Release 1.60.0

Security

• credentials/tls: if not set, set TLS MinVersion to 1.2 and CipherSuites according to supported suites not forbidden by RFC7540.
  • This is a behavior change to bring us into better alignment with RFC 7540.

API Changes

• resolver: remove deprecated and experimental ClientConn.NewServiceConfig (#6784)
• client: remove deprecated grpc.WithServiceConfig DialOption (#6800)

Bug Fixes

• client: fix race that could cause a deadlock while entering idle mode and receiving a name resolver update (#6804)
• client: always enable TCP keepalives with OS defaults (#6834)
• credentials/alts: fix a bug preventing ALTS from connecting to the metadata server if the default scheme is overridden (#6686)
  • Special Thanks: @mjamaloney

Behavior Changes

• server: Do not return from Stop() or GracefulStop() until all resources are released (#6489)
  • Special Thanks: @fho

Documentation

• codes: clarify that only codes defined by this package are valid and that users should not cast other values to codes.Code (#6701)

Release 1.57.2

Bug Fixes

• server: fix a bug introduced in v1.57.1 that causes connections to eventually stop processing any RPCs.

Release 1.59.0

Behavior Changes

• balancer: grpc will switch to case-sensitive balancer names soon; log a warning if a capital letter is encountered in an LB policy name (#6647)
• server: allow applications to send arbitrary data in the grpc-status-details-bin trailer (#6662)
• client: validate grpc-status-details-bin trailer and pass through the trailer to the application directly (#6662)

New Features

• tap (experimental): Add Header metadata to tap handler (#6652)
  • Special Thanks: @pstibrany
• grpc: channel idleness enabled by default with an idle_timeout of 30m (#6585)

Documentation

• examples: add an example of flow control behavior (#6648)

Bug Fixes

• xds: fix hash policy header to skip "-bin" headers and read content-type header as expected (#6609)

Release 1.58.3

Security

• server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

  In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.57.1

Security

• server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

  In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.3

Security

• server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

  In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.58.2

Bug Fixes

• balancer/weighted_round_robin: fix ticker leak on update

  A new ticker is created every time there is an update of addresses or configuration, but was not properly stopped. This change stops the ticker when it is no longer needed.

Release 1.58.1

Bug Fixes

• grpc: fix a bug that was decrementing active RPC count too early for streaming RPCs; leading to channel moving to IDLE even though it had open streams
• grpc: fix a bug where transports were not being closed upon channel entering IDLE

Release 1.58.0

API Changes

See #6472 for details about these changes.

• balancer: add StateListener to NewSubConnOptions for SubConn state updates and deprecate Balancer.UpdateSubConnState (#6481)
  • UpdateSubConnState will be deleted in the future.
• balancer: add SubConn.Shutdown and deprecate Balancer.RemoveSubConn (#6493)
  • RemoveSubConn will be deleted in the future.
• resolver: remove deprecated AddressType (#6451)
  • This was previously used as a signal to enable the "grpclb" load balancing policy, and to pass LB addresses to the policy. Instead, balancer/grpclb/state.Set() should be used to add these addresses to the name resolver's output. The built-in "dns" name resolver already does this.
• resolver: add new field Endpoints to State and deprecate Addresses (#6471)
  • Addresses will be deleted in the future.

New Features

• balancer/leastrequest: Add experimental support for least request LB policy and least request configured as a custom xDS policy (#6510, #6517)
  • Set GRPC_EXPERIMENTAL_ENABLE_LEAST_REQUEST=true to enable
• stats: Add an RPC event for blocking caused by the LB policy's picker (#6422)

Bug Fixes

• clusterresolver: fix deadlock when dns resolver responds inline with update or error at build time (#6563)
• grpc: fix a bug where the channel could erroneously report TRANSIENT_FAILURE when actually moving to IDLE (#6497)
• balancergroup: do not cache closed sub-balancers by default; affects rls, weightedtarget and clustermanager LB policies (#6523)
• client: fix a bug that prevented detection of RPC status in trailers-only RPC responses when using ClientStream.Header(), and prevented retry of the RPC (#6557)

Performance Improvements

• client & server: Add experimental [With]SharedWriteBuffer to improve performance by reducing allocations when sending RPC messages. (Disabled by default.) (#6309)
  • Special Thanks: @s-matyukevich

Release 1.57.0

API Changes

• resolver: remove deprecated Target.Scheme and Target.Authority. Use URL.Scheme and URL.Host instead, respectively (#6363)

Behavior Changes

• client: percent-encode the default authority for the channel (#6428)
• xds: require EDS service name to be set in a CDS cluster with an 'xdstp' resource name (gRFC A47) (#6438)

New Features

• reflection: support the v1 reflection service and update Register to register both v1alpha and v1 (#6329)
• xds: add support for string matcher in RBAC header matching (#6419)
• alts: add support for GRPC_ALTS_MAX_CONCURRENT_HANDSHAKES env var (#6267)
• balancer/weightedroundrobin: de-experimentalize name of LB policy (#6477)

Bug Fixes

• status: status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil (#6374)
  • Special Thanks: @atollena
• server: fix bug preventing TCP user timeout from being set on the connection when TLS is used (#6321)
  • Special Thanks: @tobotg
• client: eliminate connection churn during an address update that differs only in balancer attributes (#6439)
• clusterresolver: handle EDS nacks, resource-not-found errors, and DNS Resolver errors correctly (#6436, #6461)
• xds/ringhash: cache connectivity state of subchannels inside picker to avoid rare races (#6351)