Fix dependency cves (#6353)

* Upgraded golang.org/x/crypto v0.28.0 => v0.31.0.

Signed-off-by: peng wu <2030047311@qq.com>

* Upgraded golang.org/x/net v0.30.0 => v0.33.0.

Signed-off-by: peng wu <2030047311@qq.com>

* Upgraded github.com/golang/glog v1.2.2 => v1.2.4. Fix CVE-2024-45339.

Signed-off-by: peng wu <2030047311@qq.com>

* Upgrade go stdlib from 1.22.8 to 1.22.11. Fix CVE-2024-45336.

Signed-off-by: peng wu <2030047311@qq.com>

* Upgraded github.com/go-git/go-git/v5 v5.11.0 => v5.13.0. Fix CVE-2025-21613、CVE-2025-21614.

Signed-off-by: peng wu <2030047311@qq.com>

* Upgraded telemetry v1.0.1 => v1.0.2. Fix CVE-2024-45338、CVE-2024-34156、CVE-2024-34155、CVE-2024-34158、CVE-2024-4536、CVE-2024-45341.

Signed-off-by: peng wu <2030047311@qq.com>

---------

Signed-off-by: peng wu <2030047311@qq.com>
(cherry picked from commit d38db0054c)

vendor/github.com/ProtonMail/go-crypto/openpgp/packet/padding.go

@@ -0,0 +1,26 @@
+package packet
+
+import (
+	"io"
+)
+
+// Padding type represents a Padding Packet (Tag 21).
+// The padding type is represented by the length of its padding.
+// see https://datatracker.ietf.org/doc/html/draft-ietf-openpgp-crypto-refresh#name-padding-packet-tag-21
+type Padding int
+
+// parse just ignores the padding content.
+func (pad Padding) parse(reader io.Reader) error {
+	_, err := io.CopyN(io.Discard, reader, int64(pad))
+	return err
+}
+
+// SerializePadding writes the padding to writer.
+func (pad Padding) SerializePadding(writer io.Writer, rand io.Reader) error {
+	err := serializeHeader(writer, packetPadding, int(pad))
+	if err != nil {
+		return err
+	}
+	_, err = io.CopyN(writer, rand, int64(pad))
+	return err
+}