Bump grpc-netty from 1.24.1 to 1.48.1

[dependabot[bot]]

Bumps grpc-netty from 1.24.1 to 1.48.1.

Release notes

Sourced from grpc-netty's releases.

v1.48.0

Bug Fixes

• Removed the Class-Path manifest entry from jars generated with the gradle shadow plugin (#9270). This should prevent “[WARNING] [path] bad path element” compilation warnings
• Fix Channelz HTTP/2 window reporting. Previously the sender and receiver windows were reversed
• Service config parse failures should be UNAVAILABLE, not INVALID_ARGUMENT (#9346). This bug could cause RPCs to fail with INVALID_ARGUMENT if the service config was invalid when the channel started. RPCs were not failed if the channel had previously received no config or a valid config. Channels using xds were not exposed to this issue

New Features

• xds: implement ignore_resource_deletion server feature as defined in the gRFC A53: Option for Ignoring xDS Resource Deletion. (#9339)
• bazel: Support maven_install's strict_visibility=True by including direct dependencies explicitly

Improvements

• Changed the debug strings for many Attributes.Keys to reference the API of the key. This should make it easier to find the API the key is exposed when using attributes.toString()
• api: Document Attributes.Key uses reference equality. This is to make it clear the behavior is on purpose, and mirrors other Key types in the API
• api: Explain security constraints of EquivalentAddressGroup.ATTR_AUTHORITY_OVERRIDE, to avoid misuse by NameResolvers (#9281)
• testing: GrpcCleanupRule now extends ExternalResource. This makes it usable with JUnit 5
• core: Clear ConfigSelector when the channel enters panic mode (#9272). This prevents hanging RPCs if panic mode is entered very early in the channel lifetime and makes panic mode more predictable when xds is in use. Panic mode is a Channel feature used when a bug causes an unrecoverable error
• xds: clusterresolver reuses child policy names for the same locality to avoid subchannel connection churns (#9287)
• xds: Fail RPCs with error details when resources are deleted instead of “NameResolver returned no usable address errors” (#9337)
• xds: Support least_request LB in LoadBalancingPolicy (#9262)
• xds: weighted target to delay picker updates while updating children (#9306)
• compiler: support protoc compiling on loongarch_64 and ppc64le platform (#9178 #9284)
• core: Avoid unnecessary flushes for unary responses. It optimizes the response flow (#9273)
• binder: Add security Policy for verifying signature using sha-256 hash (#9305)
• core: Use the offload executor in CallCredentials rather than the executor from CallOptions (#9313)
• xds: delete the permanent error logic in processing LDS updates in XdsServerWrapper (#9268)
• xds: when delegate server throws on start communicate the error to statusListener (#9277)

Dependencies

• Bump Guava to 31.1
• Bump protobuf to 3.21.1 (#9311)
• Bump Error Prone annotations to 2.14.0
• Bump Animal Sniffer annotations to 1.21
• Bump Netty to 4.1.77.Final and netty_tcnative to 2.0.53.Final
• protobuf: Bump com.google.api.grpc:proto-google-common-protos to 2.9.0
• alts: Bump Conscrypt to 2.5.2
• xds: Bump RE2J to 1.6
• xds: Remove unused org.bouncycastle:bcpkix-jdk15on dependency
• xds: Update xDS protos (#9223)

Acknowledgements

@​mirlord @​zhangwenlong8911 @​adilansari @​amirhadadi @​jader-eero @​jvolkman @​sumitd2

v1.47.0

... (truncated)

Commits

• 6e2e18b Bump version to 1.48.1
• dd74493 Update README etc to reference 1.48.1
• d56f8fb core: server stream should not deliver halfClose() when call is immediately c...
• 80dc067 example-orca: fix lost streamTracerFactor (#9411)
• c7f0965 service: CalMetricRecorder.recordCallMetric is deprecated, use CalMetricRecor...
• 0c287af example: fix orca example to use new ORCA API (#9403)
• 014c022 service: make the orca MetricReport a top level experimental class (#9382)
• 25183ed xds: do not expose orca proto in ORCA api (#9366)
• 289a442 core: Workaround retry causing memory leak
• 61a3a2f core: Disable retry by default for in-process transport's channel (#9368)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)