Hi all, I noticed that spicedb-operator uses golang.org/x/crypto 0.32 which is vulnerable to [CVE-2025-22869](https://github.com/advisories/GHSA-hcg3-q754-cr77), which is high severity. The vulnerability is patched in >= 0.35. Any objections if I gin up a PR to patch spicedb-operator to use a patched crypto version?