chore(deps): bump the go_modules group with 3 updates

[dependabot]

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

---

Bumps the go_modules group with 3 updates: github.com/expr-lang/expr, golang.org/x/crypto and golang.org/x/net.

Updates github.com/expr-lang/expr from 1.15.6 to 1.17.0

Release notes

Sourced from github.com/expr-lang/expr's releases.

v1.17.0

Expr is a Go-centric expression language designed to deliver dynamic configurations with unparalleled accuracy, safety, and speed.

program, err := expr.Compile(`let foo = bar(); baz(foo, foo)`)

In this release:

This release added the biggest change to the Expr language: if-else expressions and sequential expressions. #736 e750878

if foo > 42 {
    assert(foo);
    calc(foo, foo / 2)
} else {
    calc(0, 0)
}

A sequence of expression may be separated by ; char. The last semicolon must be omitted. Expr returns the value of the last expression in the sequence.

If-else is also expressions. Each if must have an else part. Result of if-else can be used as an expression:

let foo = if bar > 0 {
    process(bar)
} else {
    fallback()
};
foo + 42

Added:

• Added ast.Find helper for easy AST searching. 579de74
• Added compile node budget and memory limits (#762)
• Added uniq() builtin (#705)
• Added flatten() builtin (#684)
• Added types pkg (#665 #667 #668)

Improvements:

• Allow tailing comma in arguments (#623)
• Improved type checker for named types 6fa83ad
• Now len() return runes count for string e8bd7f8

... (truncated)

Commits

• 3be6386 Code style: remove repeated helper functions
• 25690fe chore: Added SOLO to the companies list (#769)
• a9cda30 Test for issue 756
• 2bc0eed Remove duplicated dereferences
• f4bbea5 Add support deref in all builtins
• 7d564c0 Remove print
• 80f0ea6 Correctly add OpDeref if needed
• 2d9f616 Add more tailing comma tests
• 8f83203 Allow tailing comma in arguments (#623)
• 435b79d Make sure get() returns nil for map[string]string on missing keys
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.31.0 to 0.35.0

Commits

• 7292932 ssh: limit the size of the internal packet queue while waiting for KEX
• f66f74b acme/autocert: check host policy before probing the cache
• b0784b7 x509roots/fallback: drop obsolete build constraint
• 911360c all: bump golang.org/x/crypto dependencies of asm generators
• 89ff08d all: upgrade go directive to at least 1.23.0 [generated]
• e47973b all: update certs for go1.24
• 9290511 go.mod: update golang.org/x dependencies
• fa5273e x509roots/fallback: update bundle
• a8ea4be ssh: add ServerConfig.PreAuthConnCallback, ServerPreAuthConn (banner) interface
• 71d3a4c acme: support challenges that require the ACME client to send a non-empty JSO...
• Additional commits viewable in compare view

Updates golang.org/x/net from 0.25.0 to 0.38.0

Commits

• e1fcd82 html: properly handle trailing solidus in unquoted attribute value in foreign...
• ebed060 internal/http3: fix build of tests with GOEXPERIMENT=nosynctest
• 1f1fa29 publicsuffix: regenerate table
• 1215081 http2: improve error when server sends HTTP/1
• 312450e html: ensure <search> tag closes <p> and update tests
• 09731f9 http2: improve handling of lost PING in Server
• 55989e2 http2/h2c: use ResponseController for hijacking connections
• 2914f46 websocket: re-recommend gorilla/websocket
• 99b3ae0 go.mod: update golang.org/x dependencies
• 85d1d54 go.mod: update golang.org/x dependencies
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
  You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[LinuxSuRen]

@dependabot ignore github.com/expr-lang/expr

[dependabot]

OK, I won't notify you about github.com/expr-lang/expr again, unless you unignore it.

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml