Bump golang from 1.24.6 to 1.25.0

[dependabot]

Bumps golang from 1.24.6 to 1.25.0.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dossy]

CI test failures:

=== RUN   TestMySQLDumpSchema
Dropping: dbmate_test
Creating: dbmate_test
    mysql_test.go:202: 
        	Error Trace:	/src/pkg/driver/mysql/mysql_test.go:202
        	Error:      	Received unexpected error:
        	            	mysqldump: Got error: 2026: "TLS/SSL error: self-signed certificate in certificate chain" when trying to connect
        	Test:       	TestMySQLDumpSchema
--- FAIL: TestMySQLDumpSchema (0.04s)
=== RUN   TestMySQLDumpSchemaContainsNoAutoIncrement
Dropping: dbmate_test
Creating: dbmate_test
    mysql_test.go:246: 
        	Error Trace:	/src/pkg/driver/mysql/mysql_test.go:246
        	Error:      	Received unexpected error:
        	            	mysqldump: Got error: 2026: "TLS/SSL error: self-signed certificate in certificate chain" when trying to connect
        	Test:       	TestMySQLDumpSchemaContainsNoAutoIncrement
--- FAIL: TestMySQLDumpSchemaContainsNoAutoIncrement (0.04s)

[dossy]

It looks like the default for --ssl-verify-server-cert was changed from FALSE to TRUE in MariaDB Connector/C in version 3.4, corresponding to MariaDB 11.4:

mariadb-corporation/mariadb-connector-c@1287c90

Since version 3.4 peer certificate verification is enabled by default.

https://mariadb.com/docs/server/security/securing-mariadb/securing-mariadb-encryption/data-in-transit-encryption/securing-connections-for-client-and-server#enabling-one-way-tls-for-mariadb-clients

Starting from MariaDB 11.4 (Connector/C version 3.4) this mode is enabled by default.

As dbmate uses the go-sql-driver/mysql driver for executing queries, which sets tls=false by default, we don't see a change when applying migrations.

However, dbmate executes mysqldump to dump schemas, and that's where the change in MariaDB hits us.

We need some way to be able to pass --ssl-verify-server-cert=false to mysqldump, but only if our connection string/DSN has parameters tls=false (which is the default) or tls=skip-verify.

dbmate/pkg/driver/mysql/mysql.go

Lines 130 to 158 in fb55683

	func (drv *Driver) mysqldumpArgs() []string {
	// generate CLI arguments
	args := []string{"--opt", "--routines", "--no-data",
	"--skip-dump-date", "--skip-add-drop-table"}
	socket := drv.databaseURL.Query().Get("socket")
	if socket != "" {
	args = append(args, "--socket="+socket)
	} else {
	if hostname := drv.databaseURL.Hostname(); hostname != "" {
	args = append(args, "--host="+hostname)
	}
	if port := drv.databaseURL.Port(); port != "" {
	args = append(args, "--port="+port)
	}
	}
	if username := drv.databaseURL.User.Username(); username != "" {
	args = append(args, "--user="+username)
	}
	if password, set := drv.databaseURL.User.Password(); set {
	args = append(args, "--password="+password)
	}
	// add database name
	args = append(args, dbutil.DatabaseName(drv.databaseURL))
	return args
	}

[dependabot]

Superseded by #684.