fix: update golang.org/x/crypto from v0.46.0 to v0.53.0 to address se…

[Faizan3456]

Fixes #8598

Updated golang.org/x/crypto from v0.46.0 to v0.53.0 to address security vulnerabilities. Also updated related golang.org/x dependencies via go mod tidy.

Summary by CodeRabbit

• Chores
  • Updated core Go dependencies to newer stable versions, keeping existing version alignment where applicable.

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: Faizan3456
Once this PR has been reviewed and has the lgtm label, please assign rccrdpccl for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci]

Hi @Faizan3456. Thanks for your PR.

I'm waiting for a openshift member to verify that this patch is reasonable to test. If it is, they should reply with /ok-to-test on its own line. Until that is done, I will not automatically test new commits in this PR, but the usual testing commands by org members will still work.

Regular contributors should join the org to skip this step.

Once the patch is verified, the new status will be reflected by the ok-to-test label.

I understand the commands that are listed here.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository: openshift/coderabbit/.coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 598c2887-4f95-41c2-a09b-3f5a445cbd00

📥 Commits

Reviewing files that changed from the base of the PR and between 9bdf2c5 and deac1bb.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (1)

• go.mod

🚧 Files skipped from review as they are similar to previous changes (1)

• go.mod

---

Walkthrough

go.mod updates six golang.org/x/* dependency versions: three direct dependencies and three indirect dependencies.

Changes

golang.org/x dependency updates

Layer / File(s)	Summary
Dependency version bumps go.mod	Updates golang.org/x/crypto, golang.org/x/sync, and golang.org/x/sys, plus indirect golang.org/x/net, golang.org/x/term, and golang.org/x/text; golang.org/x/exp and golang.org/x/oauth2 remain unchanged.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Possibly related issues

• #8598: Update golang.org/x/crypto to address security vulnerabilities — This PR directly updates golang.org/x/crypto in go.mod, matching the issue’s dependency upgrade objective.
• Update golang.org/x/crypto to address security vulnerabilities cluster-baremetal-operator#536 — This issue also centers on bumping golang.org/x/crypto in go.mod, which is directly reflected here.
• Update golang.org/x/crypto to address security vulnerabilities machine-config-operator#5506 — This issue likewise targets a golang.org/x/crypto version bump, aligning with the update in this PR.

Possibly related PRs

• openshift/assisted-service#10495: Both PRs update the same golang.org/x/* module versions in go.mod.

Suggested labels

lgtm

Suggested reviewers

• jhernand
• tsorya

🚥 Pre-merge checks | ✅ 14 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The description gives the issue and change summary, but it omits the template's testing and context details.	Add a fuller summary, motivation, testing details, and any dependency or impact notes to match the template.

✅ Passed checks (14 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly matches the main change: bumping golang.org/x/crypto to a newer version for security.
Linked Issues check	✅ Passed	The dependency bump to golang.org/x/crypto v0.53.0 and related x modules addresses #8598's security update request.
Out of Scope Changes check	✅ Passed	The diff only updates golang.org/x dependency versions in go.mod, so no unrelated changes are evident.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Stable And Deterministic Test Names	✅ Passed	PASS: The PR only updates api/go.mod and api/go.sum; no test titles were edited, so there are no unstable Ginkgo names to flag.
Test Structure And Quality	✅ Passed	Only go.mod and go.sum changed; no Ginkgo test files or test code were touched, so this check is not applicable.
Microshift Test Compatibility	✅ Passed	PR changes are dependency-only in go.mod; no new Ginkgo e2e tests were added, so MicroShift test compatibility is not applicable.
Single Node Openshift (Sno) Test Compatibility	✅ Passed	Only go.mod and go.sum changed versus origin/master; no new Ginkgo e2e tests were added, so SNO compatibility check is not applicable.
Topology-Aware Scheduling Compatibility	✅ Passed	Only go.mod and go.sum changed; no deployment manifests, operators, or controllers were modified, so no new scheduling constraints were introduced.
Ote Binary Stdout Contract	✅ Passed	PR only bumps Go module deps in go.mod/go.sum; no main/init/suite code changed, so stdout contract is unaffected.
Ipv6 And Disconnected Network Test Compatibility	✅ Passed	PR only updates go.mod deps; no new Ginkgo e2e tests, IPv4 assumptions, or external connectivity code were added.
No-Weak-Crypto	✅ Passed	PASS: The PR only updates dependency versions in go.mod; it adds no MD5/SHA1/DES/RC4/ECB usage, custom crypto, or secret comparisons.
Container-Privileges	✅ Passed	PR only updates go.mod dependency versions; no container/K8s manifests or securityContext fields were changed, so none of the flagged privilege settings were introduced.
No-Sensitive-Data-In-Logs	✅ Passed	PR only updates go.mod/go.sum dependency versions; no code or logging changes were introduced.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}