Skip to content

chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3#1309

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/google.golang.org/grpc-1.79.3
Open

chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3#1309
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/go_modules/google.golang.org/grpc-1.79.3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 19, 2026
edited
Loading

Bumps google.golang.org/grpc from 1.79.1 to 1.79.3.

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.79.3

Security

  • server: fix an authorization bypass where malformed :path headers (missing the leading slash) could bypass path-based restricted "deny" rules in interceptors like grpc/authz. Any request with a non-canonical path is now immediately rejected with an Unimplemented error. (#8981)

Release 1.79.2

Bug Fixes

  • stats: Prevent redundant error logging in health/ORCA producers by skipping stats/tracing processing when no stats handler is configured. (grpc/grpc-go#8874)
Commits

@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Mar 19, 2026
@dependabot dependabot bot requested a review from a team as a code owner March 19, 2026 02:19
@dependabot dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Mar 19, 2026
@dependabot dependabot bot force-pushed the dependabot/go_modules/google.golang.org/grpc-1.79.3 branch 6 times, most recently from 773ee54 to 1420ab8 Compare March 25, 2026 11:32
@dependabot dependabot bot force-pushed the dependabot/go_modules/google.golang.org/grpc-1.79.3 branch from 1420ab8 to fd410e6 Compare March 27, 2026 16:48
@dependabot
chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3
f5a850a 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.79.1 to 1.79.3.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.79.1...v1.79.3)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-version: 1.79.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/google.golang.org/grpc-1.79.3 branch from fd410e6 to f5a850a Compare March 27, 2026 17:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants