chore(deps): bump @grpc/grpc-js from 1.14.3 to 1.14.4 in the production-minor-patch group

[dependabot]

Bumps the production-minor-patch group with 1 update: @grpc/grpc-js.

Updates @grpc/grpc-js from 1.14.3 to 1.14.4

Release notes

Sourced from @​grpc/grpc-js's releases.

@​grpc/grpc-js 1.14.4

• Fix a bug that could cause servers to crash when handling malformed requests (advisory GHSA-5375-pq7m-f5r2)
• Fix a bug that could cause clients and servers to crash when handling malformed compressed messages (advisory GHSA-99f4-grh7-6pcq)

Commits

• a380735 Merge pull request #3052 from murgatroid99/grpc-js_1.14.4
• 5b8d37b Merge commit from fork
• 6a97456 Merge commit from fork
• e5e0b1d grpc-js: Bump version to 1.14.4
• 5029a26 Make compression error a static string
• 2fe55fd Fix crashes when receiving malformed compressed data
• 234f917 Fix server crash when handling invalid requests
• acef8d4 Merge pull request #3043 from murgatroid99/rbac_types_change_fix_1.14
• 4f3c58f grpc-js-xds: Update RBAC code to handle Node type change, pin @​types/node
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Summary by CodeRabbit

• Chores
  • Updated internal dependency versions.

[dependabot]

Labels

The following labels could not be found: automated, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[greptile-apps]

dependabot[bot] has reached the 50-review limit for trial accounts. To continue receiving code reviews, upgrade your plan.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 10d33bae-b174-4d9b-919b-3d29f99ac0e6

📥 Commits

Reviewing files that changed from the base of the PR and between e9d472a and 21375c2.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (1)

• package.json

---

📝 Walkthrough

Walkthrough

The package.json file updates the @grpc/grpc-js dependency version from ^1.14.3 to ^1.14.4. No other package dependencies or configuration are modified.

Changes

Dependency Update

Layer / File(s)	Summary
@grpc/grpc-js Version Bump package.json	The @grpc/grpc-js dependency is updated from ^1.14.3 to ^1.14.4 in the dependencies section.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Poem

🐰 A tiny hop, a version bump,
From 1.14.3 to 1.14.4 we jump,
The grpc-js flows swift and light,
A patch update shining bright! ✨

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description is incomplete—it lacks required sections from the template including 'Description', 'Related Issue', 'Type of Change' checkboxes, and the mandatory security/quality checklists.	Add the missing template sections: describe the rationale for the update, select appropriate type of change, and complete all mandatory security and code quality checklists.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and specifically describes the main change: bumping @grpc/grpc-js dependency from 1.14.3 to 1.14.4 in the production-minor-patch group.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/npm_and_yarn/production-minor-patch-77bcb2b000

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}