fix(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence	Type	Update
@grpc/grpc-js (source)	^1.11.1 -> ^1.12.0					dependencies	minor
Google.Protobuf	3.28.0 -> 3.28.2					nuget	patch
Grpc.Net.Common	2.65.0 -> 2.66.0					nuget	minor
actions/setup-node	v4.0.3 -> v4.0.4					action	patch
buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go	v1.34.2-20240717164558-a6c49f84cc0f.2 -> v1.34.2-20240920164238-5a7b106cbb87.2					require	patch
bufbuild/buf-setup-action	v1.39.0 -> v1.44.0					action	minor
bytes	1.7.1 -> 1.7.2					dependencies	patch
futures-core (source)	0.3.30 -> 0.3.31					dependencies	patch
google.golang.org/grpc	v1.66.0 -> v1.67.1					require	minor
prost	0.13.2 -> 0.13.3					dependencies	patch
serde (source)	1.0.209 -> 1.0.210					dependencies	patch
tonic	0.12.2 -> 0.12.3					dependencies	patch

---

Release Notes

grpc/grpc-node (@​grpc/grpc-js)

v1.12.0: @​grpc/grpc-js 1.12.0

Compare Source

Changelog

• Provide the method_name for the CallCredentials callback generateMetadata (#​2814 contributed by @​becoded)
• Add an optional rejectUnauthorized field to the VerifyOptions interface, which can be passed as an argument to credentials.createSsl and createFromSecureContext (#​2812 contributed by @​vinothsa4891)

Experimental API changes

Added:

• CaCertificateUpdate
• CaCertificateUpdateListener
• IdentityCertificateUpdate
• IdentityCertificateUpdateListener
• CertificateProvider
• FileWatcherCertificateProvider
• FileWatcherCertificateProviderConfig
• createCertificateProviderChannelCredentials
• createCertificateProviderServerCredentials

Modified:

• LoadBalancer: The constructor now takes an additional argument of type ChannelCredentials.
• ChannelControlHelper#createSubchannel: Now takes an additional argument of type ChannelCredentials | null. This should be passed along if overriding this function.
• LeafLoadBalancer: The constructor now takes an additional argument of type ChannelCredentials.

v1.11.3: @​grpc/grpc-js 1.11.3

Compare Source

• Ensure the client queries the name resolver again after connections drop while using the round_robin load balancing policy (#​2825)

v1.11.2: @​grpc/grpc-js 1.11.2

Compare Source

• Fix client crash on receiving a custom error code (#​2801 contributed by @​hastom)
• Report connection errors more consistently (#​2808)
• Avoid computing the channel constructor trace log when that tracer is not enabled (#​2817 contributed by @​ygalbel)

protocolbuffers/protobuf (Google.Protobuf)

v3.28.2

v3.28.1

grpc/grpc-dotnet (Grpc.Net.Common)

v2.66.0

What's Changed

• Bump version on master to 2.66.0-dev by @​stanley-cheung in https://github.com/grpc/grpc-dotnet/pull/2491
• Fix failure to create GrpcChannel under Wine compatibility layer (including Steam Proton and Apple Game Porting Toolkit) by @​mayuki in https://github.com/grpc/grpc-dotnet/pull/2496
• Update .NET 9 SDK and resolve warnings by @​sebastienros in https://github.com/grpc/grpc-dotnet/pull/2502
• Bump braces from 3.0.2 to 3.0.3 in /testassets/InteropTestsGrpcWebWebsite/Tests by @​dependabot in https://github.com/grpc/grpc-dotnet/pull/2504
• Bump axios from 1.6.2 to 1.7.4 in /testassets/InteropTestsGrpcWebWebsite/Tests by @​dependabot in https://github.com/grpc/grpc-dotnet/pull/2505
• Update puppeteer by @​JamesNK in https://github.com/grpc/grpc-dotnet/pull/2507
• Remove internal_ci flag from interop test script by @​JamesNK in https://github.com/grpc/grpc-dotnet/pull/2509
• Fix Google auth interop test by @​JamesNK in https://github.com/grpc/grpc-dotnet/pull/2512
• [testing] improve sanity check in jwt_token_creds interop test by @​apolcyn in https://github.com/grpc/grpc-dotnet/pull/2513
• Add HTTP version configuration to GrpcChannelOptions by @​JamesNK in https://github.com/grpc/grpc-dotnet/pull/2514
• Bump grpc.tools version to 2.66 by @​apolcyn in https://github.com/grpc/grpc-dotnet/pull/2523
• Bump webpack from 5.76.0 to 5.94.0 in /examples/Browser/Server/wwwroot by @​dependabot in https://github.com/grpc/grpc-dotnet/pull/2522
• Bump elliptic from 6.5.4 to 6.5.7 in /examples/Spar/Server/ClientApp by @​dependabot in https://github.com/grpc/grpc-dotnet/pull/2525
• Bump micromatch from 4.0.7 to 4.0.8 in /testassets/InteropTestsGrpcWebWebsite/Tests by @​dependabot in https://github.com/grpc/grpc-dotnet/pull/2524
• Bump v2.66.x branch to 2.66.0.pre1 by @​apolcyn in https://github.com/grpc/grpc-dotnet/pull/2526
• Bump v2.66.x to v2.66.0 by @​apolcyn in https://github.com/grpc/grpc-dotnet/pull/2539

Full Changelog: grpc/grpc-dotnet@v2.65.0...v2.66.0

actions/setup-node (actions/setup-node)

v4.0.4

Compare Source

bufbuild/buf-setup-action (bufbuild/buf-setup-action)

v1.44.0

Compare Source

Release v1.44.0

v1.43.0

Compare Source

Release v1.43.0

v1.42.0

Compare Source

Release v1.42.0

v1.41.0

Compare Source

Release v1.41.0

v1.40.1

Compare Source

Release v1.40.1

v1.40.0

Compare Source

Release v1.40.0

tokio-rs/bytes (bytes)

v1.7.2

Compare Source

Fixed

• Fix default impl of Buf::{get_int, get_int_le} (#​732)

Documented

• Fix double spaces in comments and doc comments (#​731)

Internal changes

• Ensure BytesMut::advance reduces capacity (#​728)

rust-lang/futures-rs (futures-core)

v0.3.31

Compare Source

• Fix use after free of task in FuturesUnordered when dropped future panics (#​2886)
• Fix soundness bug in task::waker_ref (#​2830)
  This is a breaking change but allowed because it is soundness bug fix.
• Fix bugs in AsyncBufRead::read_line and AsyncBufReadExt::lines (#​2884)
• Fix parsing issue in select!/select_biased! (#​2832)
  This is technically a breaking change as it will now reject a very odd undocumented syntax that was previously accidentally accepted.
• Work around issue due to upstream Waker::will_wake change (#​2865)
• Add stream::Iter::{get_ref,get_mut,into_inner} (#​2875)
• Add future::AlwaysReady (#​2825)
• Relax trait bound on non-constructor methods of io::{BufReader,BufWriter} (#​2848)

grpc/grpc-go (google.golang.org/grpc)

v1.67.1: Release 1.67.1

Compare Source

Bug Fixes

• transport: Fix a bug causing stream failures due to miscalculation of the flow control window in both clients and servers. (#​7667)
• xds/server: Fix xDS Server memory leak. (#​7681)

v1.67.0: Release 1.67.0

Compare Source

Bug Fixes

• ringhash: when used with multiple EDS priorities, fix bug that could prevent a higher priority from recovering from transient failure. (#​7364)
  • Special Thanks: @​atollena

Behavior Changes

• In accordance with RFC 7540, clients and servers will now reject TLS connections that don't support ALPN. This can be disabled by setting the environment variable GRPC_ENFORCE_ALPN_ENABLED to false (case insensitive). Please file a bug if you encounter any issues with this behavior. The environment variable to revert this behavior will be removed in an upcoming release. (#​7535)

v1.66.3: Release 1.66.3

Compare Source

Bug Fixes

• transport: Fix a bug causing stream failures due to miscalculation of the flow control window in both clients and servers. (#​7667)
• xds/server: Fix xDS Server memory leak. (#​7681)

v1.66.2: Release 1.66.2

Compare Source

Dependencies

• Remove unintentional dependency on the testing package (#​7579)
• Remove unintentional dependency on the flate package (#​7595)
  • Special Thanks: @​ash2k

Bug Fixes

• client: fix a bug that prevented memory reuse after handling unary RPCs (#​7571)
  • Special Thanks: @​coxley

v1.66.1

Compare Source

tokio-rs/prost (prost)

v0.13.3

Compare Source

PROST! is a Protocol Buffers implementation for the Rust Language. prost generates simple, idiomatic Rust code from proto2 and proto3 files.

Features

• (prost-types) Add normalized functions (#​1158)

Bug Fixes

• (prost-build) Remove derived(Copy) on boxed fields (#​1157)

Documentation

• (prost-types) Add description of using Any (#​1141)
• (prost-build) Use cargo add in example (#​1149)

Styling

• Use Path::display() when printing a path (#​1150)
• MessageGraph::new() can't actually fail (#​1151)
• (generated-code) Use Self in as_str_name (#​1154)

Testing

• Actually test skip_debug for prost::Oneof (#​1148)
• (prost-build) Validate error texts (#​1152)
• (prost-build) Fix error texts (#​1156)

Build

• Increase MSRV to 1.71.1 (#​1135)
• (deps) Update pulldown-cmark to 0.12 and pulldown-cmark-to-cmark to 16 (#​1144)
• (protobuf) Compile and install protoc on Windows (#​1145)
• (protobuf) Use same protoc from same repo as .proto-files (#​1136)
• (deps) Update pulldown-cmark-to-cmark from 16 to 17 (#​1155)
• Unify assert on fixtures (#​1142)

serde-rs/serde (serde)

v1.0.210

Compare Source

• Support serializing and deserializing IpAddr and SocketAddr in no-std mode on Rust 1.77+ (#​2816, thanks @​MathiasKoch)
• Make serde::ser::StdError and serde::de::StdError equivalent to core::error::Error on Rust 1.81+ (#​2818)

---

Configuration

📅 Schedule: Branch creation - "before 4am on the first day of the month" in timezone Asia/Singapore, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum

Command failed: go get -d -t ./...
go: -d flag is deprecated. -d=true is a no-op
go: downloading google.golang.org/protobuf v1.34.2
go: downloading google.golang.org/grpc v1.67.1
go: downloading buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.34.2-20240920164238-5a7b106cbb87.2
go: downloading github.com/go-kratos/kratos/v2 v2.8.0
go: downloading google.golang.org/genproto/googleapis/rpc v0.0.0-20240814211410-ddb44dafa142
go: downloading golang.org/x/net v0.28.0
go: downloading golang.org/x/sys v0.24.0
go: downloading golang.org/x/text v0.17.0
go: github.com/tuihub/protos/pkg/buf/validate imports
	buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go/buf/validate/priv: cannot find module providing package buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go/buf/validate/priv

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.