Log message:
Revbump all Go packages after default version switch to 1.14.

Log message:
dnscrypt-proxy2: Update to 2.0.42

* Version 2.0.42
 - The current versions of the `dnsdist` load balancer (presumably used
by quad9, cleanbrowsing, qualityology, freetsa.org, ffmuc.net,
opennic-bongobow, sth-dnscrypt-se, ams-dnscrypt-nl and more)
is preventing queries over 1500 bytes from being received over UDP.
Temporary workarounds have been introduced to improve reliability
with these resolvers for regular DNSCrypt. Unfortunately, anonymized
DNS cannot be reliable until the issue is fixed server-side. `dnsdist`
authors are aware of it and are working on a fix.
 - New option in the `[anonymized_dns]` section: `skip_incompatible`,
to ignore resolvers incompatible with Anonymized DNS instead of
using them without a relay.
 - The server latency benchmark is faster while being able to perform
more retries if necessary.
 - Continuous integration has been moved to GitHub Actions.

Log message:
dnscrypt-proxy2: Update to 2.0.40

* Version 2.0.40
 - Servers blocking fragmented queries are now automatically detected.
 - The server name is now only present in query logs when an actual
upstream servers was required to resolve a query.
 - TLS client authentication has been added for DoH.
 - The Firefox plugin is now skipped for connections coming from the
local DoH server.
 - DoH RTT computation is now more accurate, especially when CDNs are
in the middle.
 - The forwarding plugin is now more reliable, and handles retries over
 TCP.

Log message:
Revbump all Go packages after go113 update.

Log message:
Revbump all Go packages after go113 update.

Log message:
dnscrypt-proxy2: Update to 2.0.39

* Version 2.0.39
 - The Firefox Local DoH service didn't properly work in version 2.0.38;
this has been fixed. Thanks to Simon Brand for the report!

* Version 2.0.38
 - Entries from lists (forwarding, blacklists, whitelists) now support
inline comments.
 - Reliability improvement: queries over UDP are retried after a timeout
instead of solely relying on the client.
 - Reliability improvement: during temporary network outages, cached records
are now served even if they are stale.
 - Bug fix: SOCKS proxies and DNS relays can be combined.
 - New feature: multiple fallback resolvers are now supported (see the
new `fallback_resolvers` option. Note that `fallback_resolver` is
still supported for backward compatibility).
 - Windows: the service can be installed with a configuration file
stored separately from the application.
 - Security (affecting DoH): precompiled binaries of dnscrypt-proxy 2.0.37 are
built using Go 1.13.7 that fixes a TLS certificate parsing issue present in
previous versions of the compiler.

Log message:
Revbump Go packages after Go default version bump.

Log message:
dnscrypt-proxy2: Update to 2.0.36

* Version 2.0.36
 - New option: `block_undelegated`. When enabled, `dnscrypt-proxy` will
directly respond to queries for locally-served zones (https://sk.tl/2QqB971U)
and nonexistent zones that should have been kept local, but are frequently
leaked. This reduces latency and improves privacy.
 - Conformance: the `DO` bit is now set in synthetic responses if it was
set in a question, and the `AD` bit is cleared.
 - The `miegkg/dns` module was updated to version 1.1.26, that fixes a
security issue affecting non-encrypted/non-authenticated DNS traffic. In
`dnscrypt-proxy`, this only affects the forwarding feature.

Log message:
Revbump all Go packages after Go 1.12.14 update.

Log message:
dnscrypt-proxy2: Update to 2.0.35

* Version 2.0.35
 - New option: `block_unqualified` to block `A`/`AAAA` queries with
unqualified host names. These will very rarely get an answer from upstream
resolvers, but can leak private information to these, as well as to root
servers.
 - When a `CNAME` pointer is blocked, the original query name is now logged
along with the pointer. This makes it easier to know what the original
query name, so it can be whitelisted, or what the pointer was, so it
can be removed from the blacklist.