upgrade oauth2

[sujaya-sys]

Overview

The Trivy security scan found a HIGH severity vulnerability in your Go dependencies:

• Issue: golang.org/x/oauth2 version v0.21.0 has CVE-2025-22868

• Problem: Unexpected memory consumption during token parsing

• Fix: Upgrade to version 0.27.0

Impact

Pipeline for new PRs is failing, blocking them from being merged, see: https://github.com/checkly/checkly-operator/actions/runs/17130057867/job/49395729167?pr=64 as an example.

[github-actions]

Hey there and thank you for opening this pull request! 👋🏼

We require pull request titles to follow the Conventional Commits specification and it looks like your proposed title needs to be adjusted.

Details:

No release type found in pull request title "upgrade oauth2". Add a prefix to indicate what kind of release this pull request corresponds to. For reference, see https://www.conventionalcommits.org/

Available types:
 - feat: A new feature
 - fix: A bug fix
 - docs: Documentation only changes
 - style: Changes that do not affect the meaning of the code (white-space, formatting, missing semi-colons, etc)
 - refactor: A code change that neither fixes a bug nor adds a feature
 - perf: A code change that improves performance
 - test: Adding missing tests or correcting existing tests
 - build: Changes that affect the build system or external dependencies (example scopes: gulp, broccoli, npm)
 - ci: Changes to our CI configuration files and scripts (example scopes: Travis, Circle, BrowserStack, SauceLabs)
 - chore: Other changes that don't modify src or test files
 - revert: Reverts a previous commit