Skip to content

deps: Bump grpc-java to v1.76.0 #3942

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 9 commits into
base: main
Choose a base branch
from
Open

deps: Bump grpc-java to v1.76.0 #3942

wants to merge 9 commits into from

Conversation

@lqiu96
Copy link
Member

@lqiu96 lqiu96 commented Oct 15, 2025

No description provided.

@lqiu96 lqiu96 requested a review from mpeddada1 October 15, 2025 18:53
@product-auto-label product-auto-label bot added the size: xs Pull request size is extra small. label Oct 15, 2025
@gemini-code-assist
Copy link

Summary of Changes

Hello @lqiu96, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request updates the grpc-java dependency to version 1.76.0. This ensures the project benefits from the latest features, bug fixes, and performance enhancements provided by the gRPC library, maintaining compatibility and leveraging the most current stable release.

Highlights

  • gRPC Java Version Update: The grpc.version in the pom.xml has been updated from 1.71.0 to 1.76.0.
Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

mpeddada1
mpeddada1 previously approved these changes Oct 15, 2025
View reviewed changes
@mpeddada1
Copy link
Contributor

/gcbrun

@lqiu96
Copy link
Member Author

lqiu96 commented Oct 15, 2025

Enforcer:

Error:  Require upper bound dependencies error for com.google.guava:guava:33.4.0-jre paths to dependency are:
Error:  +-com.google.api.grpc:grpc-google-common-protos:2.61.4-SNAPSHOT
Error:    +-com.google.guava:guava:33.4.0-jre
Error:  and
Error:  +-com.google.api.grpc:grpc-google-common-protos:2.61.4-SNAPSHOT
Error:    +-io.grpc:grpc-api:1.76.0
Error:      +-com.google.guava:guava:33.4.0-jre [runtime] (managed) <-- com.google.guava:guava:33.4.8-android [runtime]

Looks like I'll need to bump guava in sdk-platform-java

mpeddada1
mpeddada1 reviewed Oct 15, 2025
View reviewed changes
Copy link
Contributor

@mpeddada1 mpeddada1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah looks like the enforcer check is failing:

 Require upper bound dependencies error for com.google.guava:guava:33.4.0-jre paths to dependency are:
Error:  +-com.google.api.grpc:grpc-google-common-protos:2.61.4-SNAPSHOT
Error:    +-com.google.guava:guava:33.4.0-jre
Error:  and
Error:  +-com.google.api.grpc:grpc-google-common-protos:2.61.4-SNAPSHOT
Error:    +-io.grpc:grpc-api:1.76.0
Error:      +-com.google.guava:guava:33.4.0-jre [runtime] (managed) <-

gemini-code-assist[bot]
gemini-code-assist bot reviewed Oct 15, 2025
View reviewed changes
Copy link

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request updates the grpc-java dependency from version 1.71.0 to 1.76.0. The version is updated in the parent pom.xml, which is the correct approach for managing dependency versions consistently across the project. The change is straightforward and looks good.

lqiu96 and others added 4 commits October 16, 2025 14:46
@lqiu96
Merge branch 'main' into upgrade-grpc-java
d8fb3ce
@renovate-bot @lqiu96
deps: update google auth library dependencies to v1.40.0 (#3945)
e7a9b3a 
This PR contains the following updates:

| Package | Change | Age | Confidence |
|---|---|---|---|
|
[com.google.auth:google-auth-library-credentials](https://redirect.github.com/googleapis/google-auth-library-java)
| `1.39.1` -> `1.40.0` |
[![age](https://developer.mend.io/api/mc/badges/age/maven/com.google.auth:google-auth-library-credentials/1.40.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/com.google.auth:google-auth-library-credentials/1.39.1/1.40.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
|
[com.google.auth:google-auth-library-oauth2-http](https://redirect.github.com/googleapis/google-auth-library-java)
| `1.39.1` -> `1.40.0` |
[![age](https://developer.mend.io/api/mc/badges/age/maven/com.google.auth:google-auth-library-oauth2-http/1.40.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/com.google.auth:google-auth-library-oauth2-http/1.39.1/1.40.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
|
[com.google.auth:google-auth-library-bom](https://redirect.github.com/googleapis/google-auth-library-java)
| `1.39.1` -> `1.40.0` |
[![age](https://developer.mend.io/api/mc/badges/age/maven/com.google.auth:google-auth-library-bom/1.40.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/com.google.auth:google-auth-library-bom/1.39.1/1.40.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

<details>
<summary>googleapis/google-auth-library-java
(com.google.auth:google-auth-library-credentials)</summary>

[`v1.40.0`](https://redirect.github.com/googleapis/google-auth-library-java/blob/HEAD/CHANGELOG.md#1400-2025-10-14)

[Compare
Source](https://redirect.github.com/googleapis/google-auth-library-java/compare/v1.39.1...v1.40.0)

- Add projectId getter to GoogleCredentials
([#&#8203;1813](https://redirect.github.com/googleapis/google-auth-library-java/issues/1813))
([c3d9ee0](https://redirect.github.com/googleapis/google-auth-library-java/commit/c3d9ee09df30a26586b0e834cfda7763fd7854f5))
- Support user defined or json defined scopes for impersonated token
([#&#8203;1815](https://redirect.github.com/googleapis/google-auth-library-java/issues/1815))
([84fc566](https://redirect.github.com/googleapis/google-auth-library-java/commit/84fc566d92f03e648cd82a8860fb191520bb6c7e))

- Bump guava to v33.5.0
([#&#8203;1825](https://redirect.github.com/googleapis/google-auth-library-java/issues/1825))
([79f0a35](https://redirect.github.com/googleapis/google-auth-library-java/commit/79f0a353e12a8206584e9031989861ca6abaaf85))

</details>

---

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/googleapis/sdk-platform-java).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xNDMuMSIsInVwZGF0ZWRJblZlciI6IjQxLjE0My4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

Co-authored-by: Lawrence Qiu <lawrenceqiu@google.com>
@lqiu96
chore: Upper bound file deps change has chore type (#3949)
d879011 
Update to the `chore:` type so it doesn't show up in the release notes
@lqiu96
chore: Update dependencies.properties and cloudbuild docker files
0aead11
@product-auto-label product-auto-label bot added size: s Pull request size is small. and removed size: xs Pull request size is extra small. labels Oct 16, 2025
@product-auto-label product-auto-label bot added size: xs Pull request size is extra small. and removed size: s Pull request size is small. labels Oct 16, 2025
mpeddada1
mpeddada1 previously approved these changes Oct 16, 2025
View reviewed changes
@lqiu96
Copy link
Member Author

lqiu96 commented Oct 16, 2025

Error:

(15:45:05) DEBUG: Repository com_google_googleapis instantiated at:
  /home/runner/work/sdk-platform-java/sdk-platform-java/WORKSPACE:27:13: in <toplevel>
Repository rule http_archive defined at:
  /home/runner/.cache/bazel/_bazel_runner/cf5fb8c2c66b8a944ea6af7c9b248db5/external/bazel_tools/tools/build_defs/repo/http.bzl:387:31: in <toplevel>
(15:45:05) ERROR: Failed to load Starlark extension '@@envoy_api//bazel:repositories.bzl'.
Cycle in the workspace file detected. This indicates that a repository is used prior to being defined.
The following chain of repository dependencies lead to the missing definition.
 - @@envoy_api
This could either mean you have to add the '@@envoy_api' repository with a statement like `http_archive` in your WORKSPACE file (note that transitive dependencies are not added automatically), or move an existing definition earlier in your WORKSPACE file.
(15:45:05) ERROR: Error computing the main repository mapping: cycles detected during computation of main repo mapping

@product-auto-label product-auto-label bot added size: l Pull request size is large. and removed size: xs Pull request size is extra small. labels Oct 16, 2025
@lqiu96 lqiu96 added the do not merge Indicates a pull request not ready for merge, due to either quality or timing. label Oct 16, 2025
@lqiu96
Copy link
Member Author

lqiu96 commented Oct 16, 2025

Going to mark this as Do not merge for now. This has some changes in the gRPC gen code tool that seem to be source breaking changes for customers who directly interact with our gRPC stubs.

Will figure out a direction once we coordinate with the gRPC folks.

@BenWhitehead BenWhitehead mentioned this pull request Oct 21, 2025
Open
@lqiu96
Copy link
Member Author

lqiu96 commented Oct 27, 2025

Going to mark this as Do not merge for now. This has some changes in the gRPC gen code tool that seem to be source breaking changes for customers who directly interact with our gRPC stubs.

Will figure out a direction once we coordinate with the gRPC folks.

After some discussions, we are fine with upgrading to grpc-java v1.76.0. Merging this in for the next release cycle.

@lqiu96 lqiu96 removed the do not merge Indicates a pull request not ready for merge, due to either quality or timing. label Oct 27, 2025
@lqiu96 lqiu96 requested a review from mpeddada1 October 27, 2025 19:02
@lqiu96
Copy link
Member Author

lqiu96 commented Oct 27, 2025

/gcbrun

@lqiu96 lqiu96 enabled auto-merge (squash) October 27, 2025 19:06
@sonarqubecloud
Copy link

Quality Gate Failed Quality Gate failed for 'gapic-generator-java-root'

Failed conditions
0.0% Coverage on New Code (required ≥ 80%)
B Reliability Rating on New Code (required ≥ A)
C Maintainability Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

@sonarqubecloud
Copy link

Quality Gate Passed Quality Gate passed for 'java_showcase_integration_tests'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mpeddada1 mpeddada1 Awaiting requested review from mpeddada1

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

size: l Pull request size is large.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@lqiu96 @mpeddada1 @renovate-bot @cloud-java-bot