chore(deps): bump google.golang.org/grpc from 1.63.2 to 1.66.2

[dependabot]

Bumps google.golang.org/grpc from 1.63.2 to 1.66.2.

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.66.2

Dependencies

• Remove unintentional dependency on the testing package (#7579)
• Remove unintentional dependency on the flate package (#7595)
  • Special Thanks: @​ash2k

Bug Fixes

• client: fix a bug that prevented memory reuse after handling unary RPCs (#7571)
  • Special Thanks: @​coxley

Release 1.66.0

New Features

• metadata: stabilize ValueFromIncomingContext (#7368)
  • Special Thanks: @​KarthikReddyPuli
• client: stabilize the WaitForStateChange and GetState methods, which were previously experimental. (#7425)
• xds: Implement ADS flow control mechanism (#7458)
  • See grpc/grpc#34099 for context.
• balancer/rls: Add metrics for data cache and picker internals (#7484, #7495)
• xds: LRS load reports now include the total_issued_requests field. (#7544)

Bug Fixes

• grpc: Clients now return status code INTERNAL instead of UNIMPLEMENTED when the server uses an unsupported compressor. This is consistent with the gRPC compression spec. (#7461)
  • Special Thanks: @​Gayathri625
• transport: Fix a bug which could result in writes busy looping when the underlying conn.Write returns errors (#7394)
  • Special Thanks: @​veshij
• client: fix race that could lead to orphaned connections and associated resources. (#7390)
• xds: use locality from the connected address for load reporting with pick_first (#7378)
  • without this fix, if a priority contains multiple localities with pick_first, load was reported for the wrong locality
• client: prevent hanging during ClientConn.Close() when the network is unreachable (#7540)

Performance Improvements

• transport: double buffering is avoided when using an http connect proxy and the target server waits for client to send the first message. (#7424)
• codec: Implement a new Codec which uses buffer recycling for encoded message (#7356)
  • introduce a mem package to facilitate buffer reuse (#7432)
  • Special Thanks: @​PapaCharlie

Release 1.65.0

Dependencies

• Change support policy to cover only the latest TWO releases of Go, matching the policy for Go itself. See #7249 for more information. (#7250)
• Update x/net/http2 to address CVE-2023-45288 (#7282)

Behavior Changes

• credentials/tls: clients and servers will now reject connections that don't support ALPN when environment variable GRPC_ENFORCE_ALPN_ENABLED is set to "true" (case insensitive). (#7184)

... (truncated)

Commits

• d0bf90a Change version to 1.66.2 (#7620)
• c84da66 Cherry pick #7595 to v1.66.x release branch (#7621)
• 12487c8 Cherry pick #7571 and #7579 to v1.66.x release branch (#7616)
• 7185cf4 Change to version 1.66.2-dev (#7615)
• cb81df6 Change to patch release 1.66.1 (#7603)
• ecb3e1a Change version to 1.66.1-dev (#7519)
• 00d3ec8 Change version to 1.66.0 (#7518)
• 973e3dc xdsclient: Populate total_issued_requests count in LRS load reports (#7544) (...
• 8e3596c cherry-pick #7557 to v1.66.x branch (#7564)
• 62baa5f cherry-pick #7356 to v1.66.x branch (#7546)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.