Bump the root-gradle-deps group with 5 updates

[dependabot]

Bumps the root-gradle-deps group with 5 updates:

Package	From	To
com.amazonaws:aws-java-sdk-bom	1.12.605	1.12.618
io.grpc:grpc-api	1.59.1	1.60.0
io.grpc:grpc-netty-shaded	1.59.1	1.60.0
io.zipkin.zipkin2:zipkin	2.24.4	2.25.0
software.amazon.awssdk:s3	2.21.38	2.21.44

Updates com.amazonaws:aws-java-sdk-bom from 1.12.605 to 1.12.618

Changelog

Sourced from com.amazonaws:aws-java-sdk-bom's changelog.

1.12.616 2023-12-13

Amazon CloudWatch Logs

• Features

  • This release introduces the StartLiveTail API to tail ingested logs in near real time.

Amazon Location Service

• Features

  • This release 1) adds sub-municipality field in Places API for searching and getting places information, and 2) allows optimizing route calculation based on expected arrival time.

EC2 Image Builder

• Features

  • This release adds the Image Workflows feature to give more flexibility and control over the image building and testing process.

1.12.615 2023-12-13

Amazon CloudWatch Logs

• Features

  • This release introduces the StartLiveTail API to tail ingested logs in near real time.

Amazon Location Service

• Features

  • This release 1) adds sub-municipality field in Places API for searching and getting places information, and 2) allows optimizing route calculation based on expected arrival time.

EC2 Image Builder

• Features

  • This release adds the Image Workflows feature to give more flexibility and control over the image building and testing process.

1.12.614 2023-12-12

Amazon CloudWatch Logs

• Features

  • This release introduces the StartLiveTail API to tail ingested logs in near real time.

Amazon Location Service

• Features

  • This release 1) adds sub-municipality field in Places API for searching and getting places information, and 2) allows optimizing route calculation based on expected arrival time.

EC2 Image Builder

• Features

  • This release adds the Image Workflows feature to give more flexibility and control over the image building and testing process.

1.12.613 2023-12-12

Amazon CloudWatch Logs

• Features

  • This release introduces the StartLiveTail API to tail ingested logs in near real time.

Amazon Location Service

• Features

  • This release 1) adds sub-municipality field in Places API for searching and getting places information, and 2) allows optimizing route calculation based on expected arrival time.

EC2 Image Builder

• Features

... (truncated)

Commits

• See full diff in compare view

Updates io.grpc:grpc-api from 1.59.1 to 1.60.0

Release notes

Sourced from io.grpc:grpc-api's releases.

v1.60.0

API Changes

• api: Stabilize ForwardingServerBuilder, ForwardingChannelBuilder2, and ForwardingChannelBuilder. Note that ForwardingChannelBuilder is stabilized (no changes will be made to it), but immediately deprecated in favor of ForwardingChannelBuilder2. (#10586)
• api: Deprecate ForwardingChannelBuilder.delegate(). De facto this deprecates the class itself, since all classes extending ForwardingChannelBuilder implement the delegate() method. See javadoc for details (#10587)
• api: Changed recently-introduced LoadBalancer.acceptResolvedAddresses() to return Status instead of boolean (#10636). This is part of continued work to align the LB API cross-language and API stabilization
• stub: Deprecate StreamObservers (#10654)
• alts: AltsChannelBuilder now extends ForwardingChannelBuilder2 (#10587)
• protobuf: Stabilize ProtoUtils.metadataMarshaller() (#10628)
• protobuf-lite: ProtoLiteUtils experimental comment (#10627)

Behavior Changes

• core: ManagedChannels now check the address types provided by the nameResolver (for the given target) with the address types supported by the channel transport and generate an error in case of mismatch. That dramatically improves the error message when an issue occurs
• core: When a server stream is closed due to user's code (an uncaught exception in halfClosed, messagesAvailable, onReady callback of a ServerStream's listener), the Status.UNKNOWN returned to the client will have Application error processing RPC description. Previously the description was empty. This is helpful to differentiate between server errors originated in user application, gRPC library, or even those injected by a proxy. (#10643)
• xds: Log ORCA UNIMPLEMENTED error to subchannel logger. This removes them from the normal application logs, reducing log spam

Improvements

• Change the underlying implementations of RingHash, RoundRobin, WeightedRoundRobin and LeastRequest load balancers to utilize the pick first load balancer rather than directly manage subchannels. This should only be noticeable if it introduced a bug
• core: Avoid flushing headers when the server returns a single response (#9314). This is a performance optimization to reduce the number of packets for non-streaming responses
• util: Make grpc-core an implementation dependency. This will prevent the io.grpc.internal classes in grpc-core from being visible during compilation when depending on just grpc-util
• netty: Implement Http2Headers.isEmpty(). This fixes compatibility with Netty 4.1.101.Final.
• netty: Add NettyServerBuilder.maxRstFramesPerWindow(). This can be used to limit impact of Rapid Reset
• netty: Disable huffman coding in headers (#10563). Huffman coding provides modest compression for relatively high CPU usage, especially within a data center. Rely just on the HPACK static and dynamic tables for compression, for higher performance. This only impacts header values 512 bytes or longer, as Netty already disabled Huffman for smaller values
• alts: Improve handshake failure error message by propagating original exception (#10644)

Bug Fixes

• util: Remove shutdown subchannels from OD tracking (#10683). This could have caused a memory leak on a long-lived channel. But we don’t think it could be triggered with our built-in load balancing policies.

Dependencies

• Bump Netty to 4.1.100.Final

Acknowledgements

@​anthonyjpratti @​fedorka @​jpd236 @​mateusazis @​pkoenig10 @​yannickepstein @​amirhadadi

Commits

• eb8b1d8 Bump version to 1.60.0
• 5b1bb8c Update README etc to reference 1.60.0
• 9400613 all: Add grpc-inprocess
• 69114bf inprocess: Add missing anonymous address as supported
• 24b3ca1 core: Detect NameResolverProviders passed as Factories
• 6c55cd0 util: Remove shutdown subchannels from OD tracking (#10683)
• 43e98d0 netty: Add option to limit RST_STREAM rate
• 2b65e66 netty: disable huffman coding in headers (#10563)
• 90e76a1 Implement Http2Headers.isEmpty (#10663)
• 0299788 util: Make grpc-core an implementation dependency
• Additional commits viewable in compare view

Updates io.grpc:grpc-netty-shaded from 1.59.1 to 1.60.0

Release notes

Sourced from io.grpc:grpc-netty-shaded's releases.

v1.60.0

API Changes

• api: Stabilize ForwardingServerBuilder, ForwardingChannelBuilder2, and ForwardingChannelBuilder. Note that ForwardingChannelBuilder is stabilized (no changes will be made to it), but immediately deprecated in favor of ForwardingChannelBuilder2. (#10586)
• api: Deprecate ForwardingChannelBuilder.delegate(). De facto this deprecates the class itself, since all classes extending ForwardingChannelBuilder implement the delegate() method. See javadoc for details (#10587)
• api: Changed recently-introduced LoadBalancer.acceptResolvedAddresses() to return Status instead of boolean (#10636). This is part of continued work to align the LB API cross-language and API stabilization
• stub: Deprecate StreamObservers (#10654)
• alts: AltsChannelBuilder now extends ForwardingChannelBuilder2 (#10587)
• protobuf: Stabilize ProtoUtils.metadataMarshaller() (#10628)
• protobuf-lite: ProtoLiteUtils experimental comment (#10627)

Behavior Changes

• core: ManagedChannels now check the address types provided by the nameResolver (for the given target) with the address types supported by the channel transport and generate an error in case of mismatch. That dramatically improves the error message when an issue occurs
• core: When a server stream is closed due to user's code (an uncaught exception in halfClosed, messagesAvailable, onReady callback of a ServerStream's listener), the Status.UNKNOWN returned to the client will have Application error processing RPC description. Previously the description was empty. This is helpful to differentiate between server errors originated in user application, gRPC library, or even those injected by a proxy. (#10643)
• xds: Log ORCA UNIMPLEMENTED error to subchannel logger. This removes them from the normal application logs, reducing log spam

Improvements

• Change the underlying implementations of RingHash, RoundRobin, WeightedRoundRobin and LeastRequest load balancers to utilize the pick first load balancer rather than directly manage subchannels. This should only be noticeable if it introduced a bug
• core: Avoid flushing headers when the server returns a single response (#9314). This is a performance optimization to reduce the number of packets for non-streaming responses
• util: Make grpc-core an implementation dependency. This will prevent the io.grpc.internal classes in grpc-core from being visible during compilation when depending on just grpc-util
• netty: Implement Http2Headers.isEmpty(). This fixes compatibility with Netty 4.1.101.Final.
• netty: Add NettyServerBuilder.maxRstFramesPerWindow(). This can be used to limit impact of Rapid Reset
• netty: Disable huffman coding in headers (#10563). Huffman coding provides modest compression for relatively high CPU usage, especially within a data center. Rely just on the HPACK static and dynamic tables for compression, for higher performance. This only impacts header values 512 bytes or longer, as Netty already disabled Huffman for smaller values
• alts: Improve handshake failure error message by propagating original exception (#10644)

Bug Fixes

• util: Remove shutdown subchannels from OD tracking (#10683). This could have caused a memory leak on a long-lived channel. But we don’t think it could be triggered with our built-in load balancing policies.

Dependencies

• Bump Netty to 4.1.100.Final

Acknowledgements

@​anthonyjpratti @​fedorka @​jpd236 @​mateusazis @​pkoenig10 @​yannickepstein @​amirhadadi

Commits

• eb8b1d8 Bump version to 1.60.0
• 5b1bb8c Update README etc to reference 1.60.0
• 9400613 all: Add grpc-inprocess
• 69114bf inprocess: Add missing anonymous address as supported
• 24b3ca1 core: Detect NameResolverProviders passed as Factories
• 6c55cd0 util: Remove shutdown subchannels from OD tracking (#10683)
• 43e98d0 netty: Add option to limit RST_STREAM rate
• 2b65e66 netty: disable huffman coding in headers (#10563)
• 90e76a1 Implement Http2Headers.isEmpty (#10663)
• 0299788 util: Make grpc-core an implementation dependency
• Additional commits viewable in compare view

Updates io.zipkin.zipkin2:zipkin from 2.24.4 to 2.25.0

Commits

• 0b25c4e [maven-release-plugin] prepare release 2.25.0
• e86bce0 ci: moves ActiveMQ and RabbitMQ to new docker images (#3640)
• 6bfc39b refactor: Remove public visibility of JUnit 5 tests (#3641)
• 6d6ba01 refactor: AssertJ best practices (#3637)
• 2f01596 Drop unused Hamcrest dependency (#3638)
• e2ffacd refactor: SLF4J best practices (#3639)
• 5454c15 docker: adds zipkin-activemq image to remove junit 4 rule dependency (#3636)
• 02b8440 docker: works around arm64 publish fail in GHA deploy (#3632)
• c34b05c Fixes flakey ZipkinExtensionTest (#3631)
• ad0615a refactor: AssertJ best practices (#3630)
• Additional commits viewable in compare view

Updates software.amazon.awssdk:s3 from 2.21.38 to 2.21.44

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions