chore(deps-dev): bump @grpc/grpc-js from 1.12.6 to 1.13.0 in the development-dependencies group

[dependabot]

Bumps the development-dependencies group with 1 update: @grpc/grpc-js.

Updates @grpc/grpc-js from 1.12.6 to 1.13.0

Release notes

Sourced from @​grpc/grpc-js's releases.

@​grpc/grpc-js-xds 1.13.0

• Implement gRFC A29: xDS-Based Security for gRPC Clients and Servers (#2837, #2866)
• Fix aggregate cluster behavior (gRFC A75) (#2844)
• Include validation error details when NACKing invalid resources (#2902)
• Proactively connect in more cases when using the ring_hash load balancing policy (#2904)

@​grpc/grpc-js 1.13.0

Changelog

• Add support for channel option grpc-node.flow_control_window to control HTTP/2 flow control window size (#2864 contributed by @​rickihastings)
• Show meaningful error messages more consistently when requests fail (#2868)
• Add support for CIDR blocks in no_proxyenvironment variable (#2876 contributed by @​melkouri)
• Fix a bug that caused server interceptor sendMetadata methods to not be called if the server interceptor did not explicitly send metadata (#2897)
• Fix IPv6-mapped IPv4 address parsing in channelz, and represent them as IPv4 addresses (#2909)

Experimental API changes

Added:

• SecureConnector
• SecureConnectResult
• SUBCHANNEL_ARGS_EXCLUDE_KEY_PREFIX
• Server#experimentalRegisterListenerToChannelz protected method
• ServerexperimentalUnregisterListenerFromChannelz protected method
• Server#experimentalCreateConnectionInjectorWithChannelzRef protected method

Modified:

• LoadBalancer: Removed the ChannelCredentials constructor argument
• LoadBalancer: Removed the ChannelOptions constructor argument
• LoadBalancer#updateAddressList: Replaced the attributes argument with one of type ChannelOptions.
• ChannelControlHelper#createSubchannel: Removed the ChannelCredentials argument
• LeafLoadBalancer: Removed the ChannelCredentials constructor argument

Commits

• 02b7c27 Merge pull request #2918 from murgatroid99/grpc-js_backoff_trace
• a188ae1 grpc-js: Add backoff timer trace logging
• a8142c2 Merge pull request #2916 from murgatroid99/grpc-js-xds_ring_hash_fix
• abcf430 grpc-js-xds: ring_hash: Fix proactive connect logic when already connecting
• fbd13e8 Merge pull request #2914 from murgatroid99/grpc-js_1.13.0_bump
• 9691f0e grpc-js: Update to 1.13.0
• daa5127 Merge pull request #2913 from murgatroid99/grpc-js_generated_update
• 4132581 grpc-js: Update generated code with generator changes
• 55b31f6 Merge pull request #2911 from murgatroid99/proto-loader_optional_oneof
• 7133635 Update golden and xds generated code for generator changes
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[socket-security]

New, updated, and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/@grpc/[email protected] ➜ 1.13.0	Transitive: filesystem	+4	2.63 MB	grpc-packages, murgatroid99, nicolasnoble
npm/[email protected]	None	0	96.7 kB	npm-cli-ops
npm/[email protected]	Transitive: environment, eval	+12	7.96 MB	fatso83
npm/[email protected]	Transitive: environment, filesystem, shell	+6	27.1 MB	shaberman
npm/[email protected]	None	0	424 kB	sindresorhus
npm/[email protected] ➜ 5.8.2	None	0	22.9 MB	typescript-bot

🚮 Removed packages: npm/@types/[email protected], npm/@types/[email protected], npm/[email protected]

View full report↗︎

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[dependabot]

Looks like @grpc/grpc-js is updatable in another way, so this is no longer needed.