Bump the all group across 1 directory with 4 updates

[dependabot]

Bumps the all group with 2 updates in the / directory: github.com/goreleaser/goreleaser/v2 and gitlab.com/matthewhughes/go-cov.

Updates github.com/goreleaser/goreleaser/v2 from 2.4.8 to 2.7.0

Release notes

Sourced from github.com/goreleaser/goreleaser/v2's releases.

v2.7.0

Changelog

New Features

• 6005c5f253122c4c8f2016d0971366ddfb008401: feat(cmd): filter check filename completion to YAML files (#5515) (@​scop)
• a4282228085ec39e211eddcad9686f18488b08ea: feat(http/artifactory): skip configuration (#5500) (@​caarlos0)
• 8824f9b1204be453dc5709231049c2ed7243bcbd: feat: allow oss to use pro configurations when --snapshot is set (#5501) (@​caarlos0)

Bug fixes

• 303503b880cf58bd6bc5842e7574e0ecc001f575: fix(build): --output completion usage (#5516) (@​scop)
• c69da06503b319455c5a0deae965825eca7ecbf9: fix(go): build env overrides (#5492) (@​caarlos0)
• faa1953da694d3975c9b758d7eaa344b8b4cc35e: fix(go): ppc64le should use GOPPC64 as well (@​caarlos0)
• bb3d80e2a067a93d88575b5fb7ef766e64409ea4: fix(nfpm): missing deb scripts config (@​caarlos0)
• 0ea02b958b26b4b8aef55f44f129080ab2c188af: fix: better build errors (@​caarlos0)
• b6db2c410347d45e881381b01bad038ca41a58d9: fix: improve config version warning message phrasing (#5510) (@​scop)
• 16070832c0afb4e49bde022f90987a6e5281348e: fix: simplify test a bit (@​caarlos0)
• a66104c1525d15c26af83c5a9a8d04e00cb816a9: fix: small lint issue (@​caarlos0)
• bcf21c4343f3170ebb62d08eff417f3d50cd9a8c: fix: use oxford comma (@​caarlos0)
• fb008a78b91c8bf8c33e4b1a87721f70e33d9453: refactor: use math/rand/v2 (#5507) (@​alexandear)

Dependency updates

• 981d6c35365a5790d0b047a4f64022c6063a4c64: Revert "chore(deps): bump golang from 1.23.5-alpine to 1.24rc2-alpine" (#5534) (@​caarlos0)
• 4e1d38db39d6b8b451fbf4d9d3713ec2b75d867e: chore(deps): bump actions/checkout from 3 to 4 (#5475) (@​dependabot[bot])
• cea420a14c8112274ee9e6351715de8d3ebed8f9: chore(deps): bump anchore/sbom-action from 0.17.9 to 0.18.0 (#5483) (@​dependabot[bot])
• 56aa47798402b5d866b0ffc487ec1ffd47980856: chore(deps): bump codecov/codecov-action from 5.1.2 to 5.2.0 (#5477) (@​dependabot[bot])
• e473a135181f4a35f7d234dd5778d6712f58b737: chore(deps): bump codecov/codecov-action from 5.2.0 to 5.3.0 (#5482) (@​dependabot[bot])
• 2879963622863b278cf376a7ca91ea930ca50756: chore(deps): bump codecov/codecov-action from 5.3.0 to 5.3.1 (#5488) (@​dependabot[bot])
• fa85922252c2d5f795d6cf1d0eaf24c3ac2a35f9: chore(deps): bump dagger/dagger-for-github from 7.0.4 to 7.0.5 (#5530) (@​dependabot[bot])
• e9fd6316f2f528f6ea9c36a2dfb779803e3572c9: chore(deps): bump dependabot/fetch-metadata from 2.2.0 to 2.3.0 (#5490) (@​dependabot[bot])
• 65a4dcd51f7fced5625c749f4e70a903a8efaad7: chore(deps): bump docker/setup-buildx-action from 3.8.0 to 3.9.0 (#5529) (@​dependabot[bot])
• e30470bbdd7f11aecaf687ff6b818b50865977f5: chore(deps): bump docker/setup-qemu-action from 3.3.0 to 3.4.0 (#5531) (@​dependabot[bot])
• 32e1c0a8e10f9b2a7b7b27ce91c54ee016487387: chore(deps): bump github.com/agnivade/levenshtein from 1.2.0 to 1.2.1 (#5495) (@​dependabot[bot])
• 83cb52914fa0677e704bfb8105873726d29f6e1d: chore(deps): bump github/codeql-action from 3.28.2 to 3.28.3 (#5476) (@​dependabot[bot])
• 437e9f62b3d1d31ff0c065fb4162a3bfff3a27a8: chore(deps): bump github/codeql-action from 3.28.3 to 3.28.4 (#5481) (@​dependabot[bot])
• 36b4028777967b661b4e93ef6b9a56bcd3bc3758: chore(deps): bump github/codeql-action from 3.28.4 to 3.28.5 (#5489) (@​dependabot[bot])
• 8c75f4cb8b6bda4dee292d5cc4a4aea4e6f35af0: chore(deps): bump github/codeql-action from 3.28.5 to 3.28.6 (#5494) (@​dependabot[bot])
• 7ed6b9ffa2029b3762fdb0c3cb0edca62b2ab79c: chore(deps): bump github/codeql-action from 3.28.6 to 3.28.8 (#5502) (@​dependabot[bot])
• 629bf24ee47d99ef8e7d9bc53682cf789807bc79: chore(deps): bump gitlab.com/gitlab-org/api/client-go from 0.120.0 to 0.121.0 (#5518) (@​dependabot[bot])
• 05686de69aa575d0c9941e9e46f4dbec6e1347af: chore(deps): bump gitlab.com/gitlab-org/api/client-go from 0.121.0 to 0.122.0 (#5525) (@​dependabot[bot])
• 005526f973f8eae2b39ed4677e683002142e532c: chore(deps): bump golang from 1.23.5-alpine to 1.24rc2-alpine (#5527) (@​dependabot[bot])
• fa1b5184188a7ca520e9e34a0186b084d2fa55cf: chore(deps): bump golang.org/x/oauth2 from 0.25.0 to 0.26.0 (#5524) (@​dependabot[bot])
• c1c11b3cc4445b1b8413a103d87da0d649b7b3f8: chore(deps): bump golang.org/x/sync from 0.10.0 to 0.11.0 (#5526) (@​dependabot[bot])
• abf2bad544dbeb962d562663d5eaf9a58fbc47ad: chore(deps): bump golang.org/x/text from 0.21.0 to 0.22.0 (#5523) (@​dependabot[bot])
• 093e296f920ea7e9cc4986e68af4c6d38d0beee5: chore(deps): bump golangci/golangci-lint-action from 6.2.0 to 6.3.0 (#5521) (@​dependabot[bot])
• 139a5a1c1566ebae95b8b6796eaffde8c1afd39f: chore(deps): bump sigstore/cosign-installer from 3.7.0 to 3.8.0 (#5522) (@​dependabot[bot])
• c57ca5a06c8ad594d4de214ce51fd36a634e79d2: chore(deps): update go-github (@​caarlos0)

Documentation updates

• fb003f17c26e9388be64eb3930fe1b337325cf8d: docs(docker_sign): ${artifact} does not contain the digest (#5513) (@​scop)
• 317763ceb4f10e1ffa888a2d022fbfbb397cb960: docs(docker_sign): bring args defaults up to date (#5514) (@​scop)
• b05e985be13cbd50660bc3a15b87708851b13e4a: docs(sbom): fix default artifact info (#5509) (@​scop)
• a3d46256b11d4dddb96c9358d4220a8c3b0880d2: docs: add go report card badge (#5486) (@​jessp01)
• 6abf2cdee15249e3de6d147bc08d0c16b67960d4: docs: add vedant as a maintainer (#5471) (@​caarlos0)
• a6c8ca3ef878f7d4ef4a48c92e0aab69a9e31c84: docs: attestations (#5474) (@​caarlos0)

... (truncated)

Commits

• 8aacb19 docs: preparing for v2.7
• 0ea02b9 fix: better build errors
• 59b1601 test: fix test
• 7bf9676 test: fix unstable test
• 65a4dcd chore(deps): bump docker/setup-buildx-action from 3.8.0 to 3.9.0 (#5529)
• fa85922 chore(deps): bump dagger/dagger-for-github from 7.0.4 to 7.0.5 (#5530)
• 981d6c3 Revert "chore(deps): bump golang from 1.23.5-alpine to 1.24rc2-alpine" (#5534)
• e30470b chore(deps): bump docker/setup-qemu-action from 3.3.0 to 3.4.0 (#5531)
• c57ca5a chore(deps): update go-github
• fa1b518 chore(deps): bump golang.org/x/oauth2 from 0.25.0 to 0.26.0 (#5524)
• Additional commits viewable in compare view

Updates gitlab.com/matthewhughes/go-cov from 0.4.0 to 0.5.0

Changelog

Sourced from gitlab.com/matthewhughes/go-cov's changelog.

0.5.0 - 2025-02-28

Added

• Allow skipping entire files
• Add automatic skipping of generated files

Removed

• Remove support for Go 1.21
• Remove support for Go 1.22

Commits

• bbfcb2e v0.5.0
• c8a1b17 Merge branch 'updates' into 'main'
• 2ea7a23 Drop Go 1.22 support
• 1046bb4 Update golangci-lint config
• 066da35 Update pre-commit
• d1f3253 Merge branch 'renovate/gomod-all' into 'main'
• a6c7e0f fix(deps): update gomod-all
• 9a0bcaf Merge branch 'renovate/pre-commit-all' into 'main'
• b5a376e chore(deps): update pre-commit hook renovatebot/pre-commit-hooks to v39.86.1
• 6bdc5c8 Merge branch 'renovate/gomod-all' into 'main'
• Additional commits viewable in compare view

Updates golang.org/x/mod from 0.22.0 to 0.23.0

Commits

• 52289f1 modfile: fix trailing empty lines in require blocks
• See full diff in compare view

Updates golang.org/x/tools from 0.28.0 to 0.30.0

Commits

• 09747cd go.mod: update golang.org/x dependencies
• dc9353b gopls/internal/analysis/modernize: appendclipped: unclip
• a886a1c internal/analysisinternal: AddImport handles dot imports
• 94c3c49 go/analysis/analysistest: RunWithSuggestedFix: assume valid fixes
• 5f9967d gopls/internal/analysis/modernize: strings.Split -> SplitSeq
• a1eb5fd go/analysis/passes/framepointer: support arm64
• 9c087d9 internal/analysis/gofix: change "forward" back to "inline"
• 82317ce gopls/internal/analysis/modernize: slices.Delete: import slices
• e65ea15 go/analysis/internal/checker: implement three-way merge
• a9bf6fd gopls/internal/analysis/modernize: remove SortStable
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions