Skip to content

chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3#154

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/google.golang.org/grpc-1.79.3
Open

chore(deps): bump google.golang.org/grpc from 1.79.1 to 1.79.3#154
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/google.golang.org/grpc-1.79.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 19, 2026

Copy link
Copy Markdown
Contributor

Bumps google.golang.org/grpc from 1.79.1 to 1.79.3.

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.79.3

Security

  • server: fix an authorization bypass where malformed :path headers (missing the leading slash) could bypass path-based restricted "deny" rules in interceptors like grpc/authz. Any request with a non-canonical path is now immediately rejected with an Unimplemented error. (#8981)

Release 1.79.2

Bug Fixes

  • stats: Prevent redundant error logging in health/ORCA producers by skipping stats/tracing processing when no stats handler is configured. (grpc/grpc-go#8874)
Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Mar 19, 2026
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.79.1 to 1.79.3.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](grpc/grpc-go@v1.79.1...v1.79.3)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-version: 1.79.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/google.golang.org/grpc-1.79.3 branch from eb74817 to 257c2e5 Compare April 14, 2026 00:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants