chore: bump google.golang.org/grpc from 1.62.1 to 1.73.0

[dependabot]

Bumps google.golang.org/grpc from 1.62.1 to 1.73.0.

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.73.0

New Features

• balancer/ringhash: move LB policy from xds/internal to exported path to facilitate use without xds (#8249)
• xds: enable least request LB policy by default. It can be disabled by setting GRPC_EXPERIMENTAL_ENABLE_LEAST_REQUEST=false in your environment. (#8253)
• grpc: add a CallAuthority Call Option that can be used to overwrite the http :authority header on per-RPC basis. (#8068)
• stats/opentelemetry: add trace event for name resolution delay. (#8074)
• health: added List method to gRPC Health service. (#8155)
  • Special Thanks: @​marcoshuck
• ringhash: implement features from gRFC A76. (#8159)
• xds: add functionality to support SPIFFE Bundle Maps as roots of trust in XDS which can be enabled by setting GRPC_EXPERIMENTAL_XDS_MTLS_SPIFFE=true. (#8167, #8180, #8229, #8343)

Bug Fixes

• xds: locality ID metric label is changed to make it consistent with gRFC A78. (#8256)
• client: fail RPCs on the client when using extremely short contexts that expire before the grpc-timeout header is created. (#8312)
• server: non-positive grpc-timeout header values are now rejected. This is consistent with the gRPC protocol spec. (#8290)
  • Special Thanks: @​evanj
• xds: fix reported error string when LRS load reporting interval is invalid. (#8224)
  • Special Thanks: @​alingse

Performance Improvements

• credentials/alts: improve read performance by optimizing buffer copies and allocations. (#8271)
• server: improve performance of RPC handling by avoid a status proto copy (#8282)
  • Special Thanks: @​evanj

Documentation

• examples/features/opentelemetry: modify example to demonstrate tracing using OpenTelemtry plugin. (#8056)

Release 1.72.2

Bug Fixes

• client: restore support for NO_PROXY environment variable when connecting to locally-resolved addresses (case 2 from gRFC A1). (#8329)
• balancer/least_request: fix panic on resolver errors. (#8333)

Release 1.72.1

Bug Fixes

• client: HTTP Proxy connections are no longer attempted for addresses with non-TCP network types. (#8215)
• client: Fix bug that causes RPCs to fail with status INTERNAL instead of CANCELLED or DEADLINE_EXCEEDED when receiving a RST_STREAM frame in the middle of the gRPC message. (#8289)

Release 1.72.0

Dependencies

• Minimum supported Go version is now 1.23 (#8108)

API Changes

• resolver: add experimental AddressMapV2 with generics to ultimately replace AddressMap. Deprecate AddressMap for deletion (#8187)
• resolver: convert EndpointMap in place to use generics (#8189)

... (truncated)

Commits

• c52d025 Change version to 1.73.0 (#8322)
• ac60db1 Add flag guarding SPIFFE Bundle provider (#8343) (#8382)
• 183c148 balancer/ringhash: Add experimental notice in package comment (#8364) (#8365)
• b610465 delegatingresolver: avoid proxy for resolved addresses in NO_PROXY env (#8329...
• 96c4308 balancer/least_request : Fix panic while handling resolver errors (#8333) (#8...
• af5146b grpc: update contributing.md (#8318)
• 09166b6 cleanup: remove unused constants in generic xdsclient (#8315)
• e3f13e7 transport: Prevent sending negative timeouts (#8312)
• b89909b leakcheck: Fix flaky test TestCheck (#8309)
• 709023d grpcsync/event: Simplify synchronization (#8308)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.