chore: bump direct Go dependencies

[dgageot]

Summary

Bumps direct Go module dependencies, one commit per dependency. Each bump was validated with task lint and task test before committing.

Dependencies

Module	From	To	Status
github.com/anthropics/anthropic-sdk-go	v1.51.0	v1.52.0	bumped
github.com/aws/smithy-go	v1.27.2	v1.27.3	bumped
github.com/dgageot/rubocop-go	v0.0.0-20260627101724-e3d4629ddda8	v0.0.0-20260627140528-ee9a9b36c3eb	bumped
github.com/docker/cli	v29.6.0+incompatible	v29.6.1+incompatible	bumped
github.com/dop251/goja	v0.0.0-20260618133527-c9b2ea77db59	v0.0.0-20260627200808-0b76000cabdb	bumped
github.com/pb33f/libopenapi	v0.38.1	v0.38.5	bumped
google.golang.org/adk	v1.2.0	v1.4.0	skipped — lint failure (adka2a deprecated in favor of adka2a/v2)
google.golang.org/genai	v1.61.0	v1.62.0	bumped
gopkg.in/dnaeon/go-vcr.v4	v4.0.6	v4.0.7	bumped

Notes

google.golang.org/adk v1.4.0 was skipped: it deprecates server/adka2a in favor of server/adka2a/v2, triggering staticcheck failures in pkg/a2a/executor_wrapper.go and pkg/a2a/server.go. Migrating to the v2 API should be handled separately.

[docker-agent]

Assessment: 🟢 APPROVE

This is a routine dependency bump updating 8 Go modules. All bumps are minor/patch-level increments.

Analysis summary: No bugs introduced by this PR. All dependency versions resolved correctly — confirms remained at v1.2.0 (not silently upgraded by the genai v1.62.0 bump), validating the intentional pin. The PR author's pre-commit validation with task lint and task test is consistent with the clean module graph.