fix(deps): update module golang.org/x/oauth2 to v0.27.0 [security]

[doctolib-renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
golang.org/x/oauth2	v0.10.0 -> v0.27.0

GitHub Vulnerability Alerts

CVE-2025-22868

An attacker can pass a malicious malformed token which causes unexpected memory to be consumed during parsing.

---

Configuration

📅 Schedule: Branch creation - Every minute ( * * * * * ) in timezone Europe/Paris, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was created by Renovate.

Details

Check the default configuration and documentation.

See the logs on Datadog.
To replay this update, you can use the following packageRules on the Manual Run page: [{"matchPackageNames": ["*"], "enabled": false}, {"matchPackageNames": ["golang.org/x/oauth2"], "enabled": true}]

[doctolib-renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 1 additional dependency was updated
• The go directive was updated for compatibility reasons

Details:

Package	Change
go	1.20 -> 1.23.0
cloud.google.com/go/compute/metadata	v0.2.3 -> v0.3.0