Bump dependencies and add notes about Go releases we support

[aldas]

Bump dependencies and add notes about Go releases we support. golang.org/x/ libraries do not work with Go 1.16 so we are bumping oldest version to Go 1.17. List of golang.org/x vuln is here https://pkg.go.dev/search?q=golang.org%2Fx&m=vuln

This is mostly done because we used version of testify that uses yaml library that is vulnerable. There are companies which security policies that disallow using libraries (even test) that have vulnerable dependencies. This case Echo is not using any of yaml stuff, even in tests but we still depend on those libraries.

related to #2326

[codecov]

Codecov Report

Base: 92.35% // Head: 92.37% // Increases project coverage by +0.01% 🎉

Coverage data is based on head (9f6a607) compared to base (8f2bf82).
Patch has no changes to coverable lines.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #2336      +/-   ##
==========================================
+ Coverage   92.35%   92.37%   +0.01%     
==========================================
  Files          37       37              
  Lines        4436     4446      +10     
==========================================
+ Hits         4097     4107      +10     
  Misses        247      247              
  Partials       92       92              

Impacted Files	Coverage Δ
middleware/proxy.go	68.66% <0.00%> (+2.23%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.