feat(deps): bump github.com/cli/cli/v2 from 2.40.1 to 2.42.0 in /deps

[dependabot]

Bumps github.com/cli/cli/v2 from 2.40.1 to 2.42.0.

Release notes

Sourced from github.com/cli/cli/v2's releases.

GitHub CLI 2.42.0

What's Changed

• Support template, jq flags with standard format flag by @​heaths in cli/cli#7832
• Prevent downloading releases with assets that match windows reserved filenames by @​samcoe in cli/cli#8517
• Backquote settings in gh-config docs by @​muzimuzhi in cli/cli#8479

Full Changelog: cli/cli@v2.41.0...v2.42.0

GitHub CLI 2.41.0

As you can see from the notes below, this release contains some quality of life improvements as well as a move to Azure Code Signing for Windows .exe and .msi release artifacts. This change was extensively tested prior to the holidays before our previous signing certificate expired, however the CLI team is being attentive to issues or discussions raised by our Windows community if any problems or concerns arise. 🙇 ❤️

What's Changed

• Enhance HSM deployment prototype to use the same signing process for .exe and .msi by @​andyfeller in cli/cli#8457
• Fix issue sourcing signtool for Windows signing by @​andyfeller in cli/cli#8464
• build(deps): bump github/codeql-action from 2 to 3 by @​dependabot in cli/cli#8463
• Verify the downloaded zip for gh run view --log by @​benebsiny in cli/cli#8459
• Update deployment workflow for final HSM solution by @​andyfeller in cli/cli#8465
• build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 by @​dependabot in cli/cli#8473
• Add more help message to browse command by @​samueldurantes in cli/cli#8453
• Remove redundant MSI signing environment variables typo by @​andyfeller in cli/cli#8542

New Contributors

• @​samueldurantes made their first contribution in cli/cli#8453

Full Changelog: cli/cli@v2.40.1...v2.41.0

Commits

• e9fabfe Merge pull request #8479 from muzimuzhi/docs/backquote-gh-config
• 785a340 Prevent downloading releases with assets that match windows reserved filename...
• 0cf5d22 Support template, jq flags with standard format flag (#7832)
• b8a1ff6 Merge pull request #8542 from cli/andyfeller-patch-1
• 48f5a15 Update deployment.yml
• c73f41b Mark-up gh-config settings with backticks
• 586eb8b Merge pull request #8453 from samueldurantes/samueldurantes/browse-help-message
• 109458c Update pkg/cmd/browse/browse.go
• d35ef85 build(deps): bump golang.org/x/crypto from 0.14.0 to 0.17.0 (#8473)
• 541ce0e Merge pull request #8465 from cli/andyfeller/213-windows-hsm-signing
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)