build(deps): bump github.com/go-git/go-git/v5 from 5.16.5 to 5.17.0 in /cmd/firmware-action

[dependabot]

Bumps github.com/go-git/go-git/v5 from 5.16.5 to 5.17.0.

Release notes

Sourced from github.com/go-git/go-git/v5's releases.

v5.17.0

What's Changed

• build: Update module github.com/go-git/go-git/v5 to v5.16.5 [SECURITY] (releases/v5.x) by @​go-git-renovate[bot] in go-git/go-git#1839
• git: worktree, optimize infiles function for very large repos by @​k-anshul in go-git/go-git#1853
• git: Add strict checks for supported extensions by @​pjbgf in go-git/go-git#1861
• backport, git: Improve Status() speed with new index.ModTime check by @​cedric-appdirect in go-git/go-git#1862
• storage: filesystem, Avoid overwriting loose obj files by @​pjbgf in go-git/go-git#1864

Full Changelog: go-git/go-git@v5.16.5...v5.17.0

Commits

• bdf0688 Merge pull request #1864 from pjbgf/v5-issue-55
• 5290e52 storage: filesystem, Avoid overwriting loose obj files. Fixes #55
• 5d20a62 storage: filesystem, Fix permissions for loose and packed objs
• 8ed442c backport, git: Improve Status() speed with new index.ModTime check (#1862)
• c7b5960 build: Align test workflow with main
• 8e71edf git: Add strict checks for supported extensions
• 438a37f git: worktree, optimize infiles function for very large repos (#1853)
• 67c7006 Merge pull request #1839 from go-git/renovate/releases/v5.x-go-github.com-go-...
• 4ca3f02 build: Update module github.com/go-git/go-git/v5 to v5.16.5 [SECURITY]
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

✅⚠️MegaLinter analysis: Success with warnings

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	15		0	0	0.61s
✅ BASH	bash-exec	10		0	0	0.04s
✅ BASH	shellcheck	9		0	0	0.18s
✅ BASH	shfmt	9		0	0	0.01s
✅ DOCKERFILE	hadolint	5		0	0	0.41s
✅ EDITORCONFIG	editorconfig-checker	227		0	0	0.33s
✅ GO	revive	31		0	0	33.61s
✅ JSON	jsonlint	14		0	0	2.0s
✅ JSON	prettier	14		0	0	2.11s
✅ JSON	v8r	14		0	0	5.27s
✅ MARKDOWN	markdownlint	32		0	0	3.34s
✅ PYTHON	black	20		0	0	2.17s
✅ PYTHON	flake8	20		0	0	1.42s
✅ PYTHON	isort	20		0	0	0.23s
✅ PYTHON	mypy	20		0	0	9.61s
✅ PYTHON	pylint	20		0	0	10.36s
✅ PYTHON	pyright	20		0	0	0.93s
✅ PYTHON	ruff	20		0	0	0.03s
✅ REPOSITORY	checkov	yes		no	no	26.71s
✅ REPOSITORY	gitleaks	yes		no	no	7.5s
✅ REPOSITORY	git_diff	yes		no	no	0.01s
✅ REPOSITORY	grype	yes		no	no	76.81s
✅ REPOSITORY	secretlint	yes		no	no	1.47s
✅ REPOSITORY	syft	yes		no	no	17.7s
✅ REPOSITORY	trivy	yes		no	no	17.73s
✅ REPOSITORY	trivy-sbom	yes		no	no	5.98s
✅ REPOSITORY	trufflehog	yes		no	no	6.88s
✅ SPELL	cspell	227		0	0	5.7s
⚠️ YAML	prettier	35		1	2	7.48s
✅ YAML	v8r	35		0	0	12.48s
✅ YAML	yamllint	35		0	0	4.38s

Detailed Issues

⚠️ YAML / prettier - 1 error

Checking formatting...
[warn] .github/workflows/go-test.yml
[warn] Code style issues found in the above file. Run Prettier with --write to fix.

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

• Documentation: Custom Flavors
• Command: npx mega-linter-runner@9.3.0 --custom-flavor-setup --custom-flavor-linters PYTHON_PYLINT,PYTHON_BLACK,PYTHON_FLAKE8,PYTHON_ISORT,PYTHON_MYPY,PYTHON_PYRIGHT,PYTHON_RUFF,ACTION_ACTIONLINT,BASH_EXEC,BASH_SHELLCHECK,BASH_SHFMT,DOCKERFILE_HADOLINT,EDITORCONFIG_EDITORCONFIG_CHECKER,GO_REVIVE,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,MARKDOWN_MARKDOWNLINT,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,SPELL_CSPELL,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 53.22%. Comparing base (656f61a) to head (84224db).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #851   +/-   ##
=======================================
  Coverage   53.22%   53.22%           
=======================================
  Files          17       17           
  Lines        1997     1997           
=======================================
  Hits         1063     1063           
  Misses        841      841           
  Partials       93       93           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.