Upgrade golang.org/x/crypto to v0.52.0

[amirejaz]

Summary

• The Go vulnerability database published 13 new CVEs on 2026-05-22 affecting golang.org/x/crypto ssh and ssh/agent packages (GO-2026-5005 through GO-2026-5033, CVE-2026-39827–39835, CVE-2026-42508, CVE-2026-46595–46598). These caused the Go Vulnerability Check CI to fail on main and all open PRs.
• golang.org/x/crypto is upgraded from v0.51.0 → v0.52.0, which contains the fix for all 13 CVEs.
• golang.org/x/sys is bumped from v0.44.0 → v0.45.0 as a transitive dependency of the crypto upgrade.
• Renovate would have opened this automatically on the weekend schedule; this PR cuts ahead of that to unblock CI now.

Type of change

• Dependency update

Test plan

• go build ./... passes after the upgrade
• CI vulnerability scan will verify the 13 CVEs are no longer reported

Generated with Claude Code

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 68.74%. Comparing base (9a28521) to head (162931f).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #5366      +/-   ##
==========================================
+ Coverage   68.72%   68.74%   +0.02%     
==========================================
  Files         625      625              
  Lines       63422    63422              
==========================================
+ Hits        43587    43600      +13     
+ Misses      16585    16576       -9     
+ Partials     3250     3246       -4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.