deps: bump the chainreactors group across 1 directory with 2 updates

[dependabot]

Bumps the chainreactors group with 2 updates in the / directory: github.com/chainreactors/fingers and github.com/chainreactors/neutron.

Updates github.com/chainreactors/fingers from 1.2.1-0.20260608084741-385e7d586d6f to 1.2.1

Release notes

Sourced from github.com/chainreactors/fingers's releases.

v1.2.1

Features

• xray: 新增 xray 指纹引擎，基于转换后的 xray POC 进行指纹识别
• xray: 通过 templates.Load 加载模板，支持 xray POC 格式自动适配（opt-in）
• fingerprinthub: 统一 AC matcher 预测 + 共享工具函数重构
• fingers: AC 关键词预过滤 + RE2 作为默认正则引擎
• fingers: 简单指纹快速路径 AC 解析
• fingers: 1MB 基准测试覆盖全指纹和 regex-only 场景
• TinyGo 模板清理器与 sender 兼容支持
• 新增 fingerverify 命令

Bug Fixes

• active-match: 修复共享模板变更问题，改为按执行线程分配 client
• active-match: HTTPActiveMatch callback 返回错误的 framework 及模板编译选项丢失（PR #26）
• 多请求模板 extractor 结果跨请求链传递修复
• 模板变量在 ExecuteWithResults 前求值，避免变量未解析
• 防止 nil-map panic（ExecuteWithResults 传入非空 map）
• AC 快速路径保留匹配详情
• fingerprinthub: DSL/regex matcher 在 body 和 headers 中保留原始大小写
• 使用 per-template ExecuterOptions 防止变量覆盖

Refactor

• 引擎级 CaseInsensitive 开关统一大小写匹配策略
• xray 引擎改用 Template.Execute，fingerprinthub 保留快速路径
• 移除 xray 引擎中的 hasUnresolvedVars
• 不再 embed fingerprinthub_xray_web（内部数据改由 Provider 加载）

CI

• 新增测试工作流 + Go 1.17/1.11 兼容性构建
• 启用 Dependabot 自动依赖更新

Dependencies

• neutron → c816917（converter registry + 变量系统重构）
• utils → 6465cb8

Commits

• See full diff in compare view

Updates github.com/chainreactors/neutron from 0.0.0-20260608084636-c81691731908 to 0.0.1

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: dependencies, go. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.