Update google-protobuf to v3.17.1

Due to https://github.com/protocolbuffers/protobuf/issues/8559,
google-protobuf v3.15.8 can seg fault in the FindCommits RPC call if the
options hash is garbage collected before gRPC encodes the message. This
was fixed in google-protobuf v3.17.1 via
https://github.com/protocolbuffers/protobuf/pull/8639.

Unfortunately, pg_query has a hard dependency on google-protobuf
v3.15.x.  This was bumped in
https://github.com/pganalyze/pg_query/pull/212, but an official version
has not yet been tagged.

In addition, https://github.com/pganalyze/pg_query/pull/213 would relax
the dependency so that google-protobuf can be upgraded without having to
update pg_query.

Until pg_query releases a new version, we use our fork to ensure this
seg fault cannot happen.

Relates to https://gitlab.com/gitlab-org/gitlab/-/issues/330998

Changelog: fixed

Gemfile

@@ -308,12 +308,12 @@ gem 'rack-attack', '~> 6.3.0'
 gem 'sentry-raven', '~> 3.1'
 
 # PostgreSQL query parsing
-gem 'pg_query', '~> 2.0.3'
+gem 'gitlab-pg_query', '~> 2.0.4', require: 'pg_query'
 
 gem 'premailer-rails', '~> 1.10.3'
 
 # LabKit: Tracing and Correlation
-gem 'gitlab-labkit', '~> 0.17.1'
+gem 'gitlab-labkit', '~> 0.18.0'
 # Thrift is a dependency of gitlab-labkit, we want a version higher than 0.14.0
 # because of https://gitlab.com/gitlab-org/gitlab/-/issues/321900
 gem 'thrift', '>= 0.14.0'
@@ -483,7 +483,7 @@ gem 'gitaly', '~> 13.12.0.pre.rc1'
 
 gem 'grpc', '~> 1.30.2'
 
-gem 'google-protobuf', '~> 3.15.8'
+gem 'google-protobuf', '~> 3.17.1'
 
 gem 'toml-rb', '~> 1.0.0'
 

Gemfile.lock

@@ -467,13 +467,13 @@ GEM
       fog-xml (~> 0.1.0)
       google-api-client (>= 0.44.2, < 0.51)
       google-cloud-env (~> 1.2)
-    gitlab-labkit (0.17.1)
+    gitlab-labkit (0.18.0)
       actionpack (>= 5.0.0, < 7.0.0)
       activesupport (>= 5.0.0, < 7.0.0)
+      gitlab-pg_query (~> 2.0)
       grpc (~> 1.19)
       jaeger-client (~> 1.1)
       opentracing (~> 0.4)
-      pg_query (~> 2.0)
       redis (> 3.0.0, < 5.0.0)
     gitlab-license (1.5.0)
     gitlab-mail_room (0.0.9)
@@ -483,6 +483,8 @@ GEM
       addressable (~> 2.7)
       omniauth (~> 1.9)
       openid_connect (~> 1.2)
+    gitlab-pg_query (2.0.4)
+      google-protobuf (>= 3.17.1)
     gitlab-sidekiq-fetcher (0.5.6)
       sidekiq (~> 5)
     gitlab-styles (6.2.0)
@@ -516,7 +518,7 @@ GEM
       signet (~> 0.12)
     google-cloud-env (1.4.0)
       faraday (>= 0.17.3, < 2.0)
-    google-protobuf (3.15.8)
+    google-protobuf (3.17.1)
     googleapis-common-protos-types (1.0.6)
       google-protobuf (~> 3.14)
     googleauth (0.14.0)
@@ -903,8 +905,6 @@ GEM
     peek (1.1.0)
       railties (>= 4.0.0)
     pg (1.2.3)
-    pg_query (2.0.3)
-      google-protobuf (~> 3.15.5)
     plist (3.6.0)
     png_quantizator (0.2.1)
     po_to_json (1.0.1)
@@ -1477,19 +1477,20 @@ DEPENDENCIES
   gitlab-experiment (~> 0.5.4)
   gitlab-fog-azure-rm (~> 1.0.1)
   gitlab-fog-google (~> 1.13)
-  gitlab-labkit (~> 0.17.1)
+  gitlab-labkit (~> 0.18.0)
   gitlab-license (~> 1.5)
   gitlab-mail_room (~> 0.0.9)
   gitlab-markup (~> 1.7.1)
   gitlab-net-dns (~> 0.9.1)
   gitlab-omniauth-openid-connect (~> 0.4.0)
+  gitlab-pg_query (~> 2.0.4)
   gitlab-sidekiq-fetcher (= 0.5.6)
   gitlab-styles (~> 6.2.0)
   gitlab_chronic_duration (~> 0.10.6.2)
   gitlab_omniauth-ldap (~> 2.1.1)
   gon (~> 6.4.0)
   google-api-client (~> 0.33)
-  google-protobuf (~> 3.15.8)
+  google-protobuf (~> 3.17.1)
   gpgme (~> 2.0.19)
   grape (~> 1.5.2)
   grape-entity (~> 0.9.0)
@@ -1570,7 +1571,6 @@ DEPENDENCIES
   parslet (~> 1.8)
   peek (~> 1.1)
   pg (~> 1.1)
-  pg_query (~> 2.0.3)
   png_quantizator (~> 0.2.1)
   premailer-rails (~> 1.10.3)
   prometheus-client-mmap (~> 0.12.0)