rebase: bump the golang-dependencies group with 2 updates

[dependabot]

Bumps the golang-dependencies group with 2 updates: golang.org/x/crypto and golang.org/x/net.

Updates golang.org/x/crypto from 0.48.0 to 0.49.0

Commits

• 982eaa6 go.mod: update golang.org/x dependencies
• 159944f ssh,acme: clean up tautological/impossible nil conditions
• a408498 acme: only require prompt if server has terms of service
• cab0f71 all: upgrade go directive to at least 1.25.0 [generated]
• 2f26647 x509roots/fallback: update bundle
• See full diff in compare view

Updates golang.org/x/net from 0.51.0 to 0.52.0

Commits

• 316e20c go.mod: update golang.org/x dependencies
• 9767a42 internal/http3: add support for plugging into net/http
• 4a81284 http2: update docs to disrecommend this package
• dec6603 dns/dnsmessage: reject too large of names early during unpack
• 8afa12f http2: deprecate write schedulers
• 38019a2 http2: add missing copyright header to export_test.go
• 039b87f internal/http3: return error when Write is used after status 304 is set
• 6267c6c internal/http3: add HTTP 103 Early Hints support to ClientConn
• 591bdf3 internal/http3: add HTTP 103 Early Hints support to Server
• 1faa6d8 internal/http3: avoid potential race when aborting RoundTrip
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[nixpanic]

@Mergifyio rebase

[mergify]

rebase

✅ Branch has been successfully rebased

[ceph-csi-bot]

/test ci/centos/k8s-e2e-external-storage/1.33

[ceph-csi-bot]

/test ci/centos/k8s-e2e-external-storage/1.35

[ceph-csi-bot]

/test ci/centos/k8s-e2e-external-storage/1.34

[ceph-csi-bot]

/test ci/centos/mini-e2e-helm/k8s-1.33

[ceph-csi-bot]

/test ci/centos/upgrade-tests-cephfs

[ceph-csi-bot]

/test ci/centos/mini-e2e-helm/k8s-1.35

[ceph-csi-bot]

/test ci/centos/mini-e2e-helm/k8s-1.34

[ceph-csi-bot]

/test ci/centos/mini-e2e/k8s-1.35

[ceph-csi-bot]

/test ci/centos/upgrade-tests-rbd

[ceph-csi-bot]

/test ci/centos/mini-e2e/k8s-1.33

[ceph-csi-bot]

/test ci/centos/mini-e2e/k8s-1.34

[mergify]

Merge Queue Status

• ✅ Entered queue — 2026-03-17 12:20 UTC · Rule: default
• ✅ Checks passed · in-place
• ✅ Merged — 2026-03-17 12:20 UTC · at 55db4aca05db0393f122a2bf92378568a790e80f

This pull request spent 7 seconds in the queue, with no time running CI.

Required conditions to merge

• #approved-reviews-by >= 2 [🛡 GitHub branch protection]
  • rebase: bump the golang-dependencies group with 2 updates #6184
• #changes-requested-reviews-by = 0 [🛡 GitHub branch protection]
  • rebase: bump the golang-dependencies group with 2 updates #6184