build(deps): bump the examples-golang-network group across 1 directory with 2 updates

[dependabot]

Bumps the examples-golang-network group with 2 updates in the /golang-network/simple directory: github.com/envoyproxy/envoy and google.golang.org/protobuf.

Updates github.com/envoyproxy/envoy from 1.34.3 to 1.35.0

Release notes

Sourced from github.com/envoyproxy/envoy's releases.

v1.35.0

Summary of changes:

• Security:

  • Fixed TLS inspector handling of client hello messages larger than 16KB.
  • Fixed bug where empty trusted CA files were accepted, causing validation of any certificate chain.

• Build:

  • Major: Upgraded to C++20, enabling modern C++ features throughout the codebase.
  • Consolidated clang/gcc toolchains using --config=clang or --config=gcc.
  • Breaking: Removed grpc_credentials/aws_iam extension and contrib squash filter.

• HTTP:

  • Added x-envoy-original-host header to record original host values before mutation.
  • Added HTTP/3 pseudo header validation (disable via envoy.restart_features.validate_http3_pseudo_headers).
  • Fixed HTTP/1 parser to properly handle newlines between requests per RFC 9112.
  • Added request/response trailer mutations support in header mutation filter.

• Load balancing:

  • Added override host load balancing policy.
  • Added hash policy configuration directly to ring hash and maglev load balancers.
  • Added matcher-based cluster specifier plugin for dynamic cluster selection.

• External processing:

  • Added FULL_DUPLEX_STREAMED body mode for bidirectional streaming.
  • Implemented graceful gRPC side stream closing with timeout.
  • Added per-route failure_mode_allow override support.

• Wasm:

  • Update v8 and wasmtime dependencies to resolve multiple CVEs

• Authentication:

  • Added OAuth2 token encryption, configurable token expiration, and OIDC logout support.
  • Added API key auth filter with forwarding configuration.
  • Added AWS IAM Roles Anywhere support.

• Observability:

  • Added TLS certificate expiration metrics.
  • Enhanced transport tap with streaming trace capability.
  • Added JA4 fingerprinting to TLS inspector.
  • Added TCP tunneling access log substitution strings.

• New features:

  • Dynamic modules: Added support for LocalityLbEndpoints metadata and SSL connection info attributes.
  • Stateful session cookie attributes and envelope mode support.
  • Redis proxy AWS IAM authentication and scan/info command support.
  • Lua filter access to filter context and typed metadata.
  • ServerNameMatcher for trie-based domain matching.

• Notable fixes:

... (truncated)

Changelog

Sourced from github.com/envoyproxy/envoy's changelog.

Release Process

Active development

Active development is happening on the main branch, and a new version is released from it.

Stable releases

Stable releases of Envoy include:

• Major releases in which a new version a created directly from the main branch.
• Minor releases for versions covered by the extended maintenance window (any version released in the last 12 months).
  • Security fixes backported from the main branch (including those deemed not worthy of creating a CVE).
  • Stability fixes backported from the main branch (anything that can result in a crash, including crashes triggered by a trusted control plane).
  • Bugfixes, deemed worthwhile by the maintainers of stable releases.

Major releases happen quartely and follow the schedule below. Security fixes typically happen quarterly as well, but this depends on the number and severity of security bugs. Other releases are ad-hoc and best-effort.

Security releases

Critical security fixes are owned by the Envoy security team, which provides fixes for the main branch. Once those fixes are ready, the maintainers of stable releases backport them to the remaining supported stable releases.

Backports

All other security and reliability fixes can be nominated for backporting to stable releases by Envoy maintainers, Envoy security team, the change author, or members of the Envoy community by adding the backport/review or backport/approved label (this can be done using [repokitteh]'s /backport command). Changes nominated by the change author and/or members of the Envoy community are evaluated for backporting on a case-by-case basis, and require approval from either the release manager of stable release, Envoy maintainers, or Envoy security team. Once approved, those fixes are backported from the main branch to all supported stable branches by the maintainers of stable releases. New stable versions from non-critical security fixes are released on a regular schedule, initially aiming for the bi-weekly releases.

Release management

Major releases are handled by the maintainer on-call and do not involve any backports. The details are outlined in the "Cutting a major release" section below. Security releases are handled by a Release Manager and a Fix Lead. The Release Manager is responsible for approving and merging backports, with responsibilties outlined in https://github.com/envoyproxy/envoy/blob/main/BACKPORTS.md. The Fix Lead is a member of the security team and is responsible for coordinating the overall release. This includes identifying issues to be fixed in the release, communications with the Envoy community, and the

... (truncated)

Commits

• 84305a6 repo: Release v1.35.0
• 729aeec docs: fix network ext_proc service format (#40367)
• 569075a dfp: fixes a bug which broke requests using IPv6 literals as hosts (#40347)
• 161d47b wasm/deps: Add changelog for wasmtime bump (#40362)
• 1bf057b Fix a bug on Geoip maxmind apple_private_relay to check if apple_private_rela...
• 6b7268a deps: Bump com_github_wasmtime -> 24.0.4 (#40360)
• 0d341b9 Temporary revert for release "matcher: refactor the matcher to avoid unnecess...
• 6becd01 mobile: Filter reserved IP address ranges in IPv6 probing (#40345)
• 92762ea wasm/ci: Set all HTTP tests to enormous to prevent timeout flakes (#40346)
• 86e6232 deps: update v8 to 13.8.258.26 (#40305)
• Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.36.6 to 1.36.7

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions