fix: update vulnerable dependencies

[abwuge]

升级依赖，修复安全漏洞

Summary by CodeRabbit

• Chores
  • Updated Go toolchain and standard library dependencies to latest stable versions.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: c75161e7-0da6-4278-98a1-f20bdb9a059e

📥 Commits

Reviewing files that changed from the base of the PR and between 0627e0b and 480a5f8.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (1)

• go.mod

---

📝 Walkthrough

Walkthrough

Go module dependencies are updated: the Go toolchain is bumped to version 1.26.3, and four stdlib-adjacent modules receive minor version upgrades—golang.org/x/net from v0.53.0 to v0.55.0, and golang.org/x/crypto, golang.org/x/sys, and golang.org/x/text each incremented by one minor version.

Changes

Dependency Updates

Layer / File(s)	Summary
Go standard library modules upgrade go.mod	Direct dependency golang.org/x/net upgraded from v0.53.0 to v0.55.0; indirect dependencies golang.org/x/crypto, golang.org/x/sys, and golang.org/x/text each incremented by one minor version. Go toolchain requirement also updated.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 A hop, a skip, through versions we go,
Net climbs to fifty-five, steady and slow,
Crypto and text, sys joins the parade,
Stdlib updates, a maintenance crusade! 🚀

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title 'fix: update vulnerable dependencies' clearly and concisely summarizes the main change: upgrading Go module dependencies to address security vulnerabilities.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

Note

Copilot was unable to run its full agentic suite in this review.

Updates Go module dependencies (notably golang.org/x/net) and refreshes module checksums to align with the newer versions.

Changes:

• Bumped golang.org/x/net to v0.55.0
• Bumped indirect golang.org/x/{crypto,sys,text} versions
• Updated go.sum with new dependency checksums from the version bumps

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File	Description
go.mod	Updates required module versions (direct + indirect) for several golang.org/x/* deps.
go.sum	Adds checksum entries corresponding to the updated module versions (and additional transitive entries).

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.