- Renamed the original `delAllArgs` method to `delAllArgsStable` to maintain stable behavior.
- Added a new `delAllArgs` method for non-stable functionality, improving runtime efficiency.

* fix: accept invalid headers with a space #1917

Make behavior consistent with net/http by allowing header keys and trailers containing spaces without canonicalizing them

* fix: lint paramTypeCombine

* fix: #1953 (comment)

* fix: golangci-lint nestingReduce

#1958)

Bumps [github.com/klauspost/compress](https://github.com/klauspost/compress) from 1.17.11 to 1.18.0.
- [Release notes](https://github.com/klauspost/compress/releases)
- [Changelog](https://github.com/klauspost/compress/blob/master/.goreleaser.yml)
- [Commits](klauspost/compress@v1.17.11...v1.18.0)

---
updated-dependencies:
- dependency-name: github.com/klauspost/compress
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* add related project for opentelemetry-go-auto-instrumentation

* Update README.md

The fuzzer found some cases where it would panic.

The output of normalizeHeaderValue doesn't need to affect s.b and s.hLen
because the length of the normalized header will never be bigger, so it
can just be normalize in place without affecting the rest of the buffer.

Some of our dependences require the supported versions of Go.

For example github.com/golang/crypto now requires 1.23 or higher.
See: golang/crypto@89ff08d

For more information on the new policy of the Go team see: golang/go#69095

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.35.0 to 0.36.0.
- [Commits](golang/net@v0.35.0...v0.36.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [securego/gosec](https://github.com/securego/gosec) from 2.22.1 to 2.22.2.
- [Release notes](https://github.com/securego/gosec/releases)
- [Changelog](https://github.com/securego/gosec/blob/master/.goreleaser.yml)
- [Commits](securego/gosec@v2.22.1...v2.22.2)

---
updated-dependencies:
- dependency-name: securego/gosec
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.36.0 to 0.37.0.
- [Commits](golang/net@v0.36.0...v0.37.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Fix: #1960

Bumps [golang.org/x/net](https://github.com/golang/net) from 0.37.0 to 0.38.0.
- [Commits](golang/net@v0.37.0...v0.38.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Locking and unlocking a mutex multiple times per request is a major
slowdown that we can avoid with clever use of atomics.

Before:
```
BenchmarkServerGet100ReqPerConn10KClients-12    	 84167428	       867.7 ns/op
```
After:
```
BenchmarkServerGet100ReqPerConn10KClients-12    	187397954	       386.3 ns/op
```