build(deps): bump the gomod group with 4 updates

[dependabot]

Bumps the gomod group with 4 updates: github.com/go-git/go-git/v5, github.com/go-logr/logr, github.com/rs/zerolog and golang.org/x/mod.

Updates github.com/go-git/go-git/v5 from 5.9.0 to 5.10.0

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.10.0

What's Changed

• PlainInitOptions.Bare and allow using InitOptions with PlainInitWithOptions by @​ThinkChaos in go-git/go-git#782
• Worktree, apply ProxyOption on Pull by @​nodivbyzero in go-git/go-git#840
• Repository: add clone --shared feature by @​enverbisevac in go-git/go-git#860
• build: Add github workflow to check commit message format by @​pjbgf in go-git/go-git#867
• Improve handling of remote errors by @​makkes in go-git/go-git#866
• build(deps): bump golang.org/x/net from 0.15.0 to 0.17.0 by @​dependabot in go-git/go-git#873
• plumbing: commitgraph, Add generation v2 support by @​zeripath in go-git/go-git#869
• plumbing: protocol/packp, Add validation for decodeLine by @​pjbgf in go-git/go-git#868
• plumbing: parse the encoding header of the commit object by @​liwenqiu in go-git/go-git#761
• plumbing: commitgraph, allow SHA256 commit-graphs by @​zeripath in go-git/go-git#853
• plumbing: commitgraph, Allow reading commit-graph chains by @​zeripath in go-git/go-git#854
• plumbing/object: Support mergetag in merge commits by @​adityasaky in go-git/go-git#847

New Contributors

• @​nodivbyzero made their first contribution in go-git/go-git#840
• @​adityasaky made their first contribution in go-git/go-git#847
• @​hezhizhen made their first contribution in go-git/go-git#836
• @​0x34d made their first contribution in go-git/go-git#855
• @​liwenqiu made their first contribution in go-git/go-git#761
• @​enverbisevac made their first contribution in go-git/go-git#860
• @​makkes made their first contribution in go-git/go-git#866

Full Changelog: go-git/go-git@v5.9.0...v5.10.0

Commits

• 72ce996 Merge pull request #869 from zeripath/graph-generation-2
• 24261e8 Merge pull request #873 from go-git/dependabot/go_modules/golang.org/x/net-0....
• 3ee0288 build: bump golang.org/x/net from 0.15.0 to 0.17.0
• 69b88d9 plumbing: commitgraph, Add generation v2 support
• 623c6df Merge pull request #866 from makkes/better-error-handling
• 129b709 plumbing: transport/common, Improve handling of remote errors
• e61537e Merge pull request #867 from pjbgf/commit-checker
• 1a73661 build: Add github workflow to check commit message format
• 771a3eb Merge pull request #868 from pjbgf/fix-fuzz
• 7ef7dc7 Merge pull request #860 from enverbisevac/master
• Additional commits viewable in compare view

Updates github.com/go-logr/logr from 1.2.4 to 1.3.0

Release notes

Sourced from github.com/go-logr/logr's releases.

v1.3.0

This release adds support for slog in a new, self-contained logr/slogr package. Implementers of a logr.LogSink are encouraged, but not required, to extend their implementation to improve the quality of log output coming from a slog API call.

Breaking change: the call depth for LogSink.Enabled when called via Logger.Enabled was fixed to be the same as for other call paths. Implementers of a LogSink who have worked around this bug will need to remove their workarounds.

Security best practices were improved. Only Go versions >= 1.18 are supported by this release.

What's Changed

• Fix golangci-lint fails by @​thockin in go-logr/logr#173
• Add minimal permissions to workflows by @​pnacht in go-logr/logr#177
• Add a security policy by @​pnacht in go-logr/logr#178
• Update security email by @​thockin in go-logr/logr#181
• docs: explain relationship between Logger{} and Discard() by @​pohly in go-logr/logr#182
• Add the OpenSSF Scorecard workflow by @​pnacht in go-logr/logr#186
• README: show of OpenSSF Scorecard badge by @​pohly in go-logr/logr#187
• Hash-pin workflow Actions by @​pnacht in go-logr/logr#189
• Bump go versions to 1.18+ by @​thockin in go-logr/logr#203
• slogr: add glue code for logging to slog.Handler and with slog.Logger by @​pohly in go-logr/logr#205
• slogr: restore original backend when converting back and forth by @​pohly in go-logr/logr#210
• slogr: add SlogSink by @​pohly in go-logr/logr#211
• Use same call depth for Enabled, Info, Error by @​thockin in go-logr/logr#218
• test: eliminate helper func by @​thockin in go-logr/logr#219
• docs: interoperability with slog by @​pohly in go-logr/logr#222

---

• build(deps): bump actions/setup-go from 3.5.0 to 4.0.1 by @​dependabot in go-logr/logr#190
• build(deps): bump github/codeql-action from 2.20.1 to 2.20.3 by @​dependabot in go-logr/logr#191
• build(deps): bump github/codeql-action from 2.20.3 to 2.20.4 by @​dependabot in go-logr/logr#192
• build(deps): bump github/codeql-action from 2.20.4 to 2.21.0 by @​dependabot in go-logr/logr#193
• build(deps): bump github/codeql-action from 2.21.0 to 2.21.2 by @​dependabot in go-logr/logr#194
• build(deps): bump github/codeql-action from 2.21.2 to 2.21.3 by @​dependabot in go-logr/logr#207
• build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @​dependabot in go-logr/logr#206
• build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by @​dependabot in go-logr/logr#209
• build(deps): bump github/codeql-action from 2.21.3 to 2.21.4 by @​dependabot in go-logr/logr#208
• build(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @​dependabot in go-logr/logr#214
• build(deps): bump github/codeql-action from 2.21.4 to 2.21.5 by @​dependabot in go-logr/logr#217
• build(deps): bump actions/checkout from 3.6.0 to 4.0.0 by @​dependabot in go-logr/logr#220
• build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @​dependabot in go-logr/logr#221
• build(deps): bump github/codeql-action from 2.21.5 to 2.21.7 by @​dependabot in go-logr/logr#223
• build(deps): bump github/codeql-action from 2.21.7 to 2.21.8 by @​dependabot in go-logr/logr#224
• build(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @​dependabot in go-logr/logr#225
• build(deps): bump github/codeql-action from 2.21.8 to 2.21.9 by @​dependabot in go-logr/logr#226
• build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0 by @​dependabot in go-logr/logr#227
• build(deps): bump github/codeql-action from 2.21.9 to 2.22.0 by @​dependabot in go-logr/logr#228
• build(deps): bump github/codeql-action from 2.22.0 to 2.22.3 by @​dependabot in go-logr/logr#229
• build(deps): bump actions/checkout from 4.1.0 to 4.1.1 by @​dependabot in go-logr/logr#231
• build(deps): bump github/codeql-action from 2.22.3 to 2.22.4 by @​dependabot in go-logr/logr#230

New Contributors

... (truncated)

Commits

• 8adefbe docs: interoperability with slog
• ebabbb9 build(deps): bump github/codeql-action from 2.22.3 to 2.22.4
• 9c361f0 build(deps): bump actions/checkout from 4.1.0 to 4.1.1
• d9b2b78 Merge pull request #229 from go-logr/dependabot/github_actions/github/codeql-...
• 91cec29 build(deps): bump github/codeql-action from 2.22.0 to 2.22.3
• 2ea8628 Merge pull request #228 from go-logr/dependabot/github_actions/github/codeql-...
• 37a4f55 Merge pull request #227 from go-logr/dependabot/github_actions/ossf/scorecard...
• ecf310c build(deps): bump github/codeql-action from 2.21.9 to 2.22.0
• d73e05e build(deps): bump ossf/scorecard-action from 2.2.0 to 2.3.0
• 1d1c415 Merge pull request #226 from go-logr/dependabot/github_actions/github/codeql-...
• Additional commits viewable in compare view

Updates github.com/rs/zerolog from 1.30.0 to 1.31.0

Commits

• 8344fc0 Bump actions/checkout from 3 to 4 (#588)
• 4cb8cc5 Update dependencies
• ae9b265 Update Build Status Badge (#589)
• 1bac5cc added support for NO_COLOR (#586)
• b81cc57 Fix the standard logger output example (#584)
• ad77222 chore: improve coverage report
• 95cf29c chore: switch to go-goverage-report action as gocover.io is closing
• 802c88f chore: adding any function to context (#580)
• 158e4ad Update logbench URL in README.md
• 7d5aa98 Deprecate lint in favor of https://github.com/ykadowak/zerologlint (#574)
• Additional commits viewable in compare view

Updates golang.org/x/mod from 0.13.0 to 0.14.0

Commits

• 6e58e47 modfile: improve directory path detection and error text consistency
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #232.