build(deps): bump golang.org/x/net from 0.50.0 to 0.52.0

[dependabot]

Bumps golang.org/x/net from 0.50.0 to 0.52.0.

Commits

• 316e20c go.mod: update golang.org/x dependencies
• 9767a42 internal/http3: add support for plugging into net/http
• 4a81284 http2: update docs to disrecommend this package
• dec6603 dns/dnsmessage: reject too large of names early during unpack
• 8afa12f http2: deprecate write schedulers
• 38019a2 http2: add missing copyright header to export_test.go
• 039b87f internal/http3: return error when Write is used after status 304 is set
• 6267c6c internal/http3: add HTTP 103 Early Hints support to ClientConn
• 591bdf3 internal/http3: add HTTP 103 Early Hints support to Server
• 1faa6d8 internal/http3: avoid potential race when aborting RoundTrip
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

Summary by cubic

Update golang.org/x/net from v0.50.0 to v0.52.0 and align related x/* modules. The module now targets Go 1.25.

• Dependencies

  • Direct: golang.org/x/net v0.52.0
  • Indirect: golang.org/x/crypto v0.49.0, golang.org/x/mod v0.33.0, golang.org/x/sync v0.20.0, golang.org/x/sys v0.42.0, golang.org/x/text v0.35.0, golang.org/x/tools v0.42.0

• Migration

  • Requires Go 1.25+ locally and in CI.

^{Written for commit c973846. Summary will update on new commits.}

[cubic-dev-ai]

1 issue found across 2 files

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="go.mod">

<violation number="1" location="go.mod:3">
P1: This bumps the module's minimum Go version to 1.25, which will make existing Go 1.24 CI/deploy environments stop loading the module. Keep the `go` directive at the current project version unless you're intentionally coordinating a repo-wide toolchain upgrade.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[cubic-dev-ai]

P1: This bumps the module's minimum Go version to 1.25, which will make existing Go 1.24 CI/deploy environments stop loading the module. Keep the go directive at the current project version unless you're intentionally coordinating a repo-wide toolchain upgrade.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At go.mod, line 3:

<comment>This bumps the module's minimum Go version to 1.25, which will make existing Go 1.24 CI/deploy environments stop loading the module. Keep the `go` directive at the current project version unless you're intentionally coordinating a repo-wide toolchain upgrade.</comment>

<file context>
@@ -1,8 +1,6 @@
-go 1.24.0
-
-toolchain go1.24.1
+go 1.25.0
 
 require (
</file context>