Bump grpc-bom from 1.42.1 to 1.50.0 in /java

[dependabot]

Bumps grpc-bom from 1.42.1 to 1.50.0.

Release notes

Sourced from grpc-bom's releases.

v1.50.0

New Features

• okhttp: Added connection management features to okhttp server, including maxConnectionIdle(), permitKeepAliveTime(), and permitKeepAliveWithoutCalls() (#9494, #9544)
• binder: Add SecurityPolicies for checking device owner/profile owner (#9428)

API Changes

• api: Add LoadBalancer.acceptResolvedAddresses() (#9498). The method is like handleResolvedAddresses() but returns a boolean of whether the addresses and configuration were accepted. Not accepting the update triggers the NameResolver to retry after a delay. We are not yet encouraging migration to this method, as there is still a second future API change
• core: add CallOptions to CallCredentials.RequestInfo (#9538)

Bug Fixes

• auth: Fix AppEngine failing while retrieving access token when instantiating a blocking stub using AppEngineCredentials (#9504)
• core: Ensure that context cancellationCause is set (#9501)
• core: Update outlier detection max ejection logic to allow exceeding the limit by one, to match Envoy. (#9489, #9492)
• core: outlier detection to honor min host request volume (#9490)
• okhttp: Add timeout for HTTP CONNECT proxy handshake (#9586)
• xds: ringhash policy in TRANSIENT_FAILURE should not attempt connecting when already in connecting (#9535). With workloads where most requests have the same hash, ring hash should behave more like pick-first of slowly trying backends

Dependencies

• netty: upgrade netty from 4.1.77.Final to 4.1.79.Final and tcnative from 2.0.53 to 2.0.54 (#9451)

Acknowledgements

@​cpovirk @​prateek-0 @​sai-sunder-s

v1.49.2

Dependencies

• Bump protobuf to 3.21.7

v1.49.1

Bug Fixes

• xds: Fix a bug in ring-hash load balancing policy that, during TRANSIENT_FAILURE state, it might cause unnecessary internal connection requests on subchannels. (#9537)
• auth: Fix AppEngine failing while retrieving access token when instantiating a blocking stub using AppEngineCredentials (#9524)

Behavior Changes

• core: Update outlier detection max ejection logics, and min host request volume logics. (grpc/grpc-java#9550, #9551, #9552)

v1.49.0

New Features

• okhttp: Add OkHttpServerBuilder. The server can be used directly, but is not yet available via ServerBuilder.forPort() and Grpc.newServerBuilderForPort(). It passes our tests, but has seen no real-world use. It is also lacking connection management features
• okhttp: Add support for byte-based private keys via TlsChannelCredentials and TlsServerCredentials
• core: New outlier detection load balancer
• googleapis: google-c2p resolver is now stabilized

Bug Fixes

• core: Fix retry causing memory leak for canceled RPCs. (#9360)
• core: Use SyncContext for InProcess transport callbacks to avoid deadlocks. This fixes the long-standing issue #3084 which prevented using directExecutor() in some tests using streaming RPCs
• core: Disable retries with in-process transport by default (#9361). In-process does not compute message sizes so can retain excessive amounts of memory
• bazel: Use valid target name for services and xds when overriding Maven targets (#9422). This fixes an error of the form no such target '@io_grpc_grpc_java//services:services' for services and missing ORCA classes for xds. The wrong target names were introduced in 1.47.0

... (truncated)

Commits

• df9670d Bump version to 1.50.0
• 3aa8868 Update README etc to reference 1.50.0
• 69e86b9 okhttp: Add client transport proxy socket timeout (#9586)
• ce5f789 Use Protobuf 21.7 in our code generator
• d211b54 Bump Protobuf to 3.21.7
• e998955 xds: Avoid NPE from update after removing subscriptions
• 6f8e44a xds: security code refactoring/renaming (#9555)
• 0cda133 observability: replace current OpenCensus registerAllGrpcViews with only sele...
• 2289956 core: outlier_detection LB to use acceptResolvedAddresses() (#9557)
• 8925696 Revert "xds: prevent concurrent priority LB picker updates (#9363)" (#9554)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)