build(deps): bump github.com/nephio-project/porch from 1.5.1 to 1.5.4

[dependabot]

Bumps github.com/nephio-project/porch from 1.5.1 to 1.5.4.

Release notes

Sourced from github.com/nephio-project/porch's releases.

v1.5.4

Welcome to the v1.5.4 pre-release of Porch.

[!NOTE] Porch switches to the kptdev version of kpt in this release. All kpt imports, KRM catalog functions, and the KRM functions SDK are used from kptdev. The GoogleContainerTools version of kpt is no longer used.

[!IMPORTANT] Porch will only support 1.30+ k8s distributions from this release on. We have updated the versions of Kubernetes dependencies used in Porch

New Features

Per repository synchronization

• Individual repository sync configuration can now be specified in the Repository CRD
• A one-time synchronization can be set directly on the Repository CR or ordered with a new porchctl repo command
• Introduced a new mechanism for changing Repository CR status when reconciliation is in progress
• list-timeout-per-repo default value increase to 20 seconds.
• fetchRemoteRepositoryWithRetry parameter introduced, with a default value of 4
• New CLI command for Repository synchronization added and new parameter added for Repository registration to set a synchronization cron schedule.
• Sync handler introduced as a common interface between CR and DB cache.

What's Changed

• Remove Patch leftovers from API by @​liamfallon in nephio-project/porch#316
• Run repo refresh from background.go only when CR is modified by @​kushnaidu in nephio-project/porch#315
• DB Cache: Implement package filtering by @​liamfallon in nephio-project/porch#317
• Split dev & prod docker build-push actions by @​efiacor in nephio-project/porch#318
• Porchctl: Upgrade fallback when there is no original edit task by @​lapentad in nephio-project/porch#320
• Add a generic PR template by @​efiacor in nephio-project/porch#319
• Postgres image update to new Bitnami repository by @​JamesMcDermott in nephio-project/porch#322
• Rewrite DB cache tests to use testify test suite by @​mozesl-nokia in nephio-project/porch#321
• Bump go version to 1.25 by @​efiacor in nephio-project/porch#323
• Fix porch release gh actions by @​efiacor in nephio-project/porch#324
• Update mockery to v3 by @​lapentad in nephio-project/porch#327
• Add verbose level 3 for listPackageRevision calls by @​kushnaidu in nephio-project/porch#325
• chore: Cleanup error logging when can't delete webhook by @​liamfallon in nephio-project/porch#329
• Refactor field-selector filtering for PackageRevision list operation by @​JamesMcDermott in nephio-project/porch#273
• Replace multi line formatting to single line formatting for kpt logs by @​kushnaidu in nephio-project/porch#326
• Fix background.go panic when cachedRepo is nil by @​kushnaidu in nephio-project/porch#332
• Fix make generate target by @​efiacor in nephio-project/porch#331
• Bump github.com/cloudflare/circl from 1.3.7 to 1.6.1 by @​dependabot[bot] in nephio-project/porch#334
• Bump SonarSource/sonarqube-scan-action from 5.0.0 to 6.0.0 in /.github/workflows by @​dependabot[bot] in nephio-project/porch#333
• Fix: make test target fail pipeline on test failures by @​kushnaidu in nephio-project/porch#337
• Update go test to use porch user for dbcache tests by @​kushnaidu in nephio-project/porch#338
• Bugfix bfs render by @​lapentad in nephio-project/porch#339
• Fix stdout bug in upsert-db-cache-data by @​efiacor in nephio-project/porch#344
• Refactor makefile and scripts setup by @​efiacor in nephio-project/porch#342
• Convert Porch to use the github.com/kptdev version of kpt by @​liamfallon in nephio-project/porch#343
• Aligned clone validation between client and server by @​lapentad in nephio-project/porch#330
• Fix dev-gitea svc not ready failure by @​efiacor in nephio-project/porch#345
• Revert gitea curl address to localhost by @​efiacor in nephio-project/porch#348

... (truncated)

Commits

• f21e1b2 Fix release workflow permissions (#356)
• 3b5b7ca Fix "make generate" make target (#353)
• e04c1bf Increase e2e test repo ready context deadline (#354)
• 63aaee8 Add validation to disallow latest label changes and improve rpkg delete in db...
• f0c8dff Remove redundant apiserver validatingAdmissions flag (#349)
• 4c714ff Fix porchctl dev release workflow (#350)
• 5636e11 Update gitea setup to query healthz url and add retry mech for repo creation ...
• 00d48c7 Improve repository reconciliation to use cron based periodic syncs and introd...
• 2c9384e Remove .prow.yaml refs from workflows (#347)
• 64c4f5f Revert gitea curl address to localhost (#348)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.