Bump github.com/golang/glog from 1.2.1 to 1.2.4

[dependabot]

Bumps github.com/golang/glog from 1.2.1 to 1.2.4.

Release notes

Sourced from github.com/golang/glog's releases.

v1.2.4

What's Changed

• Fail if log file already exists by @​chressie in golang/glog#74:
  • glog: Don't try to create/rotate a given syncBuffer twice in the same second
  • glog: introduce createInDir function as in internal version
  • glog: have createInDir fail if the file already exists

Full Changelog: golang/glog@v1.2.3...v1.2.4

v1.2.3

What's Changed

• glog: check that stderr is valid before using it by default by @​chressie in golang/glog#72
• glog: fix typo by @​chressie in golang/glog#73

Full Changelog: golang/glog@v1.2.2...v1.2.3

v1.2.2

What's Changed

• glog: avoid calling user.Current() on windows by @​bentekkie in golang/glog#69

Full Changelog: golang/glog@v1.2.1...v1.2.2

Commits

• a0e3c40 glog: have createInDir fail if the file already exists
• 7139da2 glog: introduce createInDir function as in internal version
• dd58629 glog: Don't try to create/rotate a given syncBuffer twice in the same second
• 04dbec0 glog: fix typo (#73)
• 459cf3b glog: check that stderr is valid before using it by default (#72)
• 9730314 glog: avoid calling user.Current() on windows (#69)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[coveralls]

coverage: 88.807%. remained the same
when pulling 014a6e1 on dependabot/go_modules/github.com/golang/glog-1.2.4
into 100bd44 on master.

[felix-kaestner]

@robshakir @wenovus Merging this would be highly appreciated since it prevents a security vulnerability found in github.com/golang/glog, see https://pkg.go.dev/vuln/GO-2025-3372.

$ go run golang.org/x/vuln/cmd/govulncheck@latest -format text ./ytypes

=== Symbol Results ===

Vulnerability #1: GO-2025-3372
    Vulnerability when creating log files in github.com/golang/glog
  More info: https://pkg.go.dev/vuln/GO-2025-3372
  Module: github.com/golang/glog
    Found in: github.com/golang/glog@v1.2.1
    Fixed in: github.com/golang/glog@v1.2.4
    Example traces found:
      #1: ytypes/int_type.go:218:13: ytypes.legalValue calls glog.Errorf
      #2: util/walk.go:253:17: util.walkFieldInternal calls glog.Errorln
      #3: ytypes/leaf.go:307:16: ytypes.findMatchingSchemasInUnion calls glog.Warningf

Your code is affected by 1 vulnerability from 1 module.
This scan also found 0 vulnerabilities in packages you import and 1
vulnerability in modules you require, but your code doesn't appear to call these
vulnerabilities.
Use '-show verbose' for more details.