Fix dependency cves (#6353)

* Upgraded golang.org/x/crypto v0.28.0 => v0.31.0.

Signed-off-by: peng wu <2030047311@qq.com>

* Upgraded golang.org/x/net v0.30.0 => v0.33.0.

Signed-off-by: peng wu <2030047311@qq.com>

* Upgraded github.com/golang/glog v1.2.2 => v1.2.4. Fix CVE-2024-45339.

Signed-off-by: peng wu <2030047311@qq.com>

* Upgrade go stdlib from 1.22.8 to 1.22.11. Fix CVE-2024-45336.

Signed-off-by: peng wu <2030047311@qq.com>

* Upgraded github.com/go-git/go-git/v5 v5.11.0 => v5.13.0. Fix CVE-2025-21613、CVE-2025-21614.

Signed-off-by: peng wu <2030047311@qq.com>

* Upgraded telemetry v1.0.1 => v1.0.2. Fix CVE-2024-45338、CVE-2024-34156、CVE-2024-34155、CVE-2024-34158、CVE-2024-4536、CVE-2024-45341.

Signed-off-by: peng wu <2030047311@qq.com>

---------

Signed-off-by: peng wu <2030047311@qq.com>
(cherry picked from commit d38db0054c)

vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetrically_encrypted.go

@@ -74,6 +74,10 @@ func (se *SymmetricallyEncrypted) Decrypt(c CipherFunction, key []byte) (io.Read
 // SerializeSymmetricallyEncrypted serializes a symmetrically encrypted packet
 // to w and returns a WriteCloser to which the to-be-encrypted packets can be
 // written.
+// If aeadSupported is set to true, SEIPDv2 is used with the indicated CipherSuite.
+// Otherwise, SEIPDv1 is used with the indicated CipherFunction.
+// Note: aeadSupported MUST match the value passed to SerializeEncryptedKeyAEAD
+// and/or SerializeSymmetricKeyEncryptedAEADReuseKey.
 // If config is nil, sensible defaults will be used.
 func SerializeSymmetricallyEncrypted(w io.Writer, c CipherFunction, aeadSupported bool, cipherSuite CipherSuite, key []byte, config *Config) (Contents io.WriteCloser, err error) {
 	writeCloser := noOpCloser{w}