build(deps): bump the go_modules group across 1 directory with 2 updates

[dependabot]

Bumps the go_modules group with 2 updates in the / directory: github.com/go-git/go-git/v5 and github.com/moby/buildkit.

Updates github.com/go-git/go-git/v5 from 5.17.0 to 5.17.1

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.17.1

What's Changed

• build: Update module github.com/cloudflare/circl to v1.6.3 [SECURITY] (releases/v5.x) by @​go-git-renovate[bot] in go-git/go-git#1930
• [v5] plumbing: format/index, Improve v4 entry name validation by @​pjbgf in go-git/go-git#1935
• [v5] plumbing: format/idxfile, Fix version and fanout checks by @​pjbgf in go-git/go-git#1937

Full Changelog: go-git/go-git@v5.17.0...v5.17.1

Commits

• 5e23dfd Merge pull request #1937 from pjbgf/idx-v5
• 6b38a32 Merge pull request #1935 from pjbgf/index-v5
• cd757fc plumbing: format/idxfile, Fix version and fanout checks
• 3ec0d70 plumbing: format/index, Fix tree extension invalidated entry parsing
• dbe10b6 plumbing: format/index, Align V2/V3 long name and V4 prefix encoding with Git
• e9b65df plumbing: format/index, Improve v4 entry name validation
• adad18d Merge pull request #1930 from go-git/renovate/releases/v5.x-go-github.com-clo...
• 29470bd build: Update module github.com/cloudflare/circl to v1.6.3 [SECURITY]
• See full diff in compare view

Updates github.com/moby/buildkit from 0.23.2 to 0.28.1

Release notes

Sourced from github.com/moby/buildkit's releases.

v0.28.1

Welcome to the v0.28.1 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

• Tõnis Tiigi
• CrazyMax
• Sebastiaan van Stijn

Notable Changes

• Fix insufficient validation of Git URL #ref:subdir fragments that could allow access to restricted files outside the checked-out repository root. GHSA-4vrq-3vrq-g6gg
• Fix a vulnerability where an untrusted custom frontend could cause files to be written outside the BuildKit state directory. GHSA-4c29-8rgm-jvjj
• Fix a panic when processing invalid .dockerignore patterns during COPY. #6610 moby/patternmatcher#9

Dependency Changes

• github.com/moby/patternmatcher v0.6.0 -> v0.6.1

Previous release can be found at v0.28.0

v0.28.0

buildkit 0.28.0

Welcome to the v0.28.0 release of buildkit!

Please try out the release binaries and report any issues at https://github.com/moby/buildkit/issues.

Contributors

• Tõnis Tiigi
• CrazyMax
• Sebastiaan van Stijn
• Jonathan A. Sternberg
• Akihiro Suda
• Amr Mahdi
• Dan Duvall
• David Karlsson
• Jonas Geiler
• Kevin L.
• rsteube

... (truncated)

Commits

• 45b038c git: normalize and validate subdir paths
• f5462c2 git: harden ref arg handling
• 71577a5 source: extract SafeFileName into shared pathutil package
• df43783 source/http: use os.Root for saved file operations
• 9ce6f62 source/http: sanitize downloaded filenames
• 099cf80 executor: validate container IDs centrally
• 2642113 Merge pull request #6610 from thaJeztah/0.28_backport_bump_patternmatcher
• 802da78 vendor: github.com/moby/patternmatcher v0.6.1
• 5245d86 Merge pull request #6551 from tonistiigi/v0.28-cherry-picks
• 90ee5de vendor: update x/net to v0.51.0
• Additional commits viewable in compare view

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 71.18%. Comparing base (26a0478) to head (44549f5).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2688      +/-   ##
==========================================
- Coverage   71.63%   71.18%   -0.46%     
==========================================
  Files         164      164              
  Lines       12090    12090              
==========================================
- Hits         8661     8606      -55     
- Misses       2803     2859      +56     
+ Partials      626      625       -1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[cuixq]

@dependabot rebase

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.