Security update for abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil, python-grpcio, re2

Announcement ID:	SUSE-SU-2024:0573-1
Rating:	moderate
References:	bsc#1133277 bsc#1182659 bsc#1203378 bsc#1208794 bsc#1212180 bsc#1212182 bsc#1214148 bsc#1215334 jsc#PED-5014
Cross-References:	CVE-2023-32731 CVE-2023-32732 CVE-2023-33953 CVE-2023-44487 CVE-2023-4785
CVSS scores:	CVE-2023-32731 ( SUSE ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H CVE-2023-32731 ( NVD ): 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H CVE-2023-32732 ( SUSE ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2023-32732 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L CVE-2023-33953 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-33953 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-44487 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-44487 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-4785 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVE-2023-4785 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected Products:	Basesystem Module 15-SP5 Development Tools Module 15-SP5 openSUSE Leap 15.4 openSUSE Leap 15.5 openSUSE Leap Micro 5.3 openSUSE Leap Micro 5.4 Public Cloud Module 15-SP4 Public Cloud Module 15-SP5 Python 3 Module 15-SP5 SUSE Linux Enterprise Desktop 15 SP4 SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 SUSE Linux Enterprise Desktop 15 SP5 SUSE Linux Enterprise High Performance Computing 15 SP4 SUSE Linux Enterprise High Performance Computing 15 SP5 SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Micro 5.4 SUSE Linux Enterprise Micro 5.5 SUSE Linux Enterprise Micro for Rancher 5.3 SUSE Linux Enterprise Micro for Rancher 5.4 SUSE Linux Enterprise Real Time 15 SP5 SUSE Linux Enterprise Server 15 SP4 SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 SUSE Linux Enterprise Server 15 SP5 SUSE Linux Enterprise Server for SAP Applications 15 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SP5 SUSE Linux Enterprise Workstation Extension 15 SP5 SUSE Manager Proxy 4.3 SUSE Manager Retail Branch Server 4.3 SUSE Manager Server 4.3 SUSE Package Hub 15 15-SP5

An update that solves five vulnerabilities, contains one feature and has three security fixes can now be installed.

Description:

This update for abseil-cpp, grpc, opencensus-proto, protobuf, python-abseil, python-grpcio, re2 fixes the following issues:

abseil-cpp was updated to:

Update to 20230802.1:

• Add StdcppWaiter to the end of the list of waiter implementations

Update to 20230802.0

What's New:

• Added the nullability library for designating the expected nullability of pointers. Currently these serve as annotations only, but it is expected that compilers will one day be able to use these annotations for diagnostic purposes.
• Added the prefetch library as a portable layer for moving data into caches before it is read.
• Abseil's hash tables now detect many more programming errors in debug and sanitizer builds.
• Abseil's synchronization objects now differentiate absolute waits (when passed an absl::Time) from relative waits (when passed an absl::Duration) when the underlying platform supports differentiating these cases. This only makes a difference when system clocks are adjusted.
• Abseil's flag parsing library includes additional methods that make it easier to use when another library also expects to be able to parse flags.
• absl::string_view is now available as a smaller target, @com_google_absl//absl/strings:string_view, so that users may use this library without depending on the much larger @com_google_absl//absl/strings target.

Update to 20230125.3

Details can be found on:

https://github.com/abseil/abseil-cpp/releases/tag/20230125.3

Update to 20230125.2

What's New:

The Abseil logging library has been released. This library
provides facilities for writing short text messages about the
status of a program to stderr, disk files, or other sinks
(via an extension API). See the logging library documentation
for more information.
  An extension point, AbslStringify(), allows user-defined types
to seamlessly work with Abseil's string formatting functions
like absl::StrCat() and absl::StrFormat().
  A library for computing CRC32C checksums has been added.
  Floating-point parsing now uses the Eisel-Lemire algorithm,
which provides a significant speed improvement.
  The flags library now provides suggestions for the closest
flag(s) in the case of misspelled flags.
  Using CMake to install Abseil now makes the installed artifacts
(in particular absl/base/options.h) reflect the compiled ABI.

Breaking Changes:

Abseil now requires at least C++14 and follows Google's Foundational
C++ Support Policy. See this table for a list of currently supported
versions compilers, platforms, and build tools.
  The legacy spellings of the thread annotation macros/functions
(e.g. GUARDED_BY()) have been removed by default in favor of the
ABSL_ prefixed versions (e.g. ABSL_GUARDED_BY()) due to clashes with
other libraries. The compatibility macro ABSL_LEGACY_THREAD_ANNOTATIONS
can be defined on the compile command-line to temporarily restore these
spellings, but this compatibility macro will be removed in the future.

Known Issues

The Abseil logging library in this release is not a feature-complete
replacement for glog yet. VLOG and DFATAL are examples of features
that have not yet been released.

Update to version 20220623.0

What's New:

• Added absl::AnyInvocable, a move-only function type.
• Added absl::CordBuffer, a type for buffering data for eventual inclusion an absl::Cord, which is useful for writing zero-copy code.
• Added support for command-line flags of type absl::optional<T>.

Breaking Changes:

• CMake builds now use the flag ABSL_BUILD_TESTING (default: OFF) to control whether or not unit tests are built.
• The ABSL_DEPRECATED macro now works with the GCC compiler. GCC users that are experiencing new warnings can use -Wno-deprecated-declatations silence the warnings or use -Wno-error=deprecated-declarations to see warnings but not fail the build.
• ABSL_CONST_INIT uses the C++20 keyword constinit when available. Some compilers are more strict about where this keyword must appear compared to the pre-C++20 implementation.
• Bazel builds now depend on the bazelbuild/bazel-skylib repository. See Abseil's WORKSPACE file for an example of how to add this dependency.

Other:

• This will be the last release to support C++11. Future releases will require at least C++14.

grpc was updated to 1.60:

Update to release 1.60

• Implemented dualstack IPv4 and IPv6 backend support, as per draft gRFC A61. xDS support currently guarded by GRPC_EXPERIMENTAL_XDS_DUALSTACK_ENDPOINTS env var.
• Support for setting proxy for addresses.
• Add v1 reflection.

update to 1.59.3:

• Security - Revocation: Crl backport to 1.59. (#34926)

Update to release 1.59.2

• Fixes for CVE-2023-44487

Update to version 1.59.1:

• C++: Fix MakeCordFromSlice memory bug (gh#grpc/grpc#34552).

Update to version 1.59.0:

• xds ssa: Remove environment variable protection for stateful affinity (gh#grpc/grpc#34435).
• c-ares: fix spin loop bug when c-ares gives up on a socket that still has data left in its read buffer (gh#grpc/grpc#34185).
• Deps: Adding upb as a submodule (gh#grpc/grpc#34199).
• EventEngine: Update Cancel contract on closure deletion timeline (gh#grpc/grpc#34167).
• csharp codegen: Handle empty base_namespace option value to fix gh#grpc/grpc#34113 (gh#grpc/grpc#34137).
• Ruby:
• replace strdup with gpr_strdup (gh#grpc/grpc#34177).
• drop ruby 2.6 support (gh#grpc/grpc#34198).

Update to release 1.58.1

• Reintroduced c-ares 1.14 or later support

Update to release 1.58

• ruby extension: remove unnecessary background thread startup wait logic that interferes with forking

Update to release 1.57 (CVE-2023-4785, bsc#1215334, CVE-2023-33953, bsc#1214148)

• EventEngine: Change GetDNSResolver to return absl::StatusOr<std::unique_ptr<DNSResolver>>.
• Improve server handling of file descriptor exhaustion.
• Add a channel argument to set DSCP on streams.

Update to release 1.56.2

• Improve server handling of file descriptor exhaustion

Update to release 1.56.0 (CVE-2023-32731, bsc#1212180)

• core: Add support for vsock transport.
• EventEngine: Change TXT lookup result type to std::vector<std::string>.
• C++/Authz: support customizable audit functionality for authorization policy.

Update to release 1.54.1

• Bring declarations and definitions to be in sync

Update to release 1.54 (CVE-2023-32732, bsc#1212182)

• XDS: enable XDS federation by default
• TlsCreds: Support revocation of intermediate in chain

Update to release 1.51.1

• Only a macOS/aarch64-related change

Update to release 1.51

• c-ares DNS resolver: fix logical race between resolution timeout/cancellation and fd readability.
• Remove support for pthread TLS

Update to release 1.50.0

• Core

• Derive EventEngine from std::enable_shared_from_this. (#31060)

• Revert "Revert "[chttp2] fix stream leak with queued flow control update and absence of writes (#30907)" (#30991)". (#30992)
• [chttp2] fix stream leak with queued flow control update and absence of writes. (#30907)
• Remove gpr_codegen. (#30899)
• client_channel: allow LB policy to communicate update errors to resolver. (#30809)

• FaultInjection: Fix random number generation. (#30623)

• C++

• OpenCensus Plugin: Add measure and views for started RPCs. (#31034)

• C#

• Grpc.Tools: Parse warnings from libprotobuf (fix #27502). (#30371)

• Grpc.Tools add support for env variable GRPC_PROTOC_PLUGIN (fix #27099). (#30411)
• Grpc.Tools document AdditionalImportDirs. (#30405)
• Fix OutputOptions and GrpcOutputOptions (issue #25950). (#30410)

Update to release 1.49.1

• All

• Update protobuf to v21.6 on 1.49.x. (#31028)

• Ruby

• Backport "Fix ruby windows ucrt build #31051" to 1.49.x. (#31053)

Update to release 1.49.0

• Core
• Backport: "stabilize the C2P resolver URI scheme" to v1.49.x. (#30654)
• Bump core version. (#30588)
• Update OpenCensus to HEAD. (#30567)
• Update protobuf submodule to 3.21.5. (#30548)
• Update third_party/protobuf to 3.21.4. (#30377)
• [core] Remove GRPC_INITIAL_METADATA_CORKED flag. (#30443)
• HTTP2: Fix keepalive time throttling. (#30164)

• Use AnyInvocable in EventEngine APIs. (#30220)

• Python

• Add type stub generation support to grpcio-tools. (#30498)

Update to release 1.48.1

• Backport EventEngine Forkables

Update to release 1.48.0

• C++14 is now required
• xDS: Workaround to get gRPC clients working with istio

Update to release 1.46.3

• backport: xds: use federation env var to guard new-style resource name parsing (#29725) #29727

Update to release 1.46

• Added HTTP/1.1 support in httpcli
• HTTP2: Add graceful goaway

Update to release 1.45.2

• Various fixes related to XDS
• HTTP2: Should not run cancelling logic on servers when receiving GOAWAY

Update to release 1.45.1

• Switched to epoll1 as a default polling engine for Linux

Update to version 1.45.0:

• Core:

• Backport "Include ADS stream error in XDS error updates (#29014)" to 1.45.x [gh#grpc/grpc#29121].

• Bump core version to 23.0.0 for upcoming release [gh#grpc/grpc#29026].
• Fix memory leak in HTTP request security handshake cancellation [gh#grpc/grpc#28971].
• CompositeChannelCredentials: Comparator implementation [gh#grpc/grpc#28902].
• Delete custom iomgr [gh#grpc/grpc#28816].
• Implement transparent retries [gh#grpc/grpc#28548].
• Uniquify channel args keys [gh#grpc/grpc#28799].
• Set trailing_metadata_available for recv_initial_metadata ops when generating a fake status [gh#grpc/grpc#28827].
• Eliminate gRPC insecure build [gh#grpc/grpc#25586].
• Fix for a racy WorkSerializer shutdown [gh#grpc/grpc#28769].
• InsecureCredentials: singleton object [gh#grpc/grpc#28777].
• Add http cancel api [gh#grpc/grpc#28354].
• Memory leak fix on windows in grpc_tcp_create() [gh#grpc/grpc#27457].

• xDS: Rbac filter updates [gh#grpc/grpc#28568].

• C++

• Bump the minimum gcc to 5 [gh#grpc/grpc#28786].

• Add experimental API for CRL checking support to gRPC C++ TlsCredentials [gh#grpc/grpc#28407].

Update to release 1.44.0

• Add a trace to list which filters are contained in a channel stack.
• Remove grpc_httpcli_context.
• xDS: Add support for RBAC HTTP filter.
• API to cancel grpc_resolve_address.

Update to version 1.43.2:

• Fix google-c2p-experimental issue (gh#grpc/grpc#28692).

Changes from version 1.43.0:

• Core:

• Remove redundant work serializer usage in c-ares windows code (gh#grpc/grpc#28016).

• Support RDS updates on the server (gh#grpc/grpc#27851).
• Use WorkSerializer in XdsClient to propagate updates in a synchronized manner (gh#grpc/grpc#27975).
• Support Custom Post-handshake Verification in TlsCredentials (gh#grpc/grpc#25631).
• Reintroduce the EventEngine default factory (gh#grpc/grpc#27920).
• Assert Android API >= v21 (gh#grpc/grpc#27943).
• Add support for abstract unix domain sockets (gh#grpc/grpc#27906).

• C++:

• OpenCensus: Move metadata storage to arena (gh#grpc/grpc#27948).

• [C#] Add nullable type attributes to Grpc.Core.Api (gh#grpc/grpc#27887).

• Update package name libgrpc++1 to libgrpc++1_43 in keeping with updated so number.

Update to release 1.41.0

• xDS: Remove environmental variable guard for security.
• xDS Security: Use new way to fetch certificate provider plugin instance config.
• xDS server serving status: Use a struct to allow more fields to be added in the future.

Update to release 1.39.1

• Fix C# protoc plugin argument parsing on 1.39.x

Update to version 1.39.0:

• Core

• Initialize tcp_posix for CFStream when needed (gh#grpc/grpc#26530).

• Update boringssl submodule (gh#grpc/grpc#26520).
• Fix backup poller races (gh#grpc/grpc#26446).
• Use default port 443 in HTTP CONNECT request (gh#grpc/grpc#26331).

• C++

• New iomgr implementation backed by the EventEngine API (gh#grpc/grpc#26026).

• async_unary_call: add a Destroy method, called by std::default_delete (gh#grpc/grpc#26389).

• De-experimentalize C++ callback API (gh#grpc/grpc#25728).

• PHP: stop reading composer.json file just to read the version string (gh#grpc/grpc#26156).

• Ruby: Set XDS user agent in ruby via macros (gh#grpc/grpc#26268).

Update to release 1.38.0

• Invalidate ExecCtx now before computing timeouts in all repeating timer events using a WorkSerializer or combiner.
• Fix use-after-unref bug in fault_injection_filter
• New gRPC EventEngine Interface
• Allow the AWS_DEFAULT_REGION environment variable
• s/OnServingStatusChange/OnServingStatusUpdate/

Update to release 1.37.1

• Use URI form of address for channelz listen node
• Implementation CSDS (xDS Config Dump)
• xDS status notifier
• Remove CAS loops in global subchannel pool and simplify subchannel refcounting

Update to release 1.36.4

• A fix for DNS SRV lookups on Windows

Update to 1.36.1:

• Core:
• Remove unnecessary internal pollset set in c-ares DNS resolver
• Support Default Root Certs in Tls Credentials
• back-port: add env var protection for google-c2p resolver
• C++:
• Move third party identity C++ api out of experimental namespace
• refactor!: change error_details functions to templates
• Support ServerContext for callback API
• PHP:
• support for PSM security
• fixed segfault on reused call object
• fixed phpunit 8 warnings
• Python:
• Implement Python Client and Server xDS Creds

Update to version 1.34.1:

• Backport "Lazily import grpc_tools when using runtime stub/message generation" to 1.34.x (gh#grpc/grpc#25011).
• Backport "do not use <PublicSign>true</PublicSign> on non-windows" to 1.34.x (gh#grpc/grpc#24995).

Update to version 1.34.0:

• Core:

• Protect xds security code with the environment variable "GRPC_XDS_EXPERIMENTAL_SECURITY_SUPPORT" (gh#grpc/grpc#24782).

• Add support for "unix-abstract:" URIs to support abstract unix domain sockets (gh#grpc/grpc#24500).
• Increment Index when parsing not plumbed SAN fields (gh#grpc/grpc#24601).
• Revert "Revert "Deprecate GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS"" (gh#grpc/grpc#24518).
• xds: Set status code to INVALID_ARGUMENT when NACKing (gh#grpc/grpc#24516).
• Include stddef.h in address_sorting.h (gh#grpc/grpc#24514).
• xds: Add support for case_sensitive option in RouteMatch (gh#grpc/grpc#24381).
• C++:
• Fix --define=grpc_no_xds=true builds (gh#grpc/grpc#24503).
• Experimental support and tests for CreateCustomInsecureChannelWithInterceptorsFromFd (gh#grpc/grpc#24362).

Update to release 1.33.2

• Deprecate GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS.
• Expose Cronet error message to the application layer.
• Remove grpc_channel_ping from surface API.
• Do not send BDP pings if there is no receive side activity.

Update to version 1.33.1

• Core

• Deprecate GRPC_ARG_HTTP2_MIN_SENT_PING_INTERVAL_WITHOUT_DATA_MS (gh#grpc/grpc#24063).

• Expose Cronet error message to the application layer (gh#grpc/grpc#24083).
• Remove grpc_channel_ping from surface API (gh#grpc/grpc#23894).

• Do not send BDP pings if there is no receive side activity (gh#grpc/grpc#22997).

• C++

• Makefile: only support building deps from submodule (gh#grpc/grpc#23957).

• Add new subpackages - libupb and upb-devel. Currently, grpc sources include also upb sources. Before this change, libupb and upb-devel used to be included in a separate package - upb.

Update to version 1.32.0:

• Core
• Remove stream from stalled lists on remove_stream (gh#grpc/grpc#23984).
• Do not cancel RPC if send metadata size if larger than peer's limit (gh#grpc/grpc#23806).
• Don't consider receiving non-OK status as an error for HTTP2 (gh#grpc/grpc#19545).
• Keepalive throttling (gh#grpc/grpc#23313).
• Include the target_uri in "target uri is not valid" error messages (gh#grpc/grpc#23782).
• Fix "cannot send compressed message large than 1024B" in cronet_transport (gh#grpc/grpc#23219).
• Receive SETTINGS frame on clients before declaring subchannel READY (gh#grpc/grpc#23636).
• Enabled GPR_ABSEIL_SYNC (gh#grpc/grpc#23372).

• Experimental xDS v3 support (gh#grpc/grpc#23281).

• C++

• Upgrade bazel used for all tests to 2.2.0 (gh#grpc/grpc#23902).

• Remove test targets and test helper libraries from Makefile (gh#grpc/grpc#23813).
• Fix repeated builds broken by re2's cmake (gh#grpc/grpc#23587).
• Log the peer address of grpc_cli CallMethod RPCs to stderr (gh#grpc/grpc#23557).

opencensus-proto was updated to 0.3.0+git.20200721:

• Update to version 0.3.0+git.20200721:

• Bump version to 0.3.0

• Generate Go types using protocolbuffers/protobuf-go (#218)

• Load proto_library() rule. (#216)

• Update to version 0.2.1+git.20190826:

• Remove grpc_java dependency and java_proto rules. (#214)

• Add C++ targets, especially for gRPC services. (#212)
• Upgrade bazel and dependencies to latest. (#211)
• Bring back bazel cache to make CI faster. (#210)

• Travis: don't require sudo for bazel installation. (#209)

• Update to version 0.2.1:

• Add grpc-gateway for metrics service. (#205)

• Pin bazel version in travis builds (#207)
• Update gen-go files (#199)
• Add Web JS as a LibraryInfo.Language option (#198)
• Set up Python packaging for PyPI release. (#197)
• Add tracestate to links. (#191)
• Python proto file generator and generated proto files (#196)
• Ruby proto file generator and generated proto files (#192)
• Add py_proto_library() rules for envoy/api. (#194)
• Gradle: Upgrade dependency versions. (#193)
• Update release versions for readme. (#189)
• Start 0.3.0 development cycle
• Update gen-go files. (#187)
• Revert "Start 0.3.0 development cycle (#167)" (#183)
• Revert optimization for metric descriptor and bucket options for now. (#184)
• Constant sampler: add option to always follow the parent's decision. (#182)
• Document that all maximum values must be specified. (#181)
• Fix typo in bucket bounds. (#178)
• Restrict people who can approve reviews. This is to ensure code quality. (#177)
• Use bazel cache to make CI faster. (#176)
• Add grpc generated files to the idea plugin. (#175)
• Add Resource to Span (#174)
• time is required (#170)
• Upgrade protobuf dependency to v3.6.1.3. (#173)
• assume Ok Status when not set (#171)
• Minor comments fixes (#160)
• Start 0.3.0 development cycle (#167)
• Update gen-go files. (#162)
• Update releasing instruction. (#163)
• Fix Travis build. (#165)
• Add OpenApi doc for trace agent grpc-gateway (#157)
• Add command to generate OpenApi/Swagger doc for grpc-gateway (#156)
• Update gen-go files (#155)
• Add trace export grpc-gateway config (#77)
• Fix bazel build after bazel upgrade (#154)
• README: Add gitter, javadoc and godoc badge. (#151)
• Update release versions for README. (#150)
• Start 0.2.0 development cycle
• Add resource and metrics_service proto to mkgogen. Re-generate gen-go files. (#147)
• Add resource to protocol (#137)
• Fix generating the javadoc. (#144)
• Metrics/TimeSeries: start time should not be included while end time should. (#142)
• README: Add instructions on using opencensus_proto with Bazel. (#140)
• agent/README: update package info. (#138)
• Agent: Add metrics service. (#136)
• Tracing: Add default limits to TraceConfig. (#133)
• Remove a stale TODO. (#134)
• README: Add a note about go_proto_library rules. (#135)
• add golang bazel build support (#132)
• Remove exporter protos from mkgogen. (#128)
• Update README and RELEASING. (#130)
• Change histogram buckets definition to be OpenMetrics compatible. (#121)
• Remove exporter/v1 protos. (#124)
• Clean up the README for Agent proto. (#126)
• Change Quantiles to ValuesAtPercentile. (#122)
• Extend the TraceService service to support export/config for multiple Applications. (#119)
• Add specifications on Agent implementation details. (#112)
• Update gitignore (#118)
• Remove maven support. Not used. (#116)
• Add gauge distribution. (#117)
• Add support for Summary type and value. (#110)
• Add Maven status and instructions on adding dependencies. (#115)
• Bump version to 0.0.3-SNAPSHOT
• Bump version to 0.0.2
• Update gen-go files. (#114)
• Gradle: Add missing source and javadoc rules. (#113)
• Add support for float attributes. (#98)
• Change from mean to sum in distribution. (#109)
• Bump version to v0.0.2-SNAPSHOT
• Bump version to v0.0.1
• Add releasing instructions in RELEASING.md. (#106)
• Add Gradle build rules for generating gRPC service and releasing to Maven. (#102)
• Re-organize proto directory structure. (#103)
• Update gen-go files. (#101)
• Add a note about interceptors of other libraries. (#94)
• agent/common/v1: use exporter_version, core_library_version in LibraryInfo (#100)
• opencensus/proto: add default Agent port to README (#97)
• Update the message names for Config RPC. (#93)
• Add details about agent protocol in the README. (#88)
• Update gen-go files. (#92)
• agent/trace/v1: fix signature for Config and comments too (#91)
• Update gen-go files. (#86)
• Make tracestate a list instead of a map to preserve ordering. (#84)
• Allow MetricDescriptor to be sent only the first time. (#78)
• Update mkgogen.sh. (#85)
• Add agent trace service proto definitions. (#79)
• Update proto and gen-go package names. (#83)
• Add agent/common proto and BUILD. (#81)
• Add trace_config.proto. (#80)
• Build exporters with maven. (#76)
• Make clear that cumulative int/float can go only up. (#75)
• Add tracestate field to the Span proto. (#74)
• gradle wrapper --gradle-version 4.9 (#72)
• Change from multiple types of timeseries to have one. (#71)
• Move exemplars in the Bucket. (#70)
• Update gen-go files. (#69)
• Move metrics in the top level directory. (#68)
• Remove Range from Distribution. No backend supports this. (#67)
• Remove unused MetricSet message. (#66)
• Metrics: Add Exemplar to DistributionValue. (#62)
• Gauge vs Cumulative. (#65)
• Clarifying comment about bucket boundaries. (#64)
• Make MetricDescriptor.Type capture the type of the value as well. (#63)
• Regenerate the Go artifacts (#61)

• Add export service proto (#60)

• Initial version 20180523

protobuf was updated to 25.1:

update to 25.1:

• Raise warnings for deprecated python syntax usages
• Add support for extensions in CRuby, JRuby, and FFI Ruby
• Add support for options in CRuby, JRuby and FFI (#14594)

update to 25.0:

• Implement proto2/proto3 with editions
• Defines Protobuf compiler version strings as macros and separates out suffix string definition.
• Add utf8_validation feature back to the global feature set.
• Setting up version updater to prepare for poison pills and embedding version info into C++, Python and Java gencode.
• Merge the protobuf and upb Bazel repos
• Editions: Introduce functionality to protoc for generating edition feature set defaults.
• Editions: Migrate edition strings to enum in C++ code.
• Create a reflection helper for ExtensionIdentifier.
• Editions: Provide an API for C++ generators to specify their features.
• Editions: Refactor feature resolution to use an intermediate message.
• Publish extension declarations with declaration verifications.
• Editions: Stop propagating partially resolved feature sets to plugins.
• Editions: Migrate string_field_validation to a C++ feature
• Editions: Include defaults for any features in the generated pool.
• Protoc: parser rejects explicit use of map_entry option
• Protoc: validate that reserved range start is before end
• Protoc: support identifiers as reserved names in addition to string literals (only in editions)
• Drop support for Bazel 5.
• Allow code generators to specify whether or not they support editions. C++:
• Set PROTOBUF_EXPORT on InternalOutOfLineDeleteMessageLite()
• Update stale checked-in files
• Apply PROTOBUF_NOINLINE to declarations of some functions that want it.
• Implement proto2/proto3 with editions
• Make JSON UTF-8 boundary check inclusive of the largest possible UTF-8 character.
• Reduce Map::size_type to 32-bits. Protobuf containers can't have more than that
• Defines Protobuf compiler version strings as macros and separates out suffix string definition.
• Add ABSL_ATTRIBUTE_LIFETIME_BOUND attribute on generated oneof accessors.
• Fix bug in reflection based Swap of map fields.
• Add utf8_validation feature back to the global feature set.
• Setting up version updater to prepare for poison pills and embedding version info into C++, Python and Java gencode.
• Add prefetching to arena allocations.
• Add ABSL_ATTRIBUTE_LIFETIME_BOUND attribute on generated repeated and map field accessors.
• Editions: Migrate edition strings to enum in C++ code.
• Create a reflection helper for ExtensionIdentifier.
• Editions: Provide an API for C++ generators to specify their features.
• Add ABSL_ATTRIBUTE_LIFETIME_BOUND attribute on generated string field accessors.
• Editions: Refactor feature resolution to use an intermediate message.
• Fixes for 32-bit MSVC.
• Publish extension declarations with declaration verifications.
• Export the constants in protobuf's any.h to support DLL builds.
• Implement AbslStringify for the Descriptor family of types.
• Add ABSL_ATTRIBUTE_LIFETIME_BOUND attribute on generated message field accessors.
• Editions: Stop propagating partially resolved feature sets to plugins.
• Editions: Migrate string_field_validation to a C++ feature
• Editions: Include defaults for any features in the generated pool.
• Introduce C++ feature for UTF8 validation.
• Protoc: validate that reserved range start is before end
• Remove option to disable the table-driven parser in protoc.
• Lock down ctype=CORD in proto file.
• Support split repeated fields.
• In OSS mode omit some extern template specializations.
• Allow code generators to specify whether or not they support editions. Java:
• Implement proto2/proto3 with editions
• Remove synthetic oneofs from Java gencode field accessor tables.
• Timestamps.parse: Add error handling for invalid hours/minutes in the timezone offset.
• Defines Protobuf compiler version strings as macros and separates out suffix string definition.
• Add ABSL_ATTRIBUTE_LIFETIME_BOUND attribute on generated oneof accessors.
• Add missing debugging version info to Protobuf Java gencode when multiple files are generated.
• Fix a bad cast in putBuilderIfAbsent when already present due to using the result of put() directly (which is null if it currently has no value)
• Setting up version updater to prepare for poison pills and embedding version info into C++, Python and Java gencode.
• Fix a NPE in putBuilderIfAbsent due to using the result of put() directly (which is null if it currently has no value)
• Update Kotlin compiler to escape package names
• Add MapFieldBuilder and change codegen to generate it and the put{field}BuilderIfAbsent method.
• Introduce recursion limit in Java text format parsing
• Consider the protobuf.Any invalid if typeUrl.split("/") returns an empty array.
• Mark FieldDescriptor.hasOptionalKeyword() as deprecated.
• Fixed Python memory leak in map lookup.
• Loosen upb for json name conflict check in proto2 between json name and field
• Defines Protobuf compiler version strings as macros and separates out suffix string definition.
• Add ABSL_ATTRIBUTE_LIFETIME_BOUND attribute on generated oneof accessors.
• Ensure Timestamp.ToDatetime(tz) has correct offset
• Do not check required field for upb python MergeFrom
• Setting up version updater to prepare for poison pills and embedding version info into C++, Python and Java gencode.
• Merge the protobuf and upb Bazel repos
• Comparing a proto message with an object of unknown returns NotImplemented
• Emit slots in pyi output as a tuple rather than a list for --pyi_out.
• Fix a bug that strips options from descriptor.proto in Python.
• Raise warings for message.UnknownFields() usages and navigate to the new add
• Add protobuf python keyword support in path for stub generator.
• Add tuple support to set Struct

• Python C-Extension (Default)

• Comparing a proto message with an object of unknown returns NotImplemented
• Check that ffi-compiler loads before using it to define tasks. UPB (Python/PHP/Ruby C-Extension):
• Include .inc files directly instead of through a filegroup
• Loosen upb for json name conflict check in proto2 between json name and field
• Add utf8_validation feature back to the global feature set.
• Do not check required field for upb python MergeFrom
• Merge the protobuf and upb Bazel repos
• Added malloc_trim() calls to Python allocator so RSS will decrease when memory is freed
• Upb: fix a Python memory leak in ByteSize()
• Support ASAN detection on clang
• Upb: bugfix for importing a proto3 enum from within a proto2 file
• Expose methods needed by Ruby FFI using UPB_API

• Fix PyUpb_Message_MergeInternal segfault

• Build with source and target levels 8

• fixes build with JDK21
• Install the pom file with the new %%mvn_install_pom macro
• Do not install the pom-only artifacts, since the %%mvn_install_pom macro resolves the variables at the install time

update to 23.4:

• Add dllexport_decl for generated default instance.
• Deps: Update Guava to 32.0.1

update to 23.3:

C++:

• Regenerate stale files
• Use the same ABI for static and shared libraries on non- Windows platforms
• Add a workaround for GCC constexpr bug Objective-C:
• Regenerate stale files UPB (Python/PHP/Ruby C-Extension)
• Fixed a bug in upb_Map_Delete() that caused crashes in map.delete(k) for Ruby when string-keyed maps were in use.

Compiler: * Add missing header to Objective-c generator * Add a workaround for GCC constexpr bug

Java: * Rollback of: Simplify protobuf Java message builder by removing methods that calls the super class only.

Csharp: * [C#] Replace regex that validates descriptor names

update to 22.5:

C++: * Add missing cstdint header * Fix: missing -DPROTOBUF_USE_DLLS in pkg-config (#12700) * Avoid using string(JOIN..., which requires cmake 3.12 * Explicitly include GTest package in examples * Bump Abseil submodule to 20230125.3 (#12660)

update to 22.4:

C++: * Fix libprotoc: export useful symbols from .so

Python: * Fix bug in _internal_copy_files where the rule would fail in downstream repositories.

Other: * Bump utf8_range to version with working pkg-config (#12584) * Fix declared dependencies for pkg-config * Update abseil dependency and reorder dependencies to ensure we use the version specified in protobuf_deps. * Turn off clang::musttail on i386

update to v22.3

UPB (Python/PHP/Ruby C-Extension): * Remove src prefix from proto import * Fix .gitmodules to use the correct absl branch * Remove erroneous dependency on googletest

update to 22.2:

Java: * Add version to intra proto dependencies and add kotlin stdlib dependency * Add $ back for osgi header * Remove $ in pom files

update to 22.1: * Add visibility of plugin.proto to python directory * Strip "src" from file name of plugin.proto * Add OSGi headers to pom files. * Remove errorprone dependency from kotlin protos. * Version protoc according to the compiler version number.

• update to 22.0:

• This version includes breaking changes to: Cpp. Please refer to the migration guide for information: https://protobuf.dev/support/migration/#compiler-22

• [Cpp] Migrate to Abseil's logging library.
• [Cpp] proto2::Map::value_type changes to std::pair.
• [Cpp] Mark final ZeroCopyInputStream, ZeroCopyOutputStream, and DefaultFieldComparator classes.
• [Cpp] Add a dependency on Abseil (#10416)
• [Cpp] Remove all autotools usage (#10132)
• [Cpp] Add C++20 reserved keywords
• [Cpp] Dropped C++11 Support
• [Cpp] Delete Arena::Init
• [Cpp] Replace JSON parser with new implementation
• [Cpp] Make RepeatedField::GetArena non-const in order to support split RepeatedFields.
• long list of bindings specific fixes see https://github.com/protocolbuffers/protobuf/releases/tag/v22.0

update to v21.12:

• Python:
• Fix broken enum ranges (#11171)
• Stop requiring extension fields to have a sythetic oneof (#11091)
• Python runtime 4.21.10 not works generated code can not load valid proto.

update to 21.11:

• Python:
• Add license file to pypi wheels (#10936)
• Fix round-trip bug (#10158)

update to 21.10::

• Java:
• Use bit-field int values in buildPartial to skip work on unset groups of fields. (#10960)
• Mark nested builder as clean after clear is called (#10984)

update to 21.9: * Ruby: * Replace libc strdup usage with internal impl to restore musl compat (#10818) * Auto capitalize enums name in Ruby (#10454) (#10763) * Other: * Fix for grpc.tools #17995 & protobuf #7474 (handle UTF-8 paths in argumentfile) (#10721) * C++: * 21.x No longer define no_threadlocal on OpenBSD (#10743) * Java: * Mark default instance as immutable first to avoid race during static initialization of default instances (#10771) * Refactoring java full runtime to reuse sub-message builders and prepare to migrate parsing logic from parse constructor to builder. * Move proto wireformat parsing functionality from the private "parsing constructor" to the Builder class. * Change the Lite runtime to prefer merging from the wireformat into mutable messages rather than building up a new immutable object before merging. This way results in fewer allocations and copy operations. * Make message-type extensions merge from wire-format instead of building up instances and merging afterwards. This has much better performance. * Fix TextFormat parser to build up recurring (but supposedly not repeated) sub-messages directly from text rather than building a new sub-message and merging the fully formed message into the existing field.

update to 21.6: C++: * Reduce memory consumption of MessageSet parsing

update to 21.5:

PHP: * Added getContainingOneof and getRealContainingOneof to descriptor. * fix PHP readonly legacy files for nested messages

Python:

• Fixed comparison of maps in Python.

• update to 21.4:

• Reduce the required alignment of ArenaString from 8 to 4

• update to 21.3:

• C++:

  • Add header search paths to Protobuf-C++.podspec (#10024)
  • Fixed Visual Studio constinit errors (#10232)
  • Fix #9947: make the ABI compatible between debug and non-debug builds (#10271)
• UPB:
  • Allow empty package names (fixes behavior regression in 4.21.0)
  • Fix a SEGV bug when comparing a non-materialized sub-message (#10208)
  • Fix several bugs in descriptor mapping containers (eg. descriptor.services_by_name)
  • for x in mapping now yields keys rather than values, to match Python conventions and the behavior of the old library.
  • Lookup operations now correctly reject unhashable types as map keys.
  • We implement repr() to use the same format as dict.
  • Fix maps to use the ScalarMapContainer class when appropriate
  • Fix bug when parsing an unknown value in a proto2 enum extension (protocolbuffers/upb#717)
• PHP:
  • Add "readonly" as a keyword for PHP and add previous classnames to descriptor pool (#10041)
• Python:
  • Make //:protobuf_python and //:well_known_types_py_pb2 public (#10118)
• Bazel:
  • Add back a filegroup for :well_known_protos (#10061)

Update to 21.2: - C++: - cmake: Call get_filename_component() with DIRECTORY mode instead of PATH mode (#9614) - Escape GetObject macro inside protoc-generated code (#9739) - Update CMake configuration to add a dependency on Abseil (#9793) - Fix cmake install targets (#9822) - Use __constinit only in GCC 12.2 and up (#9936) - Java: - Update protobuf_version.bzl to separate protoc and per-language java … (#9900) - Python: - Increment python major version to 4 in version.json for python upb (#9926) - The C extension module for Python has been rewritten to use the upb library. - This is expected to deliver significant performance benefits, especially when parsing large payloads. There are some minor breaking changes, but these should not impact most users. For more information see: https://developers.google.com/protocol-buffers/docs/news/2022-05-06#python-updates - PHP: - [PHP] fix PHP build system (#9571) - Fix building packaged PHP extension (#9727) - fix: reserve "ReadOnly" keyword for PHP 8.1 and add compatibility (#9633) - fix: phpdoc syntax for repeatedfield parameters (#9784) - fix: phpdoc for repeatedfield (#9783) - Change enum string name for reserved words (#9780) - chore: [PHP] fix phpdoc for MapField keys (#9536) - Fixed PHP SEGV by not writing to shared memory for zend_class_entry. (#9996) - Ruby: - Allow pre-compiled binaries for ruby 3.1.0 (#9566) - Implement respond_to? in RubyMessage (#9677) - [Ruby] Fix RepeatedField#last, #first inconsistencies (#9722) - Do not use range based UTF-8 validation in truffleruby (#9769) - Improve range handling logic of RepeatedField (#9799) - Other: - Fix invalid dependency manifest when using descriptor_set_out (#9647) - Remove duplicate java generated code (#9909)

• Update to 3.20.1:

• PHP:

  • Fix building packaged PHP extension (#9727)
  • Fixed composer.json to only advertise compatibility with PHP 7.0+. (#9819)
• Ruby:
  • Disable the aarch64 build on macOS until it can be fixed. (#9816)

• Other:

  • Fix versioning issues in 3.20.0

• Update to 3.20.1:

• Ruby:
  • Dropped Ruby 2.3 and 2.4 support for CI and releases. (#9311)
  • Added Ruby 3.1 support for CI and releases (#9566).
  • Message.decode/encode: Add recursion_limit option (#9218/#9486)
  • Allocate with xrealloc()/xfree() so message allocation is visible to the
  • Ruby GC. In certain tests this leads to much lower memory usage due to more
  • frequent GC runs (#9586).
  • Fix conversion of singleton classes in Ruby (#9342)
  • Suppress warning for intentional circular require (#9556)
  • JSON will now output shorter strings for double and float fields when possible
  • without losing precision.
  • Encoding and decoding of binary format will now work properly on big-endian
  • systems.
  • UTF-8 verification was fixed to properly reject surrogate code points.
  • Unknown enums for proto2 protos now properly implement proto2's behavior of
  • putting such values in unknown fields.
• Java:
  • Revert "Standardize on Array copyOf" (#9400)
  • Resolve more java field accessor name conflicts (#8198)
  • Fix parseFrom to only throw InvalidProtocolBufferException
  • InvalidProtocolBufferException now allows arbitrary wrapped Exception types.
  • Fix bug in FieldSet.Builder.mergeFrom
  • Flush CodedOutputStream also flushes underlying OutputStream
  • When oneof case is the same and the field type is Message, merge the
  • subfield. (previously it was replaced.)’
  • Add @CheckReturnValue to some protobuf types
  • Report original exceptions when parsing JSON
  • Add more info to @deprecated javadoc for set/get/has methods
  • Fix initialization bug in doc comment line numbers
  • Fix comments for message set wire format.
• Kotlin:
  • Add test scope to kotlin-test for protobuf-kotlin-lite (#9518)
  • Add orNull extensions for optional message fields.
  • Add orNull extensions to all proto3 message fields.
• Python:
  • Dropped support for Python < 3.7 (#9480)
  • Protoc is now able to generate python stubs (.pyi) with --pyi_out
  • Pin multibuild scripts to get manylinux1 wheels back (#9216)
  • Fix type annotations of some Duration and Timestamp methods.
  • Repeated field containers are now generic in field types and could be used in type annotations.
  • Protobuf python generated codes are simplified. Descriptors and message classes' definitions are now dynamic created in internal/builder.py.
  • Insertion Points for messages classes are discarded.
  • has_presence is added for FieldDescriptor in python
  • Loosen indexing type requirements to allow valid index() implementations rather than only PyLongObjects.
  • Fix the deepcopy bug caused by not copying message_listener.
  • Added python JSON parse recursion limit (default 100)
  • Path info is added for python JSON parse errors
  • Pure python repeated scalar fields will not able to pickle. Convert to list first.
  • Timestamp.ToDatetime() now accepts an optional tzinfo parameter. If specified, the function returns a timezone-aware datetime in the given time zone. If omitted or None, the function returns a timezone-naive UTC datetime (as previously).
  • Adds client_streaming and server_streaming fields to MethodDescriptor.
  • Add "ensure_ascii" parameter to json_format.MessageToJson. This allows smaller JSON serializations with UTF-8 or other non-ASCII encodings.
  • Added experimental support for directly assigning numpy scalars and array.
  • Improve the calculation of public_dependencies in DescriptorPool.
  • [Breaking Change] Disallow setting fields to numpy singleton arrays or repeated fields to numpy multi-dimensional arrays. Numpy arrays should be indexed or flattened explicitly before assignment.
• Compiler:
  • Migrate IsDefault(const std::string) and UnsafeSetDefault(const std::string)
  • Implement strong qualified tags for TaggedPtr
  • Rework allocations to power-of-two byte sizes.
  • Migrate IsDefault(const std::string) and UnsafeSetDefault(const std::string)
  • Implement strong qualified tags for TaggedPtr
  • Make TaggedPtr Set...() calls explicitly spell out the content type.
  • Check for parsing error before verifying UTF8.
  • Enforce a maximum message nesting limit of 32 in the descriptor builder to
  • guard against stack overflows
  • Fixed bugs in operators for RepeatedPtrIterator
  • Assert a maximum map alignment for allocated values
  • Fix proto1 group extension protodb parsing error
  • Do not log/report the same descriptor symbol multiple times if it contains
  • more than one invalid character.
  • Add UnknownFieldSet::SerializeToString and SerializeToCodedStream.
  • Remove explicit default pointers and deprecated API from protocol compiler
• Arenas:
  • Change Repeated*Field to reuse memory when using arenas.
  • Implements pbarenaz for profiling proto arenas
  • Introduce CreateString() and CreateArenaString() for cleaner semantics
  • Fix unreferenced parameter for MSVC builds
  • Add UnsafeSetAllocated to be used for one-of string fields.
  • Make Arena::AllocateAligned() a public function.
  • Determine if ArenaDtor related code generation is necessary in one place.
  • Implement on demand register ArenaDtor for InlinedStringField
• C++:
  • Enable testing via CTest (#8737)
  • Add option to use external GTest in CMake (#8736)
  • CMake: Set correct sonames for libprotobuf-lite.so and libprotoc.so (#8635) (#9529)
  • Add cmake option protobuf_INSTALL to not install files (#7123)
  • CMake: Allow custom plugin options e.g. to generate mocks (#9105)
  • CMake: Use linker version scripts (#9545)
  • Manually *struct Cord fields to work better with arenas.
  • Manually destruct map fields.
  • Generate narrower code
  • Fix #9378 by removing
  • shadowed cached_size field
  • Remove GetPointer() and explicit nullptr defaults.
  • Add proto_h flag for speeding up large builds
  • Add missing overload for reference wrapped fields.
  • Add MergedDescriptorDatabase::FindAllFileNames()
  • RepeatedField now defines an iterator type instead of using a pointer.
  • Remove obsolete macros GOOGLE_PROTOBUF_HAS_ONEOF and GOOGLE_PROTOBUF_HAS_ARENAS.
• PHP:
  • Fix: add missing reserved classnames (#9458)
  • PHP 8.1 compatibility (#9370)
• C#:
  • Fix trim warnings (#9182)
  • Fixes NullReferenceException when accessing FieldDescriptor.IsPacked (#9430)
  • Add ToProto() method to all descriptor classes (#9426)
  • Add an option to preserve proto names in JsonFormatter (#6307)

• Objective-C:

  • Add prefix_to_proto_package_mappings_path option. (#9498)
  • Rename proto_package_to_prefix_mappings_path to package_to_prefix_mappings_path. (#9552)
  • Add a generation option to control use of forward declarations in headers. (#9568)

• update to 3.19.4: Python:

  • Make libprotobuf symbols local on OSX to fix issue #9395 (#9435) Ruby:
  • Fixed a