chore(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.3

[raelga]

Summary

• Bump google.golang.org/grpc from 1.78.0 to 1.79.3 across all workspace modules
• Supersedes Dependabot PRs chore(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.3 in /tooling/templatize #4523, chore(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.3 in /internal #4524, chore(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.3 in /frontend #4525, chore(deps): bump google.golang.org/grpc from 1.78.0 to 1.79.3 in /backend #4526, chore(deps): bump the go_modules group across 6 directories with 3 updates #4527

Affected modules

• admin/server
• backend
• frontend
• internal
• test
• test-integration
• tooling/helmtest
• tooling/templatize

Notable changes in grpc 1.79.3

• Security: Fix authorization bypass where malformed :path headers (missing leading slash) could bypass path-based "deny" rules in interceptors like grpc/authz. Non-canonical paths are now rejected with Unimplemented (grpc/grpc-go#8981)
• Bug fix: Prevent redundant error logging in health/ORCA producers by skipping stats/tracing processing when no stats handler is configured (grpc/grpc-go#8874)
• Bug fix: Remove -dev suffix from User-Agent header

Test plan

• All modules build successfully
• CI passes

[Copilot]

Pull request overview

This PR updates the google.golang.org/grpc dependency from v1.78.0 to v1.79.3 across the repo’s Go workspace modules to pick up upstream fixes (including the referenced security fix around non-canonical :path handling).

Changes:

• Bump google.golang.org/grpc to v1.79.3 across all listed modules.
• Refresh per-module go.sum files accordingly.
• Update a small set of related indirect dependencies in modules where the module graph changed during the upgrade (e.g., xDS/envoy/protoc-gen-validate/otel detector versions).

Reviewed changes

Copilot reviewed 8 out of 16 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
tooling/templatize/go.mod	Bumps google.golang.org/grpc to v1.79.3 and refreshes select indirect deps.
tooling/templatize/go.sum	Updates sums for grpc and refreshed indirect deps.
tooling/helmtest/go.mod	Bumps google.golang.org/grpc to v1.79.3.
tooling/helmtest/go.sum	Updates sums for grpc v1.79.3.
test/go.mod	Bumps google.golang.org/grpc to v1.79.3 and refreshes select indirect deps.
test/go.sum	Updates sums for grpc and refreshed indirect deps.
test-integration/go.mod	Bumps google.golang.org/grpc to v1.79.3.
test-integration/go.sum	Updates sums for grpc v1.79.3.
internal/go.mod	Bumps google.golang.org/grpc to v1.79.3.
internal/go.sum	Updates sums for grpc v1.79.3.
frontend/go.mod	Bumps google.golang.org/grpc to v1.79.3.
frontend/go.sum	Updates sums for grpc v1.79.3.
backend/go.mod	Bumps google.golang.org/grpc to v1.79.3.
backend/go.sum	Updates sums for grpc v1.79.3.
admin/server/go.mod	Bumps google.golang.org/grpc to v1.79.3.
admin/server/go.sum	Updates sums for grpc v1.79.3.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

[raelga]

/test e2e-parallel

[sclarkso]

/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: raelga, sclarkso

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [raelga]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-merge-bot]

/retest-required

Remaining retests: 0 against base HEAD e929ccb and 2 for PR HEAD 212f334 in total