build(deps): bump github.com/pomerium/pomerium from 0.22.2 to 0.23.0

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps github.com/pomerium/pomerium from 0.22.2 to 0.23.0.

Release notes

Sourced from github.com/pomerium/pomerium's releases.

v0.23.0

Changelog

v0.23.0 (2023-08-24)

Full Changelog

New

• authorize: log id token claims separately from id token #4394 (@​calebdoxsey)
• adds success colors for statuses in the 200 range #4314 (@​nhayfield)
• config: add cookie_same_site option #4148 (@​calebdoxsey)
• hpke: compress query string #4147 (@​calebdoxsey)
• authenticate: add aws cognito #4137 (@​wasaga)

Fixed

• autocert: suppress OCSP stapling errors #4371 (@​calebdoxsey)
• config: validate log levels #4367 (@​calebdoxsey)
• config: update logic for checking overlapping certificates #4216 (@​calebdoxsey)
• databroker: fix fast forward #4192 (@​calebdoxsey)
• databroker: sort configs #4190 (@​calebdoxsey)
• envoy: set re2 limits very high #4187 (@​calebdoxsey)
• fix WillHaveCertificateForServerName check to be strict match for derived cert name #4167 (@​wasaga)
• envoyconfig: disable validation context when no client certificates are required #4151 (@​calebdoxsey)

Dependency

• chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.27 to 1.18.32 #4436 (@​dependabot[bot])
• chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.36.0 to 1.38.1 #4435 (@​dependabot[bot])
• chore(deps): bump docker/setup-buildx-action from 2.8.0 to 2.9.1 #4433 (@​dependabot[bot])
• chore(deps): bump actions/setup-node from 3.6.0 to 3.7.0 #4432 (@​dependabot[bot])
• chore(deps): bump mikefarah/yq from 4.34.1 to 4.34.2 #4431 (@​dependabot[bot])
• chore(deps): bump coverallsapp/github-action from 2.2.0 to 2.2.1 #4430 (@​dependabot[bot])
• chore(deps): bump actions/setup-python from 4.6.1 to 4.7.0 #4429 (@​dependabot[bot])
• chore(deps): bump node from 3801c22 to 850d8e1 #4416 (@​dependabot[bot])
• chore(deps): bump github.com/minio/minio-go/v7 from 7.0.59 to 7.0.61 #4415 (@​dependabot[bot])
• chore(deps): bump google.golang.org/grpc from 1.56.1 to 1.57.0 #4411 (@​dependabot[bot])
• chore(deps): bump github.com/jackc/pgx/v5 from 5.4.1 to 5.4.2 #4409 (@​dependabot[bot])
• chore(deps): bump github.com/go-chi/chi/v5 from 5.0.8 to 5.0.10 #4407 (@​dependabot[bot])
• chore(deps): bump github.com/rs/zerolog from 1.29.1 to 1.30.0 #4406 (@​dependabot[bot])
• chore(deps): bump github.com/open-policy-agent/opa from 0.54.0 to 0.55.0 #4404 (@​dependabot[bot])
• chore(deps): bump google.golang.org/api from 0.130.0 to 0.134.0 #4403 (@​dependabot[bot])
• chore(deps): bump github.com/shirou/gopsutil/v3 from 3.23.6 to 3.23.7 #4402 (@​dependabot[bot])
• chore(deps): bump github.com/caddyserver/certmagic from 0.18.2 to 0.19.1 #4401 (@​dependabot[bot])
• chore(deps): bump github.com/prometheus/procfs from 0.11.0 to 0.11.1 #4400 (@​dependabot[bot])
• chore(deps): bump github.com/peterbourgon/ff/v3 from 3.3.2 to 3.4.0 #4399 (@​dependabot[bot])
• dependencies: upgrade otel #4395 (@​calebdoxsey)
• chore(deps): bump word-wrap from 1.2.3 to 1.2.4 in /ui #4369 (@​dependabot[bot])
• chore(deps): bump semver from 6.3.0 to 6.3.1 in /ui #4350 (@​dependabot[bot])

... (truncated)

Commits

• 5a4acc5 config: validate cookie_secure option (#4484)
• c95f169 authorize: check CRLs only for leaf certificates (#4480)
• 3e330bb storage: add indexes for postgres (#4479)
• 379abec add integration test for https IP address route (#4476)
• c6b7927 add integration test for Pomerium JWT (#4472)
• e448909 authorize: remove incorrect "valid-client-certificate" reason (#4470)
• a83375d envoy: check for nil ssl() in client cert script (#4466)
• 1b3ee7f config: add decode hook for the SANMatcher type (#4464)
• a253983 config: deprecate tls_downstream_client_ca (#4461)
• e8b489e authorize: rework token substitution in headers (#4456)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)