fix(deps): bump github.com/opentdf/platform/lib/ocrypto from 0.6.0 to 0.7.0 in /service

[dependabot]

Bumps github.com/opentdf/platform/lib/ocrypto from 0.6.0 to 0.7.0.

Release notes

Sourced from github.com/opentdf/platform/lib/ocrypto's releases.

service: v0.7.0

0.7.0 (2025-06-24)

⚠ BREAKING CHANGES

• policy: disable kas grants in favor of key mappings (#2220)

Features

• authz: Add caching to keycloak ERS (#2466) (f5b0a06)
• authz: auth svc registered resource GetDecision support (#2392) (5405674)
• authz: authz v2 GetBulkDecision (#2448) (0da3363)
• authz: cache entitlement policy within authorization service (#2457) (c16361c)
• authz: ensure logging parity between authz v2 and v1 (#2443) (ef68586)
• core: add cache manager (#2449) (2b062c5)
• core: consume RPC interceptor request context metadata in logging (#2442) (2769c48)
• core: DSPX-609 - add cli-client to keycloak provisioning (#2396) (48e7489)
• core: ERS cache setup, fix cache initialization (#2458) (d0c6938)
• inject logger and cache manager to key managers (#2461) (9292162)
• kas: expose provider config from key details. (#2459) (0e7d39a)
• main: Add Close() method to cache manager (#2465) (32630d6)
• policy: disable kas grants in favor of key mappings (#2220) (30f8cf5)
• policy: Restrict deletion of pc with used key. (#2414) (3b40a46)
• sdk: allow Connect-Protocol-Version RPC header for cors (#2437) (4bf241e)

Bug Fixes

• core: remove generics on new platform cache manager and client (#2456) (98c3c16)
• core: replace opentdf-public client with cli-client (#2422) (fb18525)
• deps: bump github.com/casbin/casbin/v2 from 2.106.0 to 2.107.0 in /service in the external group (#2416) (43afd48)
• deps: bump github.com/opentdf/platform/protocol/go from 0.4.0 to 0.5.0 in /service (#2470) (3a73fc9)
• deps: bump github.com/opentdf/platform/sdk from 0.4.7 to 0.5.0 in /service (#2473) (ad37476)
• deps: bump the external group across 1 directory with 2 updates (#2450) (9d8d1f1)
• deps: bump the external group across 1 directory with 2 updates (#2472) (d45b3c8)
• only request a token when near expiration (#2370) (556d95e)
• policy: fix casing bug and get provider config on update. (#2403) (a52b8f9)
• policy: properly formatted pem in test fixtures (#2409) (54ffd23)

protocol/go: v0.7.0

0.7.0 (2025-08-08)

⚠ BREAKING CHANGES

• policy: disable kas grants in favor of key mappings (#2220)
• core: Require go 1.23+ (#1979)

Features

... (truncated)

Commits

• 5874ce6 chore(main): release sdk 0.7.0 (#2589)
• b838bbc fix(deps): bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 in /s...
• 78fb8d6 chore(deps): bump github.com/go-viper/mapstructure/v2 from 2.3.0 to 2.4.0 in ...
• b4c67ec chore: Add dependency-review workflow that always targets main (#2645)
• 855611d feat(core): add multi-strategy ERS to support ldap and sql (#2596)
• a411b05 chore(ci): DSPX-1424 Enforce minimum buf version (#2641)
• 15d20b1 chore(ci): Add BDD Test framework (#2640)
• e775e14 fix(deps): bump github.com/opentdf/platform/protocol/go from 0.6.2 to 0.7.0 i...
• 3c392aa fix(deps): bump github.com/docker/docker from 28.2.2+incompatible to 28.3.3+i...
• c52bc15 chore(ci): Fixes for checks for buf and go mods (#2633)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Benchmark results, click to expand

Benchmark authorization.GetDecisions Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	176.496373ms

Benchmark authorization.v2.GetMultiResourceDecision Results:

Metric	Value
Approved Decision Requests	1000
Denied Decision Requests	0
Total Time	99.88714ms

Standard Benchmark Metrics Skipped or Failed

Bulk Benchmark Results

Metric	Value
Total Decrypts	100
Successful Decrypts	100
Failed Decrypts	0
Total Time	369.055531ms
Throughput	270.96 requests/second

TDF3 Benchmark Results:

Metric	Value
Total Requests	5000
Successful Requests	5000
Failed Requests	0
Concurrent Requests	50
Total Time	41.271413003s
Average Latency	410.348786ms
Throughput	121.15 requests/second

NANOTDF Benchmark Results:

Metric	Value
Total Requests	5000
Successful Requests	5000
Failed Requests	0
Concurrent Requests	50
Total Time	28.643811601s
Average Latency	285.255538ms
Throughput	174.56 requests/second