Skip to content

Bump the grpc group with 3 updates #359

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: v0.x.x
Choose a base branch
from
Open

Bump the grpc group with 3 updates #359

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 1, 2025
edited
Loading

Bumps the grpc group with 3 updates: protobuf, grpcio and grpcio-tools.

Updates protobuf from 6.31.1 to 6.32.1

Commits

Updates grpcio from 1.72.1 to 1.75.1

Release notes

Sourced from grpcio's releases.

Release v1.75.1

This is release gRPC Core 1.75.1 (gemini).

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes.

What's Changed

Python

  • Release grpcio wheels with Python 3.14 support (#40403)
  • Asyncio: fixes grpc shutdown race condition occurring during python interpreter finalizations. (#40447)
    • This also addresses previously reported issues with empty error message on Python interpreter exit (Error in sys.excepthook:/Original exception was: empty): #36655, #38679, #33342
  • Python 3.14: preserve current behavior when using grpc.aio async methods outside of a running event loop. (#40750)
    • Note: using async methods outside of a running event loop is discouraged by Python, and will be deprecated in future gRPC releases. Please use the asyncio.run() function (or asyncio.Runner for custom loop factories). For interactive mode, use dedicated asyncio REPL: python -m asyncio.

Full Changelog: grpc/grpc@v1.75.0...v1.75.1

Release v1.75.0

This is release 1.75.0 (gemini) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

  • [Security] Cherry Pick Spiffe Verification. (#40515)
  • [Python][Typeguard] Part 3 - Add Typeguard to AIO stack in tests. (#40217)
  • [c-ares] update version to 1.34.5. (#39508)
  • [pick_first] fix bug that caused us to stop attempting to connect. (#40162)

C++

  • [OTel C++] Implement retry metrics. (#39195)

Objective-C

  • Fix data race by adding custom getter for state property with @synchronized locking. (#40146)

Python

  • gRPC Python (grpcio) now depends on typing-extensions~=4.13. (#40137)
  • Update musllinux wheels from musllinux_1_1 to musllinux_1_2. (#40317)
    • Dropping musllinux_1_1 because it reached EOL in November 2024

... (truncated)

Commits
  • 9b63ce0 [Backport][v1.75.x][Fix] PHP macOS build: composer sha sum update, harden ins...
  • 3ab7404 [Release] Bump version to 1.75.1 (on v1.75.x branch) (#40773)
  • 876e1d1 [Backport][v1.75.x][Python] Handle python3.14 get_event_loop behavior changes...
  • 74ec067 [Backport][v1.75.x][Python][Support 3.14] Enable 3.14 supported wheels (#40726)
  • ff24d38 [Backport][v1.75.x][Python] aio: skip grpc/aio shutdown if py interpreter is ...
  • 093085c [build] Fix objc boringssl build backport (#40689)
  • 8c45613 [release] Bump release version on v1.75.x branch to v1.75.0 (#40644)
  • d382f40 [Backport][v1.75.x][Python][Support 3.14] Enable Python 3.14 interpreters for...
  • e6db475 [Backport][v1.75.x][Python] Build manylinux aarch64 without cross-compilation...
  • 77dc9c8 [Backport][v1.75.x][Python] Updating rules_python to 1.5.4 (#40607)
  • Additional commits viewable in compare view

Updates grpcio-tools from 1.72.1 to 1.75.1

Release notes

Sourced from grpcio-tools's releases.

Release v1.75.1

This is release gRPC Core 1.75.1 (gemini).

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes.

What's Changed

Python

  • Release grpcio wheels with Python 3.14 support (#40403)
  • Asyncio: fixes grpc shutdown race condition occurring during python interpreter finalizations. (#40447)
    • This also addresses previously reported issues with empty error message on Python interpreter exit (Error in sys.excepthook:/Original exception was: empty): #36655, #38679, #33342
  • Python 3.14: preserve current behavior when using grpc.aio async methods outside of a running event loop. (#40750)
    • Note: using async methods outside of a running event loop is discouraged by Python, and will be deprecated in future gRPC releases. Please use the asyncio.run() function (or asyncio.Runner for custom loop factories). For interactive mode, use dedicated asyncio REPL: python -m asyncio.

Full Changelog: grpc/grpc@v1.75.0...v1.75.1

Release v1.75.0

This is release 1.75.0 (gemini) of gRPC Core.

For gRPC documentation, see grpc.io. For previous releases, see Releases.

This release contains refinements, improvements, and bug fixes, with highlights listed below.

Core

  • [Security] Cherry Pick Spiffe Verification. (#40515)
  • [Python][Typeguard] Part 3 - Add Typeguard to AIO stack in tests. (#40217)
  • [c-ares] update version to 1.34.5. (#39508)
  • [pick_first] fix bug that caused us to stop attempting to connect. (#40162)

C++

  • [OTel C++] Implement retry metrics. (#39195)

Objective-C

  • Fix data race by adding custom getter for state property with @synchronized locking. (#40146)

Python

  • gRPC Python (grpcio) now depends on typing-extensions~=4.13. (#40137)
  • Update musllinux wheels from musllinux_1_1 to musllinux_1_2. (#40317)
    • Dropping musllinux_1_1 because it reached EOL in November 2024

... (truncated)

Commits
  • 9b63ce0 [Backport][v1.75.x][Fix] PHP macOS build: composer sha sum update, harden ins...
  • 3ab7404 [Release] Bump version to 1.75.1 (on v1.75.x branch) (#40773)
  • 876e1d1 [Backport][v1.75.x][Python] Handle python3.14 get_event_loop behavior changes...
  • 74ec067 [Backport][v1.75.x][Python][Support 3.14] Enable 3.14 supported wheels (#40726)
  • ff24d38 [Backport][v1.75.x][Python] aio: skip grpc/aio shutdown if py interpreter is ...
  • 093085c [build] Fix objc boringssl build backport (#40689)
  • 8c45613 [release] Bump release version on v1.75.x branch to v1.75.0 (#40644)
  • d382f40 [Backport][v1.75.x][Python][Support 3.14] Enable Python 3.14 interpreters for...
  • e6db475 [Backport][v1.75.x][Python] Build manylinux aarch64 without cross-compilation...
  • 77dc9c8 [Backport][v1.75.x][Python] Updating rules_python to 1.5.4 (#40607)
  • Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
grpcio [>= 1.73.dev0, < 1.74]
grpcio-tools [>= 1.73.dev0, < 1.74]

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added part:tooling Affects the development tooling (CI, deployment, dependency management, etc.) type:tech-debt Improves the project without visible changes for users labels Oct 1, 2025
@dependabot dependabot bot requested review from a team as code owners October 1, 2025 05:03
@dependabot dependabot bot added the part:tooling Affects the development tooling (CI, deployment, dependency management, etc.) label Oct 1, 2025
@dependabot dependabot bot added the type:tech-debt Improves the project without visible changes for users label Oct 1, 2025
florian-wagner-frequenz
florian-wagner-frequenz previously approved these changes Oct 1, 2025
View reviewed changes
Copy link

@florian-wagner-frequenz florian-wagner-frequenz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@tiyash-basu-frequenz tiyash-basu-frequenz added this pull request to the merge queue Oct 1, 2025
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to failed status checks Oct 1, 2025
tiyash-basu-frequenz
tiyash-basu-frequenz requested changes Oct 1, 2025
View reviewed changes
Copy link
Contributor

@tiyash-basu-frequenz tiyash-basu-frequenz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR is failing. See https://github.com/frequenz-floss/frequenz-api-microgrid/actions/runs/18156940253
FYI @llucax

@dependabot dependabot bot force-pushed the dependabot/pip/grpc-771f2d4682 branch from f64ed52 to 448f713 Compare October 1, 2025 10:04
@tiyash-basu-frequenz tiyash-basu-frequenz added the status:blocked Other issues must be resolved before this can be worked on label Oct 2, 2025
@llucax
Copy link
Contributor

llucax commented Oct 11, 2025

Yeah, upgrading grpc/protobuf always need manual intervention because dependabot doesn't bump the runtime deps

@llucax
Copy link
Contributor

llucax commented Oct 11, 2025

We should create a workflow that automatically bump the runtime deps too, but we are not there yet

@dependabot dependabot bot force-pushed the dependabot/pip/grpc-771f2d4682 branch 2 times, most recently from ed48fa7 to 8c680da Compare October 13, 2025 13:51
@dependabot
Bump the grpc group with 3 updates
4feb559 
Bumps the grpc group with 3 updates: [protobuf](https://github.com/protocolbuffers/protobuf), [grpcio](https://github.com/grpc/grpc) and [grpcio-tools](https://github.com/grpc/grpc).


Updates `protobuf` from 6.31.1 to 6.32.1
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl)
- [Commits](https://github.com/protocolbuffers/protobuf/commits)

Updates `grpcio` from 1.72.1 to 1.75.1
- [Release notes](https://github.com/grpc/grpc/releases)
- [Changelog](https://github.com/grpc/grpc/blob/master/doc/grpc_release_schedule.md)
- [Commits](grpc/grpc@v1.72.1...v1.75.1)

Updates `grpcio-tools` from 1.72.1 to 1.75.1
- [Release notes](https://github.com/grpc/grpc/releases)
- [Changelog](https://github.com/grpc/grpc/blob/master/doc/grpc_release_schedule.md)
- [Commits](grpc/grpc@v1.72.1...v1.75.1)

---
updated-dependencies:
- dependency-name: protobuf
  dependency-version: 6.32.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: grpc
- dependency-name: grpcio
  dependency-version: 1.75.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: grpc
- dependency-name: grpcio-tools
  dependency-version: 1.75.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: grpc
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/pip/grpc-771f2d4682 branch from 8c680da to 4feb559 Compare November 1, 2025 05:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tiyash-basu-frequenz tiyash-basu-frequenz tiyash-basu-frequenz requested changes

@florian-wagner-frequenz florian-wagner-frequenz florian-wagner-frequenz left review comments

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

part:tooling Affects the development tooling (CI, deployment, dependency management, etc.) status:blocked Other issues must be resolved before this can be worked on type:tech-debt Improves the project without visible changes for users

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@llucax @tiyash-basu-frequenz @florian-wagner-frequenz