gomod: bump github.com/ugorji/go/codec from 1.2.12 to 1.3.1

[dependabot]

Bumps github.com/ugorji/go/codec from 1.2.12 to 1.3.1.

Release notes

Sourced from github.com/ugorji/go/codec's releases.

1.3.1

Release 1.3.1

This is a production release of go-codec.

Changes include:

• more robust handling of UnexpectedEOF vs EOF
• return error from a Read call iff no more data can be read
• more robust extension encoding and decoding (wrt checkExt parameter)
• json: nextValueBytes should not include last read valid token when decoding a number

1.3.0

Release 1.3.0

Today, we release v1.3.0 of go-codec.

This is a BIG production release of go-codec. We encourage all users to upgrade immediately.

Highlights:

• codecgen removed
• benchmarks moved completely to go-codec-bench/codec package
• introduce generics extensively within unexported code (not exposed to consumers)
• built atop generics, introduce monomorphization for optimized code execution
• dramatic performance improvement: up to 18% on encode and 49% on decode
• many architectural refactoring cleanup for better code
• many fixes, including zero copy, trie for struct field lookup,
• support NilCollectionToZeroLength: allowing encoding a nil collection as [] not null in json, etc
• json: support TimeFormat and BytesFormat in json, for comprehensive support when encoding time.Time and []byte
• numerous architectural clean ups and bug fixes leading to much more robust code

As noted above, this release is up to 18% faster on encode and 49% faster on decode, much more robust and provides better support for json and handling nil collections.

As a consequence of the changes, we now support at least 4 major releases of go. v1.3.0 supports go 1.21+ (ie last 2+ years of go releases).

The main goal has always been to provide the most feature-rich and performant package for encoding and decoding of multiple popular binary and text formats in a consistent way.

We believe we continue to achieve that!

1.2.14

Release 1.2.14

This is a production release of go-codec.

While effectively equivalent to v1.2.13, this release serves as:

... (truncated)

Commits

• abdbcb1 codec: nextValueBytes should not include last read token when reading a json ...
• af1615e codec: minor updates in mono generated files
• a9af3d3 codec: fix passing checkExt appropriately when encoding/decoding an extension
• c135357 codec: only return error from Read if more data needs to be read
• 4cdd2e6 codec: rename honoring convention of notXXX (as opposed to not_XXX)
• 9428373 codec: fix misspellings and minor comment movements
• bc38a23 codec: bufioDecReader: checkErr before halting with io.ErrUnexpectedEOF
• 175ab60 codec: update README.md and doc.go with package documentation
• 2f58d58 github workflow: no need to go get go-cmp package, since it is referenced in ...
• d08e9df codec: nit (remove comments)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)