chore: Upgrade grpc-go and yarpc

[c-warren]

What changed?

Upgrades yarpc (and grpc-go) to get the latest fixes.

Why?

Staying up to date with yarpc's latest version ensures that we have the latest security fixes, functionality, etc. and do not depend on known broken versions.

How did you test it?

See: cadence-workflow/cadence-idl#255

This has been tested in our internal canary instances w/ the cadence-go-client and cadence using the upgraded fork, as well as updating their yarpc dependencies (and other transitive deps).

Potential risks

Worst case scenario will be incompatibility between cadence-go-client and an old cadence version, or vice-versa - old cadence-client versions unable to make requests to new cadence instances. This has been tested in dev canary, but will need to be continuously monitored.

[gitar-bot]

Code Review ✅ Approved 2 resolved / 2 findings

Upgrades grpc-go and yarpc dependencies with updated IDL package bindings and internal tooling, addressing leftover fork references and Go version inconsistencies. No remaining issues found.

✅ 2 resolved

✅ Bug: Leftover replace directive in internal/tools/go.mod points to fork

📄 internal/tools/go.mod:65
The internal/tools/go.mod file still contains a replace directive pointing to a personal fork (c-warren/cadence-idl). This is likely a leftover from development — one of the commit messages is literally "remove replace, use latest idl", suggesting this was intended to be cleaned up. If merged, anyone running tooling from this module will pull from the fork instead of the canonical uber/cadence-idl module, which could diverge or become unavailable.

✅ Quality: tools/go.mod downgrades minimum Go version from 1.23 to 1.21

📄 internal/tools/go.mod:3
The internal/tools/go.mod changed go 1.23.0 to go 1.21. This is a downgrade of the minimum Go version for the tools module. While the main go.mod stays at go 1.23, having an inconsistent (lower) minimum in the tools module is unusual. Verify this is intentional — it may have been an artifact of the dependency resolution.

Options

Auto-apply is off → Gitar will not commit updates to this branch.
Display: compact → Showing less information.

Comment with these commands to change:

Auto-apply	Compact
gitar auto-apply:on	gitar display:verbose

_{Was this helpful? React with 👍 / 👎 | Gitar}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 84.08%. Comparing base (71789fd) to head (61cb322).
⚠️ Report is 1 commits behind head on master.
see 1 file with indirect coverage changes

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 71789fd...61cb322. Read the comment docs.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[c-warren]

Closing this until we are ready to upgrade grpc-go.