chore(deps): update module google.golang.org/protobuf to v1.33.0

[mend-for-github-com]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
google.golang.org/protobuf	v1.28.1 -> v1.33.0

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity	CVSS Score	CVE	Reachability
Medium	6.5	CVE-2024-24786

---

Release Notes

protocolbuffers/protobuf-go (google.golang.org/protobuf)

v1.33.0

Compare Source

This release contains one security fix:

• encoding/protojson: Unmarshal could enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set. Unmarshal now correctly returns an error when handling these inputs. This is CVE-2024-24786.

v1.32.0

Compare Source

Full Changelog: protocolbuffers/protobuf-go@v1.31.0...v1.32.0

This release contains commit protocolbuffers/protobuf-go@bfcd647, which fixes a denial of service vulnerability by preventing a stack overflow through a default maximum recursion limit. See https://github.com/golang/protobuf/issues/1583 and https://github.com/golang/protobuf/issues/1584 for details.

v1.31.0

Compare Source

Notable changes

New Features

• CL/489316: types/dynamicpb: add NewTypes
  • Add a function to construct a dynamic type registry from a protoregistry.Files
• CL/489615: encoding: add MarshalAppend to protojson and prototext

Minor performance improvements

• CL/491596: encoding/protodelim: If UnmarshalFrom gets a bufio.Reader, try to reuse its buffer instead of creating a new one
• CL/500695: proto: store the size of tag to avoid multiple calculations

Bug fixes

• CL/497935: internal/order: fix sorting of synthetic oneofs to be deterministic
• CL/505555: encoding/protodelim: fix handling of io.EOF

v1.30.0

Compare Source

• Notable changes

Announcement
In the previous two releases, v1.29.0 and v1.29.1, we associated the tags with the wrong commits and thus the tags do not reference any commit in this repository. This tag, v1.30.0, refers to an existing commit again. Sorry for the inconvenience.

Notable changes

New Features

• CL/449576: protoadapt: helper functions to convert v1 or v2 message to either v1 or v2 message.

v1.29.1

Compare Source

• Notable changes

Notable changes

Bug fixes

• CL/475995: internal/encoding/text: fix parsing of incomplete numbers

v1.29.0

Compare Source

• Overview
• Notable changes

Overview

This version introduces a new package protodelim to marshal and unmarshal size-delimited messages.
It also brings the implementation up to date with the latest protobuf features.

Notable changes

New Features

• CL/419254: encoding: add protodelim package
• CL/450775: reflect/protoreflect: add Value.Equal method
• CL/462315: cmd/protoc-gen-go: make deprecated messages more descriptive
• CL/473015: encoding/prototext: allow whitespace and comments between minus sign and number in negative numeric literal

Alignment with protobuf

• CL/426054: types/descriptorpb: update *.pb.go to use latest protoc release, 21.5
• CL/425554: encoding/protojson: fix parsing of google.protobuf.Timestamp
• CL/461238: protobuf: remove the check for reserved field numbers
• CL/469255: types/descriptorpb: regenerate using latest protobuf v22.0 release
• CL/472696: cmd/protoc-gen-go: support protobuf retention feature

Documentation improvements:

• CL/464275: proto: document Equal behavior of invalid messages
• CL/466375: all: update links to Protocol Buffer documentation

Minor performance improvements

• CL/460215: types/known/structpb: preallocate map in AsMap
• CL/465115: internal/strs: avoid unnecessary allocations in Builder

Breaking changes

• CL/461238: protobuf: remove the check for reserved field numbers
  • protowire.(Number).IsValid() no longer returns false for reserved fields because reserved fields are considered semantically valid by the protobuf spec.

---

• If you want to rebase/retry this PR, check this box

[amplify-self-hosted-runners]

Check Name	Conclusion	Summary	Output
Mend Security Check	failure	Security Report	output
Mend License Check	failure	License Report	output
backport-check	failure	backport-check	output
metrics_test_check	success	metrics_test_check	output
dist-check	success	dist-check	output
changelog-check	failure	changelog-check	output
metrics_test_check	success	metrics_test_check	output
backport-check	failure	backport-check	output
verify-ci-success	success	verify-ci-success	output
dist-check	success	dist-check	output
changelog-check	failure	changelog-check	output
Setup	success	Setup	output
get-go-version / Determine Go toolchain version	success	get-go-version / Determine Go toolchain version	output
check-go-mod / check-go-mod	failure	check-go-mod / check-go-mod	output
build-distros-success	failure	build-distros-success	output
Get files changed and conditionally skip CI	success	Get files changed and conditionally skip CI	output
noop	success	noop	output
get-go-version / Determine Go toolchain version	success	get-go-version / Determine Go toolchain version	output
Setup	success	Setup	output
check-codegen	failure	check-codegen	output
check-generated-protobuf	failure	check-generated-protobuf	output
lint-consul-retry	failure	lint-consul-retry	output
lint-enums	failure	lint-enums	output
lint-container-test-deps	failure	lint-container-test-deps	output
check-go-mod / check-go-mod	failure	check-go-mod / check-go-mod	output
dev-build / build	failure	dev-build / build	output
lint-32bit / lint	failure	lint-32bit / lint	output
lint / lint	failure	lint / lint	output
lint-32bit / lint api	failure	lint-32bit / lint api	output
lint / lint api	failure	lint / lint api	output
lint-32bit / lint sdk	failure	lint-32bit / lint sdk	output
lint / lint sdk	failure	lint / lint sdk	output
lint-32bit / lint envoyextensions	failure	lint-32bit / lint envoyextensions	output
lint / lint envoyextensions	failure	lint / lint envoyextensions	output
lint-32bit / lint troubleshoot	failure	lint-32bit / lint troubleshoot	output
lint / lint troubleshoot	cancelled	lint / lint troubleshoot	output
lint-32bit / lint test/integration/consul-container	failure	lint-32bit / lint test/integration/consul-container	output
lint / lint test/integration/consul-container	failure	lint / lint test/integration/consul-container	output
lint-32bit / lint test-integ	failure	lint-32bit / lint test-integ	output
lint / lint test-integ	cancelled	lint / lint test-integ	output
lint-32bit / lint testing/deployer	failure	lint-32bit / lint testing/deployer	output
lint / lint testing/deployer	cancelled	lint / lint testing/deployer	output
Get files changed and conditionally skip CI	success	Get files changed and conditionally skip CI	output
get-go-version / Determine Go toolchain version	success	get-go-version / Determine Go toolchain version	output
Setup	success	Setup	output
scan	failure	scan	output
Jira sync	failure	Jira sync	output
Get files changed and conditionally skip CI	success	Get files changed and conditionally skip CI	output
get-go-version / Determine Go toolchain version	success	get-go-version / Determine Go toolchain version	output
Setup	success	Setup	output
Generate Envoy Job Matrices	failure	Generate Envoy Job Matrices	output
integration-test-with-deployer	failure	integration-test-with-deployer	output
dev-build / build	failure	dev-build / build	output
test-integrations-success	failure	test-integrations-success	output
triage	success	triage	output

[amplify-self-hosted-runners]

Check Name	Conclusion	Summary	Output
Mend Security Check	failure	Security Report	output
Mend License Check	failure	License Report	output
backport-check	failure	backport-check	output
metrics_test_check	success	metrics_test_check	output
dist-check	success	dist-check	output
changelog-check	failure	changelog-check	output
metrics_test_check	success	metrics_test_check	output
backport-check	failure	backport-check	output
verify-ci-success	success	verify-ci-success	output
dist-check	success	dist-check	output
changelog-check	failure	changelog-check	output
Setup	success	Setup	output
get-go-version / Determine Go toolchain version	success	get-go-version / Determine Go toolchain version	output
check-go-mod / check-go-mod	failure	check-go-mod / check-go-mod	output
build-distros-success	failure	build-distros-success	output
Get files changed and conditionally skip CI	success	Get files changed and conditionally skip CI	output
noop	success	noop	output
get-go-version / Determine Go toolchain version	success	get-go-version / Determine Go toolchain version	output
Setup	success	Setup	output
check-codegen	failure	check-codegen	output
check-generated-protobuf	failure	check-generated-protobuf	output
lint-consul-retry	failure	lint-consul-retry	output
lint-enums	failure	lint-enums	output
lint-container-test-deps	failure	lint-container-test-deps	output
check-go-mod / check-go-mod	failure	check-go-mod / check-go-mod	output
dev-build / build	failure	dev-build / build	output
lint-32bit / lint	failure	lint-32bit / lint	output
lint / lint	failure	lint / lint	output
lint-32bit / lint api	failure	lint-32bit / lint api	output
lint / lint api	failure	lint / lint api	output
lint-32bit / lint sdk	failure	lint-32bit / lint sdk	output
lint / lint sdk	failure	lint / lint sdk	output
lint-32bit / lint envoyextensions	failure	lint-32bit / lint envoyextensions	output
lint / lint envoyextensions	failure	lint / lint envoyextensions	output
lint-32bit / lint troubleshoot	failure	lint-32bit / lint troubleshoot	output
lint / lint troubleshoot	cancelled	lint / lint troubleshoot	output
lint-32bit / lint test/integration/consul-container	failure	lint-32bit / lint test/integration/consul-container	output
lint / lint test/integration/consul-container	failure	lint / lint test/integration/consul-container	output
lint-32bit / lint test-integ	failure	lint-32bit / lint test-integ	output
lint / lint test-integ	cancelled	lint / lint test-integ	output
lint-32bit / lint testing/deployer	failure	lint-32bit / lint testing/deployer	output
lint / lint testing/deployer	cancelled	lint / lint testing/deployer	output
Get files changed and conditionally skip CI	success	Get files changed and conditionally skip CI	output
get-go-version / Determine Go toolchain version	success	get-go-version / Determine Go toolchain version	output
Setup	success	Setup	output
scan	failure	scan	output
Jira sync	failure	Jira sync	output
Get files changed and conditionally skip CI	success	Get files changed and conditionally skip CI	output
get-go-version / Determine Go toolchain version	success	get-go-version / Determine Go toolchain version	output
Setup	success	Setup	output
Generate Envoy Job Matrices	failure	Generate Envoy Job Matrices	output
integration-test-with-deployer	failure	integration-test-with-deployer	output
dev-build / build	failure	dev-build / build	output
test-integrations-success	failure	test-integrations-success	output
triage	success	triage	output

[github-actions]

This pull request has been automatically flagged for inactivity because it has not been acted upon in the last 60 days. It will be closed if no new activity occurs in the next 30 days. Please feel free to re-open to resurrect the change if you feel this has happened by mistake. Thank you for your contributions.

[github-actions]

Closing due to inactivity. If you feel this was a mistake or you wish to re-open at any time in the future, please leave a comment and it will be re-surfaced for the maintainers to review.