vendor: golang.org/x/net v0.4.0

golang.org/x/net contains a fix for CVE-2022-41717, which was addressed
in stdlib in go1.19.4 and go1.18.9;

> net/http: limit canonical header cache by bytes, not entries
>
> An attacker can cause excessive memory growth in a Go server accepting
> HTTP/2 requests.
>
> HTTP/2 server connections contain a cache of HTTP header keys sent by
> the client. While the total number of entries in this cache is capped,
> an attacker sending very large keys can cause the server to allocate
> approximately 64 MiB per open connection.
>
> This issue is also fixed in golang.org/x/net/http2 v0.4.0,
> for users manually configuring HTTP/2.

full diff: https://github.com/golang/net/compare/v0.2.0...v0.4.0

other dependency updates (due to (circular) dependencies):

- golang.org/x/sys v0.3.0: https://github.com/golang/sys/compare/3c1f35247d10...v0.3.0
- golang.org/x/text v0.5.0: https://github.com/golang/text/compare/v0.3.7...v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

vendor/golang.org/x/text/unicode/norm/forminfo.go

@@ -110,10 +110,11 @@ func (p Properties) BoundaryAfter() bool {
 }
 
 // We pack quick check data in 4 bits:
-//   5:    Combines forward  (0 == false, 1 == true)
-//   4..3: NFC_QC Yes(00), No (10), or Maybe (11)
-//   2:    NFD_QC Yes (0) or No (1). No also means there is a decomposition.
-//   1..0: Number of trailing non-starters.
+//
+//	5:    Combines forward  (0 == false, 1 == true)
+//	4..3: NFC_QC Yes(00), No (10), or Maybe (11)
+//	2:    NFD_QC Yes (0) or No (1). No also means there is a decomposition.
+//	1..0: Number of trailing non-starters.
 //
 // When all 4 bits are zero, the character is inert, meaning it is never
 // influenced by normalization.

vendor/golang.org/x/text/unicode/norm/normalize.go

@@ -18,16 +18,17 @@ import (
 // A Form denotes a canonical representation of Unicode code points.
 // The Unicode-defined normalization and equivalence forms are:
 //
-//   NFC   Unicode Normalization Form C
-//   NFD   Unicode Normalization Form D
-//   NFKC  Unicode Normalization Form KC
-//   NFKD  Unicode Normalization Form KD
+//	NFC   Unicode Normalization Form C
+//	NFD   Unicode Normalization Form D
+//	NFKC  Unicode Normalization Form KC
+//	NFKD  Unicode Normalization Form KD
 //
 // For a Form f, this documentation uses the notation f(x) to mean
 // the bytes or string x converted to the given form.
 // A position n in x is called a boundary if conversion to the form can
 // proceed independently on both sides:
-//   f(x) == append(f(x[0:n]), f(x[n:])...)
+//
+//	f(x) == append(f(x[0:n]), f(x[n:])...)
 //
 // References: https://unicode.org/reports/tr15/ and
 // https://unicode.org/notes/tn5/.

vendor/golang.org/x/text/unicode/norm/tables13.0.0.go

@@ -7315,7 +7315,7 @@ const recompMapPacked = "" +
 	"\x00V\x03\x03\x00\x00\x1e|" + // 0x00560303: 0x00001E7C
 	"\x00v\x03\x03\x00\x00\x1e}" + // 0x00760303: 0x00001E7D
 	"\x00V\x03#\x00\x00\x1e~" + // 0x00560323: 0x00001E7E
-	"\x00v\x03#\x00\x00\x1e\u007f" + // 0x00760323: 0x00001E7F
+	"\x00v\x03#\x00\x00\x1e\x7f" + // 0x00760323: 0x00001E7F
 	"\x00W\x03\x00\x00\x00\x1e\x80" + // 0x00570300: 0x00001E80
 	"\x00w\x03\x00\x00\x00\x1e\x81" + // 0x00770300: 0x00001E81
 	"\x00W\x03\x01\x00\x00\x1e\x82" + // 0x00570301: 0x00001E82
@@ -7342,7 +7342,7 @@ const recompMapPacked = "" +
 	"\x00t\x03\b\x00\x00\x1e\x97" + // 0x00740308: 0x00001E97
 	"\x00w\x03\n\x00\x00\x1e\x98" + // 0x0077030A: 0x00001E98
 	"\x00y\x03\n\x00\x00\x1e\x99" + // 0x0079030A: 0x00001E99
-	"\x01\u007f\x03\a\x00\x00\x1e\x9b" + // 0x017F0307: 0x00001E9B
+	"\x01\x7f\x03\a\x00\x00\x1e\x9b" + // 0x017F0307: 0x00001E9B
 	"\x00A\x03#\x00\x00\x1e\xa0" + // 0x00410323: 0x00001EA0
 	"\x00a\x03#\x00\x00\x1e\xa1" + // 0x00610323: 0x00001EA1
 	"\x00A\x03\t\x00\x00\x1e\xa2" + // 0x00410309: 0x00001EA2