deps: Update Non-major dependencies

[renovate-bot]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
org.junit.vintage:junit-vintage-engine (source)	5.11.4 -> 5.12.1
org.junit.jupiter:junit-jupiter-engine (source)	5.11.4 -> 5.12.1
org.junit.jupiter:junit-jupiter-params (source)	5.11.4 -> 5.12.1
org.junit.jupiter:junit-jupiter-api (source)	5.11.4 -> 5.12.1
org.junit.jupiter:junit-jupiter (source)	5.11.4 -> 5.12.1
org.junit.platform:junit-platform-commons (source)	1.11.4 -> 1.12.1
org.junit.platform:junit-platform-engine (source)	1.11.4 -> 1.12.1
org.apache.maven.plugins:maven-compiler-plugin	3.13.0 -> 3.14.0
com.google.guava:failureaccess	1.0.2 -> 1.0.3
com.google.api.grpc:proto-google-common-protos	2.51.0 -> 2.54.1
com.google.api:gax-grpc	2.60.0 -> 2.63.1
org.slf4j:slf4j-api (source, changelog)	2.0.16 -> 2.0.17
io.grpc:grpc-bom	1.70.0 -> 1.71.0
com.google.cloud:google-cloud-alloydb-connectors-bom	0.35.0 -> 0.38.0
com.google.cloud:google-cloud-alloydb-bom	0.46.0 -> 0.49.0
com.google.cloud:google-cloud-shared-dependencies	3.42.0 -> 3.45.1
com.google.errorprone:error_prone_annotations (source)	2.36.0 -> 2.37.0
org.apache.maven.plugins:maven-deploy-plugin	3.1.3 -> 3.1.4
com.google.cloud:google-cloud-shared-config	1.14.2 -> 1.15.1

---

Release Notes

googleapis/sdk-platform-java (com.google.api.grpc:proto-google-common-protos)

v2.54.0

Features

• add client side logging with slf4j (#​3403) (fe002fa)

Bug Fixes

• S2A gRPC flow creates ComputeEngineCredentials via newBuilder. (#​3651) (29c061e)

Dependencies

• update dependency ch.qos.logback:logback-core to v1.3.15 [security] (#​3654) (093d867)
• update google api dependencies (#​3631) (48db2a1)
• update google auth library dependencies to v1.33.1 (#​3656) (f7877a5)
• update google http client dependencies to v1.46.3 (#​3657) (9d5b3b5)
• update grpc to 1.70.0 (#​3641) (ad26cf9)
• update grpc to 1.70.0 (missed update) (#​3658) (6ca0599)
• Update opentelemetry-semconv to v1.29.0-alpha (#​3635) (49ac09d)

Documentation

• update showcase readme (#​3659) (0ddf073)

v2.53.0

Compare Source

Features

• enable DirectPath bound token in InstantiatingGrpcChannelProvider (#​3572) (5080495)
• Enable MTLS_S2A bound token by default for gRPC S2A enabled flows (#​3591) (81e21f2)
• migrate away from deprecated graal-sdk dependency to use nativeimage (#​2706) (757801a)

Bug Fixes

• Avoid creating message string prematurely for streaming calls (#​3622) (f805e70)

Dependencies

• update dependency com.google.code.gson:gson to v2.12.0 (#​3595) (1f1b119)
• update dependency com.google.code.gson:gson to v2.12.0 (#​3596) (af62f53)
• update dependency com.google.code.gson:gson to v2.12.1 (#​3599) (18917ee)
• update dependency com.google.code.gson:gson to v2.12.1 (#​3600) (3f82836)
• update dependency commons-codec:commons-codec to v1.18.0 (#​3590) (cd46ba5)
• update dependency io.netty:netty-tcnative-boringssl-static to v2.0.70.final (#​3623) (a4d1f95)
• update dependency lxml to v5.3.1 (#​3624) (5407646)
• update dependency net.bytebuddy:byte-buddy to v1.17.0 (#​3582) (54d99e9)
• update dependency org.checkerframework:checker-qual to v3.49.0 (#​3604) (390cffa)
• update dependency org.graalvm.sdk:nativeimage to v24.1.2 (#​3597) (9d151c4)
• update docker.io/library/maven:3.9.9-eclipse-temurin-11-alpine docker digest to 456f60c (#​3607) (c2d2768)
• update docker.io/library/maven:3.9.9-eclipse-temurin-11-alpine docker digest to d323c2b (#​3601) (ed35c23)
• update docker.io/library/python docker tag to v3.13.2 (#​3615) (ba007c2)
• update docker.io/library/python:3.13.1-alpine3.20 docker digest to 7788ec8 (#​3586) (a24d1ba)
• update google api dependencies (#​3584) (08f2b7b)
• update google auth library dependencies to v1.32.0 (#​3611) (9436eb0)
• update google auth library dependencies to v1.32.1 (#​3618) (88c78e2)
• update google http client dependencies to v1.46.1 (#​3616) (2462105)
• update googleapis/java-cloud-bom digest to 47ad868 (#​3608) (2bcf9e0)
• update googleapis/java-cloud-bom digest to 514a644 (#​3602) (172d4da)
• update googleapis/java-cloud-bom digest to 7752ecd (#​3603) (06be924)
• update netty dependencies to v4.1.117.final (#​3581) (2734dc0)
• update netty dependencies to v4.1.118.final (#​3625) (16ff6bd)
• update netty dependencies to v4.1.118.final (#​3626) (316c425)
• Update OpenTelemetry semantic convention packages in the shared dependencies (#​3402) (0e69784)
• update opentelemetry-java monorepo to v1.46.0 (#​3585) (ac214be)
• update opentelemetry-java monorepo to v1.47.0 (#​3619) (66901df)
• update repo-automation-bots digest to 35eff2c (#​3609) (b962a01)
• update repo-automation-bots digest to 3a68a9c (#​3620) (1d79552)

v2.52.0

Compare Source

Features

• add support for new setAllowHardBoundTokens field. (#​3467) (38431a2)
• revert #​3400: reintroduce experimental S2A integration in client libraries grpc transport (#​3548) (65a0f11)

Dependencies

• update dependency com.google.api-client:google-api-client-bom to v2.7.2 (#​3578) (f6e5ad9)
• update dependency commons-codec:commons-codec to v1.17.2 (#​3557) (07ce801)
• update dependency gitpython to v3.1.44 (#​3559) (e924db0)
• update dependency org.checkerframework:checker-qual to v3.48.4 (#​3560) (a4726e9)
• update dependency smmap to v5.0.2 (#​3561) (6cd5d0d)
• update docker.io/library/alpine docker tag to v3.21.1 (#​3551) (edd5a4c)
• update docker.io/library/alpine docker tag to v3.21.2 (#​3580) (f577ecd)
• update docker.io/library/maven:3.9.9-eclipse-temurin-11-alpine docker digest to 9a259c6 (#​3554) (eb2cbd6)
• update docker.io/library/python:3.13.1-alpine3.20 docker digest to 9ab3b6e (#​3555) (40a74fe)
• update google auth library dependencies to v1.31.0 (#​3577) (7fa879a)
• update googleapis/java-cloud-bom digest to c7c443f (#​3579) (fcf40b7)
• update repo-automation-bots digest to 0a12b5d (#​3464) (b9c9d21)

grpc/grpc-java (io.grpc:grpc-bom)

v1.71.0

API Changes

• xds: Enable Xds Client Fallback by default. This allows having a backup xDS server as described in gRFC A71-xds-fallback.md (#​11817) (176f3ee)
• protobuf: Experimental API marshallerWithRecursionLimit in ProtoUtils is now stabilized (#​11884) (90b1c4f)

Bug Fixes

• xds: Cluster weights should be uint32 (199a7ea). They were previously processed as int32, although the sum of weights was checked to be positive. So this would have caused a very large weight to never be selected and to reduce the chances of immediately-following clusters to be selected. There have been no reports of control planes using such large weights
• xds: Fix an unlikely infinite loop triggered by route update (199a7ea). Triggering required the old cluster to no longer be used, an RPC processing when the update arrived, and for a RPC to not match any route in the new config. There have been no reports of this actually happening
• core: Release data frame if it is received before the headers (dc316f7)

Improvements

• Replace jsr305's CheckReturnValue with Error Prone's (#​11811) (7b5d069)
• core: optimize number of buffer allocations for message sizes larger than 1 MB (#​11879) (5a7f350)
• core: Update the retry backoff range from [0, 1] to [0.8, 1.2] as per the A6 redefinition (#​11858) (44e92e2)
• core: include last pick status in status message when wait-for-ready RPC’s deadline expires (#​11851) (7585b16). This makes it much easier to debug connectivity issues when using wait-for-ready RPCs
• xds: Include max concurrent request limit in the error status for concurrent connections limit exceeded (#​11845) (0f5503e)
• netty, servlet: Remove 4096 min write buffer size because MessageFramer.flush() is being called between every message, so messages are never combined and the larger allocation just wastes memory. (4a10a38, 7153ff8)
• core: When ClientStreamObserver closes the response observer log the error message if this operation fails (#​11880) (302342c)
• bom: use gradle java-platform to build pom instead of custom xml generation (#​11875) (3142928)
• xds: Reuse filter interceptors on client-side across RPCs (c506190, b3db8c2). This was an internal refactor that should have no user-visible change
• alts: Enhance AltsContextUtil to allow getting the AltsContext on client-side (b1bc0a9)
• xds: Envoy proto sync to 2024-11-11 (#​11816) (b44ebce)

Documentation

• examples: Update HelloWorldServer to use Executor (#​11850) (16edf7a)
• examples: Add README for all examples lacking it (#​11676) (9e86299)

Dependencies

• Version upgrades (#​11874) (fc8571a)
• Upgrade netty-tcnative to 2.0.70 (122b683)

Thanks to

@​benjamin
@​panchenko
@​harshagoo94
@​NaveenPrasannaV

googleapis/google-cloud-java (com.google.cloud:google-cloud-alloydb-connectors-bom)

v0.38.0: 0.38.0

Compare Source

Misc

• Update proto and grpc dependency versions
• Added more detail to troubleshooting guide (#​2988)
• Update api-common dependency to 1.4.0 (#​2991)
• Delete APPENGINE.md
• Move generated protobuf and grpc dependencies to bom (#​2990)
• Update README.md
• Upgrade cloudresourcemanager dependency version (#​2944)
• Move bom dependencies to outer pom (#​2976)
• Add TROUBLESHOOTING.md (#​2977)
• Clarifying Alpha (deletion is possible) (#​2975)

Bigtable

• Implement ReadRows retries (#​2986)
• Implement ReadModifyWriteRow (#​2981)
• Implement CheckAndMutateRow (#​2980)
• Implement MutateRow (#​2941)
• Implementation: integrate ReadRows (#​2940)
• Bulk Mutations (#​2936)
• ReadModifyWriteRow (#​2939)
• CheckAndMutate (#​2938)

Bigquery

• BigQuery GA (#​2982)

Storage

• Delete blobs faster (#​2972)

Firestore

• Equals to the Public API + Allowing empty merges + Test Fix (#​2971)

v0.37.0: 0.37.0

Compare Source

Spanner

• Support for Batch Read API (#​2953)

v0.36.0: 0.36.0

Compare Source

Misc

• Update proto and grpc dependency versions
• Version fixes (tagging, incorrect versions, bigtable downgrade) (#​2956)
• Add new version update scripts (#​2947)
• Add grpc-core to BOM (#​2931)

Bigtable

• Rewrite ReframingResponseObserver (#​2925)
• Implement SampleRowKeys (#​2913)
• Update helper script to work with the latest artman changes (#​2943)
• Update Settings test to use StubSettings, formatting (#​2935)
• Rename surface (#​2934)
• Implement ReadRows row merging logic. (#​2914)
• Surface: MutateRow (#​2861)

Core

• oneof -> inheritance conversion (#​2930) breaking change

Logging

• Log more kubernetes properties (#​2937)

Firestore

• Fix integration test (#​2950)

google/error-prone (com.google.errorprone:error_prone_annotations)

v2.37.0: Error Prone 2.37.0

Changes:

• The annotations that were previously in error_prone_type_annotations have been been merged into error_prone_annotations. error_prone_type_annotations is now deprecated, and will be removed in a future release.

New checks:

• AssignmentExpression - The use of an assignment expression can be surprising and hard to read; consider factoring out the assignment to a separate statement.
• IntFloatConversion - Detect calls to scalb that should be using the double overload instead
• InvalidSnippet - Detects snippets which omit the : required for inline code.
• JUnit4EmptyMethods - Detects empty JUnit4 @Before, @After, @BeforeClass, and @AfterClass methods.
• MockIllegalThrows - Detects cases where Mockito is configured to throw checked exception types which are impossible.
• NegativeBoolean - Prefer positive boolean names.
• RuleNotRun - Detects TestRules not annotated with @Rule, that won't be run.
• StringConcatToTextBlock - Replaces concatenated multiline strings with text blocks.
• TimeInStaticInitializer - Detects accesses of the system time in static contexts.

Closed issues:

• Propagate check flags in patch mode (#​4699)
• Fixes a crash in ComputeIfAbsentAmbiguousReference (#​4736)
• Show the field name in HidingField diagnostics (#​4775)
• Add support for jakarta annotations to some checks (#​4782)
• FloatingPointAssertionWithinEpsilonTest depends on default locale (#​4815)
• @InlineMe patching of Strings.repeat produces broken code (#​4819)
• Fix a crash in IdentifierName on unnamed (_) variables (#​4847)
• Fix a crash in ArgumentParameterSwap (#​490)

Full changelog: google/error-prone@v2.36.0...v2.37.0

googleapis/java-shared-config (com.google.cloud:google-cloud-shared-config)

v1.15.1

Compare Source

Dependencies

• Update google-java-format to the latest (aa78b13)

v1.15.0

Compare Source

Features

• Google-java-format version as a property (#​997) (6838220)

v1.14.4

Compare Source

Dependencies

• Update dependency org.graalvm.buildtools:native-maven-plugin to v0.10.5 (#​979) (06c8547)

v1.14.3

Compare Source

Bug Fixes

• Introducing "flatten" profile to use the plugin (#​984) (436aa7c)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.