Update sidecar x/crypto dependency to clear Trivy failures

[Copilot]

Draft description for the pending fix; no code change has been applied yet.

The build-and-push / build-sidecar job is failing in the Trivy gate, not in the image build itself. The sidecar binary pulls in golang.org/x/crypto v0.51.0, and Trivy flags multiple HIGH vulnerabilities fixed in v0.52.0.

• Root cause

  • pkg/sidecar/proxy/dp_rank.go imports golang.org/x/crypto/blake2s, which brings golang.org/x/crypto into the sidecar image.
  • The release workflow scans the built sidecar tarball and fails on the vulnerable x/crypto version.

• Change

  • Bump golang.org/x/crypto from v0.51.0 to v0.52.0 in the module graph.
  • Refresh go.sum to capture the updated module checksums.
  • Keep the fix scoped to the sidecar scan failure; no behavior or workflow logic changes.

• Why this is enough

  • The failing findings are all reported against golang.org/x/crypto v0.51.0.
  • Trivy reports v0.52.0 as the fixed version for the flagged CVEs.

import (
    "golang.org/x/crypto/blake2s"
)