Bump golang.org/x/crypto from 0.31.0 to 0.45.0

[dependabot]

Bumps golang.org/x/crypto from 0.31.0 to 0.45.0.

Commits

• 4e0068c go.mod: update golang.org/x dependencies
• e79546e ssh: curb GSSAPI DoS risk by limiting number of specified OIDs
• f91f7a7 ssh/agent: prevent panic on malformed constraint
• 2df4153 acme/autocert: let automatic renewal work with short lifetime certs
• bcf6a84 acme: pass context to request
• b4f2b62 ssh: fix error message on unsupported cipher
• 79ec3a5 ssh: allow to bind to a hostname in remote forwarding
• 122a78f go.mod: update golang.org/x dependencies
• c0531f9 all: eliminate vet diagnostics
• 0997000 all: fix some comments
• Additional commits viewable in compare view

Summary by CodeRabbit

• Chores
  • Updated Go toolchain from version 1.22.0 to 1.24.0
  • Upgraded several core Go dependencies including crypto, networking, synchronization, system, terminal, and text processing libraries for improved security and stability

[coderabbitai]

Caution

Review failed

Pull request was closed or merged during review

Walkthrough

The Go toolchain version constraint in go.mod was upgraded from 1.22.0 to 1.24.0. Concurrently, six indirect golang.org/x/* module dependencies were updated to newer versions across crypto, net, sync, sys, term, and text packages.

Changes

Cohort / File(s)	Summary
Go Module Configuration go.mod	Bumped Go toolchain from 1.22.0 to 1.24.0; updated six indirect golang.org/x module versions (crypto, net, sync, sys, term, text).

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 9 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Title check	⚠️ Warning	The title focuses on bumping golang.org/x/crypto, but the PR also bumps the Go toolchain version and multiple other golang.org/x/* modules (net, sync, sys, term, text). The title is partially related but doesn't capture the main scope.	Consider revising the title to reflect the broader scope, such as 'Bump Go toolchain and golang.org/x dependencies' or similar, to better represent all changes in the PR.

✅ Passed checks (9 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Stable And Deterministic Test Names	✅ Passed	Pull request exclusively updates go.mod with toolchain and dependency versions; no test files modified.
Test Structure And Quality	✅ Passed	This custom check is not applicable to the provided pull request. The PR only modifies go.mod and go.sum to bump the Go toolchain version and update indirect dependencies; no test files are modified.
Microshift Test Compatibility	✅ Passed	PR contains only dependency updates in go.mod and does not add any new Ginkgo e2e tests, so the MicroShift test compatibility check does not apply.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	This PR only modifies go.mod file to upgrade Go toolchain and dependencies; no new Ginkgo e2e tests are added.
Topology-Aware Scheduling Compatibility	✅ Passed	PR only modifies go.mod for toolchain version bump from Go 1.22.0 to 1.24.0. No deployment manifests, operator code, or scheduling constraints are changed.
Ote Binary Stdout Contract	✅ Passed	Repository contains only go.mod changes with no Go source file modifications; this is not an OpenShift Tests Extension binary.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	This pull request does not add any new Ginkgo e2e tests. Changes are limited to updating go.mod with a Go toolchain version bump and upgrading golang.org/x/* dependencies.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/go_modules/golang.org/x/crypto-0.45.0

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[openshift-ci]

Hi @dependabot[bot]. Thanks for your PR.

I'm waiting for a github.com member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work. Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[kaovilai]

/ok-to-test

[openshift-bot]

Issues go stale after 90d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle stale.
Stale issues rot after an additional 30d of inactivity and eventually close.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle stale

[openshift-bot]

Stale issues rot after 30d of inactivity.

Mark the issue as fresh by commenting /remove-lifecycle rotten.
Rotten issues close after an additional 30d of inactivity.
Exclude this issue from closing by commenting /lifecycle frozen.

If this issue is safe to close now please do so with /close.

/lifecycle rotten
/remove-lifecycle stale

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: dependabot[bot], kaovilai, weshayutin

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details

Needs approval from an approver in each of these files:

• OWNERS [kaovilai]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[kaovilai]

@dependabot recreate

[kaovilai]

hopefully itll pull in later supported version of crypto which should pull go 1.25 (latest-1)

[kaovilai]

guess not.. closing so it recreates w diff version

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

[kaovilai]

@dependabot ignore this minor version

its old

[dependabot]

OK, I won't notify you about version 0.45.x again, unless you re-open this PR.