Bump golang.org/x/crypto from 0.51.0 to 0.53.0

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps golang.org/x/crypto from 0.51.0 to 0.53.0.

Commits

• 45460e0 go.mod: update golang.org/x dependencies
• d37c95e pkcs12: limit PBKDF iteration count to prevent CPU exhaustion
• e2ffffe ssh: reject incomplete gssapi-with-mic configurations
• 60e158a ssh/test: isolate CLI tests from user SSH config and agent
• 1b77d23 ssh/knownhosts: reject lines with multiple or unknown markers
• 3872a2b ssh/knownhosts: verify declared key type matches decoded key
• 9f72ecc ssh/knownhosts: treat only ASCII space and tab as whitespace
• 8f405a4 ssh: validate ECDSA curve matches expected algorithm
• bb41b3d ssh: improve DH GEX group selection using PreferredBits
• e04e721 ssh/agent: validate ed25519 private key length in Add
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[kilo-code-bot]

Code Review Summary

Status: No Issues Found | Recommendation: Merge

This PR is a Dependabot dependency update bumping golang.org/x/crypto, golang.org/x/net, and golang.org/x/sys to newer versions. All changes are confined to auto-generated vendor files and go.mod/go.sum, which are standard for dependency updates.

Note: The PR description mentions only golang.org/x/crypto but the diff also includes transitive updates to golang.org/x/net and golang.org/x/sys (common when bumping Go dependencies).

Files Reviewed (41 vendor files)

• go.mod - Dependency version update
• go.sum - Checksum updates
• vendor/golang.org/x/crypto/... - Auto-generated
• vendor/golang.org/x/net/... - Auto-generated
• vendor/golang.org/x/sys/unix/*.go - Auto-generated syscall stubs
• vendor/golang.org/x/sys/unix/*.s - Auto-generated assembly
• vendor/golang.org/x/sys/windows/*.go - Auto-generated syscalls

---

_{Reviewed by laguna-m.1-20260312:free · 350,793 tokens}

[snapetech]

Resolved on main by fc9a152: golang.org/x/crypto is now v0.53.0, and the consolidated update also keeps golang.org/x/net at the newer v0.56.0 with refreshed vendor. govulncheck reports no vulnerabilities and full verify passed. Closing this superseded Dependabot PR.

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.