build(go): bump github.com/anchore/quill from 0.5.1 to 0.7.1

[dependabot]

Bumps github.com/anchore/quill from 0.5.1 to 0.7.1.

Release notes

Sourced from github.com/anchore/quill's releases.

v0.7.1

Security Fixes

• Do not allow for unbounded reads for user controlled input [#681 @​wagoodman]
• Account for excessive read limits in macho parsing [#682 @​wagoodman]
• Validate developer log URL requests [#680 @​wagoodman]

(Full Changelog)

v0.7.0

Added Features

• dry run signing and notarization process before running in production [#617 #618 @​willmurphyscode]

Bug Fixes

• TeamID is not set during signing [#147 #669 @​jflowers]

Additional Changes

• Typo in install.sh help text [#546 #549 @​popey]
• migrate to latest tool ci patterns [#670 @​spiffcs]
• update golang to v1.26 [#668 @​wagoodman]
• doc: Add llms.txt for the 🤖 🕷️ [#592 @​popey]
• Update dependencies [#627 @​wagoodman]
• Add periodic workflow to update certs [#608 @​wagoodman]
• lint gh actions with zizmor [#581 @​willmurphyscode]
• update to go 1.24.x [#543 @​westonsteimel]
• update runners to ubuntu-24.04 [#541 @​kzantow]

(Full Changelog)

Commits

• 9cdb082 do not allow for unbounded reads for user controlled input (#681)
• 80cf3fe account for excessive read limits in macho parsing code (#682)
• e41d66a validate developer log URL requests (#680)
• 899202c update cred var values for p12 in release (#679)
• c73a37b remove goreleaser config for release step + update tool refs (#678)
• 95e119c persist credentials for git (#677)
• 02e765a chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#663)
• 530bb7f add test notarize command (#618)
• 3e8269c Set team ID during signing (#675)
• 12b3e8e chore(deps): bump github.com/blacktop/go-macho from 1.1.259 to 1.1.263 (#661)
• Additional commits viewable in compare view

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.