaoran10 wants to merge 1 commit intoapache:masterfrom
gaoran10:bump-grpc-1.45.1

Conversation

@gaoran10
Copy link
Copy Markdown
Contributor

@gaoran10 gaoran10 commented Apr 19, 2022

Motivation

Currently, the grpc 1.42.1 import a shaded netty 4.1.51.Final package, it has some issues GHSA-9vjp-v76f-g363, GHSA-grg4-wf29-r9vv, since io.grpc:grpc-all:1.44.0, it upgraded the netty to 4.1.72.Final, refer to https://github.com/grpc/grpc-java/blob/v1.44.0/build.gradle#L58 and grpc/grpc-java#8780. So we need to upgrade the grpc to 1.44.0+.

Modifications

Bump the grpc to 1.45.1.

Does this pull request potentially affect one of the following parts:

If yes was chosen, please highlight the changes

  • Dependencies (does it add or upgrade a dependency): (yes)
  • The public API: (no)
  • The schema: (no)
  • The default values of configurations: (no)
  • The wire protocol: (no)
  • The rest endpoints: (no)
  • The admin cli options: (no)
  • Anything that affects deployment: (no)

Documentation

Check the box below or label this PR directly.

Need to update docs?

  • doc-required
    (Your PR needs to update docs and you will update later)

  • no-need-doc
    (Please explain why)

  • doc
    (Your PR contains doc changes)

  • doc-added
    (Docs have been already added)

@gaoran10 gaoran10 self-assigned this Apr 19, 2022
@gaoran10 gaoran10 added the area/dependency Pull requests that update a dependency file label Apr 19, 2022
@github-actions github-actions Bot added the doc-not-needed Your PR changes do not impact docs label Apr 19, 2022
@hezhangjian
Copy link
Copy Markdown
Member

I think it's contained in #15212

@gaoran10
Copy link
Copy Markdown
Contributor Author

gaoran10 commented Apr 19, 2022

I found the PR #15212 already try to upgrade the grpc, I close this PR.

@gaoran10
Copy link
Copy Markdown
Contributor Author

@shoothzj Yes, I found it. I'll close this PR.

@gaoran10 gaoran10 closed this Apr 19, 2022
@gaoran10 gaoran10 deleted the bump-grpc-1.45.1 branch April 19, 2022 15:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area/dependency Pull requests that update a dependency file doc-not-needed Your PR changes do not impact docs

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants