chore(deps): bump github.com/go-git/go-git/v6 from 6.0.0-alpha.1 to 6.0.0-alpha.2

[dependabot]

Bumps github.com/go-git/go-git/v6 from 6.0.0-alpha.1 to 6.0.0-alpha.2.

Release notes

Sourced from github.com/go-git/go-git/v6's releases.

v6.0.0-alpha.2

🚀 Release Summary

⚠️ v6 Alpha Release

This is an alpha release of go-git v6.

We encourage users to test this version in real-world scenarios and help us validate the new transport layer and features.

👉 Please report any issues, bugs, or unexpected behavior via GitHub issues.

This release brings major improvements across transport, performance, and Git feature support, along with significant internal modernization.

🚀 Highlights

• Major refactor of the plumbing/transport API with a new design, improving extensibility and aligning behaviour more closely with upstream Git.
• Performance improvements in remote operations, including faster send-pack.
• Significant improvements to HTTP transport robustness and protocol correctness.
• File transport: added support for gitfile and improved repository detection logic.

🐛 Bug Fixes

• repository: fix DeleteBranch failing when using full ref names (#1951)
• worktree: fix Add silently failing for absolute paths (#1949)
• transport/http: fix multi-round pack negotiation (#1992)
• transport/http: harden redirect handling to match canonical Git (#1997)
• transport/http: fix data race in dumb HTTP test server (#1960)
• transport: avoid emitting duplicate NAK after empty ACKs (#1989)
• updreq: support multiple shallow records in upload request decoding (#1952)
• file transport: fix Windows file handle leak (#1976)
• worktree tests: fix Windows file handle leaks (#1996)
• transport tests: correct receive-pack usage (#1988)

✨ Enhancements

• remote: faster send-pack implementation (#1947)
• object: improved object walk painting (#1973)
• repository: add gitfile support and improve loader detection (#1994)
• config: introduce ConfigLoader plugins aligned with upstream Git (#1924)

🔧 Refactoring

• plumbing/transport: replace transport API with new design (#1972)
• plumbing/transport: follow-up API refactoring and cleanup (#1983)

📚 Documentation

• docs: updates and introduction of AI Policy (#1913)

📋 Full Changelog

What's Changed

• git: repository, fix DeleteBranch failing with full ref name by @​tmchow in go-git/go-git#1951
• build: Update golang (main) by @​go-git-renovate[bot] in go-git/go-git#1931
• git: worktree, fix Add silently failing for absolute paths by @​tmchow in go-git/go-git#1949

... (truncated)

Commits

• 137874f Merge pull request #1997 from aymanbagabas/http-hardening
• 38f2574 plumbing: transport/http, Add support for FollowRedirects to align with upstream
• f4af53c plumbing: transport/http, Apply redirection rules to custom clients
• 0020ab6 plumbing: http, harden redirect handling in http transport
• 71c0311 Merge pull request #1924 from pjbgf/config-plugin
• 9eef6d1 x: plugin/config, Consolidate Auto tests and fix Windows compatibility
• 06b2bd9 x: plugin/config: Make Auto the default plugin
• 9191eb9 x: plugin/config, Add Auto ConfigSource implementation
• 835918a config: Deprecate LoadConfig and Paths in favour of ConfigLoader
• 5779608 Merge pull request #1992 from stiak/fix-missing-haves-negotiation
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[codecov]

Codecov Report

❌ Patch coverage is 61.11111% with 14 lines in your changes missing coverage. Please review.
✅ Project coverage is 61.15%. Comparing base (3e3a3b6) to head (d423f99).
⚠️ Report is 1 commits behind head on v2.

Files with missing lines	Patch %	Lines
internal/storage/git/repository.go	55.55%	7 Missing and 1 partial ⚠️
internal/credentials/credentials.go	66.66%	6 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##               v2    #5746      +/-   ##
==========================================
- Coverage   61.15%   61.15%   -0.01%     
==========================================
  Files         141      141              
  Lines       14181    14181              
==========================================
- Hits         8673     8672       -1     
  Misses       4777     4777              
- Partials      731      732       +1     

Flag	Coverage Δ
integrationtests	34.43% <33.33%> (-0.04%)	⬇️
unittests	52.05% <50.00%> (+<0.01%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.