This update for cheat fixes the following issues:

Security:

  * CVE-2025-47913: Fix client process termination (boo#1253593)
  * CVE-2025-58181: Fix potential unbounded memory consumption
    (boo#1253922)
  * CVE-2025-47914: Fix panic due to an out of bounds read
    (boo#1254051)
  * Replace golang.org/x/crypto=golang.org/x/crypto@v0.45.0
  * Replace golang.org/x/net=golang.org/x/net@v0.47.0
  * Replace golang.org/x/sys=golang.org/x/sys@v0.38.0

- Packaging improvements:

  * Service go_modules replace dependencies with CVEs
  * Replace github.com/cloudflare/circl=github.com/cloudflare/circl@v1.6.1
    Fix GO-2025-3754 GHSA-2x5j-vhc8-9cwm
  * Replace golang.org/x/net=golang.org/x/net@v0.36.0
    Fixes GO-2025-3503 CVE-2025-22870
  * Replace golang.org/x/crypto=golang.org/x/crypto@v0.35.0
    Fixes GO-2023-2402 CVE-2023-48795 GHSA-45x7-px36-x8w8
    Fixes GO-2025-3487 CVE-2025-22869
  * Replace github.com/go-git/go-git/v5=github.com/go-git/go-git/v5@v5.13.0
    Fixes GO-2025-3367 CVE-2025-21614 GHSA-r9px-m959-cxf4
    Fixes GO-2025-3368 CVE-2025-21613 GHSA-v725-9546-7q7m
  * Service tar_scm set mode manual from disabled
  * Service tar_scm create archive from git so we can exclude
    vendor directory upstream committed to git. Committed vendor
    directory contents have build issues even after go mod tidy.
  * Service tar_scm exclude dir vendor
  * Service set_version set mode manual from disabled
  * Service set_version remove param basename not needed

- boo#1247629 (CVE-2025-21613):

  * Use go-git 5.13.0 via replace in _service