build(deps): update module github.com/go-crypt/x to v0.4.8

[james-d-elliott]

Summary by CodeRabbit

• Chores

  • Bumped Go directive and updated third‑party and indirect dependencies to newer patch/minor releases for compatibility and stability.
  • Adjusted CI matrix to remove an older Go version; build/test jobs now target current supported releases.
  • No user‑facing behavior or public interfaces changed.

• Documentation

  • Updated installation requirements to reflect the raised minimum Go version.

[coderabbitai]

Walkthrough

Bump module Go directive to 1.24.0, upgrade github.com/go-crypt/x to v0.4.8 (and indirect golang.org/x/sys to v0.36.0) in go.mod, update README requirement, and remove Go 1.23 from the GitHub Actions matrix.

Changes

Cohort / File(s)	Summary
Module metadata go.mod	Bump go directive from 1.23.0 to 1.24.0.
Dependency upgrades go.mod	Upgrade github.com/go-crypt/x v0.4.7 → v0.4.8; update indirect golang.org/x/sys v0.35.0 → v0.36.0.
CI matrix .github/workflows/go.yml	Remove Go 1.23 from the build matrix (now 1.24, 1.25).
Docs README.md	Update minimum Go requirement from go 1.21+ to go 1.23+.

Sequence Diagram(s)

(Skipped — changes are metadata/CI/dependency updates and do not alter runtime control flow.)

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

• build(deps): update module github.com/go-crypt/x to v0.3.6 #142 — Updates the same github.com/go-crypt/x dependency and Go directive.
• build(deps): update module github.com/go-crypt/x to v0.3.4 #132 — Related changes to Go version and CI/module metadata.
• build(deps): update module github.com/go-crypt/x to v0.4.5 #175 — Also updates github.com/go-crypt/x and indirect golang.org/x/sys.

Poem

A nibble of mods, a hop to new Go,
Dependencies polished, off we go.
v0.4.8 twinkles bright,
CI trimmed for the flight.
Thump-thump—builds bounce light. 🐇✨

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title directly and accurately summarizes the primary change in the PR—the go.mod dependency bump of github.com/go-crypt/x to v0.4.8—making it clear, specific, and relevant to the changeset; it intentionally omits smaller ancillary edits (Go directive, workflow matrix, README) which is acceptable for a concise title.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch build-x-bump-0.4.8

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull Request Overview

This PR updates the github.com/go-crypt/x module from version v0.4.7 to v0.4.8, along with related dependency updates.

• Updates the main dependency github.com/go-crypt/x to version v0.4.8
• Bumps Go version requirement from 1.23.0 to 1.24.0
• Updates indirect dependency golang.org/x/sys from v0.35.0 to v0.36.0

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 1.28%. Comparing base (5ccb37c) to head (a779193).
⚠️ Report is 5 commits behind head on master.

Additional details and impacted files

@@          Coverage Diff           @@
##           master    #203   +/-   ##
======================================
  Coverage    1.28%   1.28%           
======================================
  Files          49      49           
  Lines        2795    2795           
======================================
  Hits           36      36           
  Misses       2741    2741           
  Partials       18      18           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (1)

go.mod (1)

15-15: Note on indirect golang.org/x/sys v0.36.0.

Looks fine; just flagging that x/sys can surface platform-specific deltas. Ensure Linux/macOS/Windows jobs run green in CI. (github.com)

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5b19b07 and 370f49e.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (1)

• go.mod (1 hunks)

🔇 Additional comments (2)

go.mod (2)

3-3: Confirm intent: go directive (1.24.0) vs toolchain (go1.25.1).

This pairing is valid; the go line controls language/semantics and minimum version, while toolchain selects the executable used. If you want 1.25 semantics, bump the go line too; otherwise this keeps 1.24 semantics while building with 1.25.1. (tip.golang.org)

If the goal is “min supported 1.24, build with 1.25.1,” no change needed. If the goal is “adopt 1.25 semantics,” update to go 1.25.0 (or newer) and keep toolchain go1.25.1.

---

8-8: LGTM: bump to github.com/go-crypt/x v0.4.8.

Tag v0.4.8 exists (Sep 14, 2025), and upstream shows it primarily updates golang.org/x/sys; no API surface change indicated. (github.com)

Please run CI across your usual matrix to confirm no transitive changes affect callers and that go mod tidy leaves go.sum clean.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (2)

go.mod (2)

8-8: Dependency bump to github.com/go-crypt/x v0.4.8: check for breaking changes.

Pre-1.0 minor bumps can include breaking changes per SemVer. Scan release notes and confirm no API/behavior changes affect this repo. Ensure go.sum was updated (run go mod tidy) and committed.

Would you like me to draft a quick checklist against the public changelog to verify surface-area usage?

---

15-15: Indirect bump golang.org/x/sys v0.36.0: verify platform build matrix.

x/sys updates sometimes affect GOOS/GOARCH compatibility and syscall constants. Please run CI across your supported OS/arches and confirm no warnings or build breaks; commit any go.sum changes.

If Windows or BSDs are in scope, consider adding a CI job that builds those targets to catch x/sys drifts early.

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 5d38051 and a779193.

⛔ Files ignored due to path filters (1)

• go.sum is excluded by !**/*.sum

📒 Files selected for processing (3)

• .github/workflows/go.yml (0 hunks)
• README.md (1 hunks)
• go.mod (1 hunks)

💤 Files with no reviewable changes (1)

• .github/workflows/go.yml

✅ Files skipped from review due to trivial changes (1)

• README.md

🔇 Additional comments (1)

go.mod (1)

3-3: Incorrect — keep go 1.24.0; do not change to go 1.24. (tip.golang.org)

The go directive accepts full Go versions including patch components (e.g., 1.23.0 / 1.24.0), and many projects/tooling emit the patched form; changing to go 1.24 is unnecessary — align CI/toolchain/README only if you intend to enforce a different minimum. (github.com)

Likely an incorrect or invalid review comment.