chore(deps): bump github.com/fatedier/frp from 0.67.0 to 0.68.1

[dependabot]

Bumps github.com/fatedier/frp from 0.67.0 to 0.68.1.

Release notes

Sourced from github.com/fatedier/frp's releases.

v0.68.1

Fixes

• Fixed a configuration-dependent authentication bypass in type = "http" proxies when routeByHTTPUser is used together with httpUser / httpPassword. This affected proxy-style requests. Proxy-style authentication failures now return 407 Proxy Authentication Required.

v0.68.0

Features

• Added a built-in store capability for frpc, including persisted store source ([store] path = "..."), Store CRUD admin APIs (/api/store/proxies*, /api/store/visitors*) with runtime reload, and Store management pages in the frpc web dashboard.

Improvements

• Kept proxy/visitor names as raw config names during completion; moved user-prefix handling to explicit wire-level naming logic.
• Added noweb build tag to allow compiling without frontend assets. make build now auto-detects missing web/*/dist directories and skips embedding, so a fresh clone can build without running make web first. The dashboard gracefully returns 404 when assets are not embedded.
• Improved config parsing errors: for .toml files, syntax errors now return immediately with parser position details (line/column when available) instead of falling through to YAML/JSON parsing, and TOML type mismatches report field-level errors without misleading line numbers.
• OIDC auth now caches the access token and refreshes it before expiry, avoiding a new token request on every heartbeat. Falls back to per-request fetch when the provider omits expires_in.

Commits

• 4ec8de9 Merge pull request #5287 from fatedier/dev
• e8dfd6e web/frpc: use static imports for proxy and visitor route components (#5286)
• a9a4416 vhost/http: fix auth bypass when routeByHTTPUser is used with proxy-style req...
• d667be7 update architecture pic (#5270)
• 31c3deb deps: bump golib to v0.6.0 (#5269)
• 31e2719 test/e2e: allocate dynamic ports outside whitelist ranges in server whitelist...
• 061c141 update README.md (#5267)
• 98ee1ad client: close TCP connection when fmux session creation fails (#5262)
• 76abeff ci: remove security vulnerability scan workflow (#5266)
• c694b1f bump pion/stun to v3 to fix vulnerability (#5245)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.