build(deps-dev): bump io.grpc:grpc-context from 1.65.1 to 1.66.0

[dependabot]

Bumps io.grpc:grpc-context from 1.65.1 to 1.66.0.

Commits

• cf78406 Bump version to 1.66.0
• 33af0a7 Update README etc to reference 1.66.0
• 19c9b99 xds: XdsClient should unsubscribe on last resource (#11264)
• 752a045 Revert "Start 1.67.0 development cycle (#11416)" (#11428)
• ef09d94 Revert "Introduce onResult2 in NameResolver Listener2 that returns Status (#1...
• c37fb18 Start 1.67.0 development cycle
• 9ba2f9d Introduce onResult2 in NameResolver Listener2 that returns Status (#11313)
• 786523d xds: WRR rr_fallback should trigger with one endpoint weight
• b108ed3 api: Give instruments a toString() including their name
• eb4cdf7 Update MAINTAINERS.md (#11241)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 8df1cd4.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Package	Version	Score	Details
maven/io.grpc:grpc-context	1.66.0	🟢 6.6	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases ⚠️ -1 no releases found Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Fuzzing ⚠️ 0 project is not fuzzed Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Vulnerabilities ⚠️ 0 65 existing vulnerabilities detected

Scanned Manifest Files

citizen-intelligence-agency/pom.xml

• io.grpc:[email protected]
• io.grpc:[email protected]

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud