Merge pull request #2905 from aldas/v4_crsf_token_fallback

CSRF: support older token-based CSRF protection handler that want to render token into template

Add changelog for v5.0.4 release

Merge pull request #2891 from aldas/fix_staticmw

Fix directory traversal vulnerability under Windows in Static middleware when default Echo filesystem is used. Reported by @shblue21.

This applies to cases when:
- Windows is used as OS
- `middleware.StaticConfig.Filesystem` is `nil` (default)
- `echo.Filesystem` is has not been set explicitly (default)

Exposure is restricted to the active process working directory and its subfolders.

Changelog for version 5.0.2

Merge pull request #2880 from aldas/changelog_501

Changelog for v5.0.1 release

Changelog for v5.0.0 release

v4.15.0 changelog

Changelog for 4.14.0

Improve changelog for 4.13.4 (#2783)

Update golang.org/x/net dependency [GO-2024-3333](https://pkg.go.dev/…

…vuln/GO-2024-3333) (#2722)