chore: update x/net to v0.23.0

[pavelbrm]

Summary

Subj.

Fixes https://github.com/brave-intl/bat-go/security/dependabot/119.
Fixes https://github.com/brave-intl/bat-go/security/dependabot/120.
Fixes https://github.com/brave-intl/bat-go/security/dependabot/121.
Fixes https://github.com/brave-intl/bat-go/security/dependabot/122.
Fixes https://github.com/brave-intl/bat-go/security/dependabot/123.
Fixes https://github.com/brave-intl/bat-go/security/dependabot/124.

Type of Change

• Product feature
• Bug fix
• Performance improvement
• Refactor
• Other

Tested Environments

• Development
• Staging
• Production

Before Requesting Review

• Does your code build cleanly without any errors or warnings?
• Have you used auto closing keywords?
• Have you added tests for new functionality?
• Have validated query efficiency for new database queries?
• Have documented new functionality in README or in comments?
• Have you squashed all intermediate commits?
• Is there a clear title that explains what the PR does?
• Have you used intuitive function, variable and other naming?
• Have you requested security and/or privacy review if needed
• Have you performed a self review of this PR?

Manual Test Plan

[github-actions]

[puLL-Merge] - brave-intl/bat-go@2703

Description

This pull request updates Go dependencies across multiple modules in the project, with a focus on upgrading crypto-related packages and setting the GOTOOLCHAIN environment variable to "local". The changes aim to improve security and ensure consistent toolchain usage across different environments.

Changes

Changes

1. .github/workflows/ci.yml:

   • Added GOTOOLCHAIN: local to the environment variables.

2. Dockerfile:

   • Added GOTOOLCHAIN=local to the Go build command.

3. Makefile:

   • Added GOTOOLCHAIN=local to multiple Go build commands.

4. Go module files (go.mod and go.sum):

   • Updated in multiple directories: cmd, libs, main, services, tools, and nitro-shim/tools/gvproxy.
   • Key updates include:
     • golang.org/x/crypto upgraded from v0.17.0 to v0.21.0
     • golang.org/x/net upgraded from v0.17.0 to v0.23.0
     • golang.org/x/sys upgraded from v0.15.0 to v0.18.0
     • golang.org/x/term upgraded from v0.15.0 to v0.18.0

5. Docker Compose files:

   • Added GOTOOLCHAIN=local to the environment variables in multiple files:
     • docker-compose.dev-refresh.yml
     • docker-compose.yml
     • services/rewards/docker-compose.yml
     • services/skus/docker-compose.payment-refresh.yml
     • services/skus/docker-compose.yml
     • services/wallet/docker-compose.yml

6. tools/Dockerfile:

   • Added GOTOOLCHAIN=local to the Go build command.

These changes ensure that the project uses a consistent Go toolchain across different environments and updates important security-related packages to their latest versions.

Security Hotspots

The upgrade of golang.org/x/crypto to v0.21.0 is a significant security improvement, as it likely includes important security fixes and enhancements. It's important to test thoroughly after this upgrade to ensure all cryptographic operations still function correctly.