[Dependabot-automated] Bump google.golang.org/grpc from 1.75.1 to 1.7…

…6.0 in /server/go (#8699)

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from
1.75.1 to 1.76.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/grpc/grpc-go/releases">google.golang.org/grpc's
releases</a>.</em></p>
<blockquote>
<h2>Release 1.76.0</h2>
<h1>Dependencies</h1>
<ul>
<li>Minimum supported Go version is now 1.24 (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8509">#8509</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/kevinGC"><code>@​kevinGC</code></a></li>
</ul>
</li>
</ul>
<h1>Bug Fixes</h1>
<ul>
<li>client: Return status <code>INTERNAL</code> when a server sends zero
response messages for a unary or client-streaming RPC. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8523">#8523</a>)</li>
<li>client: Fail RPCs with status <code>INTERNAL</code> instead of
<code>UNKNOWN</code> upon receiving http headers with status 1xx and
<code>END_STREAM</code> flag set. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8518">#8518</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/vinothkumarr227"><code>@​vinothkumarr227</code></a></li>
</ul>
</li>
<li>pick_first: Fix race condition that could cause pick_first to get
stuck in <code>IDLE</code> state on backend address change. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8615">#8615</a>)</li>
</ul>
<h1>New Features</h1>
<ul>
<li>credentials: Add <code>credentials/jwt</code> package providing
file-based JWT PerRPCCredentials (A97). (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8431">#8431</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/dimpavloff"><code>@​dimpavloff</code></a></li>
</ul>
</li>
</ul>
<h1>Performance Improvements</h1>
<ul>
<li>client: Improve HTTP/2 header size estimate to reduce
re-allocations. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8547">#8547</a>)</li>
<li>encoding/proto: Avoid redundant message size calculation when
marshaling. (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8569">#8569</a>)
<ul>
<li>Special Thanks: <a
href="https://github.com/rs-unity"><code>@​rs-unity</code></a></li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/grpc/grpc-go/commit/d96c2ef4f3339142d20a47797d8a5a4fae948607"><code>d96c2ef</code></a>
Change version to 1.76.0 (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8584">#8584</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/79c553c64de01994d8b9dc0dcac6ed765ac7de50"><code>79c553c</code></a>
Cherry pick <a
href="https://redirect.github.com/grpc/grpc-go/issues/8610">#8610</a>,
<a href="https://redirect.github.com/grpc/grpc-go/issues/8615">#8615</a>
to v1.76.x (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8621">#8621</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/0513350812453ffc1fe7fd329817a16fb40a8cfe"><code>0513350</code></a>
client: minor improvements to log messages (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8564">#8564</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/ebaf486eab0fdf28996baf269064f83224538150"><code>ebaf486</code></a>
credentials: implement file-based JWT Call Credentials (part 1 for A97)
(<a
href="https://redirect.github.com/grpc/grpc-go/issues/8431">#8431</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/ca78c904b12dd41257291d6b9ba3309a18f0b277"><code>ca78c90</code></a>
xds/resolver_test: fix flaky test
ResolverBadServiceUpdate_NACKedWithoutCache...</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/83bead40c01c8c5b8407e4573203ab34dec76c78"><code>83bead4</code></a>
internal/buffer: set closed flag when closing channel in the Load method
(<a
href="https://redirect.github.com/grpc/grpc-go/issues/8575">#8575</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/0f45079e3826e866ff0d2034a8732c0a482e3170"><code>0f45079</code></a>
encoding/proto: enable use cached size option (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8569">#8569</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/8420f3ff9ce4617369e054cedb51fda6d45c3340"><code>8420f3f</code></a>
transport: avoid slice reallocation during header creation (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8547">#8547</a>)</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/b36320ef9aa22c1b3eedd607fec388fc61cc6583"><code>b36320e</code></a>
Revert &quot;stats/opentelemetry: record retry attempts from
clientStream (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8342">#8342</a>)&quot;...</li>
<li><a
href="https://github.com/grpc/grpc-go/commit/c1222501e9eeb118d6f0df19fa9387fcb6e5a6a1"><code>c122250</code></a>
stats/opentelemetry: record retry attempts from clientStream (<a
href="https://redirect.github.com/grpc/grpc-go/issues/8342">#8342</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/grpc/grpc-go/compare/v1.75.1...v1.76.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/grpc&package-manager=go_modules&previous-version=1.75.1&new-version=1.76.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

bump: version 1.13.401-rc.0 → 1.13.401

bump: version 1.13.400 → 1.13.401-rc.0

fix(core): Release procedure implementation

fix: Potential fix for code scanning alert no. 136: Code injection

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

Bump version: 1.13.208 → 1.13.209

Bump version: 1.13.207 → 1.13.208

Bump version: 1.13.206 → 1.13.207

[Dependabot-automated] Bump astral-sh/setup-uv from 6.7.0 to 6.8.0 (#…

…8683)

Bumps [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) from
6.7.0 to 6.8.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/astral-sh/setup-uv/commit/d0cc045d04ccac9d8b7881df0226f9e82c39688e"><code>d0cc045</code></a>
Always show prune cache output (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/597">#597</a>)</li>
<li><a
href="https://github.com/astral-sh/setup-uv/commit/2841f9f5c1f3a4d2fe660cb20a8910794bac0423"><code>2841f9f</code></a>
Bump zizmorcore/zizmor-action from 0.1.2 to 0.2.0 (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/571">#571</a>)</li>
<li><a
href="https://github.com/astral-sh/setup-uv/commit/e554b93b803acbf50c9fddb6909954b797ae12d5"><code>e554b93</code></a>
Add **/*.py.lock to cache-dependency-glob (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/590">#590</a>)</li>
<li><a
href="https://github.com/astral-sh/setup-uv/commit/c7d85d99881d7a73ab083c7797320c372f437754"><code>c7d85d9</code></a>
chore: update known versions for 0.8.20</li>
<li><a
href="https://github.com/astral-sh/setup-uv/commit/07f2cb5db93814908320622da4ecf8b5b7f3fed4"><code>07f2cb5</code></a>
persist credentials for version update (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/584">#584</a>)</li>
<li><a
href="https://github.com/astral-sh/setup-uv/commit/208b0c0ee42039b2cbf5fd3ca0ec7d6d8a49336f"><code>208b0c0</code></a>
README.md: Fix Python versions and update checkout action (<a
href="https://redirect.github.com/astral-sh/setup-uv/issues/572">#572</a>)</li>
<li>See full diff in <a
href="https://github.com/astral-sh/setup-uv/compare/b75a909f75acd358c2196fb9a5f1299a9a8868a4...d0cc045d04ccac9d8b7881df0226f9e82c39688e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=astral-sh/setup-uv&package-manager=github_actions&previous-version=6.7.0&new-version=6.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Release Candidate v1.13.205

Release Candidate v1.13.199