bazel-contrib/rules_go#3901
cloudflare/circl#492

…x `circl` issue (#39)

* set bazel.queriesShareServer to false

* enable all starpls experimental features

* manage tools dependencies for nogo separately

* bump go_sdk toolchain to 1.23.7

* buildifier: remove natic-cc and native-java warnings to make it happy

* jfrogclient: add required 'UploadServiceOptions' arg

* upgrade jfrog-client-go to v1.51.1

* update go sum

* nogo: move it to behind  a macro

* disable nogo for now

* upate nogo_tools mod and sum

* update nogo use_repos

* remove circl bcr patches

bazel-contrib/rules_go#3901
cloudflare/circl#492

* update use_repo for zig toolchans

* remove hermetic_cc_toolchain

* add flag to avoid using local cc toolchain

* Revert "remove circl bcr patches"

This reverts commit f10a072.

* add bazel-lib

* circl workaround: use define flag to set gotags

* set pure=on for go_binary targets

* remove circl bcr patches

* make pkg a target

* add target to create aspect bazel-lib correctness rc

* remove hermetic cc toolchain again

* add and import correctness rc flags

* add tasks.json

* add devcontainer

* updte devcontainer

* add README to rc presets

* update lockfile

* add cursor rules

* move bazel settings ot the top

* fix analyzers type hints

* nogo: run Vet only, make it work wrh downgraded version

* add rule for go/golang/go sdk

* update go sdk back to 1.23.7

* add rule for bazel

* nogo analyzers: add exhaustive label

* add missing BUILD export_files to tools/nogo

* use the latest glang.org/x/tools

…605)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [github.com/cloudflare/circl](https://github.com/cloudflare/circl) | indirect | minor | `v1.3.7` -> `v1.6.1` |

---

### CIRCL-Fourq: Missing and wrong validation can lead to incorrect results
[GHSA-2x5j-vhc8-9cwm](GHSA-2x5j-vhc8-9cwm) / [GO-2025-3754](https://pkg.go.dev/vuln/GO-2025-3754)

<details>
<summary>More information</summary>

#### Details
##### Impact
The CIRCL implementation of FourQ fails to validate user-supplied low-order points during Diffie-Hellman key exchange, potentially allowing attackers to force the identity point and compromise session security.

Moreover, there is an incorrect point validation in ScalarMult can lead to incorrect results in the isEqual function and if a point is on the curve.

##### Patches
Version 1.6.1 (https://github.com/cloudflare/circl/tree/v1.6.1) mitigates the identified issues.

We acknowledge Alon Livne (Botanica Software Labs) for the reported findings.

#### Severity
Low

#### References
- [https://github.com/cloudflare/circl/security/advisories/GHSA-2x5j-vhc8-9cwm](https://github.com/cloudflare/circl/security/advisories/GHSA-2x5j-vhc8-9cwm)
- [https://github.com/cloudflare/circl](https://github.com/cloudflare/circl)
- [https://github.com/cloudflare/circl/tree/v1.6.1](https://github.com/cloudflare/circl/tree/v1.6.1)

This data is provided by [OSV](https://osv.dev/vulnerability/GHSA-2x5j-vhc8-9cwm) and the [GitHub Advisory Database](https://github.com/github/advisory-database) ([CC-BY 4.0](https://github.com/github/advisory-database/blob/main/LICENSE.md)).
</details>

---

### CIRCL-Fourq: Missing and wrong validation can lead to incorrect results in github.com/cloudflare/circl
[GHSA-2x5j-vhc8-9cwm](GHSA-2x5j-vhc8-9cwm) / [GO-2025-3754](https://pkg.go.dev/vuln/GO-2025-3754)

<details>
<summary>More information</summary>

#### Details
CIRCL-Fourq: Missing and wrong validation can lead to incorrect results in github.com/cloudflare/circl

#### Severity
Unknown

#### References
- [https://github.com/cloudflare/circl/security/advisories/GHSA-2x5j-vhc8-9cwm](https://github.com/cloudflare/circl/security/advisories/GHSA-2x5j-vhc8-9cwm)
- [https://github.com/cloudflare/circl/tree/v1.6.1](https://github.com/cloudflare/circl/tree/v1.6.1)

This data is provided by [OSV](https://osv.dev/vulnerability/GO-2025-3754) and the [Go Vulnerability Database](https://github.com/golang/vulndb) ([CC-BY 4.0](https://github.com/golang/vulndb#license)).
</details>

---

### Release Notes

<details>
<summary>cloudflare/circl (github.com/cloudflare/circl)</summary>

### [`v1.6.1`](https://github.com/cloudflare/circl/releases/tag/v1.6.1): CIRCL v1.6.1

[Compare Source](cloudflare/circl@v1.6.0...v1.6.1)

#### CIRCL v1.6.1

-   Fixes some point checks on the FourQ curve.
-   Hybrid KEM fails on low-order points.

##### What's Changed

-   kem/hybrid: ensure X25519 hybrids fails with low order points by [@&#8203;Lekensteyn](https://github.com/Lekensteyn) in cloudflare/circl#541
-   .github: Use native ARM64 builders instead of QEMU by [@&#8203;Lekensteyn](https://github.com/Lekensteyn) in cloudflare/circl#542
-   Fixes several errors on twisted Edwards curves. by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#545
-   Release v1.6.1 by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#546

**Full Changelog**: cloudflare/circl@v1.6.0...v1.6.1

### [`v1.6.0`](https://github.com/cloudflare/circl/releases/tag/v1.6.0): CIRCL v1.6.0

[Compare Source](cloudflare/circl@v1.5.0...v1.6.0)

#### CIRCL v1.6.0

##### New!

-   [Prio3](https://github.com/cloudflare/circl/blob/main/vdaf/prio3) Verifiable Distributed Aggregation Function ([draft-irtf-cfrg-vdaf](https://datatracker.ietf.org/doc/draft-irtf-cfrg-vdaf/)).
-   [X-Wing](https://github.com/cloudflare/circl/blob/main/kem/xwing): general-purpose hybrid post-quantum KEM ([draft-connolly-cfrg-xwing-kem](https://datatracker.ietf.org/doc/draft-connolly-cfrg-xwing-kem/))

##### What's Changed

-   Add OIDs to ML-DSA by [@&#8203;bwesterb](https://github.com/bwesterb) in cloudflare/circl#519
-   Adds Prio3 a set of verifiable distributed aggregation functions. by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#522
-   Run semgrep cronjob only in upstream repository. by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#526
-   X-Wing PQ/T hybrid by [@&#8203;bwesterb](https://github.com/bwesterb) in cloudflare/circl#471
-   ckem: move crypto/elliptic to crypto/ecdh by [@&#8203;MingLLuo](https://github.com/MingLLuo) in cloudflare/circl#529
-   hpke: Update HPKE code to use ecdh stdlib package. by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#530
-   prio3: Adds polynomial multiplication using NTT by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#532
-   Add Prio3 in readme. by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#527

##### New Contributors

-   [@&#8203;MingLLuo](https://github.com/MingLLuo) made their first contribution in cloudflare/circl#529

**Full Changelog**: cloudflare/circl@v1.5.0...v1.6.0

### [`v1.5.0`](https://github.com/cloudflare/circl/releases/tag/v1.5.0): CIRCL v1.5.0

[Compare Source](cloudflare/circl@v1.4.0...v1.5.0)

### CIRCL v1.5.0

**New:** ML-DSA, Module-Lattice-based Digital Signature Algorithm.

##### What's Changed

-   kem: add X25519MLKEM768 TLS hybrid KEM by [@&#8203;bwesterb](https://github.com/bwesterb) in cloudflare/circl#510
-   Create semgrep.yml by [@&#8203;hrushikeshdeshpande](https://github.com/hrushikeshdeshpande) in cloudflare/circl#514
-   repo: Some fixes reported by CodeQL by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#515
-   Add ML-DSA (FIPS204) by [@&#8203;bwesterb](https://github.com/bwesterb) in cloudflare/circl#480
-   sign/mldsa: Add test for ML-DSA signature verification. by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#517
-   Release v1.5.0 by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#518

##### New Contributors

-   [@&#8203;hrushikeshdeshpande](https://github.com/hrushikeshdeshpande) made their first contribution in cloudflare/circl#514

**Full Changelog**: cloudflare/circl@v1.4.0...v1.5.0

### [`v1.4.0`](https://github.com/cloudflare/circl/releases/tag/v1.4.0): CIRCL v1.4.0

[Compare Source](cloudflare/circl@v1.3.9...v1.4.0)

### CIRCL v1.4.0

##### Changes

New: ML-KEM compatible with FIPS-203.

##### Commit History

-   eddilithium3: fix typos by [@&#8203;bwesterb](https://github.com/bwesterb) in cloudflare/circl#503
-   Add ML-KEM (FIPS 203). by [@&#8203;bwesterb](https://github.com/bwesterb) in cloudflare/circl#470
-   Add ML-KEM decapsulation key check. by [@&#8203;bwesterb](https://github.com/bwesterb) in cloudflare/circl#507
-   Preparing for release v1.4.0 by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#508

**Full Changelog**: cloudflare/circl@v1.3.9...v1.4.0

### [`v1.3.9`](https://github.com/cloudflare/circl/releases/tag/v1.3.9): CIRCL v1.3.9

[Compare Source](cloudflare/circl@v1.3.8...v1.3.9)

#### CIRCL v1.3.9

##### Changes:

-   Fix bug on BLS12381 decoding elements.

##### Commit History

-   dilithium: fix typo by [@&#8203;bwesterb](https://github.com/bwesterb) in cloudflare/circl#498
-   bls12381: Detects invalid prefix in G1 and G2 serialized elements by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#500
-   Preparing CIRCL release v1.3.9 by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#501

**Full Changelog**: cloudflare/circl@v1.3.8...v1.3.9

### [`v1.3.8`](https://github.com/cloudflare/circl/releases/tag/v1.3.8): CIRCL v1.3.8

[Compare Source](cloudflare/circl@v1.3.7...v1.3.8)

### CIRCL v1.3.8

#### New

-   BLS Signatures on top of BLS12-381.
-   Adopt faster squaring in pairings.
-   BlindRSA compliant with RFC9474.
-   (Verifiable) Secret Sharing compatible with the Group interface (elliptic curves).

#### Notice

-   Update on cpabe/tkn20 ciphertexts, read more at https://github.com/cloudflare/circl/wiki/tkn20-Ciphertext-Format-(v1.3.8)

##### What's Changed

-   Implement Granger-Scott faster squaring in the cyclotomic subgroup. by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#449
-   Updates avo and CIRCL's own dependency. by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#474
-   Updating documentation for OPRF package. by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#475
-   group: removes order method from group interface by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#356
-   zk/dleq: Adding DLEQ proofs for Qn, the subgroup of squares in (Z/nZ)\* by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#451
-   Reduce x/crypto and x/sys versions to match Go 1.21 by [@&#8203;Lekensteyn](https://github.com/Lekensteyn) in cloudflare/circl#476
-   Bump GitHub Actions versions and use Go 1.22 and 1.21 by [@&#8203;Lekensteyn](https://github.com/Lekensteyn) in cloudflare/circl#477
-   Adding rule for constant values by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#478
-   Add BLS signatures over BLS12-381 by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#446
-   group: Implements Shamir and Feldman secret sharing. by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#348
-   blindrsa: add support for all variants of RFC9474 by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#479
-   Explicitly installs Go with version before CodeQL analysis. by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#481
-   Bumps golangci-lint action by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#485
-   ecc/bls12381: Ensures pairing operations don't overwrite their input by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#494
-   Align to the `purego` build tag, removing `noasm` build tag by [@&#8203;mattyclarkson](https://github.com/mattyclarkson) in cloudflare/circl#492
-   cpabe: Serializing ciphertext with 32-bit prefixes. by [@&#8203;armfazh](https://github.com/armfazh) in cloudflare/circl#490

##### New Contributors

-   [@&#8203;mattyclarkson](https://github.com/mattyclarkson) made their first contribution in cloudflare/circl#492

**Full Changelog**: cloudflare/circl@v1.3.7...v1.3.8

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "" (UTC), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MC40OC40IiwidXBkYXRlZEluVmVyIjoiNDAuNDguNCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->

Reviewed-on: https://code.forgejo.org/forgejo/runner/pulls/605
Reviewed-by: earl-warren <earl-warren@noreply.code.forgejo.org>
Co-authored-by: Renovate Bot <bot@kriese.eu>
Co-committed-by: Renovate Bot <bot@kriese.eu>