fix(deps): update module github.com/containers/storage to v1.52.0

... and c/image/v5 to main

Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Signed-off-by: Miloslav Trmač <mitr@redhat.com>

vendor/github.com/letsencrypt/boulder/goodkey/blocked.go

@@ -9,8 +9,7 @@ import (
 	"os"
 
 	"github.com/letsencrypt/boulder/core"
-
-	yaml "gopkg.in/yaml.v3"
+	"github.com/letsencrypt/boulder/strictyaml"
 )
 
 // blockedKeys is a type for maintaining a map of SHA256 hashes
@@ -58,7 +57,7 @@ func loadBlockedKeysList(filename string) (*blockedKeys, error) {
 		BlockedHashes    []string `yaml:"blocked"`
 		BlockedHashesHex []string `yaml:"blockedHashesHex"`
 	}
-	err = yaml.Unmarshal(yamlBytes, &list)
+	err = strictyaml.Unmarshal(yamlBytes, &list)
 	if err != nil {
 		return nil, err
 	}

vendor/github.com/letsencrypt/boulder/goodkey/good_key.go

@@ -12,7 +12,6 @@ import (
 	"sync"
 
 	"github.com/letsencrypt/boulder/core"
-	berrors "github.com/letsencrypt/boulder/errors"
 
 	"github.com/titanous/rocacheck"
 )
@@ -136,7 +135,7 @@ func (policy *KeyPolicy) GoodKey(ctx context.Context, key crypto.PublicKey) erro
 	// that has been administratively blocked.
 	if policy.blockedList != nil {
 		if blocked, err := policy.blockedList.blocked(key); err != nil {
-			return berrors.InternalServerError("error checking blocklist for key: %v", key)
+			return fmt.Errorf("error checking blocklist for key: %v", key)
 		} else if blocked {
 			return badKey("public key is forbidden")
 		}