build(deps): bump github.com/gorilla/websocket from 1.5.2 to 1.5.3

[dependabot[bot]]

Bumps github.com/gorilla/websocket from 1.5.2 to 1.5.3.

Release notes

Sourced from github.com/gorilla/websocket's releases.

v1.5.3

Important change

This reverts the websockets package back to https://github.com/gorilla/websocket/commit/931041c5ee6de24fe9cba1aa16f1a0b910284d6d

What's Changed

• Fixes subprotocol selection (aling with rfc6455) by @​KSDaemon in gorilla/websocket#823
• Update README.md, replace master to main by @​mstmdev in gorilla/websocket#862
• Use status code constant by @​mstmdev in gorilla/websocket#864
• conn.go: default close handler should not return ErrCloseSent. by @​pnx in gorilla/websocket#865
• fix: replace ioutil.readfile with os.readfile by @​rfyiamcool in gorilla/websocket#868
• fix: add comment for the readBufferSize and writeBufferSize by @​rfyiamcool in gorilla/websocket#869
• Remove noisy printf in NextReader() and beginMessage() by @​bcreane in gorilla/websocket#878
• docs(echoreadall): fix function echoReadAll comment by @​XdpCs in gorilla/websocket#881
• make tests parallel by @​ninedraft in gorilla/websocket#872
• Upgrader.Upgrade: use http.ResposnseController by @​ninedraft in gorilla/websocket#871
• Do not handle network error in SetCloseHandler() by @​nak3 in gorilla/websocket#863
• perf: reduce timer in write_control by @​rfyiamcool in gorilla/websocket#879
• fix: lint example code by @​rfyiamcool in gorilla/websocket#890
• feat: format message type by @​rfyiamcool in gorilla/websocket#889
• Remove hideTempErr to allow downstream users to check for errors like net.ErrClosed by @​UnAfraid in gorilla/websocket#894
• Do not timeout when WriteControl deadline is zero in gorilla/websocket#898
• Excludes errchecks linter by @​apoorvajagtap in gorilla/websocket#904
• Return errors instead of printing to logs by @​apoorvajagtap in gorilla/websocket#897
• Revert " Update go version & add verification/testing tools (#840)" by @​apoorvajagtap in gorilla/websocket#908
• Fixes broken random value generation by @​apoorvajagtap in gorilla/websocket#926
• Reverts back to v1.5.0 by @​apoorvajagtap in gorilla/websocket#929

New Contributors

• @​KSDaemon made their first contribution in gorilla/websocket#823
• @​mstmdev made their first contribution in gorilla/websocket#862
• @​pnx made their first contribution in gorilla/websocket#865
• @​rfyiamcool made their first contribution in gorilla/websocket#868
• @​bcreane made their first contribution in gorilla/websocket#878
• @​XdpCs made their first contribution in gorilla/websocket#881
• @​ninedraft made their first contribution in gorilla/websocket#872
• @​nak3 made their first contribution in gorilla/websocket#863
• @​UnAfraid made their first contribution in gorilla/websocket#894
• @​apoorvajagtap made their first contribution in gorilla/websocket#904

Full Changelog: https://github.com/gorilla/websocket/compare/v1.5.1...v1.5.3

Commits

• ce903f6 Reverts to v1.5.0
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[benma]

@baizon it sems trivy/dependabot might not be setup correctly, wanna take a look?

Warning: Workflows triggered by Dependabot on the "push" event run with read-only access. Uploading Code Scanning results requires write access. To use Code Scanning with Dependabot, please ensure you are using the "pull_request" event for this workflow and avoid triggering on the "push" event for Dependabot branches. See https://docs.github.com/en/code-security/secure-coding/configuring-code-scanning#scanning-on-push for more information on how to configure these events.

[baizon]

Indeed, I've made a PR with a fix: https://github.com/BitBoxSwiss/bitbox-wallet-app/pull/2774