Update x/text to v0.3.5 that fixes CVE-2020-28852.
The specific commands used for this update:
"go get golang.org/x/text@latest && go mod tidy && go mod vendor"
Update the vendored golang.org/x/net module to the latest
version, which in turn updates the vendored copy of the
golang.org/x/text module to 0.3.3. That version of x/text
includes a mitigation of CVE-2020-14040, which pertains to
processing UTF-16 data with a Byte Order Mark.
The Git LFS client should not be affected by that security
issue, since it does not open streams in UTF-16 mode, but
we update our modules to stay current with the upstream Go
sources and also to avoid being flagged by security scanners.
The specific commands run to perform this update were:
"go get golang.org/x/net@latest && go mod tidy && go mod vendor"
Vendor the `golang.org/x/net` dependency. This will be used in a
future commit to add HTTP/2 transport support.
Note that due to the way go modules work, the `golang.org/x/sys`
dependency was updated as well when running `make vendor`.