build(deps): bump github.com/spf13/viper from 1.7.1 to 1.9.0

[dependabot[bot]]

Bumps github.com/spf13/viper from 1.7.1 to 1.9.0.

Release notes

Sourced from github.com/spf13/viper's releases.

v1.9.0

This is a maintenance release primarily containing minor fixes and improvements.

Changes

Added

• Experimental new encoding layer
• Add support for tfvars files

Fixed

• Writing hidden files with no extension
• InConfig processing paths

---

In addition to the above changes, this release comes with tons of minor improvements, documentation changes an dependency updates.

Many thanks to everyone who contributed to this release!

v1.8.1

This patch releases fixes two minor issues:

• Replace %s with %w when wrapping errors
• Fix pflag.StringArray processing

v1.8.0

This is a maintenance release primarily containing fixes and improvements. The most prominent change is the etcd update to 3.5.0. Thanks to proper Go modules support, the dependency graph became much smaller.

Changes

Added

• Allow BindEnv to register multiple environment variables
• Support for accessing slices
• Experimental WASM support: Viper compiles on WASM
• INI load options

Changed

• Ensure BindPFlag detects a nil flag parameter

Fixed

• Merging a key into a nil target
• Panics during saving INI files

Security

... (truncated)

Commits

• b1fdc47 Recognize tfvars files as hcl by default.
• 65f16c1 docs: fix indentation in code samples
• 0d7e803 build(deps): bump github.com/mitchellh/mapstructure from 1.4.1 to 1.4.2
• 6a29539 build(deps): bump gopkg.in/ini.v1 from 1.63.1 to 1.63.2
• fa3412d fix cannot write hidden file without extension (#1017)
• a1f26b1 Add test for cannot write hidden file without extension
• 46a61e6 Fixes #1062
• e606f74 fix: made InConfig process paths correctly
• 2062cd6 Fix codeql workflow
• c4687f7 Add CodeQL analysis workflow
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions[bot]]

This pull request has been automatically marked as stale because it has not had recent activity. It will be closed in 7 days-before-close if no further activity occurs. Thank you for your contributions.

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.