Bump io.grpc:grpc-netty-shaded from 1.60.1 to 1.61.0

[dependabot]

Bumps io.grpc:grpc-netty-shaded from 1.60.1 to 1.61.0.

Release notes

Sourced from io.grpc:grpc-netty-shaded's releases.

v1.61.0

API Changes

• Remove unused experimental API ManagedChannelBuilder.enableFullStreamDecompression (#10744)
• api: Deprecate LoadBalancer.EMPTY_PICKER added in 1.58.0 in favor of FixedResultPicker (860b5cb1f)

New Features

• binder: Experimental support for asynchronous security policies (#10566)

Improvements

• core: reduce CompositeReadableBuffer allocation (#3279)
• core: Improve error message clarity when a channel leak is detected (201893f5e)
• util: use shared index across round_robin pickers (dca89b25b). This makes its implementation more similar to weighted_round_robin.
• xds: Implement ADS stream flow control mechanism (#10674). This limits the maximum memory consumed if the control plane sends updates more rapidly than they can be processed.

Bug Fixes

• core: Check outbound maximum message size for the compressed size in addition to the already-checked uncompressed size (#10739). Fixed the status code to be RESOURCE_EXHAUSTED instead of UNKNOWN.
• util: Fix NPE when multiple addresses are in an address group for petiole load balancer policies (#10769)
• util: Disable publishing of fixtures (8ac43dd81). The Gradle test fixtures are for use by grpc-java's internal tests.
• okhttp: Ignore known conscrypt socket close issue (#10812). This stops an exception from being thrown when a known Conscrypt synchronization issue happens.

Dependencies

• Drop support for Bazel 5 (55a9c012c). Bazel 7 is available, and Protobuf has already dropped support for Bazel 5.
• Change many compile deps to runtime deps (d6830d7f9). This reduces the transitive classes "leaked" into the compile classpath. In particular, grpc-core (io.grpc.internal) will be less frequently included transitively at compile time.
• Upgrade dependencies (c985797d9)
  • Protobuf to 3.25.1
  • auto-value-annotations to 1.10.4
  • error_prone_annotations to 2.23.0
  • proto-google-common-protos to 2.29.0
  • google-cloud-logging to 3.15.14
  • guava to 32.1.3-android
  • okio to 3.4.0

Acknowledgements

• @​Gordiychuk
• @​jroper
• @​jyane
• @​ulfjack

Commits

• f06abeb Bump version to 1.61.0
• 7700510 Update README protoc references to 3.25.1
• c639b81 Update README etc to reference 1.61.0
• 5606081 fix flaky xds test due to verification race (#10798) (#10808)
• 2531563 okhttp: Ignore known conscrypt socket close issue (#10811) (#10812)
• 5b082ca Do not cache failed futures for async security policies indefinitely. (#10743)
• 062f7a2 README.md: Correct gradle protobuf reference from 3.22.3 to 3.24.0 (#10772)
• 597101c xds: fix flow control message not delivered when previous message type is unk...
• 0f21574 core: reduce CompositeReadableBuffer allocation (#3279)
• 846e008 xds: Revert xds flow control change. (#10784)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)