Bump the gomod group across 1 directory with 3 updates

[dependabot]

Bumps the gomod group with 2 updates in the / directory: golang.org/x/net and k8s.io/component-helpers.

Updates golang.org/x/net from 0.48.0 to 0.49.0

Commits

• d977772 go.mod: update golang.org/x dependencies
• eea413e internal/http3: use go1.25 synctest.Test instead of go1.24 synctest.Run
• 9ace223 websocket: add missing call to resp.Body.Close
• 7d3dbb0 http2: buffer the most recently received PRIORITY_UPDATE frame
• See full diff in compare view

Updates golang.org/x/sys from 0.39.0 to 0.40.0

Commits

• 2f44229 sys/cpu: add symbolic constants for remaining cpuid bits
• e5770d2 sys/cpu: use symbolic names for masks
• 714a44c sys/cpu: modify x86 port to match what internal/cpu does
• See full diff in compare view

Updates k8s.io/component-helpers from 0.34.1 to 0.35.0

Commits

• 71c97d7 Update dependencies to v0.35.0 tag
• 8313d23 Merge remote-tracking branch 'origin/master' into release-1.35
• 8aa03b8 Bump golang.org/x/crypto to v0.45.0
• 165c29d Merge pull request #135131 from Dev1622/sig-storage/mock-expand-flake-fix
• b6e62f7 vendor: update vendor and license metadata after replacing BeTrue usage in cs...
• be0fff2 Resolve lint restriction on BeTrue by introducing Succeed() with contextual e...
• 0907aec Merge pull request #132919 from ndixita/pod-level-in-place-pod-resize
• d433219 Update vendored dependencies
• 723ce89 Add InPlacePodLevelResourcesVerticalScaling declared feature.
• 8ee2417 Scheduler changes to support pod level resources in place resize
• Additional commits viewable in compare view

Most Recent Ignore Conditions Applied to This Pull Request

Dependency Name	Ignore Conditions
golang.org/x/sys	[>= 0.39.a, < 0.40]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Summary by CodeRabbit

• Chores
  • Updated Go toolchain to version 1.25.0.
  • Updated Kubernetes API stack and related dependencies to v0.35.0.
  • Updated networking, cryptography, and utility libraries to latest stable versions for improved compatibility and security.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[github-actions]

@coderabbitai review

[coderabbitai]

Walkthrough

Go toolchain upgraded from version 1.24.0 to 1.25.0 with simultaneous updates to 20+ module dependencies, including Kubernetes API stack packages (k8s.io/api, k8s.io/client-go, etc.) to v0.35.0 and various golang.org packages to newer patch/minor versions.

Changes

Cohort / File(s)	Summary
Go Module Configuration go.mod	Go toolchain bumped from 1.24.0 to 1.25.0; 20+ direct and indirect dependencies updated including Kubernetes API stack to v0.35.0, golang.org packages (net, sys, crypto, term, text, tools), spf13/pflag, yaml.v2, and json-patch; overall dependency graph modernized while preserving module structure compatibility

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

---

📜 Recent review details

Configuration used: Organization UI

Review profile: CHILL

Plan: Free

📥 Commits

Reviewing files that changed from the base of the PR and between b0f9c94 and 264eac7.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (1)

• go.mod

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.