chore(deps): bump the dependencies group with 4 updates

[dependabot]

Bumps the dependencies group with 4 updates: github.com/go-git/go-git/v5, github.com/go-playground/validator/v10, golang.org/x/oauth2 and golang.org/x/sync.

Updates github.com/go-git/go-git/v5 from 5.8.1 to 5.9.0

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.9.0

What's Changed

• git: worktree: add Amend option to CommitOptions by @​john-cai in go-git/go-git#438
• git: worktree, reset ignored files that are part of the worktree: Fixes #819 by @​daolis in go-git/go-git#821
• plumbing: Do not swallow http message coming from VCS providers by @​matejrisek in go-git/go-git#835
• plumbing: transport, handle IPv6 while parsing endpoint. Fixes #740 by @​ninedraft in go-git/go-git#820
• *: update goproxy dependency to fix CVE-2023-37788 vulnerability by @​svghadi in go-git/go-git#832
• *: bump dependencies and Go to 1.19 by @​pjbgf in go-git/go-git#837

New Contributors

• @​svghadi made their first contribution in go-git/go-git#832
• @​daolis made their first contribution in go-git/go-git#821

Full Changelog: go-git/go-git@v5.8.1...v5.9.0

Commits

• e24e0f7 *: Bump go-billy to v5.5.0
• ff0bd08 Merge pull request #837 from pjbgf/bump
• cbbeb49 *: Bump to Go 1.19
• cf3a75c *: Bump dependencies
• 51e9c9f Merge pull request #835 from matejrisek/feature/do-not-swallow-vcs-host-errors
• 5ad72db plumbing: Do not swallow http message coming from VCS providers.
• 0377d06 Merge pull request #821 from daolis/bug/resetfix
• 753b0d5 git: worktree, reset ignored files that are part of the worktree: Fixes #819
• cd3a21c Merge pull request #832 from svghadi/CVE-2023-37788
• f71a449 *: Bump goproxy dep. Fixes #826
• Additional commits viewable in compare view

Updates github.com/go-playground/validator/v10 from 10.15.0 to 10.15.5

Release notes

Sourced from github.com/go-playground/validator/v10's releases.

Release 10.15.5

What was fixed?

Fixed CIDRIPv4 validation, ty @​martinlehoux for the PR

Release 10.15.4

What was fixed?

Corrected a regression of skipping required for time.Time accidentally introduced in v10.15.2

Release 10.15.3

What was fixed?

Fix regression for invalid type check before calling reflect values type. Thank you @​MysteriousPotato for the PR

Release 10.15.2

What was fixed?

• Refactored #1122 to support or's in tags + updated to required behaving the same as before v10.50.0 to support the community as there was a lot of code relying on the before behaviour, correct or not.
  • Added a way to opt-in to the new functionality, which is recommended, using WithRequiredStructEnabled

Release 10.15.1

What was fixed?

Corrected a few validations including gt, lt, ... when using floating point values, specifically float32, in this PR

Commits

• 94a637a feat(BREAKING): Change CIDRIPv4 validation (#945)
• 8d50f2f Update README.md
• 619321c fix edge case (#1163)
• d57b3a8 Update README.md
• 75eeb3f Fix Type called on zero reflect.Value (#1156)
• 1b40ba0 Update README.md
• 9b7c4de Struct experiment (#1150)
• 3094d59 fix float cast precicion in a few validations (#1146)
• See full diff in compare view

Updates golang.org/x/oauth2 from 0.11.0 to 0.13.0

Commits

• 3c5dbf0 go.mod: update golang.org/x dependencies
• 11625cc google: add authorized_user conditional to Credentials.UniverseDomain
• 8d6d45b google: add Credentials.UniverseDomain to support TPC
• 43b6a7b google: adding support for external account authorized user
• 14b275c oauth2: workaround misspelling of verification_uri
• 18352fc google/internal/externalaccount: adding BYOID Metrics
• 9095a51 oauth2: clarify error if endpoint missing DeviceAuthURL
• 2d9e4a2 oauth2/google: remove meta validations for aws external credentials
• 55cd552 oauth2: support PKCE
• e3fb0fb oauth2: support device flow
• Additional commits viewable in compare view

Updates golang.org/x/sync from 0.3.0 to 0.4.0

Commits

• 22ba207 singleflight: add panicError.Unwrap method
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #51.