deps: bump the go-dependencies group across 1 directory with 2 updates

[dependabot]

Bumps the go-dependencies group with 2 updates in the / directory: github.com/basecamp/cli and github.com/yuin/goldmark.

Updates github.com/basecamp/cli from 0.1.1 to 0.2.1

Commits

• 77e1eb6 Initialize Cobra lazy flags (help, version) before walking
• f601610 Add ARG entries and alias paths to surface walker
• f6b4563 deps: bump github.com/zalando/go-keyring in the go-dependencies group (#19)
• a5b14ed ci: harden GitHub Actions workflows (#18)
• a1765c6 Switch CODEOWNERS from sip to cli team (#16)
• 111a50e ci: bump the github-actions group with 4 updates (#13)
• eb050dc Add direct-push alerting and sensitive-change gate callers (#12)
• 828cca2 Security hardening Phase 3: env gate, scorecard, seed templates (#11)
• 42ee1b0 Privilege-separate AI labeler workflows (#10)
• a936893 Harden workflows against script injection (#9)
• Additional commits viewable in compare view

Updates github.com/yuin/goldmark from 1.7.16 to 1.8.2

Release notes

Sourced from github.com/yuin/goldmark's releases.

v1.8.2

fix: setext headings positions

v1.8.1

fix: block positions

v1.8.0

• feat: add position information to all nodes
  • add position information to all nodes, including inline nodes and link reference definition nodes.
  • Now link reference definition nodes are represented as a new node type.
  • Link and image nodes have a new field Reference which is a pointer to the reference link if this link is a reference link. This field is nil for non-reference links.

v1.7.17 release

Full Changelog: yuin/goldmark@v1.7.16...v1.7.17

Commits

• 379bf24 fix: setext headings positions
• e8f2337 fix: block positions
• dfa1ae1 feat: add position information to all nodes
• cb46bbc fix: prevent XSS by escaping dangerous URLs in links and images
• d8b123c refactor: simplify codes
• db34c99 Merge pull request #535 from Sebbito/master
• 5a2a2bf Merge pull request #545 from maxatome/fix-table-panic
• 9aca462 fix(table): if table cell attribute is a string, a panic occurs
• ea86b36 Fix doc error in markdown.go
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

---

Summary by cubic

Upgrade Go dependencies for stability and security. Updates github.com/basecamp/cli to v0.2.1 and github.com/yuin/goldmark to v1.8.2, which includes a fix to escape dangerous URLs in links and images.

^{Written for commit 43a1a0a. Summary will update on new commits.}

[cubic-dev-ai]

No issues found across 2 files