Sourced from goreleaser/goreleaser-action's releases.

v4.0.0

What's Changed

• fix: do not override GORELEASER_CURRENT_TAG by @​caarlos0 in goreleaser/goreleaser-action#370

Full Changelog: https://github.com/goreleaser/goreleaser-action/compare/v3...v4.0.0

v3.2.0

What's Changed

• chore: remove workaround for setOutput by @​crazy-max (#374)
• chore(deps): bump @​actions/core from 1.9.1 to 1.10.0 (#372)
• chore(deps): bump yargs from 17.5.1 to 17.6.0 (#373)

Full Changelog: https://github.com/goreleaser/goreleaser-action/compare/v3.1.0...v3.2.0

v3.1.0

What's Changed

• fix: dist resolution from config file by @​crazy-max (#369)
• ci: fix workflow by @​crazy-max (#357)
• docs: bump actions to latest major by @​crazy-max (#356)
• chore(deps): bump crazy-max/ghaction-import-gpg from 4 to 5 (#360)
• chore(deps): bump ghaction-import-gpg to v5 (#359)
• chore(deps): bump @​actions/core from 1.6.0 to 1.8.2 (#358)
• chore(deps): bump @​actions/core from 1.8.2 to 1.9.1 (#367)

Full Changelog: https://github.com/goreleaser/goreleaser-action/compare/v3.0.0...v3.1.0

• 8f67e59 chore: regenerate
• 78df308 chore(deps): bump minimatch from 3.0.4 to 3.1.2 (#383)
• 66134d9 Merge remote-tracking branch 'origin/master' into flarco/master
• 3c08cfd chore(deps): bump yargs from 17.6.0 to 17.6.2
• 5dc579b docs: add example when using workdir along with upload-artifact (#366)
• 3b7d1ba feat!: remove auto-snapshot on dirty tag (#382)
• 23e0ed5 fix: do not override GORELEASER_CURRENT_TAG (#370)
• 1315dab update build
• b60ea88 improve install
• 4d25ab4 Update goreleaser.ts
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from google.golang.org/grpc's releases.

Release 1.51.0

Behavior Changes

• xds: NACK EDS resources with duplicate addresses in accordance with a recent spec change (#5715)
  • Special Thanks: @​erni27
• grpc: restrict status codes that can be generated by the control plane (gRFC A54) (#5653)

New Features

• client: set grpc-accept-encoding header with all registered compressors (#5541)
  • Special Thanks: @​jronak
• xds/weightedtarget: return a more meaningful error when all child policies are in TRANSIENT_FAILURE (#5711)
• gcp/observability: add "started rpcs" metric (#5768)
• xds: de-experimentalize the google-c2p-resolver (#5707)
• balancer: add experimental Producer types and methods (#5669)
• orca: provide a way for LB policies to receive OOB load reports (#5669)

Bug Fixes

• go.mod: upgrade x/text dependency to address CVE 2022-32149 (#5769)
• client: fix race that could lead to an incorrect connection state if it was closed immediately after the server's HTTP/2 preface was received (#5714)
  • Special Thanks: @​fuweid
• xds: ensure sum of the weights of all EDS localities at the same priority level does not exceed uint32 max (#5703)
  • Special Thanks: @​erni27
• client: fix binary logging bug which logs a server header on a trailers-only response (#5763)
• balancer/priority: fix a bug where unreleased references to removed child policies (and associated state) was causing a memory leak (#5682)
• xds/google-c2p: validate URI schema for no authorities (#5756)

• eeb9afa Change version to 1.51.0 (#5782)
• 72812fe gcp/observability: filter logging from cloud ops endpoints calls (#5765)
• 0ae33e6 xdsclient: remove unused test code (#5772)
• 824f449 go.mod: upgrade x/text to v0.4 to address CVE (#5769)
• 7f23df0 xdsclient: switch xdsclient watch deadlock test to e2e style (#5697)
• 32f969e o11y: Added started rpc metric in o11y plugin (#5768)
• b597a8e xdsclient: improve authority watchers test (#5700)
• e41e894 orca: create ORCA producer for LB policies to use to receive OOB load reports...
• 36d14db Fix binary logging bug which logs a server header on a trailers only response...
• fcb8bdf xds/google-c2p: validate url for no authorities (#5756)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• b747d7c Bump github.com/stretchr/objx from 0.4.0 to 0.5.0 (#1283)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from google.golang.org/grpc's releases.

Release 1.50.1

New Features

• gcp/observability: support new configuration defined in public preview user guide

• 4c776ec Cherry-pick observability changes from master to v1.50.x and update version t...
• 6576007 Change version to 1.50.1-dev (#5686)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from google.golang.org/grpc's releases.

Release 1.50.0

Behavior Changes

• client: use proper "@" semantics for connecting to abstract unix sockets. (#5678)
  • This is technically a bug fix; the result is that the address was including a trailing NULL byte, which it should not have. This may break users creating the socket in Go by prefixing a NULL instead of an "@", though, so calling it out as a behavior change.
  • Special Thanks: @​jachor

New Features

• metadata: add experimental ValueFromIncomingContext to more efficiently retrieve a single value (#5596)
  • Special Thanks: @​horpto
• stats: provide peer information in HandleConn context (#5589)
  • Special Thanks: @​feihu-stripe
• xds: add support for Outlier Detection, enabled by default (#5435, #5673)

Bug Fixes

• client: fix deadlock in transport caused by GOAWAY racing with stream creation (#5652)
  • This should only occur with an HTTP/2 server that does not follow best practices of an advisory GOAWAY (not a grpc-go server).
• xds/xdsclient: fix a bug which was causing routes with cluster_specifier_plugin set to be NACKed when GRPC_EXPERIMENTAL_XDS_RLS_LB was off (#5670)
• xds/xdsclient: NACK cluster resource if config_source_specifier in lrs_server is not self (#5613)
• xds/ringhash: fix a bug which sometimes prevents the LB policy from retrying connection attempts (#5601)
• xds/ringhash: do nothing when asked to exit IDLE instead of falling back on the default channel behavior of connecting to all addresses (#5614)
• xds/rls: fix a bug which was causing the channel to be stuck in IDLE (#5656)
• alts: fix a bug which was setting WaitForReady on handshaker service RPCs, thereby delaying fallback when required (#5620)
• gcp/observability: fix End() to cleanup global state correctly (#5623)

• c1d7d7a Change version to 1.50.0 (#5685)
• 1451c62 internal/transport: optimize grpc-message encoding/decoding (#5654)
• be4b63b test: minor test cleanup (#5679)
• d83070e Changed Outlier Detection Env Var to default true (#5673)
• 54521b2 client: remove trailing null from unix abstract socket address (#5678)
• 36e4810 orca: cleanup old code, and get grpc package to use new code (#5627)
• e8866a8 build: harden GitHub Workflow permissions (#5660)
• 8458251 xdsclient: ignore routes with cluster_specifier_plugin when GRPC_EXPERIMENTAL...
• a238ceb xDS: Outlier Detection Env Var not hardcoded to false (#5664)
• b1d7f56 transport: Fix deadlock in transport caused by GOAWAY race with new stream cr...
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from google.golang.org/grpc's releases.

Release 1.49.0

New Features

• gcp/observability: add support for Environment Variable GRPC_CONFIG_OBSERVABILITY_JSON (#5525)
• gcp/observability: add support for custom tags (#5565)

Behavior Changes

• server: reduce log level from Warning to Info for early connection establishment errors (#5524)
  • Special Thanks: @​jpkrohling

Bug Fixes

• client: fix race in flow control that could lead to unexpected EOF errors (#5494)
• client: fix a race that could cause RPCs to time out instead of failing more quickly with UNAVAILABLE (#5503)
• client & server: fix a panic caused by passing a nil stats handler to grpc.WithStatsHandler or grpc.StatsHandler (#5543)
• transport/server: fix a race that could cause a stray header to be sent (#5513)
• balancer: give precedence to IDLE over TRANSIENT_FAILURE when aggregating connectivity state (#5473)
• xds/xdsclient: request correct resource name when user specifies a new style resource name with empty authority (#5488)
• xds/xdsclient: NACK endpoint resources with zero weight (#5560)
• xds/xdsclient: fix bug that would reset resource version information after ADS stream restart (#5422)
• xds/xdsclient: fix goroutine leaks when load reporting is enabled (#5505)
• xds/ringhash: fix config update processing to recreate ring and picker when min/max ring size changes (#5557)
• xds/ringhash: avoid recreating subChannels when update doesn't change address weight information (#5431)
• xds/priority: fix bug which could cause priority LB to block all traffic after a config update (#5549)
• xds: fix bug when environment variable GRPC_EXPERIMENTAL_ENABLE_OUTLIER_DETECTION is set to true (#5537)

• 1c29e07 Change version to 1.49.0 (#5583)
• 8e5a84e xds/resolver: generate channel ID randomly (#5603)
• 92cee34 gcp/observability: Add logging filters for logging, tracing, and metrics API ...
• c7fe135 O11Y: Added support for custom tags (#5565)
• 7981af4 test/kokoro: add missing image tagging to the xDS interop url map buildscript...
• 6f34b7a xdsclient: NACK endpoint resource if load_balancing_weight is specified and i...
• f9409d3 ringhash: handle config updates properly (#5557)
• 946dde0 xdsclient: NACK endpoint resources with zero weight (#5560)
• b89f49b xdsclient: deflake Test/LDSWatch_PartialValid (#5552)
• 9bc72de grpc: remove mentions of WithBalancerName from comments (#5555)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from google.golang.org/protobuf's releases.

v1.28.1

This release contains protoc-gen-go binaries for arm64.

Notable changes since v1.28.0:

• CL/418677: internal/impl: improve MessageInfo.New performance
• CL/411377: proto: short-circuit Equal when inputs are identical
• CL/419714: all: Add prebuild binaries for arm64

• 6875c3d all: release v1.28.1
• 881da6e all: Add prebuild binaries for arm64
• 2a74a0e A+C: delete AUTHORS and CONTRIBUTORS
• de9682a internal/impl: improve MessageInfo.New performance
• b0a9446 all: reformat with go1.19 gofmt
• c1bbc5d all: make integration test work on darwin/arm64
• 5f429f7 proto: fix compilation failure in tests
• fc44d00 proto: use reflect.Ptr for backward compatibility
• 380c339 proto: short-circuit Equal when inputs are identical
• 784c482 all: remove shorthand import aliases
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from google.golang.org/grpc's releases.

Release 1.48.0

Bug Fixes

• xds/priority: fix bug that could prevent higher priorities from receiving config updates (#5417)
• RLS load balancer: don't propagate the status code returned on control plane RPCs to data plane RPCs (#5400)

New Features

• stats: add support for multiple stats handlers in a single client or server (#5347)
• gcp/observability: add experimental OpenCensus tracing/metrics support (#5372)
• xds: enable aggregate and logical DNS clusters by default (#5380)
• credentials/google (for xds): support xdstp C2P cluster names (#5399)

• 6417495 Change version to 1.48.0 (#5482)
• 5770b1d xds: drop localities with zero weight at the xdsClient layer (#5476)
• 423cd8e interop: update proto to make vet happy (#5475)
• c9b16c8 transport: remove unused bufWriter.onFlush() (#5464)
• 755bf5a fix typo in the binary log (#5467)
• 15739b5 health: split imports into healthpb and healthgrpc (#5466)
• c075d20 interop client: provide new flag, --soak_min_time_ms_between_rpcs (#5421)
• 4b75005 clusterresolver: merge P(p)arseConfig functions (#5462)
• d883f3d test/xds: fail only when state changes to something other than READY and IDLE...
• c6ee1c7 xdsclient: only include nodeID in error strings, not the whole nodeProto (#5461)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 181cea6 impr: CallerInfo should print full paths to the terminal (#1201)
• cf1284f Allow mock expectations to be ordered (#1106)
• 66eef0e fix: assert.MapSubset (or just support maps in assert.Subset) (#1178)
• 2fab6df Add WithinTimeRange method (#1188)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• b5ce165 fixing panic in calls to assertion with nil m.mutex (#1212)
• c206b2e Mock can be deadlocked by a panic (#1157)
• 1b73601 suite: correctly set stats on test panic (#1195)
• ba1076d Add .Unset method to mock (#982)
• c31ea03 Support comparing byte slice (#1202)
• 48391ba Fix panic in AssertExpectations for mocks without expectations (#1207)
• 840cb80 arrays value types in a zero-initialized state are considered empty (#1126)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 07dc7ee Bump actions/setup-go from 3.1.0 to 3.2.0 (#1191)
• c33fc8d Bump actions/checkout from 2 to 3 (#1163)
• 3c33e07 Added Go 1.18.1 as a build/supported version (#1182)
• e2b56b3 Bump github.com/stretchr/objx from 0.1.0 to 0.4.0
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)