feat(deps): bump golang.org/x/oauth2 from 0.12.0 to 0.13.0 (#4352)

[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from
0.12.0 to 0.13.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/oauth2/commit/3c5dbf08cc9840ba292592ec6c68090ea315238c"><code>3c5dbf0</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/oauth2/commit/11625ccb95ae1d99393185eb6eb10d6a5157e711"><code>11625cc</code></a>
google: add authorized_user conditional to
Credentials.UniverseDomain</li>
<li><a
href="https://github.com/golang/oauth2/commit/8d6d45b6cde73b704061a2914b49bae1a1d5366e"><code>8d6d45b</code></a>
google: add Credentials.UniverseDomain to support TPC</li>
<li><a
href="https://github.com/golang/oauth2/commit/43b6a7ba1972152df70cd1e5ac7705e981df5f66"><code>43b6a7b</code></a>
google: adding support for external account authorized user</li>
<li><a
href="https://github.com/golang/oauth2/commit/14b275c918cfd6590f412031b27f6ff0d8fd17c5"><code>14b275c</code></a>
oauth2: workaround misspelling of verification_uri</li>
<li><a
href="https://github.com/golang/oauth2/commit/18352fc4335d95cd4b558f7c914898f1c069754e"><code>18352fc</code></a>
google/internal/externalaccount: adding BYOID Metrics</li>
<li><a
href="https://github.com/golang/oauth2/commit/9095a51613032fc4f54e91b3c67c0a922d990bfb"><code>9095a51</code></a>
oauth2: clarify error if endpoint missing DeviceAuthURL</li>
<li><a
href="https://github.com/golang/oauth2/commit/2d9e4a2adf33fc3ce68d77995fadda7234520e5c"><code>2d9e4a2</code></a>
oauth2/google: remove meta validations for aws external credentials</li>
<li><a
href="https://github.com/golang/oauth2/commit/55cd552a36547be12b8a7a384c179b33120240ef"><code>55cd552</code></a>
oauth2: support PKCE</li>
<li><a
href="https://github.com/golang/oauth2/commit/e3fb0fb3af0ee7c0c62e31c393cbcfce6b2af5bf"><code>e3fb0fb</code></a>
oauth2: support device flow</li>
<li>See full diff in <a
href="https://github.com/golang/oauth2/compare/v0.12.0...v0.13.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/oauth2&package-manager=go_modules&previous-version=0.12.0&new-version=0.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

go.mod

@@ -47,7 +47,7 @@ require (
 	github.com/xanzy/go-gitlab v0.93.1
 	gocloud.dev v0.34.0
 	golang.org/x/crypto v0.14.0
-	golang.org/x/oauth2 v0.12.0
+	golang.org/x/oauth2 v0.13.0
 	golang.org/x/sync v0.4.0
 	golang.org/x/text v0.13.0
 	golang.org/x/tools v0.14.0

go.sum

@@ -1027,8 +1027,8 @@ golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ
 golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.12.0 h1:smVPGxink+n1ZI5pkQa8y6fZT0RW0MgCO5bFpepy4B4=
-golang.org/x/oauth2 v0.12.0/go.mod h1:A74bZ3aGXgCY0qaIC9Ahg6Lglin4AMAco8cIv9baba4=
+golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY=
+golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=