feat(internal/librarian/golang): add bump for Go libraries

[JoeWang1127]

Add bump for Go libraries

For #3616

[codecov]

Codecov Report

❌ Patch coverage is 82.75862% with 5 lines in your changes missing coverage. Please review.
✅ Project coverage is 82.02%. Comparing base (c9868e4) to head (eace0e3).

Files with missing lines	Patch %	Lines
internal/librarian/bump.go	0.00%	2 Missing ⚠️
internal/librarian/golang/bump.go	90.90%	1 Missing and 1 partial ⚠️
internal/librarian/golang/generate.go	0.00%	1 Missing ⚠️

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #4256   +/-   ##
=======================================
  Coverage   82.01%   82.02%           
=======================================
  Files          95       96    +1     
  Lines        7795     7821   +26     
=======================================
+ Hits         6393     6415   +22     
- Misses        975      978    +3     
- Partials      427      428    +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[gemini-code-assist]

Code Review

This pull request introduces version bumping functionality for Go libraries by adding a new golang package with Bump logic and integrating it into the main bump command. However, it introduces security concerns related to file path handling, specifically the lack of symbolic link checks which could lead to arbitrary file modification. Additionally, the review highlights areas for improving error handling during directory traversal and aligning test failure messages with doc/howwewritego.md.

[JoeWang1127]

/gemini review

[gemini-code-assist]

Code Review

This pull request introduces bump functionality for Go libraries, updating internal version and snippet metadata files, and refactors shared logic for determining snippet directory paths. A security audit confirmed that the changes adhere to best practices and introduce no medium, high, or critical severity vulnerabilities, with safe command execution, path traversal protections, strict input validation for version strings, and secure data handling. However, the refactoring has introduced an inconsistency in how the new helper is used in existing code, which could lead to issues, as noted in comments for clean.go and generate.go. There is also a suggestion to improve code organization in bump.go.