Fix dependency cves (#6353)

* Upgraded golang.org/x/crypto v0.28.0 => v0.31.0.

Signed-off-by: peng wu <2030047311@qq.com>

* Upgraded golang.org/x/net v0.30.0 => v0.33.0.

Signed-off-by: peng wu <2030047311@qq.com>

* Upgraded github.com/golang/glog v1.2.2 => v1.2.4. Fix CVE-2024-45339.

Signed-off-by: peng wu <2030047311@qq.com>

* Upgrade go stdlib from 1.22.8 to 1.22.11. Fix CVE-2024-45336.

Signed-off-by: peng wu <2030047311@qq.com>

* Upgraded github.com/go-git/go-git/v5 v5.11.0 => v5.13.0. Fix CVE-2025-21613、CVE-2025-21614.

Signed-off-by: peng wu <2030047311@qq.com>

* Upgraded telemetry v1.0.1 => v1.0.2. Fix CVE-2024-45338、CVE-2024-34156、CVE-2024-34155、CVE-2024-34158、CVE-2024-4536、CVE-2024-45341.

Signed-off-by: peng wu <2030047311@qq.com>

---------

Signed-off-by: peng wu <2030047311@qq.com>

vendor/github.com/golang/glog/glog_file_windows.go

@@ -3,9 +3,22 @@
 package glog
 
 import (
+	"os"
 	"syscall"
 )
 
+// shouldRegisterStderrSink determines whether we should register a log sink that writes to stderr.
+// Today, this checks if stderr is "valid", in that it maps to a non-NULL Handle.
+// Windows Services are spawned without Stdout and Stderr, so any attempt to use them equates to
+// referencing an invalid file Handle.
+// os.Stderr's FD is derived from a call to `syscall.GetStdHandle(syscall.STD_ERROR_HANDLE)`.
+// Documentation[1] for the GetStdHandle function indicates the return value may be NULL if the
+// application lacks the standard handle, so consider Stderr valid if its FD is non-NULL.
+// [1]: https://learn.microsoft.com/en-us/windows/console/getstdhandle
+func shouldRegisterStderrSink() bool {
+	return os.Stderr.Fd() != 0
+}
+
 // This follows the logic in the standard library's user.Current() function, except
 // that it leaves out the potentially expensive calls required to look up the user's
 // display name in Active Directory.