new release of grpcurl for golang 1.23

[cglewis]

The latest released version of grpcurl still has golang 1.21. Can a new released version be cut that uses golang 1.23?

[kfessenden]

Specifically https://github.com/fullstorydev/grpcurl/blob/d00c28104be4b06f4dd887196ccfc57b054aa069/go.mod#L3

It appears the Docker base image was updated to 1.23 but the go.mod file was not updated. This results in Critical and High vulnerabilities in the released image (CVE-2024-24790, CVE-2023-45285).

UPDATE: After reviewing https://github.com/fullstorydev/grpcurl/pull/495 it seems this is a known issue with a few ideas on how to resolve. Requesting these changes be made to ensure the built images use go1.23. Thanks for all your work on this project!