[8.18](backport #5562) Bump Go version to 1.25.1

[mergify]

This PR bumps up the Golang version to 1.25.1. It also:

• removes the ms_tls13kdf Golang build tag when building in FIPS mode because this tag was only needed with Golang versions 1.24.x.
• sets ths GODEBUG=tlsmlkem=0 environment variable when running FIPS140-only unit tests. This prevents errors like so: Failed to connect: crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode.

  ---

  This is an automatic backport of pull request Bump Go version to 1.25.1 #5562 done by Mergify.

[mergify]

Cherry-pick of 15b8c8a has failed:

On branch mergify/bp/8.18/pr-5562
Your branch is up to date with 'origin/8.18'.

You are currently cherry-picking commit 15b8c8a.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	modified:   .go-version
	modified:   .golangci.yml
	new file:   changelog/fragments/1758819869-bump-golang-1.25.1.yaml
	modified:   dev-tools/go.mod
	modified:   go.mod
	modified:   testing/go.mod

Unmerged paths:
  (use "git add/rm <file>..." as appropriate to mark resolution)
	both modified:   .github/workflows/golangci-lint.yml
	deleted by us:   docs/fips.md
	both modified:   magefile.go

To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

[prodsecmachine]

🎉 Snyk checks have passed. No issues have been found so far.

✅ security/snyk check is complete. No issues have been found. (View Details)

✅ license/snyk check is complete. No issues have been found. (View Details)