chore(deps): bump google.golang.org/grpc from 1.72.0 to 1.76.0

[dependabot]

Bumps google.golang.org/grpc from 1.72.0 to 1.76.0.

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.76.0

Dependencies

• Minimum supported Go version is now 1.24 (#8509)
  • Special Thanks: @​kevinGC

Bug Fixes

• client: Return status INTERNAL when a server sends zero response messages for a unary or client-streaming RPC. (#8523)
• client: Fail RPCs with status INTERNAL instead of UNKNOWN upon receiving http headers with status 1xx and END_STREAM flag set. (#8518)
  • Special Thanks: @​vinothkumarr227
• pick_first: Fix race condition that could cause pick_first to get stuck in IDLE state on backend address change. (#8615)

New Features

• credentials: Add credentials/jwt package providing file-based JWT PerRPCCredentials (A97). (#8431)
  • Special Thanks: @​dimpavloff

Performance Improvements

• client: Improve HTTP/2 header size estimate to reduce re-allocations. (#8547)
• encoding/proto: Avoid redundant message size calculation when marshaling. (#8569)
  • Special Thanks: @​rs-unity

Release 1.75.1

Bug Fixes

• transport: Fix a data race while copying headers for stats handlers in the std lib http2 server transport. (#8519)
• xdsclient:
  • Fix a data race caused while reporting load to LRS. (#8483)
  • Fix regression preventing empty node IDs when creating an LRS client. (#8483)
• server: Fix a regression preventing streams from being cancelled or timed out when blocked on flow control. (#8528)

Release 1.75.0

Behavior Changes

• xds: Remove support for GRPC_EXPERIMENTAL_XDS_FALLBACK environment variable. Fallback support can no longer be disabled. (#8482)
• stats: Introduce DelayedPickComplete event, a type alias of PickerUpdated. (#8465)
  • This (combined) event will now be emitted only once per call, when a transport is successfully selected for the attempt.
  • OpenTelemetry metrics will no longer have multiple "Delayed LB pick complete" events in Go, matching other gRPC languages.
  • A future release will delete the PickerUpdated symbol.
• credentials: Properly apply grpc.WithAuthority as the highest-priority option for setting authority, above the setting in the credentials themselves. (#8488)
  • Now that this WithAuthority is available, the credentials should not be used to override the authority.
• round_robin: Randomize the order in which addresses are connected to in order to spread out initial RPC load between clients. (#8438)
• server: Return status code INTERNAL when a client sends more than one request in unary and server streaming RPC. (#8385)
  • This is a behavior change but also a bug fix to bring gRPC-Go in line with the gRPC spec.

New Features

• dns: Add an environment variable (GRPC_ENABLE_TXT_SERVICE_CONFIG) to provide a way to disable TXT lookups in the DNS resolver (by setting it to false). By default, TXT lookups are enabled, as they were previously. (#8377)

... (truncated)

Commits

• d96c2ef Change version to 1.76.0 (#8584)
• 79c553c Cherry pick #8610, #8615 to v1.76.x (#8621)
• 0513350 client: minor improvements to log messages (#8564)
• ebaf486 credentials: implement file-based JWT Call Credentials (part 1 for A97) (#8431)
• ca78c90 xds/resolver_test: fix flaky test ResolverBadServiceUpdate_NACKedWithoutCache...
• 83bead4 internal/buffer: set closed flag when closing channel in the Load method (#8575)
• 0f45079 encoding/proto: enable use cached size option (#8569)
• 8420f3f transport: avoid slice reallocation during header creation (#8547)
• b36320e Revert "stats/opentelemetry: record retry attempts from clientStream (#8342)"...
• c122250 stats/opentelemetry: record retry attempts from clientStream (#8342)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)