Run go-makefile-maker and autoupdate dependencies

go: upgraded github.com/sapcc/go-bits v0.0.0-20260311133606-85c1036e18a0 => v0.0.0-20260312170110-034b497ebb7e

Author: sapcc-bot

.github/workflows/ci.yaml

@@ -45,7 +45,7 @@ jobs:
       - name: Check out code
         uses: actions/checkout@v6
       - name: Post coverage report
-        uses: fgrosse/go-coverage-report@v1.2.0
+        uses: fgrosse/go-coverage-report@v1.3.0
         with:
           coverage-artifact-name: code-coverage
           coverage-file-name: cover.out

.golangci.yaml

@@ -139,6 +139,9 @@ linters:
         - G112
         # if we put a password or token into a serialized payload, guess what, we probably did that on purpose
         - G117
+        # this triggers on net/http.Request.ParseForm() and its callers, e.g. net/http.Request.FormValue(), complaining about potential memory exhaustion from unbounded form parsing;
+        # but that is incorrect, ParseForm() by default never parses more than 10 MiB for this specific reason
+        - G120
         # created file permissions are restricted by umask if necessary
         - G306
         # the following lints cause false-positives in many repositories, should be fixed with the next release. (see https://github.com/securego/gosec/issues/1500)