build(deps): bump the github-actions-backward-compatible group with 3 updates

[dependabot]

Bumps the github-actions-backward-compatible group with 3 updates: github.com/go-git/go-git/v5, github.com/google/go-cmp and github.com/otiai10/copy.

Updates github.com/go-git/go-git/v5 from 5.5.0 to 5.16.2

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.16.2

What's Changed

• utils: fix diff so subpaths work for sparse checkouts, fixes 1455 to releases/v5.x by @​kane8n in go-git/go-git#1567

Full Changelog: go-git/go-git@v5.16.1...v5.16.2

v5.16.1

What's Changed

• utils: merkletrie, Fix diff on sparse-checkout index. Fixes #1406 to releases/v5.x by @​kane8n in go-git/go-git#1561

New Contributors

• @​kane8n made their first contribution in go-git/go-git#1561

Full Changelog: go-git/go-git@v5.16.0...v5.16.1

v5.16.0

What's Changed

• [v5] plumbing: support mTLS for HTTPS protocol by @​hiddeco in go-git/go-git#1510
• v5: plumbing: transport, Reintroduce SetHostKeyCallback. Fix #1514 by @​pjbgf in go-git/go-git#1515

Full Changelog: go-git/go-git@v5.15.0...v5.16.0

v5.15.0

What's Changed

• plumbing: add cert auth support to releases/v5.x by @​Javier-varez in go-git/go-git#1482
• v5: Bump dependencies by @​pjbgf in go-git/go-git#1505

Full Changelog: go-git/go-git@v5.14.0...v5.15.0

v5.14.0

What's Changed

• v5: Bump Go and dependencies to mitigate GO-2025-3487 by @​pjbgf in go-git/go-git#1436

⚠️ Note that this version requires Go 1.23, due to the bump to golang.org/x/crypto@v0.35.0 which mitigates the CVE above. User's that can't bump to Go 1.23 will need to remain on the previous v5.13.x release.

Full Changelog: go-git/go-git@v5.13.2...v5.14.0

v5.13.2

What's Changed

• plumbing: use the correct user agent string. Fixes #883 by @​uragirii in go-git/go-git#1364
• build: bump golang.org/x/sys from 0.28.0 to 0.29.0 in the golang-org group by @​dependabot in go-git/go-git#1365
• build: bump the golang-org group with 2 updates by @​dependabot in go-git/go-git#1367
• build: bump github.com/ProtonMail/go-crypto from 1.1.3 to 1.1.4 by @​dependabot in go-git/go-git#1368
• build: bump github.com/go-git/go-billy/v5 from 5.6.1 to 5.6.2 by @​dependabot in go-git/go-git#1378
• build: bump github/codeql-action from 3.28.0 to 3.28.1 by @​dependabot in go-git/go-git#1376
• build: bump github.com/elazarl/goproxy from 1.2.3 to 1.4.0 by @​dependabot in go-git/go-git#1377
• git: worktree, fix restoring dot slash files (backported to v5). Fixes #1176 by @​BeChris in go-git/go-git#1361

... (truncated)

Commits

• ed8216c Merge pull request #1567 from kane8n/backport-to-v5-patricsss/fix-1455
• 4f35eba Merge pull request #1484 from patricsss/patricsss/fix-1455
• fd1a836 Merge pull request #1561 from kane8n/backport-to-v5-fix-sparse-checkout-status
• c3c8410 Merge pull request #1492 from onee-only/fix-sparse-checkout-status
• 6d4a5c6 Merge pull request #1515 from pjbgf/regre
• beedd6b plumbing: transport, Reintroduce SetHostKeyCallback. Fix #1514
• 763ce2e Merge pull request #1510 from hiddeco/mtls-support
• 5320e1b plumbing: surface transport configuration errors
• 9bbc93b plumbing: fix unintended pointer mutation in test
• f3783f4 plumbing: support mTLS for HTTPS protocol
• Additional commits viewable in compare view

Updates github.com/google/go-cmp from 0.5.9 to 0.7.0

Release notes

Sourced from github.com/google/go-cmp's releases.

v0.7.0

New API:

• (#367) Support compare functions with SortSlices and SortMaps

Panic messaging:

• (#370) Detect proto.Message types when failing to export a field

v0.6.0

New API:

• (#340) Add cmpopts.EquateComparable

Documentation changes:

• (#337) Use of hotlinking of Go identifiers

Build changes:

• (#325) Remove purego fallbacks

Testing changes:

• (#322) Run tests for Go 1.20 version
• (#332) Pin GitHub action versions
• (#327) set workflow permission to read-only

Commits

• 9b12f36 Detect proto.Message types when failing to export a field (#370)
• 4dd3d63 fix: type 'aribica' => 'arabica' (#368)
• 391980c Support compare functions with SortSlices and SortMaps (#367)
• c3ad843 Add cmpopts.EquateComparable (#340)
• e250a55 Use of hotlinking of Go identifiers (#337)
• 8a3e8dd set workflow permission to read-only (#327)
• 8cea5de Pin GitHub action versions (#332)
• 3bb304a Run tests for Go 1.20 version (#322)
• 571a56b Remove purego fallbacks (#325)
• See full diff in compare view

Updates github.com/otiai10/copy from 1.7.0 to 1.14.1

Release notes

Sourced from github.com/otiai10/copy's releases.

Concurrency Option

No release notes provided.

Add OnError option

so that users can suppress specific errors.

Commits

• 5ef5923 Revert "CopyMethod" since it's not ready
• 49b0b59 Merge pull request #164 from eth-p/feat-copymethod-api
• f530620 ci: Allow triggering Go workflow manually
• b4dd789 refactor: Split common code out of CopyBytes
• 9205813 feat: Add FileCopyMethod option / API
• 2f93b8f Merge pull request #159 from otiai10/dependabot/go_modules/main/golang.org/x/...
• 87072f3 Bump golang.org/x/sys from 0.23.0 to 0.24.0
• d0690cb Merge pull request #158 from otiai10/dependabot/go_modules/main/golang.org/x/...
• b87119d Bump golang.org/x/sys from 0.22.0 to 0.23.0
• 355527c Merge pull request #157 from otiai10/dependabot/go_modules/main/golang.org/x/...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions