chore(deps): update dependency com_google_protobuf to v33 (#577)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[com_google_protobuf](https://redirect.github.com/protocolbuffers/protobuf)
| http_archive | major | `v32.1` -> `v33.0` |

---

### Release Notes

<details>
<summary>protocolbuffers/protobuf (com_google_protobuf)</summary>

###
[`v33.0`](https://redirect.github.com/protocolbuffers/protobuf/releases/tag/v33.0):
Protocol Buffers v33.0

[Compare
Source](https://redirect.github.com/protocolbuffers/protobuf/compare/v32.1...v33.0)

### Announcements

- [Protobuf News](https://protobuf.dev/news/) may include additional
announcements or pre-announcements for upcoming changes.

### Bazel

- Feat: update bazel central registry publish workflow
([#&#8203;23465](https://redirect.github.com/protocolbuffers/protobuf/issues/23465))
([#&#8203;23913](https://redirect.github.com/protocolbuffers/protobuf/issues/23913))
([`d5217fd`](https://redirect.github.com/protocolbuffers/protobuf/commit/d5217fd016809b3436c30a780216ebd34f4bed2d))
- Add target\_compatible\_with parameter to proto\_toolchain in Bazel
rules
([#&#8203;22429](https://redirect.github.com/protocolbuffers/protobuf/issues/22429))
([`30d2332`](https://redirect.github.com/protocolbuffers/protobuf/commit/30d2332ff1b0bcf38563fdaf06434818f67ea87e))
- Bazel: add missing rules\_cc loads
([#&#8203;23584](https://redirect.github.com/protocolbuffers/protobuf/issues/23584))
([`d98e2ef`](https://redirect.github.com/protocolbuffers/protobuf/commit/d98e2ef2d550b735455ab96d804700d57bd60091))

### Compiler

- Disable symbol visibility enforcement by default in C++ runtime
([`ae308fc`](https://redirect.github.com/protocolbuffers/protobuf/commit/ae308fc2807404df156c4dfaca6c62f2a2512993))
- Ship all option dependencies to plugins along with regular ones.
([`abeb130`](https://redirect.github.com/protocolbuffers/protobuf/commit/abeb1306914e940bfba257aabce7d111d6a962d0))

### C++

- Avoid calling deprecated arena-enabled constructors in arena.h.
([`813a7ef`](https://redirect.github.com/protocolbuffers/protobuf/commit/813a7ef2efbef6bebf99bb3361b631291dfcec9e))
- Add a macro to make `RepeatedField(Arena*)` constructor private in a
future release.
([`768db14`](https://redirect.github.com/protocolbuffers/protobuf/commit/768db14503597c09a1cd5bf9e4a4c8eb2f165cb7))
- Add a macro to make `Map(Arena*)` constructor private in a future
release.
([`543a17f`](https://redirect.github.com/protocolbuffers/protobuf/commit/543a17f6553add4fb4df00f865e7abc2218f5fbb))
- Optimize ReadPackedVarint
([`3d94d83`](https://redirect.github.com/protocolbuffers/protobuf/commit/3d94d839b9117ad67eb57c949b37f824c91ac451))
- Add a macro to make `RepeatedPtrField(Arena*)` constructor private in
a future release
([`6422b9d`](https://redirect.github.com/protocolbuffers/protobuf/commit/6422b9d30b64ac8a0506fe3d808910bcd3d20eb0))
- Add IsEmpty() function to reflection.
([`b64e490`](https://redirect.github.com/protocolbuffers/protobuf/commit/b64e490cf28041251616604047f64460b8a95eae))
- Refactor `RuntimeAssertInBounds` to remove repeated logic and make
`Get`/`Mutable` easier to read.
([`2f270c4`](https://redirect.github.com/protocolbuffers/protobuf/commit/2f270c49a2886945fc405dbdaa5fe9467d3d31fa))
- Disable symbol visibility enforcement by default in C++ runtime
([`ae308fc`](https://redirect.github.com/protocolbuffers/protobuf/commit/ae308fc2807404df156c4dfaca6c62f2a2512993))
- Fix a bug in the main C++ JSON parser/serializer camelcasing of
certain non-style-compliant names incorrectly, in a way that would
prevent it from interoperating with any other implementation on those
fields.
([`e25e267`](https://redirect.github.com/protocolbuffers/protobuf/commit/e25e267dea8762e077b4ee76eb247c3e272bb64c))
- Fail early for messages with more than 65k fields.
([`90824aa`](https://redirect.github.com/protocolbuffers/protobuf/commit/90824aaa69000452bff5ad8db3240215a3b9a595))
- Add option to C++ JSON Parser/Serializer to allow customers to
affirmatively disable legacy bug-compatibilty behaviors.
([`6ea1640`](https://redirect.github.com/protocolbuffers/protobuf/commit/6ea16402c609dda5a763dc2a32f22687f4206af7))
- Fix mishandling on JSON serialization of Timestamp with invalid
negative and too-large nanos value.
([`a959f27`](https://redirect.github.com/protocolbuffers/protobuf/commit/a959f27711cf5d148ad6c4053c0b6f14a374ffdc))
- Preserve features in type resolver
([`c7030f4`](https://redirect.github.com/protocolbuffers/protobuf/commit/c7030f4f24a9d58f9da8ab772c6b41d8e8df865e))
- Add a DCHECK that ArenaStringPtr::Set(char\*, Arena\*) is not called
with
([`95b1763`](https://redirect.github.com/protocolbuffers/protobuf/commit/95b1763938b8e9719b26cea65c4d0e6557b831a9))

### Java

#### Restored compatibility of runtime with gencode created with protoc
<3.21

With this release, compatibility of the runtime with older gencode down
to 3.0.0 is restored, compared to the previous support minimum of
gencode created with 3.22+. Note that it is still strongly recommended
to regenerate your gencode with a newer protoc and to avoid using
gencode which was created with an old protoc.

Generated code from this range is covered by CVE-2022-3171 and is
potentially vulnerable to a Denial of Service risk.

JavaProto 4.x previously dropped compatibility with the potentially
vulnerable generated code, having the behavior of:

- The vulnerable generated code was source-incompatible with new runtime
(would not compile when built from source)
- The vulnerable generated code was ABI-incompatible with new runtime
(when using a .class file compiled against old runtime, a
NoSuchMethodException would be thrown at parse time).

Starting with this release:

- The vulnerable generated code is now source-compatible (will compile).
- The first time each potentially vulnerable type is parsed, an error
message will be logged noting that potentially vulnerable generated code
is in use and the name of the corresponding type.
- Environment variables may be set to either throw an exception instead
(`-Dcom.google.protobuf.error_on_unsafe_pre22_gencode`) or to entirely
silence the logged messages
(`-Dcom.google.protobuf.use_unsafe_pre22_gencode`)

This change was made based on community feedback regarding the
difficulty in identifying and quickly remediating stale gencode in their
transitive dependencies weighed against a careful evaluation of the
realistic risk exposure of DoS (with no risk of other concerns including
information leak or RCE).

We strongly recommend that any users who observe the log messages to
regenerate the corresponding code with a newer protoc. We recommend that
any security-conscious services opt into the
`error_on_unsafe_pre22_gencode` behavior to preclude any risk of a
Denial of Service surface area being exposed.

A future 4.x release may flip the default behavior to error by default
as a measure to further help the ecosystem avoid the Denial of Service
risks, while still maintaining the ability to opt into continuing to use
insecure gencode for users who are parsing trusted inputs and where the
difficulty of regenerating is high.

#### Changes

- Switch the pre22 warning to use CopyOnWriteArraySet.
([#&#8203;23969](https://redirect.github.com/protocolbuffers/protobuf/issues/23969))
([`e55224c`](https://redirect.github.com/protocolbuffers/protobuf/commit/e55224c5bc838f8a920f0d7288cef77cc1deed75))
- Expose helpers for checking if messages and enums are nested.
([`8de4002`](https://redirect.github.com/protocolbuffers/protobuf/commit/8de4002fb24edaf50a398f43f5f050e65be6ec6b))
- Fix a bug calculating the file name in the absense of directories.
([`c4ff7a6`](https://redirect.github.com/protocolbuffers/protobuf/commit/c4ff7a68fa7f4120f7d1df1530e8344b1ac69f89))
- Clarify the public APIs of GeneratorNames helpers.
([`537ac35`](https://redirect.github.com/protocolbuffers/protobuf/commit/537ac3582ab1ed27f294a757cbb0ce19bbc9d674))
- Expose helpers to predict generated class names in java.
([`eba6df2`](https://redirect.github.com/protocolbuffers/protobuf/commit/eba6df2f4d6140ccf09cdae5e8298076244239e5))
- Deprecate ClassName methods in favor of new QualifiedClassName ones.
([`ca4fb2f`](https://redirect.github.com/protocolbuffers/protobuf/commit/ca4fb2fdab93e15a81602aa0c837c675d32a692e))
- Restore the 3-argument internalBuildGeneratedFileFrom.
([`4376591`](https://redirect.github.com/protocolbuffers/protobuf/commit/4376591311aa17e7a1182a77a26f631327a1c70f))
- Fix large java enums not being honored on lite runtime.
([`a995803`](https://redirect.github.com/protocolbuffers/protobuf/commit/a995803cb54ed7bd42748b0edefb00213eeb34d4))
- Slightly relax Java Poison Pill on prerelease versions (-rc1, -dev,
etc).
([`7b0bee3`](https://redirect.github.com/protocolbuffers/protobuf/commit/7b0bee3fb50792639fc2bb89fa25afa83316e6b1))
- Avoid boxing/unboxing `varint`, `fixed32`, and `fixed64` fields in
`UnknownFieldSet.Field`
([`810272f`](https://redirect.github.com/protocolbuffers/protobuf/commit/810272f3c44bce4133cb4b22a38f52d36425c557))
- Readd new\*List() methods on GeneratedMessageV3.
([`badaf41`](https://redirect.github.com/protocolbuffers/protobuf/commit/badaf41ecf584ee4ceaec8d44d136cd229442c2c))
- Add Values.of(Map\<String, Value> values).
([`c518f25`](https://redirect.github.com/protocolbuffers/protobuf/commit/c518f2564ea5e7950f75a032a471f3689e297d36))
- Fix handling of optional dependencies in java generator.
([`8d51e34`](https://redirect.github.com/protocolbuffers/protobuf/commit/8d51e346ac6801387475fb63dd9d420e620c8c75))
- Restore ABI compatibility for extension methods which was previously
(knowingly) broken with 4.x:
[`94a2a44`](https://redirect.github.com/protocolbuffers/protobuf/commit/94a2a448518403341b8aa71335ab1123fbdcccd8)
([`ea33ae8`](https://redirect.github.com/protocolbuffers/protobuf/commit/ea33ae86154a56eb7fb66566d0927ccd0c99b1f2))
- Restore Protobuf Java extension modifiers in gencode that were
previously removed in
[`7bff169`](https://redirect.github.com/protocolbuffers/protobuf/commit/7bff169d32710b143951ec6ce2c4ea9a56e2ad24)
([`f2257f5`](https://redirect.github.com/protocolbuffers/protobuf/commit/f2257f5f52f85e37c8f7fb1ab71e42a487af9eee))
- Ship all option dependencies to plugins along with regular ones.
([`abeb130`](https://redirect.github.com/protocolbuffers/protobuf/commit/abeb1306914e940bfba257aabce7d111d6a962d0))
- Optimize redaction state calculation
([`e05db5c`](https://redirect.github.com/protocolbuffers/protobuf/commit/e05db5cfe90c82b06ccc503791d679639fb1a852))
- Add `isPlaceholder()` accessors to file, message, and enum descriptors
([`f978ec2`](https://redirect.github.com/protocolbuffers/protobuf/commit/f978ec2040cdcd7ba96fd183f4938cf56c167b08))
- Improve Java gencode static initialization to avoid unnecessary
temporaries again
([`745e15b`](https://redirect.github.com/protocolbuffers/protobuf/commit/745e15b5840ce2ae9ffebecad00310d6999d3ac7))
- Improve Java gencode static initialization to avoid unnecessary
temporaries
([`b68b673`](https://redirect.github.com/protocolbuffers/protobuf/commit/b68b6731776bc65d47d874c78322e58b985b4f1d))
- Remove protobuf-util usages of guava except annotations.
([`5768acd`](https://redirect.github.com/protocolbuffers/protobuf/commit/5768acddf2399ad1865b2f7f8833a356ffaa1848))
- Restore compatibility of runtime with pre-3.22.x gencode impacted by
CVE-2022-3171
([`7c51e5b`](https://redirect.github.com/protocolbuffers/protobuf/commit/7c51e5b582f098987b6fda8d590c95e9b5d53fd7))
- Expose an iterator for `GeneratedMessage.ExtendableMessage.extensions`
([`b25d39e`](https://redirect.github.com/protocolbuffers/protobuf/commit/b25d39eee2b2a3425f0f108a4cb9f76315b5e54b))

### Rust

- Change Rust prelude to bring in traits as `_`
([`c3f7e8d`](https://redirect.github.com/protocolbuffers/protobuf/commit/c3f7e8ded5ee18b11b53efcfbdc8266492fc1dd9))
- Make message Muts `Send`
([`8bff944`](https://redirect.github.com/protocolbuffers/protobuf/commit/8bff944735fb21873675af19bf74ae084109e2a7))
- *See also UPB changes below, which may affect Rust.*

### Python

- Publish s390x wheels for Python/upb.
([`56b2b89`](https://redirect.github.com/protocolbuffers/protobuf/commit/56b2b89e37ff2adef2d7718e7365857ab0a0235f))
- Fix a crash that happens during shutdown due to looking up modules in
the cache
([`d57d270`](https://redirect.github.com/protocolbuffers/protobuf/commit/d57d2708b371bda5e7212b0eca63091fa2d7ab42))
- Add construction support for repeated
Timestamp/Duration/Struct/ListValue.
([`5f6c013`](https://redirect.github.com/protocolbuffers/protobuf/commit/5f6c0139a744965f6061e52820285c6d23cf7092))
- Fix handling of repeated extension fields in PyProto JSON
([`07ef676`](https://redirect.github.com/protocolbuffers/protobuf/commit/07ef6769c670ab05f9b60531ba463be8bfaf117a))
- Fixed a parser bug where closed enums are parsed incorrectly for
non-repeated extensions.
([`c36f728`](https://redirect.github.com/protocolbuffers/protobuf/commit/c36f728a3e4352d887f82d53dda330972b27dbf7))
- Fixed mypy errors by setting `__slots__` to empty in `.pyi` files.
([`38ca2d3`](https://redirect.github.com/protocolbuffers/protobuf/commit/38ca2d35d30df8ad3be22179a5cfe29223945d8a))
- Raise warnings for float\_precision from python json\_format.
([`4659cd7`](https://redirect.github.com/protocolbuffers/protobuf/commit/4659cd700643b5544416cfaa4f925f939b8a967f))
- Raise warnings when assign bool to int/enum field in Python Proto.
This will turn into error in 34.0 release.
([`4ee55d7`](https://redirect.github.com/protocolbuffers/protobuf/commit/4ee55d7e31a939a824fdd91188204e73e729c344))

### PHP

- Fix(php): php errors on repeated field
([#&#8203;23372](https://redirect.github.com/protocolbuffers/protobuf/issues/23372))
([`6fee29b`](https://redirect.github.com/protocolbuffers/protobuf/commit/6fee29b26704b3838bced6bfadd4c3cc0efd2574))

### UPB (Python/PHP/Ruby C-Extension)

- Fixed a parser bug where closed enums are parsed incorrectly for
non-repeated extensions.
([`c36f728`](https://redirect.github.com/protocolbuffers/protobuf/commit/c36f728a3e4352d887f82d53dda330972b27dbf7))

### Other

- Update token for BCR release to reuse existing BOT\_ACCESS\_TOKEN used
for staleness\_refresh.yml and update\_php\_repo.yml
([#&#8203;23925](https://redirect.github.com/protocolbuffers/protobuf/issues/23925))
([`dcace2f`](https://redirect.github.com/protocolbuffers/protobuf/commit/dcace2fea6221d509a01eb6748ef6c824258714c))
- Use the 'better' JSON parser on the conformance suite harness.
([`4b4e405`](https://redirect.github.com/protocolbuffers/protobuf/commit/4b4e405491be99630e3c69b78834d33b83dfc5fa))
- Add JSON conformance test that a single value provided for a repeated
field should parse fail.
([`9806994`](https://redirect.github.com/protocolbuffers/protobuf/commit/98069945e4416c9d089e8c4047920b077426be8b))
- Add conformance test cases for malformed nanos fields on Durations and
Timestamps.
([`a6bdd0a`](https://redirect.github.com/protocolbuffers/protobuf/commit/a6bdd0a7b23d5d6e141f3592c13062e3785fc2fa))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/bazel-contrib/toolchains_llvm).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xNTYuMSIsInVwZGF0ZWRJblZlciI6IjQxLjE1Ni4xIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbXX0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

Author: renovate[bot]

tests/WORKSPACE

@@ -300,9 +300,9 @@ http_archive(
 
 http_archive(
     name = "com_google_protobuf",
-    sha256 = "2d25be4d5bf3bf28a97de553ae76c49f2a6fa3c21b04d3ccd5b3e0abc9262d00",
-    strip_prefix = "protobuf-32.1",
-    urls = ["https://github.com/protocolbuffers/protobuf/releases/download/v32.1/protobuf-32.1.zip"],
+    sha256 = "aaddf29b205ed915100a5fd096e8252842b67da9accfb7ba91ec3680ea307e45",
+    strip_prefix = "protobuf-33.0",
+    urls = ["https://github.com/protocolbuffers/protobuf/releases/download/v33.0/protobuf-33.0.zip"],
 )
 
 load("@com_google_protobuf//:protobuf_deps.bzl", "protobuf_deps")