gomod: bump github.com/ugorji/go/codec from 1.2.12 to 1.3.0

[dependabot]

Bumps github.com/ugorji/go/codec from 1.2.12 to 1.3.0.

Release notes

Sourced from github.com/ugorji/go/codec's releases.

1.3.0

Release 1.3.0

Today, we release v1.3.0 of go-codec.

This is a BIG production release of go-codec. We encourage all users to upgrade immediately.

Highlights:

• codecgen removed
• benchmarks moved completely to go-codec-bench/codec package
• introduce generics extensively within unexported code (not exposed to consumers)
• built atop generics, introduce monomorphization for optimized code execution
• dramatic performance improvement: up to 18% on encode and 49% on decode
• many architectural refactoring cleanup for better code
• many fixes, including zero copy, trie for struct field lookup,
• support NilCollectionToZeroLength: allowing encoding a nil collection as [] not null in json, etc
• json: support TimeFormat and BytesFormat in json, for comprehensive support when encoding time.Time and []byte
• numerous architectural clean ups and bug fixes leading to much more robust code

As noted above, this release is up to 18% faster on encode and 49% faster on decode, much more robust and provides better support for json and handling nil collections.

As a consequence of the changes, we now support at least 4 major releases of go. v1.3.0 supports go 1.21+ (ie last 2+ years of go releases).

The main goal has always been to provide the most feature-rich and performant package for encoding and decoding of multiple popular binary and text formats in a consistent way.

We believe we continue to achieve that!

1.2.14

Release 1.2.14

This is a production release of go-codec.

While effectively equivalent to v1.2.13, this release serves as:

• cutover point in the git trunk where v1.3 development begins
• last v1.2 release on the main git trunk - subsequent patch releases (if needed e.g. v1.2.15) will require a release branch.

1.2.13

Release 1.2.13

This is a production release of go-codec.

Changes include:

• leading zeros are not allowed in decimal numbers

... (truncated)

Commits

• 2f58d58 github workflow: no need to go get go-cmp package, since it is referenced in ...
• d08e9df codec: nit (remove comments)
• 2630ac4 codec: test: call testEqualOpts with right set of interfaces to ignoreunexpor...
• 1bed99c codec: add go-cmp test dependency to go.mod, go.sum
• 622e876 codec: github actions: add cache: false to resolve repo go.sum missing
• f45b40a codec: simplify field name precedence support
• 1bd7e92 codec: fix testEqual support for diff
• 047fd14 codec: bench: add io with bufsize=0 to quicksuite, and other nits (use fmt.Sp...
• 707f480 codec: bench: one pass check should handle recover while printing name of format
• 0885686 codec: always log BenchOnePass output regardless of test.v flag
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.