Uprev libgit to v1.3.1 (#911)

🔒 This is a security release to provide compatibility with git's changes to address [CVE 2022-24765](https://github.blog/2022-04-12-git-security-vulnerability-announced/). libgit2 (and by extension git2go) are not directly affected by this vulnerability, because libgit2 does not directly invoke any executable. But we are providing these changes as a security release for any users that use libgit2 for repository discovery and then also use git on that repository. In this release, we will now validate that the user opening the repository is the same user that owns the on-disk repository. This is to match git's behavior. In addition, we are providing several correctness fixes where invalid input can lead to a crash. These may prevent possible denial of service attacks. At this time there are not known exploits to these issues.
author: lhchavez <[email protected]> 2022-04-14 16:09:59 +0200
committer: GitHub <[email protected]> 2022-04-14 07:09:59 -0700
commit: 7bff4ca7addde8cc54c38f5db1e50fa420189a20 (patch)
tree: b4bfb5483c52f2be68ca257cb129b4172f9af3e6
parent: eae00773cce87d5282a8ac7c10b5c1961ee6f9cb (diff)
2 files changed, 1 insertions, 1 deletions
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index bc8e3bd..dd0cde2 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -62,7 +62,7 @@ jobs:
       fail-fast: false
       matrix:
         libgit2:
-          - 'v1.3.0'
+          - 'v1.3.1'
     name: Go (system-wide, dynamic)
 
     runs-on: ubuntu-20.04
diff --git a/vendor/libgit2 b/vendor/libgit2
-Subproject b7bad55e4bb0a285b073ba5e02b01d3f522fc95
+Subproject 1f5e7f9add5c8bbc602b14feaec216c8877c3c8
author	lhchavez <[email protected]>	2022-04-14 16:09:59 +0200
committer	GitHub <[email protected]>	2022-04-14 07:09:59 -0700
commit	7bff4ca7addde8cc54c38f5db1e50fa420189a20 (patch)
tree	b4bfb5483c52f2be68ca257cb129b4172f9af3e6
parent	eae00773cce87d5282a8ac7c10b5c1961ee6f9cb (diff)