chore(deps): bump github.com/twmb/franz-go from 1.20.4 to 1.20.6

[dependabot]

Bumps github.com/twmb/franz-go from 1.20.4 to 1.20.6.

Changelog

Sourced from github.com/twmb/franz-go's changelog.

v1.20.6

This patch release has two improvements.

Previously, you could not use poll functions multiple times if using BlockRebalanceOnPoll, because rebalancing had a higher lock priority than polling and would block all further poll calls. This has been changed to allow you to call poll as much as you want until you AllowRebalance. Thanks @​KiKoS0!

If brokers indicated they supported epochs, but then used -1 everywhere for that epoch, Mark functions would ignore records being marked and you would never commit progress. This was due to the client defaulting to a 0 epoch internally (and not using it if the broker did not support it), meaning -1 would be ignored. Brokers that use indicate support but use -1 are now supported. This was only found to be a problem against Azure Event Hubs.

• 7cd5ea65 kgo: fix mark <=> epoch interaction, make epoch handling more resilient
• 94fd8622 kgo: fix deadlock when polling multiple times while blocked from a rebalance

v1.20.5

This fixes a commit in 1.20.4 that accidentally broke client metrics (KIP-714) and inadvertently made a log spammy. In addition to the fix, a few logs around client metrics have been reduced in severity.

The new-as-of-1.20 OnPartitionsCallbackBlocked is now called in a goroutine, reducing the chance that you accidentally run into a deadlock based on how you structure handling the hook.

Deps have been bumped to eliminate any security scanners that flag on CVEs (even though this is a library and you can bump the dep in your own binary).

The kgo.Fetches.Errors doc has been expanded to account for previously undocumented errors, and updates guidance on what's retryable vs what is not.

• e86bb6c9 kgo: info=>debug for a few logs in client metrics
• 7c7ca2b4 kgo: call OnPartitionsCallbackBlocked concurrently
• ebf29a4a all: bump deps
• 97b4a1d4 kgo.Fetches.Errors doc: clarify && expand for two undoc'd errors
• 13ea38e3 bug kgo: fix remaining usage of kgo.maxVers/kgo.maxVersion (thanks @​vincentbernat!)

Commits

• 24b7a27 Merge pull request #1209 from twmb/cl
• cfbc4cd cl: note incoming v1.25.6
• c13bffb Merge pull request #1208 from twmb/lint
• e950fe1 kgo: fix lint
• c345e6d Merge pull request #1205 from inngest/fix-deadlock-when-polling-multiple-times
• 7cd5ea6 kgo: fix mark <=> epoch interaction, make epoch handling more resilient (#1203)
• 8906743 deps: bump compress due to retracted module (#1199)
• 44792ae document why we iterate 4 times to poll records in tests
• fb35983 bring back conditional of failing when receiving records unexpectedly
• a9b8ab8 testing multiple polling with the etl group consumer
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 62.38%. Comparing base (34faeaf) to head (f69ec6e).
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #571   +/-   ##
=======================================
  Coverage   62.38%   62.38%           
=======================================
  Files          19       19           
  Lines        1712     1712           
=======================================
  Hits         1068     1068           
  Misses        597      597           
  Partials       47       47           

Flag	Coverage Δ
unittests	62.38% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[dependabot]

Looks like github.com/twmb/franz-go is up-to-date now, so this is no longer needed.