[Security] Bump grpc from 1.24.2 to 1.24.11

[dependabot-preview]

Bumps grpc from 1.24.2 to 1.24.11. This update includes a security fix.

Vulnerabilities fixed

Sourced from The GitHub Security Advisory Database.

Prototype pollution in grpc and @​grpc/grpc-js "The package grpc before 1.24.4 and the package @​grpc/grpc-js before 1.1.8 are vulnerable to Prototype Pollution via loadPackageDefinition."

Affected versions: < 1.24.4

Release notes

Sourced from grpc's releases.

Node gRPC 1.24.11

• SECURITY FIX: Fix a double free bug in server-side TCP error handling code (Fix redundant error unref in finish_accept in tcp_server_custom grpc/grpc#26750 picked up in #1861). This bug was discovered by Brad Buckingham and Alex Skwarczynski.
• Update the ServiceDefinition TypeScript type for compatibility with @grpc/grpc-js (#1860)

Node gRPC 1.24.10

• Make callback function check properly handle async functions (#1786 contributed by @​amje)

Node gRPC v1.24.7

• Log just serialization and deserialization errors on the server, instead of logging all errors with the code INTERNAL (#1750)
• Replace the instanceof Function check to make it work properly in certain environments (#1759 contributed by @​zereraz)

Node gRPC v1.24.6

• Fix prototype pollution possibility in loadPackageDefinition (#1701)

Node gRPC v1.24.5

• Add support for Electron 11 and newer versions of Electron 10 (#1684)

Node gRPC v1.24.4

• Add support for Electron 10 and newer minor versions of Electron 8 and 9 (#1615)
• Add a note in the README stating the latest supported versions of Node and Electron (#1615)
• Prevent prototype pollution in loadPackageDefinition (#1606)
• Add ResponseType to ServerWritableStream type definition for compatibility with @grpc/grpc-js (#1590 contributed by @​badsyntax)
• Add methodTypes enum to type definition (#1496 contributed by @​jncr)

grpc 1.24.3

• Add support for S390x (originally #1230 contributed by @​shahidhs-ibm)
• Add support for Node 14, and Electron 7, 8, and 9
• Unbundle the dependency on node-pre-gyp (#1371 contributed by @​Naktibalda)

Known Issues:

• #1407 may cause errors when running on Node 14

Commits

• 39680a5 Merge pull request #1861 from murgatroid99/grpc-native_submodule_bump
• bb51830 Merge pull request #1860 from murgatroid99/grpc-native_ServiceDefinition_fix
• cd82535 grpc-native: Update submodule and version
• 913734d grpc: Make ServiceDefinition type argument optional
• 465f7a1 Merge pull request #1788 from murgatroid99/grpc-native_v1.24.10
• 870523f native: Bump version to 1.24.10
• d85324d Merge pull request #1786 from amje/fix-function-check
• b1c1f96 fix(grpc-native-core): incomplete function check
• ccaceae Merge pull request #1775 from murgatroid99/grpc-native_node-pre-gyp_fix
• 52d44f5 native: Fix reference to node-pre-gyp
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[vercel]

This pull request is being automatically deployed with Vercel (learn more).
To see the status of your deployment, click below or on the icon next to each commit.

🔍 Inspect: https://vercel.com/mausm/xxiv-memories/5FbyLBwCvaSurJuJnAmTepohJJEc
✅ Preview: https://xxiv-memories-git-dependabot-npmandyarngrpc-12411-mausm.vercel.app