chore(deps): update ⬆️ golang module google.golang.org/grpc to v1.53.0

This PR contains the following updates:

Package	Type	Update	Change
google.golang.org/grpc	indirect	minor	`v1.50.1` -> `v1.53.0`

GitHub Vulnerability Alerts

CVE-2023-32731

When gRPC HTTP2 stack raised a header size exceeded error, it skipped parsing the rest of the HPACK frame. This caused any HPACK table mutations to also be skipped, resulting in a desynchronization of HPACK tables between sender and receiver. If leveraged, say, between a proxy and a backend, this could lead to requests from the proxy being interpreted as containing headers from different proxy clients - leading to an information leak that can be used for privilege escalation or data exfiltration. We recommend upgrading beyond the commit contained in https://github.com/grpc/grpc/pull/32309

Release Notes

grpc/grpc-go

### [`v1.53.0`](https://togithub.com/grpc/grpc-go/releases/tag/v1.53.0): Release 1.53.0 [Compare Source](https://togithub.com/grpc/grpc-go/compare/v1.52.3...v1.53.0) ### API Changes - balancer: support injection of per-call metadata from LB policies ([#5853](https://togithub.com/grpc/grpc-go/issues/5853)) - resolver: remove deprecated field `resolver.Target.Endpoint` and replace with `resolver.Target.Endpoint()` ([#5852](https://togithub.com/grpc/grpc-go/issues/5852)) - Special Thanks: [@kylejb](https://togithub.com/kylejb) ### New Features - xds/ringhash: introduce `GRPC_RING_HASH_CAP` environment variable to override the maximum ring size. ([#5884](https://togithub.com/grpc/grpc-go/issues/5884)) - rls: propagate headers received in RLS response to backends ([#5883](https://togithub.com/grpc/grpc-go/issues/5883)) ### Bug Fixes - transport: drain client transport when streamID approaches MaxStreamID ([#5889](https://togithub.com/grpc/grpc-go/issues/5889)) - server: after GracefulStop, ensure connections are closed when final RPC completes ([#5968](https://togithub.com/grpc/grpc-go/issues/5968)) - server: fix a few issues where grpc server uses RST_STREAM for non-HTTP/2 errors ([#5893](https://togithub.com/grpc/grpc-go/issues/5893)) - xdsclient: fix race which can happen when multiple load reporting calls are made at the same time. ([#5927](https://togithub.com/grpc/grpc-go/issues/5927)) - rls: fix a data race involving the LRU cache ([#5925](https://togithub.com/grpc/grpc-go/issues/5925)) - xds: fix panic involving double close of channel in xDS transport ([#5959](https://togithub.com/grpc/grpc-go/issues/5959)) - gcp/observability: update method name validation ([#5951](https://togithub.com/grpc/grpc-go/issues/5951)) ### Documentation - credentials/oauth: mark `NewOauthAccess` as deprecated ([#5882](https://togithub.com/grpc/grpc-go/issues/5882)) - Special Thanks: [@buzzsurfr](https://togithub.com/buzzsurfr) ### [`v1.52.3`](https://togithub.com/grpc/grpc-go/releases/tag/v1.52.3): Release 1.52.3 [Compare Source](https://togithub.com/grpc/grpc-go/compare/v1.52.1...v1.52.3) ### Bug Fixes - Fix user-agent version ### [`v1.52.1`](https://togithub.com/grpc/grpc-go/releases/tag/v1.52.1): Release 1.52.1 [Compare Source](https://togithub.com/grpc/grpc-go/compare/v1.52.0...v1.52.1) ### Bug Fixes - grpclb: rename grpclbstate package back to state ([#5963](https://togithub.com/grpc/grpc-go/issues/5963)) ### [`v1.52.0`](https://togithub.com/grpc/grpc-go/releases/tag/v1.52.0): Release 1.52.0 [Compare Source](https://togithub.com/grpc/grpc-go/compare/v1.51.0...v1.52.0) ### New Features - xdsclient: log node ID with verbosity INFO ([#5860](https://togithub.com/grpc/grpc-go/issues/5860)) - ringhash: impose cap on `max_ring_size` to reduce possibility of OOMs ([#5801](https://togithub.com/grpc/grpc-go/issues/5801)) ### Behavior Changes - client: return an error from `Dial` if an empty target is passed and no custom dialer is present; the ClientConn would otherwise be unable to connect and perform RPCs ([#5732](https://togithub.com/grpc/grpc-go/issues/5732)) - Special Thanks: [@huangchong94](https://togithub.com/huangchong94) ### Bug Fixes - transport (net/http server handler): respond to bad HTTP requests with status 400 (Bad Request) instead of 500 (Internal Server Error). ([#5804](https://togithub.com/grpc/grpc-go/issues/5804)) - Special Thanks: [@sjbarag](https://togithub.com/sjbarag) - transport: Fixed closing a closed channel panic in handlePing ([#5854](https://togithub.com/grpc/grpc-go/issues/5854)) - server: fix ChainUnaryInterceptor and ChainStreamInterceptor to allow retrying handlers ([#5666](https://togithub.com/grpc/grpc-go/issues/5666)) - Special Thanks: [@yiminc](https://togithub.com/yiminc) - transport: ensure value of `:authority` header matches server name used in TLS handshake when the latter is overridden by the name resolver ([#5748](https://togithub.com/grpc/grpc-go/issues/5748)) - Special Thanks: [@holdno](https://togithub.com/holdno) ### Documentation - examples: add an example to illustrate the usage of stats handler ([#5657](https://togithub.com/grpc/grpc-go/issues/5657)) - Special Thanks: [@Yash-Handa](https://togithub.com/Yash-Handa) - examples: add new example to show updating metadata in interceptors ([#5788](https://togithub.com/grpc/grpc-go/issues/5788)) - Special Thanks: [@richzw](https://togithub.com/richzw) ### [`v1.51.0`](https://togithub.com/grpc/grpc-go/releases/tag/v1.51.0): Release 1.51.0 [Compare Source](https://togithub.com/grpc/grpc-go/compare/v1.50.1...v1.51.0) ### Behavior Changes - xds: NACK EDS resources with duplicate addresses in accordance with a recent spec change ([#5715](https://togithub.com/grpc/grpc-go/issues/5715)) - Special Thanks: [@erni27](https://togithub.com/erni27) - grpc: restrict status codes that can be generated by the control plane (gRFC A54) ([#5653](https://togithub.com/grpc/grpc-go/issues/5653)) ### New Features - client: set grpc-accept-encoding header with all registered compressors ([#5541](https://togithub.com/grpc/grpc-go/issues/5541)) - Special Thanks: [@jronak](https://togithub.com/jronak) - xds/weightedtarget: return a more meaningful error when all child policies are in `TRANSIENT_FAILURE` ([#5711](https://togithub.com/grpc/grpc-go/issues/5711)) - gcp/observability: add "started rpcs" metric ([#5768](https://togithub.com/grpc/grpc-go/issues/5768)) - xds: de-experimentalize the google-c2p-resolver ([#5707](https://togithub.com/grpc/grpc-go/issues/5707)) - balancer: add experimental Producer types and methods ([#5669](https://togithub.com/grpc/grpc-go/issues/5669)) - orca: provide a way for LB policies to receive OOB load reports ([#5669](https://togithub.com/grpc/grpc-go/issues/5669)) ### Bug Fixes - go.mod: upgrade x/text dependency to address [CVE 2022-32149](https://www.cve.org/CVERecord?id=CVE-2022-32149) ([#5769](https://togithub.com/grpc/grpc-go/issues/5769)) - client: fix race that could lead to an incorrect connection state if it was closed immediately after the server's HTTP/2 preface was received ([#5714](https://togithub.com/grpc/grpc-go/issues/5714)) - Special Thanks: [@fuweid](https://togithub.com/fuweid) - xds: ensure sum of the weights of all EDS localities at the same priority level does not exceed uint32 max ([#5703](https://togithub.com/grpc/grpc-go/issues/5703)) - Special Thanks: [@erni27](https://togithub.com/erni27) - client: fix binary logging bug which logs a server header on a trailers-only response ([#5763](https://togithub.com/grpc/grpc-go/issues/5763)) - balancer/priority: fix a bug where unreleased references to removed child policies (and associated state) was causing a memory leak ([#5682](https://togithub.com/grpc/grpc-go/issues/5682)) - xds/google-c2p: validate URI schema for no authorities ([#5756](https://togithub.com/grpc/grpc-go/issues/5756))

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

[ ] If you want to rebase/retry this PR, check this box

DelineaXPM / terraform-provider-tss