chore(deps): Bump grpc from 1.65.1 to 1.69.0 in /pbj-core/hiero-dependency-versions

[dependabot]

Bumps grpc from 1.65.1 to 1.69.0.
Updates io.grpc:grpc-netty from 1.65.1 to 1.69.0

Release notes

Sourced from io.grpc:grpc-netty's releases.

v1.69.0

v1.69.0

New Features

• api: Allow LoadBalancers to specify an authority per-RPC.(#11631) (c167ead85) CallOptions.withAuthority() has higher precedence.
• netty: Add soft Metadata size limit enforcement. (#11603) (735b3f3fe) The soft limit is a lower size limit that fails an increasing percentage of RPCs as the Metadata size approaches the upper limit. This can be used as an “early warning” that the Metadata size is growing too large
• alts: support altsCallCredentials in GoogleDefaultChannelCredentials (#11634) (ba8ab796e)
• xds: Add grpc.xds_client metrics, as documented by OpenTelemetry Metrics (#11661) (20d09cee5). grpc.xds.authority is not yet available

Bug Fixes

• api: When forwarding from Listener onAddresses to Listener2 continue to use onResult (#11666) (dae078c0a). This fixes a 1.68.1 "IllegalStateException: Not called from the SynchronizationContext" regression (#11662) that could be seen in certain custom NameResolvers
• okhttp: If the frame handler thread is null do not schedule it on the executor (ef1fe8737). This fixes a 1.68.1 NullPointerException regression when a custom transportExecutor was provided to the channel and it did not have enough threads to run new tasks

Improvements

• api: Add java.time.Duration overloads to CallOptions, AbstractStub methods that take TimeUnit and a time value (#11562) (766b92379)
• core: Make timestamp usage in Channelz use nanos from Java.time.Instant when available (#11604) (9176b5528). This increases the timestamp precision from milliseconds
• okhttp: Fix for ipv6 link local with scope (#11725) (e98e7445b)
• binder: Let AndroidComponentAddress specify a target UserHandle (#11670) (e58c998a4)
• servlet: Deframe failures should be logged on the server as warnings (#11645) (a5db67d0c)
• s2a: Rename the Bazel target s2av2_credentials to s2a (29dd9bad3). The target s2a had been referenced by IO_GRPC_GRPC_JAVA_OVERRIDE_TARGETS but didn’t previously exist
• services: Make channelz work with proto lite (#11685) (b1703345f). This compatibility is on the source level. There is not a pre-built binary on Maven Central that supports proto lite
• services: Deprecate ProtoReflectionService (#11681) (921f88ae3). The class implements the deprecated v1alpha of the reflection protocol. Prefer ProtoReflectionServiceV1, which implements the v1 version of the reflection protocol

Dependencies

• Upgrade proto-google-common-protos to 2.48.0 (1993e68b0)
• Upgrade google-auth-library to 1.24.1 (1993e68b0)
• Upgrade error_prone_annotations to 2.30.0 (1993e68b0)
• Upgrade Guava to 33.3.1-android (1993e68b0)
• Upgrade opentelemetry-api to 1.43.0 (1993e68b0)
• xds: Remove Bazel dependency on xds v2 (664f1fcf8). This had been done for the Maven Central binaries in 1.63.0, but had been missed for Bazel builds

Documentation

• binder: Update error codes doc for new "Safer Intent" rules. (#11639) (fe350cfd5)
• examples: Use xds-enabled server and xds credentials in example-gcp-csm-observability (#11706) (a79982c7f)

Thanks to
@​niloc132
@​rockspore
@​SreeramdasLavanya
@​vinodhabib

v1.68.2

Bug Fixes

• api: When forwarding from Listener onAddresses to Listener2 continue to use onResult (grpc/grpc-java#11688). This fixes a 1.68.1 "IllegalStateException: Not called from the SynchronizationContext" regression (#11662) that could be seen in certain custom NameResolvers
• okhttp: If the frame handler thread is null do not schedule it on the executor (grpc/grpc-java#11716). This fixes a 1.68.1 NullPointerException regression when a custom transportExecutor was provided to the channel and it did not have enough threads to run new tasks

... (truncated)

Commits

• 34a7cff Bump version to 1.69.0
• ddc3163 Update README etc to reference 1.69.0
• e98e744 okhttp: Fix for ipv6 link local with scope (#11725) (#11729)
• 29dd9ba change s2av2_credentials to s2a
• a79982c [CSM] Use xds-enabled server and xds credentials in examples (#11706)
• 20d09ce xds: Add counter and gauge metrics (#11661)
• 92de2f3 testing: enabled smallLatency test (#11671)
• 32f4cf4 gae-interop-testing: Upgrade to Java 17
• e58c998 AndroidComponentAddress includes a target UserHandle (#11670)
• 6a92a2a interop-testing: Add concurrency condition to the soak test using existing bl...
• Additional commits viewable in compare view

Updates io.grpc:grpc-protobuf from 1.65.1 to 1.69.0

Release notes

Sourced from io.grpc:grpc-protobuf's releases.

v1.69.0

v1.69.0

New Features

• api: Allow LoadBalancers to specify an authority per-RPC.(#11631) (c167ead85) CallOptions.withAuthority() has higher precedence.
• netty: Add soft Metadata size limit enforcement. (#11603) (735b3f3fe) The soft limit is a lower size limit that fails an increasing percentage of RPCs as the Metadata size approaches the upper limit. This can be used as an “early warning” that the Metadata size is growing too large
• alts: support altsCallCredentials in GoogleDefaultChannelCredentials (#11634) (ba8ab796e)
• xds: Add grpc.xds_client metrics, as documented by OpenTelemetry Metrics (#11661) (20d09cee5). grpc.xds.authority is not yet available

Bug Fixes

• api: When forwarding from Listener onAddresses to Listener2 continue to use onResult (#11666) (dae078c0a). This fixes a 1.68.1 "IllegalStateException: Not called from the SynchronizationContext" regression (#11662) that could be seen in certain custom NameResolvers
• okhttp: If the frame handler thread is null do not schedule it on the executor (ef1fe8737). This fixes a 1.68.1 NullPointerException regression when a custom transportExecutor was provided to the channel and it did not have enough threads to run new tasks

Improvements

• api: Add java.time.Duration overloads to CallOptions, AbstractStub methods that take TimeUnit and a time value (#11562) (766b92379)
• core: Make timestamp usage in Channelz use nanos from Java.time.Instant when available (#11604) (9176b5528). This increases the timestamp precision from milliseconds
• okhttp: Fix for ipv6 link local with scope (#11725) (e98e7445b)
• binder: Let AndroidComponentAddress specify a target UserHandle (#11670) (e58c998a4)
• servlet: Deframe failures should be logged on the server as warnings (#11645) (a5db67d0c)
• s2a: Rename the Bazel target s2av2_credentials to s2a (29dd9bad3). The target s2a had been referenced by IO_GRPC_GRPC_JAVA_OVERRIDE_TARGETS but didn’t previously exist
• services: Make channelz work with proto lite (#11685) (b1703345f). This compatibility is on the source level. There is not a pre-built binary on Maven Central that supports proto lite
• services: Deprecate ProtoReflectionService (#11681) (921f88ae3). The class implements the deprecated v1alpha of the reflection protocol. Prefer ProtoReflectionServiceV1, which implements the v1 version of the reflection protocol

Dependencies

• Upgrade proto-google-common-protos to 2.48.0 (1993e68b0)
• Upgrade google-auth-library to 1.24.1 (1993e68b0)
• Upgrade error_prone_annotations to 2.30.0 (1993e68b0)
• Upgrade Guava to 33.3.1-android (1993e68b0)
• Upgrade opentelemetry-api to 1.43.0 (1993e68b0)
• xds: Remove Bazel dependency on xds v2 (664f1fcf8). This had been done for the Maven Central binaries in 1.63.0, but had been missed for Bazel builds

Documentation

• binder: Update error codes doc for new "Safer Intent" rules. (#11639) (fe350cfd5)
• examples: Use xds-enabled server and xds credentials in example-gcp-csm-observability (#11706) (a79982c7f)

Thanks to
@​niloc132
@​rockspore
@​SreeramdasLavanya
@​vinodhabib

v1.68.2

Bug Fixes

• api: When forwarding from Listener onAddresses to Listener2 continue to use onResult (grpc/grpc-java#11688). This fixes a 1.68.1 "IllegalStateException: Not called from the SynchronizationContext" regression (#11662) that could be seen in certain custom NameResolvers
• okhttp: If the frame handler thread is null do not schedule it on the executor (grpc/grpc-java#11716). This fixes a 1.68.1 NullPointerException regression when a custom transportExecutor was provided to the channel and it did not have enough threads to run new tasks

... (truncated)

Commits

• 34a7cff Bump version to 1.69.0
• ddc3163 Update README etc to reference 1.69.0
• e98e744 okhttp: Fix for ipv6 link local with scope (#11725) (#11729)
• 29dd9ba change s2av2_credentials to s2a
• a79982c [CSM] Use xds-enabled server and xds credentials in examples (#11706)
• 20d09ce xds: Add counter and gauge metrics (#11661)
• 92de2f3 testing: enabled smallLatency test (#11671)
• 32f4cf4 gae-interop-testing: Upgrade to Java 17
• e58c998 AndroidComponentAddress includes a target UserHandle (#11670)
• 6a92a2a interop-testing: Add concurrency condition to the soak test using existing bl...
• Additional commits viewable in compare view

Updates io.grpc:grpc-stub from 1.65.1 to 1.69.0

Release notes

Sourced from io.grpc:grpc-stub's releases.

v1.69.0

v1.69.0

New Features

• api: Allow LoadBalancers to specify an authority per-RPC.(#11631) (c167ead85) CallOptions.withAuthority() has higher precedence.
• netty: Add soft Metadata size limit enforcement. (#11603) (735b3f3fe) The soft limit is a lower size limit that fails an increasing percentage of RPCs as the Metadata size approaches the upper limit. This can be used as an “early warning” that the Metadata size is growing too large
• alts: support altsCallCredentials in GoogleDefaultChannelCredentials (#11634) (ba8ab796e)
• xds: Add grpc.xds_client metrics, as documented by OpenTelemetry Metrics (#11661) (20d09cee5). grpc.xds.authority is not yet available

Bug Fixes

• api: When forwarding from Listener onAddresses to Listener2 continue to use onResult (#11666) (dae078c0a). This fixes a 1.68.1 "IllegalStateException: Not called from the SynchronizationContext" regression (#11662) that could be seen in certain custom NameResolvers
• okhttp: If the frame handler thread is null do not schedule it on the executor (ef1fe8737). This fixes a 1.68.1 NullPointerException regression when a custom transportExecutor was provided to the channel and it did not have enough threads to run new tasks

Improvements

• api: Add java.time.Duration overloads to CallOptions, AbstractStub methods that take TimeUnit and a time value (#11562) (766b92379)
• core: Make timestamp usage in Channelz use nanos from Java.time.Instant when available (#11604) (9176b5528). This increases the timestamp precision from milliseconds
• okhttp: Fix for ipv6 link local with scope (#11725) (e98e7445b)
• binder: Let AndroidComponentAddress specify a target UserHandle (#11670) (e58c998a4)
• servlet: Deframe failures should be logged on the server as warnings (#11645) (a5db67d0c)
• s2a: Rename the Bazel target s2av2_credentials to s2a (29dd9bad3). The target s2a had been referenced by IO_GRPC_GRPC_JAVA_OVERRIDE_TARGETS but didn’t previously exist
• services: Make channelz work with proto lite (#11685) (b1703345f). This compatibility is on the source level. There is not a pre-built binary on Maven Central that supports proto lite
• services: Deprecate ProtoReflectionService (#11681) (921f88ae3). The class implements the deprecated v1alpha of the reflection protocol. Prefer ProtoReflectionServiceV1, which implements the v1 version of the reflection protocol

Dependencies

• Upgrade proto-google-common-protos to 2.48.0 (1993e68b0)
• Upgrade google-auth-library to 1.24.1 (1993e68b0)
• Upgrade error_prone_annotations to 2.30.0 (1993e68b0)
• Upgrade Guava to 33.3.1-android (1993e68b0)
• Upgrade opentelemetry-api to 1.43.0 (1993e68b0)
• xds: Remove Bazel dependency on xds v2 (664f1fcf8). This had been done for the Maven Central binaries in 1.63.0, but had been missed for Bazel builds

Documentation

• binder: Update error codes doc for new "Safer Intent" rules. (#11639) (fe350cfd5)
• examples: Use xds-enabled server and xds credentials in example-gcp-csm-observability (#11706) (a79982c7f)

Thanks to
@​niloc132
@​rockspore
@​SreeramdasLavanya
@​vinodhabib

v1.68.2

Bug Fixes

• api: When forwarding from Listener onAddresses to Listener2 continue to use onResult (grpc/grpc-java#11688). This fixes a 1.68.1 "IllegalStateException: Not called from the SynchronizationContext" regression (#11662) that could be seen in certain custom NameResolvers
• okhttp: If the frame handler thread is null do not schedule it on the executor (grpc/grpc-java#11716). This fixes a 1.68.1 NullPointerException regression when a custom transportExecutor was provided to the channel and it did not have enough threads to run new tasks

... (truncated)

Commits

• 34a7cff Bump version to 1.69.0
• ddc3163 Update README etc to reference 1.69.0
• e98e744 okhttp: Fix for ipv6 link local with scope (#11725) (#11729)
• 29dd9ba change s2av2_credentials to s2a
• a79982c [CSM] Use xds-enabled server and xds credentials in examples (#11706)
• 20d09ce xds: Add counter and gauge metrics (#11661)
• 92de2f3 testing: enabled smallLatency test (#11671)
• 32f4cf4 gae-interop-testing: Upgrade to Java 17
• e58c998 AndroidComponentAddress includes a target UserHandle (#11670)
• 6a92a2a interop-testing: Add concurrency condition to the soak test using existing bl...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

JUnit Test Report

   67 files  ±0     67 suites  ±0   1m 54s ⏱️ +2s
1 265 tests ±0  1 261 ✅  - 1   3 💤 ±0  1 ❌ +1 
7 120 runs  ±0  7 100 ✅  - 1  19 💤 ±0  1 ❌ +1 

For more details on these failures, see this check.

Results for commit 246e807. ± Comparison against base commit 1ad0f26.

This pull request removes 2 and adds 1 tests. Note that renamed tests count towards both.

, 1
com.hedera.pbj.runtime.Utf8ToolsTest ‑ [4] 

com.hedera.pbj.runtime.Utf8ToolsTest ‑ [4] 
, 1

♻️ This comment has been updated with latest results.

[mishomihov00]

@hashgraph/pbj-maintainers This PR seems to be causing some problems with the unit testing. Please check.

[andrewb1269hg]

Version roll looks good.

[anthony-swirldslabs]

@mishomihov00 the failure looks like this:

> Task :pbj-grpc-helidon:test
  com.hedera.pbj.grpc.helidon.PbjTest > UnaryTests ✘ exceptionThrownWhileOpening()

    org.opentest4j.AssertionFailedError: 
    expected: 2
     but was: 13
        at app//com.hedera.pbj.grpc.helidon.PbjTest$UnaryTests.exceptionThrownWhileOpening(PbjTest.java:528)


    Jan 16, 2025 3:52:27 PM io.helidon.common.features.HelidonFeatures features
    INFO: Helidon SE 4.1.6 features: [Config, Encoding, Media, Metrics, Observe, WebClient, WebServer]
    Jan 16, 2025 3:52:27 PM io.helidon.webserver.ServerListener start
    INFO: [0x10c191c6] http://0.0.0.0:8080 bound for socket '@default'
    There is no Helidon logging implementation on classpath, skipping log configuration.
    Jan 16, 2025 3:52:27 PM io.helidon.webserver.LoomServer startIt
    INFO: Started all channels in 96 milliseconds. [366](https://github.com/hashgraph/pbj/actions/runs/12756520105/job/35724569435?pr=350#step:9:367)0 milliseconds since JVM startup. Java 21.0.3+9-LTS


    Jan 16, 2025 3:52:33 PM io.helidon.webserver.ServerListener listen
    INFO: [0x10c191c6] @default socket closed.
    Jan 16, 2025 3:52:33 PM io.helidon.webserver.LoomServer stopIt
    INFO: Helidon WebServer stopped all channels.


  62 passing (10.7s)
  1 pending
  1 failing

However, when I go and open the line 528, I see something different:

https://github.com/hashgraph/pbj/blob/main/pbj-core/pbj-grpc-helidon/src/test/java/com/hedera/pbj/grpc/helidon/PbjTest.java#L528

There's not an assertion for number 2, and this line isn't in a method called exceptionThrownWhileOpening as the log from the test run claims.

Either, the tests are running using a different branch/commit of the repository, or this is a more serious problem in the new version of grpc that is being upgraded here and somehow manages to break the tests so badly.

[mishomihov00]

@mishomihov00 the failure looks like this:

> Task :pbj-grpc-helidon:test
  com.hedera.pbj.grpc.helidon.PbjTest > UnaryTests ✘ exceptionThrownWhileOpening()

    org.opentest4j.AssertionFailedError: 
    expected: 2
     but was: 13
        at app//com.hedera.pbj.grpc.helidon.PbjTest$UnaryTests.exceptionThrownWhileOpening(PbjTest.java:528)


    Jan 16, 2025 3:52:27 PM io.helidon.common.features.HelidonFeatures features
    INFO: Helidon SE 4.1.6 features: [Config, Encoding, Media, Metrics, Observe, WebClient, WebServer]
    Jan 16, 2025 3:52:27 PM io.helidon.webserver.ServerListener start
    INFO: [0x10c191c6] http://0.0.0.0:8080 bound for socket '@default'
    There is no Helidon logging implementation on classpath, skipping log configuration.
    Jan 16, 2025 3:52:27 PM io.helidon.webserver.LoomServer startIt
    INFO: Started all channels in 96 milliseconds. [366](https://github.com/hashgraph/pbj/actions/runs/12756520105/job/35724569435?pr=350#step:9:367)0 milliseconds since JVM startup. Java 21.0.3+9-LTS


    Jan 16, 2025 3:52:33 PM io.helidon.webserver.ServerListener listen
    INFO: [0x10c191c6] @default socket closed.
    Jan 16, 2025 3:52:33 PM io.helidon.webserver.LoomServer stopIt
    INFO: Helidon WebServer stopped all channels.


  62 passing (10.7s)
  1 pending
  1 failing

However, when I go and open the line 528, I see something different:

https://github.com/hashgraph/pbj/blob/main/pbj-core/pbj-grpc-helidon/src/test/java/com/hedera/pbj/grpc/helidon/PbjTest.java#L528

There's not an assertion for number 2, and this line isn't in a method called exceptionThrownWhileOpening as the log from the test run claims.

Either, the tests are running using a different branch/commit of the repository, or this is a more serious problem in the new version of grpc that is being upgraded here and somehow manages to break the tests so badly.

@anthony-swirldslabs Yes, the tests are running with the files from the dependabot/gradle/pbj-core/hiero-dependency-versions/grpc-1.69.0 branch. You can see which assertion is failing here -

pbj/pbj-core/pbj-grpc-helidon/src/test/java/com/hedera/pbj/grpc/helidon/PbjTest.java

Line 528 in 246e807

.isEqualTo(GrpcStatus.UNKNOWN.ordinal());

I'm not so familiar with Java, so my ability to help basically ends here and someone else must investigate why this test is failing.

[dependabot]

Superseded by #370.

[anthony-swirldslabs]

@mishomihov00 : interesting. I'm unsure why it would use tests from a different branch and not main. Regardless though, it looks like #370 solved the issue w/o any failures. So we should be good.