deps: bump github.com/modelcontextprotocol/go-sdk from 1.3.0 to 1.3.1

[dependabot]

Bumps github.com/modelcontextprotocol/go-sdk from 1.3.0 to 1.3.1.

Release notes

Sourced from github.com/modelcontextprotocol/go-sdk's releases.

v1.3.1

This release is a patch release for v1.3.0.

It contains a cherry-pick for a security issue reported in #805, which takes advantage of the default behavior of Go's standard library JSON decoder that allows case-insensitive matches to struct field names (or "json" tags). The issue has been addressed by changing the JSON decoder to one that supports case sensitive matching.

Fixes

• all: use case-sensitive JSON unmarshaling by @​maciej-kisiel in modelcontextprotocol/go-sdk#807

New external dependencies

• https://github.com/segmentio/encoding, which is the package that provides the new decoder.

Full Changelog: modelcontextprotocol/go-sdk@v1.3.0...v1.3.1

Commits

• 6e8ca56 all: use case-sensitive JSON unmarshaling (#807)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: dependencies, go. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
⚠️ Please upload report for BASE (main@bed6bcf). Learn more about missing BASE report.
⚠️ Report is 1 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #149   +/-   ##
=======================================
  Coverage        ?   90.78%           
=======================================
  Files           ?      115           
  Lines           ?    11231           
  Branches        ?        0           
=======================================
  Hits            ?    10196           
  Misses          ?      745           
  Partials        ?      290           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.