chore(deps): bump golang.org/x/crypto from 0.48.0 to 0.50.0

[dependabot]

Bumps golang.org/x/crypto from 0.48.0 to 0.50.0.

Commits

• 03ca0dc go.mod: update golang.org/x dependencies
• 8400f4a ssh: respect signer's algorithm preference in pickSignatureAlgorithm
• 81c6cb3 ssh: swap cbcMinPaddingSize to cbcMinPacketSize to get encLength
• 982eaa6 go.mod: update golang.org/x dependencies
• 159944f ssh,acme: clean up tautological/impossible nil conditions
• a408498 acme: only require prompt if server has terms of service
• cab0f71 all: upgrade go directive to at least 1.25.0 [generated]
• 2f26647 x509roots/fallback: update bundle
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

---

Summary by cubic

Upgrade golang.org/x/crypto to v0.50.0 and bump the module to Go 1.25 to stay current and align with upstream. Also updates related golang.org/x/* modules.

• Dependencies

  • Direct: golang.org/x/crypto 0.48.0 → 0.50.0
  • Indirect alignments: golang.org/x/mod v0.34.0, x/net v0.52.0, x/sync v0.20.0, x/sys v0.43.0, x/text v0.36.0, x/tools v0.43.0

• Migration

  • Build with Go 1.25+ (update local and CI toolchains)

^{Written for commit ee43f7d. Summary will update on new commits.}

[cubic-dev-ai]

1 issue found across 2 files

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="go.mod">

<violation number="1" location="go.mod:3">
P1: This change raises the minimum required Go version to 1.25, which can break builds in environments still pinned to Go 1.24.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[cubic-dev-ai]

P1: This change raises the minimum required Go version to 1.25, which can break builds in environments still pinned to Go 1.24.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At go.mod, line 3:

<comment>This change raises the minimum required Go version to 1.25, which can break builds in environments still pinned to Go 1.24.</comment>

<file context>
@@ -1,8 +1,6 @@
-go 1.24.0
-
-toolchain go1.24.4
+go 1.25.0
 
 require (
</file context>

Suggested change

	go 1.25.0
	go 1.24.0