Request for dependency updates to mitigate CVEs

[bencardinal]

I am incorporating okta-aws-cli into a docker image. The GitLab container scanning (Trivy) reported two high CVEs that trace back to okta-aws-cli.

The first one, CVE-2025-22869, recommends updating to version of golang.org/x/crypto greater than 0.35.0. Currently 0.32.0 is specified in go.mod.

The second one, CVE-2025-47907, recommends updating the Go version to 1.23.12, 1.24.6. Currently 1.21 is specified in go.mod.

Updates to these would be much appreciated to help calm the security dashboards. Thanks!

[pranav-okta]

Thanks for raising this. We have upgraded the go version and its dependencies in the latest release (v2.6.0)