Bump test only protobuf to 0.13.0

[finnegancarroll]

Description

Update test only dependency to maintain compatibility with opensearch protobufs 0.13.0.
PR updating protobuf schema on main: opensearch-project/OpenSearch#19007

Issues Resolved

N/A

Testing

IT updates

Check List

• New functionality includes testing
• New functionality has been documented
• New Roles/Permissions have a corresponding security dashboards plugin PR
• API changes companion pull request created
• Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[finnegancarroll]

Windows JDK 24 integ tests failing:

2025-09-16T20:39:39.2775500Z Tests with failures:
2025-09-16T20:39:39.2776232Z  - org.opensearch.security.DefaultConfigurationMultiNodeClusterTests.securityRolesUpgrade
2025-09-16T20:39:39.2777417Z  - org.opensearch.security.DefaultConfigurationSingleNodeClusterTests.securityRolesUpgrade
2025-09-16T20:39:39.2778803Z  - org.opensearch.security.DefaultConfigurationMultiNodeClusterUseClusterStateTests.securityRolesUpgrade
2025-09-16T20:39:39.2780368Z  - org.opensearch.security.DefaultConfigurationSingleNodeClusterUseClusterStateTests.securityRolesUpgrade
2025-09-16T20:39:39.2782033Z  - org.opensearch.security.api.InternalUsersScoreBasedPasswordRulesRestApiIntegrationTest.canCreateUserWithPassword

All with:

2025-09-16T20:39:39.2762920Z   2> java.lang.AssertionError: {"status":"error","reason":"Weak password"}
2025-09-16T20:39:39.2763504Z     Expected: <200>
2025-09-16T20:39:39.2763844Z          but: was <400>

Unclear how the last test could create a weak password:
https://github.com/opensearch-project/security/blob/main/src/integrationTest/java/org/opensearch/security/api/InternalUsersScoreBasedPasswordRulesRestApiIntegrationTest.java#L74-L75

Retrying CI

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 72.97%. Comparing base (7ced461) to head (5365f9f).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #5553   +/-   ##
=======================================
  Coverage   72.97%   72.97%           
=======================================
  Files         408      408           
  Lines       25390    25390           
  Branches     3863     3863           
=======================================
  Hits        18529    18529           
+ Misses       4985     4982    -3     
- Partials     1876     1879    +3     

see 5 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[finnegancarroll]

Hi @cwperks can you take a look?

[cwperks]

@finnegancarroll for dep updates I think we should have a CHANGELOG entry.

[nibix]

Approving this because currently the security plugin build is broken due to this version update.

Generally, that IMHO indicates that the security plugin is not a suitable place for having these tests: #5524