Bump io.grpc:grpc-bom from 1.56.0 to 1.57.1 in /java

[dependabot]

Bumps io.grpc:grpc-bom from 1.56.0 to 1.57.1.

Release notes

Sourced from io.grpc:grpc-bom's releases.

v1.57.1

Bug fixes

• Fix compatibility with Java 8. This fixes the NoSuchMethodError for ByteBuffer methods present in 1.57.0 (#10441)
• xds: Remove debug assert in WeightedRoundRobinLoadBalancer. The assert was to detect breakages in the static stride algorithm causing too much looping. However, with multithreading it is possible to trigger even in legitimate scenarios (#10437)

v1.57.0

gRPC Java 1.57.0 Release Notes

This release accidentally broke Java 8: NoSuchMethodError for some ByteBuffer methods. The issue is tracked in grpc/grpc-java#10432

API Changes

• Use fully qualified java.lang.String in all cases in generated code. This fixes compilation if a protobuf message is named “String”.
• Stabilize two io.grpc.Status methods (asRuntimeException & trailersFromThrowable)
• Stabilize io.grpc.ManagedChannelBuilder.useTransportSecurity (#10244)
• Stabilize io.grpc.util.MutableHandlerRegistry (#10348)

Behavior Changes

• xds: Handle loops and duplicates in xds Aggregate clusters
• core: Change delay for hedging retry after a non-fatal error to be 0 to match the gRFC (A6).
• api: CheckedForwardingClientCall now passes trailers from the caught exception
• xds: require EDS service name in CDS resources with an xdstp name
• xds: Use Rule order instead of RuleChain
• Wrap other name resolver types in a RetryingNameResolver . Previously, if authority was not overridden, then some name resolvers (such as grpclb) had no retry.
• xds: Environment variable "GRPC_XDS_EXPERIMENTAL_SECURITY_SUPPORT" is no longer respected, so xDS security cannot be disabled any more (#10243)
• context, api: Package io.grpc is now consolidated into a single artifact grpc-api by moving classes from grpc-context to grpc-api. grpc-context now has a dependency on grpc-api (but excludes other dependencies of grpc-api) so any application previously using only grpc-context will now also bring in grpc-api. This fixes #3522 which was the major issue preventing support of Java modules. We are not done fixing support, as some artifacts need to be split and Automatic-Module-Name needs to be added. The next release is likely to be more stable for modules.

New Features

• binder: Add UserHandle and BinderChannelCredentials to support cross-user communication (#10197)
• xds,orca: LRS named metrics support

Improvements

• core: Resolve isAndroid only once on class loading. This can improve channel creation performance on Android.
• xds: Pick a subchannel with new static stride scheduler in WeightedRoundRobinLoadBalancer

Bug Fixes

• xds: Fix the server sending a GOAWAY when an LDS update with no changes other than ordering is received.
• netty: Fix NPE when a header with errors is received with endStream=true. This was causing logs to be filled with errors when health checkers didn’t specify a content type.
• okhttp: Fix the Socket data race when shutdown/closed during connecting that was causing a significant delay

Dependencies

• Upgraded Netty to 4.1.93-Final
• Update guava dependency to 32.0.1 to address CVE-2023-2976

... (truncated)

Commits

• 7292ed8 Bump version to 1.57.1
• adfa669 Update README etc to reference 1.57.1
• 3e69c26 Avoid accidental Java 9+ dependency with --release
• 38e0a0f (backport v1.57) removed assert statement for static stride scheduler with mu...
• 503883b Bump version to 1.57.1-SNAPSHOT
• cde208a Bump version to 1.57.0
• 61ad5f4 Update README etc to reference 1.57.0
• 4d75056 Revert "Release v1.57.0 (#10417)" (#10419)
• d23e39e Release v1.57.0 (#10417)
• 22de216 Handle header with errors and endStream = true (#10384) (#10414)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot will merge this PR once it's up-to-date and CI passes on it, as requested by @elliotmjackson.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[elliotmjackson]

@dependabot merge

[dependabot]

Dependabot was not able to determine that CI was successful.

Please try again once CI has succeeded.

[dependabot]

Dependabot was not able to determine that CI was successful.

Please try again once CI has succeeded.

[dependabot]

Dependabot was not able to determine that CI was successful.

Please try again once CI has succeeded.

[dependabot]

Dependabot was not able to determine that CI was successful.

Please try again once CI has succeeded.

[dependabot]

Superseded by #943.