chore(deps): bump io.grpc:grpc-protobuf from 1.64.0 to 1.65.0

[dependabot]

Bumps io.grpc:grpc-protobuf from 1.64.0 to 1.65.0.

Release notes

Sourced from io.grpc:grpc-protobuf's releases.

v1.65.0

grpc-netty in this release is compatible with Netty 4.1.111; it fixes the incompatibility that caused data corruption. grpc-netty-shaded is still using Netty 4.1.100.

New Features

• New module grpc-gcp-csm-observability (df8cfe9dd)

Improvements

• api: Add ClientStreamTracer.inboundHeaders(Metadata) (960012d76). This is the same as the existing inboundHeaders(), but is provided the Metadata
• api: Fix various typos in the documentation (#11144) (6ec744f2a)
• core: When queuing RPCs, don’t request picks from the LB twice (8844cf7b8). This could be viewed as a small performance optimization, but mainly reduces the amount of race-handling code
• util: Improve AdvancedTlsX509KeyManager’s documentation, verification, and testing. (#11139) (781b4c457) This change shows @ExperimentalApi being removed, but it was re-added in 3c97245 before the release
• examples: Fix broken command in reflection readme (#11131) (c31dbf48a)
• binder: Add a connection timeout (#11255) (791f894e2)

Bug fixes

• core: Exit idle mode when delayed transport is in use (fea577c80). This was a long-standing race that could cause RPCs to hang, but was very unlikely to be hit. Avoiding the double-picking (8844cf7b8) made the race more visible
• netty: Fix Netty composite buffer merging to be compatible with Netty 4.1.111 (#11294) (0fea7dd). The previous behavior easily caused data corruption
• okhttp: Workaround SSLSocket not noticing socket is closed (a28357e19). Previously, shutting down when a new connection was being established could result in the server never becoming terminated
• inprocess: Fix listener race if transport is shutdown while starting (e4e7f3a06). This issue was unlikely to be hit outside of specialized tests
• services: restore //services:binarylog bazel target (#11292) (d57f271). This fixes a regression introduced in 1.62.2
• binder: Wait for all server transports to terminate before returning the security policy executor to the object pool (#11240) (34ee600dc)
• binder: Reject further SETUP_TRANSPORT requests post-BinderServer shutdown (#11260) (1670e97f7)
• bazel: Include missing com_google_protobuf_javalite in MODULE.bazel (#11147) (f995c121e)

Thanks to

@​hakusai22 @​firov @​mateusazis @​Mir3605 @​niloc132

v1.64.1

What's Changed

• netty:Fix Netty composite buffer merging to be compatible with Netty 4.1.111 (1.64.x backport) by @​larry-safran in grpc/grpc-java#11303

Commits

• 6296726 Bump version to 1.65.0
• 4d25c34 Update README etc to reference 1.65.0
• fb761a1 services: restore //services:binarylog bazel target (#11292)
• 3c97245 util: Add ExperimentalApi to AdvancedTlsX509KeyManager
• c11b560 Remove unused imports from CSM Observability example (#11307) (#11310)
• 4824eaf all:Add GCP CSM Observability (#11305) (#11308)
• d6ce8c5 examples: Add gRPC OpenTelemetry example (v1.65.x backport) (#11309)
• b9927b0 netty:Fix Netty composite buffer merging to be compatible with Netty 4.1.111 ...
• 71eca4e opentelemetry: Add explicit histogram buckets for per-call metrics (#11281) (...
• f54cdf0 examples: Add GCP CSM Observability example (v1.65.x backport) (#11286)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud