Update protobuf requirement from 3.6.1 to 3.8.0

[dependabot-preview]

Updates the requirements on protobuf to permit the latest version.

Release notes

Sourced from protobuf's releases.

Protocol Buffers v3.8.0

C++

• Use std::atomic in case of myriad2 platform
• Always declare enums to be int-sized
• Added DebugString() and ShortDebugString() methods on MessageLite
• Specialized different parse loop control flows
• Make hasbits potentially in register. The or's start forming an obstacle because it's a read modify store on the same mem address on each iteration.
• Move to an internal MACRO for parser validity checks.
• Improve map parsing performance.
• Make MergePartialFromCodedStream non virtual. This allows direct calls, potential inlining and is also a code health improvement
• Add an overall limit to parse_context to prevent reading past it. This allows to remove a annoying level of indirection.
• Fix a mistake, we shouldn't verify map key/value strings for utf8 in opt mode for proto2.
• Further improvements to cut binary size.
• Prepare to make MergePartialFromCodedStream non-virtual.
• A report on some interesting behavior change in python (caused by b/27494216) made me realize there is a check that needs to be done in case the parse ended on a end group tag.
• Add a note of caution to the comments around skip in CodedOutputStream.
• Simplify end check.
• Add overload for ParseMessage for MessageLite/Message types. If the explicit type is not known inlining won't help de-virtualizing the virtual call.
• Reduce linker input. It turns out that ParseMessage is not inlined, producing template instantiations that are used only once and save nothing but cost more.
• Improve the parser.
• [c++17] Changed proto2::RepeatedPtrField iterators to no longer derive from the deprecated std::iterator class.
• Change the default value of case_insensitive_enum_parsing to false for JsonStringToMessage.
• Add a warning if a field name doesn't match the style guide.
• Fix TextFormat not round-trip correctly when float value is max float.
• Added locationed info for some errors at compiler
• Python reserved keywords are now working with getattr()/setattr() for most descriptors.
• Added AllowUnknownField() in text_format
• Append '_' to C++ reserved keywords for message, enum, extension
• Fix MSVC warning C4244 in protobuf's parse_context.h.
• Updating Iterators to be compatible with C++17 in MSVC.
• Use capability annotation in mutex.h
• Fix "UndefinedBehaviorSanitizer: cfi-bad-type"
• CriticalSectionLock class as a lightweight replacement for std::mutex on Windows platforms.
• Removed vestigial wire_format_lite_inl.h

C#

• Added System.Memory dependency.

Java

• Make Java protoc code generator ignore optimize_for LITE_RUNTIME. Users should instead use the Java lite protoc plugin.
• Change Extension getMessageDefaultInstance() to return Message instead of MessageLite.
• Prevent malicious input streams from leaking buffers for ByteString or ByteBuffer parsing.
• Release new Javalite runtime.
• Show warning in case potential file name conflict.
• Allow Java reserved keywords to be used in extensions.
• Added setAllowUnknownFields() in text format
• Add memoization to ExtensionRegistryLite.getEmptyRegistry()
• Improve performance of CodedOutputStream.writeUInt32NoTag
• Add an optimized mismatch-finding algorithm to UnsafeUtil.
• When serializing uint32 varints, check that we have MAX_VARINT32_SIZE bytes left, not just MAX_VARINT_SIZE.

... (truncated)

Commits

• 0974557 Merge pull request #6160 from haon4/3.8.x-20190521140707
• 303191d Merge pull request #6173 from haon4/cherrypick_fix_build
• 95c207f Add use_nested to internalAddGeneratedFile for php implementation (#6117)
• 9a8ef05 Append field number to accessors if there is conflict (#6169)
• f9cd7bd Upgrade gulp version
• 6d83327 Fix gulpfile to use gulp 4 API
• e038b1e Merge pull request #6164 from haon4/cherrypick_fix_build
• 014872a Revert "protobuf.pc.in does not reflect CXXFLAGS"
• b0d6486 Update protobuf version
• 46d5cc7 Revert "Revert "Add new file to package.xml (#6116)""
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Automerge options (never/patch/minor, and dev/runtime dependencies)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

[dependabot-preview]

Superseded by #368.