From 3bf54fbadb5c45ce55cd82eef0c8c243dc5eea62 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 5 Aug 2024 09:08:40 -0700
Subject: [PATCH 01/27] Bump golang.org/x/net from 0.26.0 to 0.27.0 in the go
 group (#1144)

Bumps the go group with 1 update:
[golang.org/x/net](https://github.com/golang/net).

Updates `golang.org/x/net` from 0.26.0 to 0.27.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/net/commit/e2310ae9eb6425ee6736cfc40f982f42e20f5850"><code>e2310ae</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/net/commit/77708f716e46255944251965f8240a0eab01e099"><code>77708f7</code></a>
quic: skip tests which depend on unimplemented UDP functions on Plan
9</li>
<li><a
href="https://github.com/golang/net/commit/9617c6335bca5e4e80949a5b1dbe43273260e8a3"><code>9617c63</code></a>
http2: avoid Transport hang with Connection: close and AllowHTTP</li>
<li>See full diff in <a
href="https://github.com/golang/net/compare/v0.26.0...v0.27.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.26.0&new-version=0.27.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index c91e2784e..cd87d5398 100644
--- a/go.mod
+++ b/go.mod
@@ -5,7 +5,7 @@ go 1.19
 require (
 	github.com/iancoleman/strcase v0.3.0
 	github.com/lyft/protoc-gen-star/v2 v2.0.4-0.20230330145011-496ad1ac90a4
-	golang.org/x/net v0.26.0
+	golang.org/x/net v0.27.0
 	google.golang.org/protobuf v1.34.2
 )
 
diff --git a/go.sum b/go.sum
index b2b71e323..27f3a6173 100644
--- a/go.sum
+++ b/go.sum
@@ -224,8 +224,8 @@ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.26.0 h1:soB7SVo0PWrY4vPW/+ay0jKDNScG2X9wFeYlXIvJsOQ=
-golang.org/x/net v0.26.0/go.mod h1:5YKkiSynbBIh3p6iOc/vibscux0x38BZDkn8sCUPxHE=
+golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys=
+golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=

From d4985c6449b29da5bcb72bd0540166cc713d1a1d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 12 Aug 2024 10:39:19 -0700
Subject: [PATCH 02/27] Bump golang.org/x/net from 0.27.0 to 0.28.0 in the go
 group (#1148)

Bumps the go group with 1 update:
[golang.org/x/net](https://github.com/golang/net).

Updates `golang.org/x/net` from 0.27.0 to 0.28.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/net/commit/4542a42604cd159f1adb93c58368079ae37b3bf6"><code>4542a42</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/net/commit/765c7e89b3bdd76bfc210acddd3ca73931eb8d1d"><code>765c7e8</code></a>
xsrftoken: create no padding base64 string by RawURLEncoding</li>
<li><a
href="https://github.com/golang/net/commit/032e4e4358b0ef66f5295d9a78bda41e4d6d399b"><code>032e4e4</code></a>
LICENSE: update per Google Legal</li>
<li>See full diff in <a
href="https://github.com/golang/net/compare/v0.27.0...v0.28.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.27.0&new-version=0.28.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod |  4 ++--
 go.sum | 10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/go.mod b/go.mod
index cd87d5398..0909e6856 100644
--- a/go.mod
+++ b/go.mod
@@ -5,14 +5,14 @@ go 1.19
 require (
 	github.com/iancoleman/strcase v0.3.0
 	github.com/lyft/protoc-gen-star/v2 v2.0.4-0.20230330145011-496ad1ac90a4
-	golang.org/x/net v0.27.0
+	golang.org/x/net v0.28.0
 	google.golang.org/protobuf v1.34.2
 )
 
 require (
 	github.com/spf13/afero v1.10.0 // indirect
 	golang.org/x/mod v0.17.0 // indirect
-	golang.org/x/text v0.16.0 // indirect
+	golang.org/x/text v0.17.0 // indirect
 	golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
 )
 
diff --git a/go.sum b/go.sum
index 27f3a6173..558c8279f 100644
--- a/go.sum
+++ b/go.sum
@@ -224,8 +224,8 @@ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys=
-golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE=
+golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
+golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -245,7 +245,7 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M=
+golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -290,8 +290,8 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.16.0 h1:a94ExnEXNtEwYLGJSIUxnWoxoRz/ZcCsV63ROupILh4=
-golang.org/x/text v0.16.0/go.mod h1:GhwF1Be+LQoKShO3cGOHzqOgRrGaYc9AvblQOmPVHnI=
+golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
+golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=

From e4899f21c3337d785e87678aac9a053ac564fc29 Mon Sep 17 00:00:00 2001
From: Shunsuke Suzuki <suzuki-shunsuke@users.noreply.github.com>
Date: Tue, 13 Aug 2024 04:04:17 +0900
Subject: [PATCH 03/27] CI: fix the failure of goreleaser (#1146)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

The release workflow failed at v1.1.0.

https://github.com/bufbuild/protoc-gen-validate/releases/tag/v1.1.0


https://github.com/bufbuild/protoc-gen-validate/actions/runs/10252222901/job/28362117064

```
/opt/hostedtoolcache/goreleaser-action/2.1.0/x64/goreleaser release --rm-dist
  ⨯ command failed                                   error=unknown flag: --rm-dist
Error: The process '/opt/hostedtoolcache/goreleaser-action/2.1.0/x64/goreleaser' failed with exit code 1
```

--rm-dist was deprecated.

https://goreleaser.com/deprecations/#-rm-dist

Furthermore, we need to add `version: 2`.

```console
$ goreleaser check
  • only configurations files on  version: 2  are supported, yours is  version: 0 , please update your configuration
```

Co-authored-by: Chris Roche <github@rodaine.com>
---
 .github/workflows/goreleaser.yaml | 2 +-
 .goreleaser.yaml                  | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/goreleaser.yaml b/.github/workflows/goreleaser.yaml
index 00bdf6505..78a792ed7 100644
--- a/.github/workflows/goreleaser.yaml
+++ b/.github/workflows/goreleaser.yaml
@@ -26,7 +26,7 @@ jobs:
         with:
           distribution: goreleaser
           version: latest
-          args: release --rm-dist
+          args: release --clean
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - name: Upload assets
diff --git a/.goreleaser.yaml b/.goreleaser.yaml
index 71d8fbf76..94f9a798e 100644
--- a/.goreleaser.yaml
+++ b/.goreleaser.yaml
@@ -1,3 +1,4 @@
+version: 2
 builds:
   - main: .
     id: "protoc-gen-validate"

From 3412985e5b0c73f92ce7dc7375dae90b58ed3d5e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 12 Aug 2024 13:28:23 -0700
Subject: [PATCH 04/27] Bump golang.org/x/net from 0.27.0 to 0.28.0 in /tests
 in the go-tests group (#1150)

Bumps the go-tests group in /tests with 1 update:
[golang.org/x/net](https://github.com/golang/net).

Updates `golang.org/x/net` from 0.27.0 to 0.28.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/net/commit/4542a42604cd159f1adb93c58368079ae37b3bf6"><code>4542a42</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/net/commit/765c7e89b3bdd76bfc210acddd3ca73931eb8d1d"><code>765c7e8</code></a>
xsrftoken: create no padding base64 string by RawURLEncoding</li>
<li><a
href="https://github.com/golang/net/commit/032e4e4358b0ef66f5295d9a78bda41e4d6d399b"><code>032e4e4</code></a>
LICENSE: update per Google Legal</li>
<li>See full diff in <a
href="https://github.com/golang/net/compare/v0.27.0...v0.28.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.27.0&new-version=0.28.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 tests/go.mod | 2 +-
 tests/go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/tests/go.mod b/tests/go.mod
index 8fbd7d45c..809f49e9e 100644
--- a/tests/go.mod
+++ b/tests/go.mod
@@ -3,7 +3,7 @@ module github.com/envoyproxy/protoc-gen-validate/tests
 go 1.21.1
 
 require (
-	golang.org/x/net v0.27.0
+	golang.org/x/net v0.28.0
 	google.golang.org/protobuf v1.34.2
 )
 
diff --git a/tests/go.sum b/tests/go.sum
index 6afb68306..c87eaae45 100644
--- a/tests/go.sum
+++ b/tests/go.sum
@@ -1,7 +1,7 @@
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys=
-golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE=
+golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
+golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
 golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 h1:H2TDz8ibqkAF6YGhCdN3jS9O0/s90v0rJh3X/OLHEUk=
 golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8=
 google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=

From 6753535926b1b4094bd278562249a342d0f23139 Mon Sep 17 00:00:00 2001
From: "Philip K. Warren" <pkwarren@users.noreply.github.com>
Date: Mon, 19 Aug 2024 14:08:16 -0500
Subject: [PATCH 05/27] Add a manually triggered Maven deploy workflow (#1154)

---
 .github/workflows/maven-deploy.yaml  |  6 +-
 .github/workflows/maven-release.yaml | 88 ++++++++++++++++++++++++++++
 java/pom.xml                         | 10 +++-
 java/settings.xml                    |  7 +--
 4 files changed, 99 insertions(+), 12 deletions(-)
 create mode 100644 .github/workflows/maven-release.yaml

diff --git a/.github/workflows/maven-deploy.yaml b/.github/workflows/maven-deploy.yaml
index b85ce5106..ba407c1aa 100644
--- a/.github/workflows/maven-deploy.yaml
+++ b/.github/workflows/maven-deploy.yaml
@@ -43,10 +43,10 @@ jobs:
           echo $GPG_KEY | base64 --decode > signing-key
           gpg --passphrase $GPG_PASSPHRASE --batch --import signing-key
           shred signing-key
-          
+
       - name: Configure GIT
         run: |
-          git config --global user.email "envoy-bot@users.noreply.github.com" 
+          git config --global user.email "envoy-bot@users.noreply.github.com"
           git config --global user.name "envoy-bot"
 
       - name: Set up JDK
@@ -55,7 +55,7 @@ jobs:
           distribution: 'temurin'
           java-version: '17'
           cache: 'maven'
-          server-id: sonatype-nexus-snapshots
+          server-id: ossrh
           server-username: ${ env.SONATYPE_USER }
           server-password: ${ env.SONATYPE_PASSWORD }
           gpg-private-key: ${{ secrets.GPG_SECRET_KEY }}
diff --git a/.github/workflows/maven-release.yaml b/.github/workflows/maven-release.yaml
new file mode 100644
index 000000000..5beb6b1dd
--- /dev/null
+++ b/.github/workflows/maven-release.yaml
@@ -0,0 +1,88 @@
+# This workflow will build a package using Maven and then publish it to GitHub packages when a release is created
+## For more information see: https://github.com/actions/setup-java/blob/main/docs/advanced-usage.md#apache-maven-with-a-settings-path
+
+name: Maven Manual Deploy
+
+on:
+  workflow_dispatch:
+    inputs:
+      ref:
+        description: "Git ref to release"
+        required: true
+      version:
+        description: "Maven version to release (without 'v' prefix)"
+        required: true
+      deployArgs:
+        description: "Additional Maven deploy arguments (e.g. '--debug -DautoReleaseAfterClose=false')"
+        required: false
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    env:
+      SONATYPE_USER: ${{secrets.BUF_SONATYPE_USER}}
+      SONATYPE_PASSWORD: ${{secrets.BUF_SONATYPE_PASSWORD}}
+      GPG_KEY_NAME: ${{secrets.GPG_KEY_NAME}}
+      GPG_PASSPHRASE: ${{secrets.GPG_PASSPHRASE}}
+      MAVEN_OPTS: "--add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang.reflect=ALL-UNNAMED --add-opens=java.base/java.text=ALL-UNNAMED --add-opens=java.desktop/java.awt.font=ALL-UNNAMED"
+      REF_NAME: ${{ inputs.ref }}
+
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          ref: ${{ inputs.ref }}
+      - uses: actions/setup-go@v5
+        with:
+          go-version: 'stable'
+      - name: Set VERSION variable from tag
+        run: |
+          echo "VERSION=${{ inputs.VERSION }}" >> $GITHUB_ENV
+
+      - name: 'Configure GPG signing'
+        env:
+          GPG_KEY: ${{ secrets.GPG_PRIVATE_KEY }}
+          GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
+        run: |
+          # https://github.com/keybase/keybase-issues/issues/2798
+          export GPG_TTY=$(tty)
+          # Import gpg keys and warm the passphrase to avoid the gpg
+          # passphrase prompt when initating a deploy
+          # `--pinentry-mode=loopback` could be needed to ensure we
+          # suppress the gpg prompt
+          echo $GPG_KEY | base64 --decode > signing-key
+          gpg --passphrase $GPG_PASSPHRASE --batch --import signing-key
+          shred signing-key
+
+      - name: Configure GIT
+        run: |
+          git config --global user.email "envoy-bot@users.noreply.github.com"
+          git config --global user.name "envoy-bot"
+
+      - name: Set up JDK
+        uses: actions/setup-java@v4
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+          cache: 'maven'
+          server-id: ossrh
+          server-username: ${ env.SONATYPE_USER }
+          server-password: ${ env.SONATYPE_PASSWORD }
+          gpg-private-key: ${{ secrets.GPG_SECRET_KEY }}
+          gpg-passphrase: ${ env.GPG_PASSPHRASE }
+
+      - name: Update version in pom
+        working-directory: ${{ github.workspace }}/java
+        run: mvn -B versions:set -DnewVersion=${{ env.VERSION }} -DgenerateBackupPoms=false
+
+      - name: Publish to Maven Packages Apache Maven
+        working-directory: ${{ github.workspace }}/java
+        run: |
+          mvn -B -s settings.xml ${{ inputs.deployArgs }} clean deploy \
+          -Darguments="-s settings.xml" \
+          -DreleaseVersion=${{ env.VERSION }} \
+          -DdevelopmentVersion=${{ env.VERSION }}-SNAPSHOT \
+          -DscmCommentPrefix="java release: "
+        env:
+          MAVEN_USERNAME: ${{ env.SONATYPE_USER }}
+          MAVEN_CENTRAL_TOKEN: ${{ env.SONATYPE_PASSWORD }}
+          MAVEN_GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
diff --git a/java/pom.xml b/java/pom.xml
index 36bf20ee5..372babb9a 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -157,10 +157,10 @@
                     <plugin>
                         <groupId>org.sonatype.plugins</groupId>
                         <artifactId>nexus-staging-maven-plugin</artifactId>
-                        <version>1.6.13</version>
+                        <version>1.7.0</version>
                         <extensions>true</extensions>
                         <configuration>
-                            <serverId>sonatype-nexus-staging</serverId>
+                            <serverId>ossrh</serverId>
                             <nexusUrl>https://s01.oss.sonatype.org/</nexusUrl>
                             <autoReleaseAfterClose>true</autoReleaseAfterClose>
                         </configuration>
@@ -206,8 +206,12 @@
     </scm>
 
     <distributionManagement>
+        <repository>
+            <id>ossrh</id>
+            <url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
+        </repository>
         <snapshotRepository>
-            <id>sonatype-nexus-snapshots</id>
+            <id>ossrh</id>
             <url>https://s01.oss.sonatype.org/content/repositories/snapshots</url>
         </snapshotRepository>
     </distributionManagement>
diff --git a/java/settings.xml b/java/settings.xml
index 86d5b27ed..38205ab9a 100644
--- a/java/settings.xml
+++ b/java/settings.xml
@@ -2,12 +2,7 @@
     xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd">
     <servers>
         <server>
-            <id>sonatype-nexus-snapshots</id>
-            <username>${env.SONATYPE_USER}</username>
-            <password>${env.SONATYPE_PASSWORD}</password>
-        </server>
-        <server>
-            <id>sonatype-nexus-staging</id>
+            <id>ossrh</id>
             <username>${env.SONATYPE_USER}</username>
             <password>${env.SONATYPE_PASSWORD}</password>
         </server>

From c24082b277592fc0a70519078d6baa5e774e486a Mon Sep 17 00:00:00 2001
From: "Philip K. Warren" <pkwarren@users.noreply.github.com>
Date: Mon, 19 Aug 2024 15:46:37 -0500
Subject: [PATCH 06/27] Fix Maven release build (#1156)

Update the Maven release build to use the right secret names, switch to
using the Maven wrapper for consistent builds, and clean up the
settings.xml to remove unneeded sections.
---
 .github/workflows/maven-deploy.yaml        |   8 +-
 .github/workflows/maven-release.yaml       |   8 +-
 .github/workflows/maven-verify.yaml        |   2 +-
 java/.mvn/wrapper/maven-wrapper.properties |  19 ++
 java/mvnw                                  | 259 +++++++++++++++++++++
 java/mvnw.cmd                              | 149 ++++++++++++
 java/pom.xml                               |   2 +-
 java/settings.xml                          |  14 --
 8 files changed, 437 insertions(+), 24 deletions(-)
 create mode 100644 java/.mvn/wrapper/maven-wrapper.properties
 create mode 100755 java/mvnw
 create mode 100644 java/mvnw.cmd

diff --git a/.github/workflows/maven-deploy.yaml b/.github/workflows/maven-deploy.yaml
index ba407c1aa..20c199db6 100644
--- a/.github/workflows/maven-deploy.yaml
+++ b/.github/workflows/maven-deploy.yaml
@@ -12,8 +12,8 @@ jobs:
   build:
     runs-on: ubuntu-latest
     env:
-      SONATYPE_USER: ${{secrets.BUF_SONATYPE_USER}}
-      SONATYPE_PASSWORD: ${{secrets.BUF_SONATYPE_PASSWORD}}
+      SONATYPE_USER: ${{secrets.SONATYPE_USER}}
+      SONATYPE_PASSWORD: ${{secrets.SONATYPE_PASSWORD}}
       GPG_KEY_NAME: ${{secrets.GPG_KEY_NAME}}
       GPG_PASSPHRASE: ${{secrets.GPG_PASSPHRASE}}
       MAVEN_OPTS: "--add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang.reflect=ALL-UNNAMED --add-opens=java.base/java.text=ALL-UNNAMED --add-opens=java.desktop/java.awt.font=ALL-UNNAMED"
@@ -63,12 +63,12 @@ jobs:
 
       - name: Update version in pom
         working-directory: ${{ github.workspace }}/java
-        run: mvn -B versions:set -DnewVersion=${{ env.VERSION }} -DgenerateBackupPoms=false
+        run: ./mvnw -B versions:set -DnewVersion=${{ env.VERSION }} -DgenerateBackupPoms=false
 
       - name: Publish to Maven Packages Apache Maven
         working-directory: ${{ github.workspace }}/java
         run: |
-          mvn -B -s settings.xml clean deploy \
+          ./mvnw -B -s settings.xml clean deploy \
           -Darguments="-s settings.xml" \
           -DreleaseVersion=${{ env.VERSION }} \
           -DdevelopmentVersion=${{ env.VERSION }}-SNAPSHOT \
diff --git a/.github/workflows/maven-release.yaml b/.github/workflows/maven-release.yaml
index 5beb6b1dd..5cbadddf0 100644
--- a/.github/workflows/maven-release.yaml
+++ b/.github/workflows/maven-release.yaml
@@ -20,8 +20,8 @@ jobs:
   build:
     runs-on: ubuntu-latest
     env:
-      SONATYPE_USER: ${{secrets.BUF_SONATYPE_USER}}
-      SONATYPE_PASSWORD: ${{secrets.BUF_SONATYPE_PASSWORD}}
+      SONATYPE_USER: ${{secrets.SONATYPE_USER}}
+      SONATYPE_PASSWORD: ${{secrets.SONATYPE_PASSWORD}}
       GPG_KEY_NAME: ${{secrets.GPG_KEY_NAME}}
       GPG_PASSPHRASE: ${{secrets.GPG_PASSPHRASE}}
       MAVEN_OPTS: "--add-opens=java.base/java.util=ALL-UNNAMED --add-opens=java.base/java.lang.reflect=ALL-UNNAMED --add-opens=java.base/java.text=ALL-UNNAMED --add-opens=java.desktop/java.awt.font=ALL-UNNAMED"
@@ -72,12 +72,12 @@ jobs:
 
       - name: Update version in pom
         working-directory: ${{ github.workspace }}/java
-        run: mvn -B versions:set -DnewVersion=${{ env.VERSION }} -DgenerateBackupPoms=false
+        run: ./mvnw -B versions:set -DnewVersion=${{ env.VERSION }} -DgenerateBackupPoms=false
 
       - name: Publish to Maven Packages Apache Maven
         working-directory: ${{ github.workspace }}/java
         run: |
-          mvn -B -s settings.xml ${{ inputs.deployArgs }} clean deploy \
+          ./mvnw -B -s settings.xml ${{ inputs.deployArgs }} clean deploy \
           -Darguments="-s settings.xml" \
           -DreleaseVersion=${{ env.VERSION }} \
           -DdevelopmentVersion=${{ env.VERSION }}-SNAPSHOT \
diff --git a/.github/workflows/maven-verify.yaml b/.github/workflows/maven-verify.yaml
index 659a7c8cb..65831d8a2 100644
--- a/.github/workflows/maven-verify.yaml
+++ b/.github/workflows/maven-verify.yaml
@@ -22,4 +22,4 @@ jobs:
           cache: "maven"
       - name: Verify with Maven
         working-directory: ${{ github.workspace }}/java
-        run: mvn -B verify
+        run: ./mvnw -B verify
diff --git a/java/.mvn/wrapper/maven-wrapper.properties b/java/.mvn/wrapper/maven-wrapper.properties
new file mode 100644
index 000000000..d58dfb70b
--- /dev/null
+++ b/java/.mvn/wrapper/maven-wrapper.properties
@@ -0,0 +1,19 @@
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+wrapperVersion=3.3.2
+distributionType=only-script
+distributionUrl=https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.9.9/apache-maven-3.9.9-bin.zip
diff --git a/java/mvnw b/java/mvnw
new file mode 100755
index 000000000..19529ddf8
--- /dev/null
+++ b/java/mvnw
@@ -0,0 +1,259 @@
+#!/bin/sh
+# ----------------------------------------------------------------------------
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#    http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+# ----------------------------------------------------------------------------
+
+# ----------------------------------------------------------------------------
+# Apache Maven Wrapper startup batch script, version 3.3.2
+#
+# Optional ENV vars
+# -----------------
+#   JAVA_HOME - location of a JDK home dir, required when download maven via java source
+#   MVNW_REPOURL - repo url base for downloading maven distribution
+#   MVNW_USERNAME/MVNW_PASSWORD - user and password for downloading maven
+#   MVNW_VERBOSE - true: enable verbose log; debug: trace the mvnw script; others: silence the output
+# ----------------------------------------------------------------------------
+
+set -euf
+[ "${MVNW_VERBOSE-}" != debug ] || set -x
+
+# OS specific support.
+native_path() { printf %s\\n "$1"; }
+case "$(uname)" in
+CYGWIN* | MINGW*)
+  [ -z "${JAVA_HOME-}" ] || JAVA_HOME="$(cygpath --unix "$JAVA_HOME")"
+  native_path() { cygpath --path --windows "$1"; }
+  ;;
+esac
+
+# set JAVACMD and JAVACCMD
+set_java_home() {
+  # For Cygwin and MinGW, ensure paths are in Unix format before anything is touched
+  if [ -n "${JAVA_HOME-}" ]; then
+    if [ -x "$JAVA_HOME/jre/sh/java" ]; then
+      # IBM's JDK on AIX uses strange locations for the executables
+      JAVACMD="$JAVA_HOME/jre/sh/java"
+      JAVACCMD="$JAVA_HOME/jre/sh/javac"
+    else
+      JAVACMD="$JAVA_HOME/bin/java"
+      JAVACCMD="$JAVA_HOME/bin/javac"
+
+      if [ ! -x "$JAVACMD" ] || [ ! -x "$JAVACCMD" ]; then
+        echo "The JAVA_HOME environment variable is not defined correctly, so mvnw cannot run." >&2
+        echo "JAVA_HOME is set to \"$JAVA_HOME\", but \"\$JAVA_HOME/bin/java\" or \"\$JAVA_HOME/bin/javac\" does not exist." >&2
+        return 1
+      fi
+    fi
+  else
+    JAVACMD="$(
+      'set' +e
+      'unset' -f command 2>/dev/null
+      'command' -v java
+    )" || :
+    JAVACCMD="$(
+      'set' +e
+      'unset' -f command 2>/dev/null
+      'command' -v javac
+    )" || :
+
+    if [ ! -x "${JAVACMD-}" ] || [ ! -x "${JAVACCMD-}" ]; then
+      echo "The java/javac command does not exist in PATH nor is JAVA_HOME set, so mvnw cannot run." >&2
+      return 1
+    fi
+  fi
+}
+
+# hash string like Java String::hashCode
+hash_string() {
+  str="${1:-}" h=0
+  while [ -n "$str" ]; do
+    char="${str%"${str#?}"}"
+    h=$(((h * 31 + $(LC_CTYPE=C printf %d "'$char")) % 4294967296))
+    str="${str#?}"
+  done
+  printf %x\\n $h
+}
+
+verbose() { :; }
+[ "${MVNW_VERBOSE-}" != true ] || verbose() { printf %s\\n "${1-}"; }
+
+die() {
+  printf %s\\n "$1" >&2
+  exit 1
+}
+
+trim() {
+  # MWRAPPER-139:
+  #   Trims trailing and leading whitespace, carriage returns, tabs, and linefeeds.
+  #   Needed for removing poorly interpreted newline sequences when running in more
+  #   exotic environments such as mingw bash on Windows.
+  printf "%s" "${1}" | tr -d '[:space:]'
+}
+
+# parse distributionUrl and optional distributionSha256Sum, requires .mvn/wrapper/maven-wrapper.properties
+while IFS="=" read -r key value; do
+  case "${key-}" in
+  distributionUrl) distributionUrl=$(trim "${value-}") ;;
+  distributionSha256Sum) distributionSha256Sum=$(trim "${value-}") ;;
+  esac
+done <"${0%/*}/.mvn/wrapper/maven-wrapper.properties"
+[ -n "${distributionUrl-}" ] || die "cannot read distributionUrl property in ${0%/*}/.mvn/wrapper/maven-wrapper.properties"
+
+case "${distributionUrl##*/}" in
+maven-mvnd-*bin.*)
+  MVN_CMD=mvnd.sh _MVNW_REPO_PATTERN=/maven/mvnd/
+  case "${PROCESSOR_ARCHITECTURE-}${PROCESSOR_ARCHITEW6432-}:$(uname -a)" in
+  *AMD64:CYGWIN* | *AMD64:MINGW*) distributionPlatform=windows-amd64 ;;
+  :Darwin*x86_64) distributionPlatform=darwin-amd64 ;;
+  :Darwin*arm64) distributionPlatform=darwin-aarch64 ;;
+  :Linux*x86_64*) distributionPlatform=linux-amd64 ;;
+  *)
+    echo "Cannot detect native platform for mvnd on $(uname)-$(uname -m), use pure java version" >&2
+    distributionPlatform=linux-amd64
+    ;;
+  esac
+  distributionUrl="${distributionUrl%-bin.*}-$distributionPlatform.zip"
+  ;;
+maven-mvnd-*) MVN_CMD=mvnd.sh _MVNW_REPO_PATTERN=/maven/mvnd/ ;;
+*) MVN_CMD="mvn${0##*/mvnw}" _MVNW_REPO_PATTERN=/org/apache/maven/ ;;
+esac
+
+# apply MVNW_REPOURL and calculate MAVEN_HOME
+# maven home pattern: ~/.m2/wrapper/dists/{apache-maven-<version>,maven-mvnd-<version>-<platform>}/<hash>
+[ -z "${MVNW_REPOURL-}" ] || distributionUrl="$MVNW_REPOURL$_MVNW_REPO_PATTERN${distributionUrl#*"$_MVNW_REPO_PATTERN"}"
+distributionUrlName="${distributionUrl##*/}"
+distributionUrlNameMain="${distributionUrlName%.*}"
+distributionUrlNameMain="${distributionUrlNameMain%-bin}"
+MAVEN_USER_HOME="${MAVEN_USER_HOME:-${HOME}/.m2}"
+MAVEN_HOME="${MAVEN_USER_HOME}/wrapper/dists/${distributionUrlNameMain-}/$(hash_string "$distributionUrl")"
+
+exec_maven() {
+  unset MVNW_VERBOSE MVNW_USERNAME MVNW_PASSWORD MVNW_REPOURL || :
+  exec "$MAVEN_HOME/bin/$MVN_CMD" "$@" || die "cannot exec $MAVEN_HOME/bin/$MVN_CMD"
+}
+
+if [ -d "$MAVEN_HOME" ]; then
+  verbose "found existing MAVEN_HOME at $MAVEN_HOME"
+  exec_maven "$@"
+fi
+
+case "${distributionUrl-}" in
+*?-bin.zip | *?maven-mvnd-?*-?*.zip) ;;
+*) die "distributionUrl is not valid, must match *-bin.zip or maven-mvnd-*.zip, but found '${distributionUrl-}'" ;;
+esac
+
+# prepare tmp dir
+if TMP_DOWNLOAD_DIR="$(mktemp -d)" && [ -d "$TMP_DOWNLOAD_DIR" ]; then
+  clean() { rm -rf -- "$TMP_DOWNLOAD_DIR"; }
+  trap clean HUP INT TERM EXIT
+else
+  die "cannot create temp dir"
+fi
+
+mkdir -p -- "${MAVEN_HOME%/*}"
+
+# Download and Install Apache Maven
+verbose "Couldn't find MAVEN_HOME, downloading and installing it ..."
+verbose "Downloading from: $distributionUrl"
+verbose "Downloading to: $TMP_DOWNLOAD_DIR/$distributionUrlName"
+
+# select .zip or .tar.gz
+if ! command -v unzip >/dev/null; then
+  distributionUrl="${distributionUrl%.zip}.tar.gz"
+  distributionUrlName="${distributionUrl##*/}"
+fi
+
+# verbose opt
+__MVNW_QUIET_WGET=--quiet __MVNW_QUIET_CURL=--silent __MVNW_QUIET_UNZIP=-q __MVNW_QUIET_TAR=''
+[ "${MVNW_VERBOSE-}" != true ] || __MVNW_QUIET_WGET='' __MVNW_QUIET_CURL='' __MVNW_QUIET_UNZIP='' __MVNW_QUIET_TAR=v
+
+# normalize http auth
+case "${MVNW_PASSWORD:+has-password}" in
+'') MVNW_USERNAME='' MVNW_PASSWORD='' ;;
+has-password) [ -n "${MVNW_USERNAME-}" ] || MVNW_USERNAME='' MVNW_PASSWORD='' ;;
+esac
+
+if [ -z "${MVNW_USERNAME-}" ] && command -v wget >/dev/null; then
+  verbose "Found wget ... using wget"
+  wget ${__MVNW_QUIET_WGET:+"$__MVNW_QUIET_WGET"} "$distributionUrl" -O "$TMP_DOWNLOAD_DIR/$distributionUrlName" || die "wget: Failed to fetch $distributionUrl"
+elif [ -z "${MVNW_USERNAME-}" ] && command -v curl >/dev/null; then
+  verbose "Found curl ... using curl"
+  curl ${__MVNW_QUIET_CURL:+"$__MVNW_QUIET_CURL"} -f -L -o "$TMP_DOWNLOAD_DIR/$distributionUrlName" "$distributionUrl" || die "curl: Failed to fetch $distributionUrl"
+elif set_java_home; then
+  verbose "Falling back to use Java to download"
+  javaSource="$TMP_DOWNLOAD_DIR/Downloader.java"
+  targetZip="$TMP_DOWNLOAD_DIR/$distributionUrlName"
+  cat >"$javaSource" <<-END
+	public class Downloader extends java.net.Authenticator
+	{
+	  protected java.net.PasswordAuthentication getPasswordAuthentication()
+	  {
+	    return new java.net.PasswordAuthentication( System.getenv( "MVNW_USERNAME" ), System.getenv( "MVNW_PASSWORD" ).toCharArray() );
+	  }
+	  public static void main( String[] args ) throws Exception
+	  {
+	    setDefault( new Downloader() );
+	    java.nio.file.Files.copy( java.net.URI.create( args[0] ).toURL().openStream(), java.nio.file.Paths.get( args[1] ).toAbsolutePath().normalize() );
+	  }
+	}
+	END
+  # For Cygwin/MinGW, switch paths to Windows format before running javac and java
+  verbose " - Compiling Downloader.java ..."
+  "$(native_path "$JAVACCMD")" "$(native_path "$javaSource")" || die "Failed to compile Downloader.java"
+  verbose " - Running Downloader.java ..."
+  "$(native_path "$JAVACMD")" -cp "$(native_path "$TMP_DOWNLOAD_DIR")" Downloader "$distributionUrl" "$(native_path "$targetZip")"
+fi
+
+# If specified, validate the SHA-256 sum of the Maven distribution zip file
+if [ -n "${distributionSha256Sum-}" ]; then
+  distributionSha256Result=false
+  if [ "$MVN_CMD" = mvnd.sh ]; then
+    echo "Checksum validation is not supported for maven-mvnd." >&2
+    echo "Please disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties." >&2
+    exit 1
+  elif command -v sha256sum >/dev/null; then
+    if echo "$distributionSha256Sum  $TMP_DOWNLOAD_DIR/$distributionUrlName" | sha256sum -c >/dev/null 2>&1; then
+      distributionSha256Result=true
+    fi
+  elif command -v shasum >/dev/null; then
+    if echo "$distributionSha256Sum  $TMP_DOWNLOAD_DIR/$distributionUrlName" | shasum -a 256 -c >/dev/null 2>&1; then
+      distributionSha256Result=true
+    fi
+  else
+    echo "Checksum validation was requested but neither 'sha256sum' or 'shasum' are available." >&2
+    echo "Please install either command, or disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties." >&2
+    exit 1
+  fi
+  if [ $distributionSha256Result = false ]; then
+    echo "Error: Failed to validate Maven distribution SHA-256, your Maven distribution might be compromised." >&2
+    echo "If you updated your Maven version, you need to update the specified distributionSha256Sum property." >&2
+    exit 1
+  fi
+fi
+
+# unzip and move
+if command -v unzip >/dev/null; then
+  unzip ${__MVNW_QUIET_UNZIP:+"$__MVNW_QUIET_UNZIP"} "$TMP_DOWNLOAD_DIR/$distributionUrlName" -d "$TMP_DOWNLOAD_DIR" || die "failed to unzip"
+else
+  tar xzf${__MVNW_QUIET_TAR:+"$__MVNW_QUIET_TAR"} "$TMP_DOWNLOAD_DIR/$distributionUrlName" -C "$TMP_DOWNLOAD_DIR" || die "failed to untar"
+fi
+printf %s\\n "$distributionUrl" >"$TMP_DOWNLOAD_DIR/$distributionUrlNameMain/mvnw.url"
+mv -- "$TMP_DOWNLOAD_DIR/$distributionUrlNameMain" "$MAVEN_HOME" || [ -d "$MAVEN_HOME" ] || die "fail to move MAVEN_HOME"
+
+clean || :
+exec_maven "$@"
diff --git a/java/mvnw.cmd b/java/mvnw.cmd
new file mode 100644
index 000000000..249bdf382
--- /dev/null
+++ b/java/mvnw.cmd
@@ -0,0 +1,149 @@
+<# : batch portion
+@REM ----------------------------------------------------------------------------
+@REM Licensed to the Apache Software Foundation (ASF) under one
+@REM or more contributor license agreements.  See the NOTICE file
+@REM distributed with this work for additional information
+@REM regarding copyright ownership.  The ASF licenses this file
+@REM to you under the Apache License, Version 2.0 (the
+@REM "License"); you may not use this file except in compliance
+@REM with the License.  You may obtain a copy of the License at
+@REM
+@REM    http://www.apache.org/licenses/LICENSE-2.0
+@REM
+@REM Unless required by applicable law or agreed to in writing,
+@REM software distributed under the License is distributed on an
+@REM "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+@REM KIND, either express or implied.  See the License for the
+@REM specific language governing permissions and limitations
+@REM under the License.
+@REM ----------------------------------------------------------------------------
+
+@REM ----------------------------------------------------------------------------
+@REM Apache Maven Wrapper startup batch script, version 3.3.2
+@REM
+@REM Optional ENV vars
+@REM   MVNW_REPOURL - repo url base for downloading maven distribution
+@REM   MVNW_USERNAME/MVNW_PASSWORD - user and password for downloading maven
+@REM   MVNW_VERBOSE - true: enable verbose log; others: silence the output
+@REM ----------------------------------------------------------------------------
+
+@IF "%__MVNW_ARG0_NAME__%"=="" (SET __MVNW_ARG0_NAME__=%~nx0)
+@SET __MVNW_CMD__=
+@SET __MVNW_ERROR__=
+@SET __MVNW_PSMODULEP_SAVE=%PSModulePath%
+@SET PSModulePath=
+@FOR /F "usebackq tokens=1* delims==" %%A IN (`powershell -noprofile "& {$scriptDir='%~dp0'; $script='%__MVNW_ARG0_NAME__%'; icm -ScriptBlock ([Scriptblock]::Create((Get-Content -Raw '%~f0'))) -NoNewScope}"`) DO @(
+  IF "%%A"=="MVN_CMD" (set __MVNW_CMD__=%%B) ELSE IF "%%B"=="" (echo %%A) ELSE (echo %%A=%%B)
+)
+@SET PSModulePath=%__MVNW_PSMODULEP_SAVE%
+@SET __MVNW_PSMODULEP_SAVE=
+@SET __MVNW_ARG0_NAME__=
+@SET MVNW_USERNAME=
+@SET MVNW_PASSWORD=
+@IF NOT "%__MVNW_CMD__%"=="" (%__MVNW_CMD__% %*)
+@echo Cannot start maven from wrapper >&2 && exit /b 1
+@GOTO :EOF
+: end batch / begin powershell #>
+
+$ErrorActionPreference = "Stop"
+if ($env:MVNW_VERBOSE -eq "true") {
+  $VerbosePreference = "Continue"
+}
+
+# calculate distributionUrl, requires .mvn/wrapper/maven-wrapper.properties
+$distributionUrl = (Get-Content -Raw "$scriptDir/.mvn/wrapper/maven-wrapper.properties" | ConvertFrom-StringData).distributionUrl
+if (!$distributionUrl) {
+  Write-Error "cannot read distributionUrl property in $scriptDir/.mvn/wrapper/maven-wrapper.properties"
+}
+
+switch -wildcard -casesensitive ( $($distributionUrl -replace '^.*/','') ) {
+  "maven-mvnd-*" {
+    $USE_MVND = $true
+    $distributionUrl = $distributionUrl -replace '-bin\.[^.]*$',"-windows-amd64.zip"
+    $MVN_CMD = "mvnd.cmd"
+    break
+  }
+  default {
+    $USE_MVND = $false
+    $MVN_CMD = $script -replace '^mvnw','mvn'
+    break
+  }
+}
+
+# apply MVNW_REPOURL and calculate MAVEN_HOME
+# maven home pattern: ~/.m2/wrapper/dists/{apache-maven-<version>,maven-mvnd-<version>-<platform>}/<hash>
+if ($env:MVNW_REPOURL) {
+  $MVNW_REPO_PATTERN = if ($USE_MVND) { "/org/apache/maven/" } else { "/maven/mvnd/" }
+  $distributionUrl = "$env:MVNW_REPOURL$MVNW_REPO_PATTERN$($distributionUrl -replace '^.*'+$MVNW_REPO_PATTERN,'')"
+}
+$distributionUrlName = $distributionUrl -replace '^.*/',''
+$distributionUrlNameMain = $distributionUrlName -replace '\.[^.]*$','' -replace '-bin$',''
+$MAVEN_HOME_PARENT = "$HOME/.m2/wrapper/dists/$distributionUrlNameMain"
+if ($env:MAVEN_USER_HOME) {
+  $MAVEN_HOME_PARENT = "$env:MAVEN_USER_HOME/wrapper/dists/$distributionUrlNameMain"
+}
+$MAVEN_HOME_NAME = ([System.Security.Cryptography.MD5]::Create().ComputeHash([byte[]][char[]]$distributionUrl) | ForEach-Object {$_.ToString("x2")}) -join ''
+$MAVEN_HOME = "$MAVEN_HOME_PARENT/$MAVEN_HOME_NAME"
+
+if (Test-Path -Path "$MAVEN_HOME" -PathType Container) {
+  Write-Verbose "found existing MAVEN_HOME at $MAVEN_HOME"
+  Write-Output "MVN_CMD=$MAVEN_HOME/bin/$MVN_CMD"
+  exit $?
+}
+
+if (! $distributionUrlNameMain -or ($distributionUrlName -eq $distributionUrlNameMain)) {
+  Write-Error "distributionUrl is not valid, must end with *-bin.zip, but found $distributionUrl"
+}
+
+# prepare tmp dir
+$TMP_DOWNLOAD_DIR_HOLDER = New-TemporaryFile
+$TMP_DOWNLOAD_DIR = New-Item -Itemtype Directory -Path "$TMP_DOWNLOAD_DIR_HOLDER.dir"
+$TMP_DOWNLOAD_DIR_HOLDER.Delete() | Out-Null
+trap {
+  if ($TMP_DOWNLOAD_DIR.Exists) {
+    try { Remove-Item $TMP_DOWNLOAD_DIR -Recurse -Force | Out-Null }
+    catch { Write-Warning "Cannot remove $TMP_DOWNLOAD_DIR" }
+  }
+}
+
+New-Item -Itemtype Directory -Path "$MAVEN_HOME_PARENT" -Force | Out-Null
+
+# Download and Install Apache Maven
+Write-Verbose "Couldn't find MAVEN_HOME, downloading and installing it ..."
+Write-Verbose "Downloading from: $distributionUrl"
+Write-Verbose "Downloading to: $TMP_DOWNLOAD_DIR/$distributionUrlName"
+
+$webclient = New-Object System.Net.WebClient
+if ($env:MVNW_USERNAME -and $env:MVNW_PASSWORD) {
+  $webclient.Credentials = New-Object System.Net.NetworkCredential($env:MVNW_USERNAME, $env:MVNW_PASSWORD)
+}
+[Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12
+$webclient.DownloadFile($distributionUrl, "$TMP_DOWNLOAD_DIR/$distributionUrlName") | Out-Null
+
+# If specified, validate the SHA-256 sum of the Maven distribution zip file
+$distributionSha256Sum = (Get-Content -Raw "$scriptDir/.mvn/wrapper/maven-wrapper.properties" | ConvertFrom-StringData).distributionSha256Sum
+if ($distributionSha256Sum) {
+  if ($USE_MVND) {
+    Write-Error "Checksum validation is not supported for maven-mvnd. `nPlease disable validation by removing 'distributionSha256Sum' from your maven-wrapper.properties."
+  }
+  Import-Module $PSHOME\Modules\Microsoft.PowerShell.Utility -Function Get-FileHash
+  if ((Get-FileHash "$TMP_DOWNLOAD_DIR/$distributionUrlName" -Algorithm SHA256).Hash.ToLower() -ne $distributionSha256Sum) {
+    Write-Error "Error: Failed to validate Maven distribution SHA-256, your Maven distribution might be compromised. If you updated your Maven version, you need to update the specified distributionSha256Sum property."
+  }
+}
+
+# unzip and move
+Expand-Archive "$TMP_DOWNLOAD_DIR/$distributionUrlName" -DestinationPath "$TMP_DOWNLOAD_DIR" | Out-Null
+Rename-Item -Path "$TMP_DOWNLOAD_DIR/$distributionUrlNameMain" -NewName $MAVEN_HOME_NAME | Out-Null
+try {
+  Move-Item -Path "$TMP_DOWNLOAD_DIR/$MAVEN_HOME_NAME" -Destination $MAVEN_HOME_PARENT | Out-Null
+} catch {
+  if (! (Test-Path -Path "$MAVEN_HOME" -PathType Container)) {
+    Write-Error "fail to move MAVEN_HOME"
+  }
+} finally {
+  try { Remove-Item $TMP_DOWNLOAD_DIR -Recurse -Force | Out-Null }
+  catch { Write-Warning "Cannot remove $TMP_DOWNLOAD_DIR" }
+}
+
+Write-Output "MVN_CMD=$MAVEN_HOME/bin/$MVN_CMD"
diff --git a/java/pom.xml b/java/pom.xml
index 372babb9a..c1b94e8d7 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -120,7 +120,7 @@
                     <execution>
                         <id>attach-sources</id>
                         <goals>
-                            <goal>jar</goal>
+                            <goal>jar-no-fork</goal>
                         </goals>
                     </execution>
                 </executions>
diff --git a/java/settings.xml b/java/settings.xml
index 38205ab9a..85d2b8978 100644
--- a/java/settings.xml
+++ b/java/settings.xml
@@ -17,19 +17,6 @@
         </server>
     </servers>
     <profiles>
-        <profile>
-            <id>ci</id>
-            <repositories>
-                <repository>
-                    <id>sonatype-staging</id>
-                    <url>https://s01.oss.sonatype.org/service/local/staging/deploy/maven2/</url>
-                    <layout>default</layout>
-                    <releases>
-                        <enabled>true</enabled>
-                    </releases>
-                </repository>
-            </repositories>
-        </profile>
         <profile>
             <id>signing</id>
             <properties>
@@ -40,7 +27,6 @@
         </profile>
     </profiles>
     <activeProfiles>
-        <activeProfile>ci</activeProfile>
         <activeProfile>signing</activeProfile>
     </activeProfiles>
 </settings>

From a0746bd982b65f09c2769c1a029c7055d655a726 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 8 Oct 2024 10:29:51 -0700
Subject: [PATCH 07/27] Bump golang.org/x/net from 0.28.0 to 0.30.0 in the go
 group across 1 directory (#1171)

Bumps the go group with 1 update in the / directory:
[golang.org/x/net](https://github.com/golang/net).

Updates `golang.org/x/net` from 0.28.0 to 0.30.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/net/commit/6cc5ac4e9a03d73b331eb1d6db98a02e558243b7"><code>6cc5ac4</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/net/commit/f88258d67e0f0f144c79964ca05bb81d51ee8411"><code>f88258d</code></a>
websocket: update nhooyr.io/websocket to github.com/coder/websocket</li>
<li><a
href="https://github.com/golang/net/commit/7191757bc637cf79a7ece0546e33f903bf5e9709"><code>7191757</code></a>
http2: add support for net/http HTTP2 config field</li>
<li><a
href="https://github.com/golang/net/commit/4790dc7047441aed4889873cdd30e1e6adf49735"><code>4790dc7</code></a>
http2: add support for server-originated pings</li>
<li><a
href="https://github.com/golang/net/commit/541dbe58b6bc869fc1c7de361846682a34365325"><code>541dbe5</code></a>
http2: add Server.WriteByteTimeout</li>
<li><a
href="https://github.com/golang/net/commit/3c333c0c5288a7cf127e427ddda5b1b54020a2b4"><code>3c333c0</code></a>
route: fix address parsing of messages on Darwin</li>
<li><a
href="https://github.com/golang/net/commit/35b4abaed97f1df7ee83c075f500e84d8d75d184"><code>35b4aba</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/net/commit/9bf379fa3ecca65daf9d75766986d20ea202f7f8"><code>9bf379f</code></a>
websocket: fix printf(var) mistake detected by latest printf
checker</li>
<li>See full diff in <a
href="https://github.com/golang/net/compare/v0.28.0...v0.30.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.28.0&new-version=0.30.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 4 ++--
 go.sum | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/go.mod b/go.mod
index 0909e6856..f84755965 100644
--- a/go.mod
+++ b/go.mod
@@ -5,14 +5,14 @@ go 1.19
 require (
 	github.com/iancoleman/strcase v0.3.0
 	github.com/lyft/protoc-gen-star/v2 v2.0.4-0.20230330145011-496ad1ac90a4
-	golang.org/x/net v0.28.0
+	golang.org/x/net v0.30.0
 	google.golang.org/protobuf v1.34.2
 )
 
 require (
 	github.com/spf13/afero v1.10.0 // indirect
 	golang.org/x/mod v0.17.0 // indirect
-	golang.org/x/text v0.17.0 // indirect
+	golang.org/x/text v0.19.0 // indirect
 	golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
 )
 
diff --git a/go.sum b/go.sum
index 558c8279f..5b44e82b0 100644
--- a/go.sum
+++ b/go.sum
@@ -224,8 +224,8 @@ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
-golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
+golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4=
+golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -290,8 +290,8 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.17.0 h1:XtiM5bkSOt+ewxlOE/aE/AKEHibwj/6gvWMl9Rsh0Qc=
-golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
+golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM=
+golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=

From 0ea3708b3daae55e0037bb6a04df45d8542c4f6c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 8 Oct 2024 12:08:16 -0700
Subject: [PATCH 08/27] Bump the go-tests group across 1 directory with 2
 updates (#1172)

Bumps the go-tests group with 2 updates in the /tests directory:
[golang.org/x/net](https://github.com/golang/net) and
google.golang.org/protobuf.

Updates `golang.org/x/net` from 0.28.0 to 0.30.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/net/commit/6cc5ac4e9a03d73b331eb1d6db98a02e558243b7"><code>6cc5ac4</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/net/commit/f88258d67e0f0f144c79964ca05bb81d51ee8411"><code>f88258d</code></a>
websocket: update nhooyr.io/websocket to github.com/coder/websocket</li>
<li><a
href="https://github.com/golang/net/commit/7191757bc637cf79a7ece0546e33f903bf5e9709"><code>7191757</code></a>
http2: add support for net/http HTTP2 config field</li>
<li><a
href="https://github.com/golang/net/commit/4790dc7047441aed4889873cdd30e1e6adf49735"><code>4790dc7</code></a>
http2: add support for server-originated pings</li>
<li><a
href="https://github.com/golang/net/commit/541dbe58b6bc869fc1c7de361846682a34365325"><code>541dbe5</code></a>
http2: add Server.WriteByteTimeout</li>
<li><a
href="https://github.com/golang/net/commit/3c333c0c5288a7cf127e427ddda5b1b54020a2b4"><code>3c333c0</code></a>
route: fix address parsing of messages on Darwin</li>
<li><a
href="https://github.com/golang/net/commit/35b4abaed97f1df7ee83c075f500e84d8d75d184"><code>35b4aba</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/net/commit/9bf379fa3ecca65daf9d75766986d20ea202f7f8"><code>9bf379f</code></a>
websocket: fix printf(var) mistake detected by latest printf
checker</li>
<li>See full diff in <a
href="https://github.com/golang/net/compare/v0.28.0...v0.30.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `google.golang.org/protobuf` from 1.34.2 to 1.35.1


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 tests/go.mod | 4 ++--
 tests/go.sum | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/tests/go.mod b/tests/go.mod
index 809f49e9e..3c742129e 100644
--- a/tests/go.mod
+++ b/tests/go.mod
@@ -3,8 +3,8 @@ module github.com/envoyproxy/protoc-gen-validate/tests
 go 1.21.1
 
 require (
-	golang.org/x/net v0.28.0
-	google.golang.org/protobuf v1.34.2
+	golang.org/x/net v0.30.0
+	google.golang.org/protobuf v1.35.1
 )
 
 require golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
diff --git a/tests/go.sum b/tests/go.sum
index c87eaae45..cb632ff50 100644
--- a/tests/go.sum
+++ b/tests/go.sum
@@ -1,8 +1,8 @@
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE=
-golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg=
+golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4=
+golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU=
 golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 h1:H2TDz8ibqkAF6YGhCdN3jS9O0/s90v0rJh3X/OLHEUk=
 golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
+google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA=
+google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=

From 36fe3c84ab737e89c82beba7e67a7baedc8f4728 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 18 Nov 2024 09:52:35 -0800
Subject: [PATCH 09/27] Bump the java group across 1 directory with 17 updates
 (#1183)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps the java group with 17 updates in the /java directory:

| Package | From | To |
| --- | --- | --- |
| [org.assertj:assertj-core](https://github.com/assertj/assertj) |
`3.25.1` | `3.26.3` |
|
[org.apache.maven.plugins:maven-compiler-plugin](https://github.com/apache/maven-compiler-plugin)
| `3.12.1` | `3.13.0` |
|
[org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire)
| `3.2.3` | `3.5.2` |
|
[org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin)
| `3.6.3` | `3.11.1` |
|
[org.apache.maven.plugins:maven-source-plugin](https://github.com/apache/maven-source-plugin)
| `3.3.0` | `3.3.1` |
|
[org.apache.maven.plugins:maven-release-plugin](https://github.com/apache/maven-release)
| `3.0.1` | `3.1.1` |
|
[org.codehaus.mojo:versions-maven-plugin](https://github.com/mojohaus/versions)
| `2.16.2` | `2.18.0` |
|
[org.apache.maven.plugins:maven-gpg-plugin](https://github.com/apache/maven-gpg-plugin)
| `3.1.0` | `3.2.7` |
| commons-validator:commons-validator | `1.8.0` | `1.9.0` |
|
[com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf)
| `3.25.1` | `4.28.3` |
| com.google.protobuf:protobuf-java-util | `3.25.1` | `4.28.3` |
| [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco) |
`0.8.11` | `0.8.12` |
|
[org.apache.maven.plugins:maven-shade-plugin](https://github.com/apache/maven-shade-plugin)
| `3.5.1` | `3.6.0` |
| [io.grpc:grpc-bom](https://github.com/grpc/grpc-java) | `1.60.1` |
`1.68.1` |
|
[com.google.api.grpc:proto-google-common-protos](https://github.com/googleapis/sdk-platform-java)
| `2.30.0` | `2.49.0` |
|
[org.codehaus.mojo:exec-maven-plugin](https://github.com/mojohaus/exec-maven-plugin)
| `3.1.1` | `3.5.0` |
|
[org.codehaus.mojo:build-helper-maven-plugin](https://github.com/mojohaus/build-helper-maven-plugin)
| `3.5.0` | `3.6.0` |


Updates `org.assertj:assertj-core` from 3.25.1 to 3.26.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/assertj/assertj/releases">org.assertj:assertj-core's
releases</a>.</em></p>
<blockquote>
<h2>v3.26.3</h2>
<h2>:jigsaw: Binary Compatibility</h2>
<p>The release is:</p>
<ul>
<li>Binary compatible with the previous minor version.</li>
<li>Binary incompatible with the previous patch version.</li>
</ul>
<h2>:boom: Breaking Changes</h2>
<h3>Core</h3>
<ul>
<li>Replace <code>assertThat(Temporal)</code> with
<code>assertThatTemporal(Temporal)</code> <a
href="https://redirect.github.com/assertj/assertj/issues/3519">#3519</a></li>
</ul>
<h2>:bug: Bug Fixes</h2>
<h3>Core</h3>
<ul>
<li>Fix Javadoc rendering on
<code>FactoryBasedNavigableListAssert::assertThat</code></li>
<li>Allow <code>ComparingNormalizedFields</code> instances to be reused
across different assertions <a
href="https://redirect.github.com/assertj/assertj/issues/3493">#3493</a></li>
</ul>
<h2>:hammer: Dependency Upgrades</h2>
<h3>Core</h3>
<ul>
<li>Upgrade to Byte Buddy 1.14.18 <a
href="https://redirect.github.com/assertj/assertj/issues/3531">#3531</a></li>
<li>Upgrade to JUnit BOM 5.10.3 <a
href="https://redirect.github.com/assertj/assertj/issues/3525">#3525</a></li>
</ul>
<h3>Guava</h3>
<ul>
<li>Upgrade to Guava 33.2.1-jre <a
href="https://redirect.github.com/assertj/assertj/issues/3499">#3499</a></li>
</ul>
<h2>:heart: Contributors</h2>
<p>Thanks to all the contributors who worked on this release:</p>
<p><a href="https://github.com/genuss"><code>@​genuss</code></a></p>
<h2>v3.26.0</h2>
<h2>:boom: Breaking Changes</h2>
<h3>Core</h3>
<ul>
<li>
<p>Delegate <code>OptionalDouble</code> value comparison to
<code>Double.compare</code> in <code>hasValue</code> assertion <a
href="https://redirect.github.com/assertj/assertj/issues/3411">#3411</a></p>
<!-- raw HTML omitted -->
<p>This fixes the comparison of <code>NaN</code> values which wasn't
working the way the <code>hasValue</code> Javadoc describes.</p>
<p>The previous behavior can be obtained with
<code>getAsDouble</code>:</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/assertj/assertj/commit/8e97f90d62782a5fe2e49f739164361ecb54738b"><code>8e97f90</code></a>
[maven-release-plugin] prepare release assertj-build-3.26.3</li>
<li><a
href="https://github.com/assertj/assertj/commit/d1afefca4e99fe6476e04d61d670fe24c25b7f4d"><code>d1afefc</code></a>
chore(deps): bump com.github.spotbugs:spotbugs-maven-plugin from 4.8.6.1
to 4...</li>
<li><a
href="https://github.com/assertj/assertj/commit/2dc2cbfa4070d2bbeb1a748c0833c277047fd93d"><code>2dc2cbf</code></a>
chore(deps): bump byte-buddy.version from 1.14.17 to 1.14.18 (<a
href="https://redirect.github.com/assertj/assertj/issues/3531">#3531</a>)</li>
<li><a
href="https://github.com/assertj/assertj/commit/2541d3c1722a923c9a1cf3b33255e3fc8ee07135"><code>2541d3c</code></a>
chore(deps-dev): bump com.fasterxml.jackson.core:jackson-databind from
2.17.1...</li>
<li><a
href="https://github.com/assertj/assertj/commit/cdb906fb0d9ee0dfddb2925f15a46a5b7b16c5da"><code>cdb906f</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li><a
href="https://github.com/assertj/assertj/commit/c3b1f4a5eef1284e484e43374e9d5ba8ba33707d"><code>c3b1f4a</code></a>
[maven-release-plugin] prepare release assertj-build-3.26.2</li>
<li><a
href="https://github.com/assertj/assertj/commit/d5b52abe63cca2b84b6abc38dd9b15a0e63f9b9d"><code>d5b52ab</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li><a
href="https://github.com/assertj/assertj/commit/17ea711f63eea0c3081be2e36f1d089edaba1f07"><code>17ea711</code></a>
[maven-release-plugin] prepare release assertj-build-3.26.1</li>
<li><a
href="https://github.com/assertj/assertj/commit/8cf054db3230522155c5b637e332e485622c8b82"><code>8cf054d</code></a>
chore(deps): bump org.codehaus.mojo:versions-maven-plugin from 2.16.2 to
2.17...</li>
<li><a
href="https://github.com/assertj/assertj/commit/5e708b48ef69f4d8c35ec86690ba6bc491cb579a"><code>5e708b4</code></a>
chore(deps-dev): bump org.apache.groovy:groovy from 4.0.21 to 4.0.22 (<a
href="https://redirect.github.com/assertj/assertj/issues/3527">#3527</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/assertj/assertj/compare/assertj-build-3.25.1...assertj-build-3.26.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.apache.maven.plugins:maven-compiler-plugin` from 3.12.1 to
3.13.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/apache/maven-compiler-plugin/releases">org.apache.maven.plugins:maven-compiler-plugin's
releases</a>.</em></p>
<blockquote>
<h2>3.13.0</h2>
<!-- raw HTML omitted -->
<h2>🚀 New features and improvements</h2>
<ul>
<li><a
href="https://issues.apache.org/jira/browse/MCOMPILER-574">[MCOMPILER-574]</a>
- Propagate cause of exception in AbstractCompilerMojo (<a
href="https://redirect.github.com/apache/maven-compiler-plugin/pull/232">#232</a>)
<a
href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MCOMPILER-582">[MCOMPILER-582]</a>
- Automatic detection of release option for JDK &lt; 9 (<a
href="https://redirect.github.com/apache/maven-compiler-plugin/pull/228">#228</a>)
<a
href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MCOMPILER-583">[MCOMPILER-583]</a>
- Require Maven 3.6.3 (<a
href="https://redirect.github.com/apache/maven-compiler-plugin/pull/229">#229</a>)
<a
href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MCOMPILER-577">[MCOMPILER-577]</a>
- Rename parameter &quot;forceJavacCompilerUse&quot; (<a
href="https://redirect.github.com/apache/maven-compiler-plugin/pull/225">#225</a>)
<a href="https://github.com/kwin"><code>@​kwin</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MCOMPILER-570">[MCOMPILER-570]</a>
- Add links to javac documentation of JDK17 (<a
href="https://redirect.github.com/apache/maven-compiler-plugin/pull/224">#224</a>)
<a href="https://github.com/kwin"><code>@​kwin</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MCOMPILER-576">[MCOMPILER-576]</a>
- Deprecate parameter &quot;compilerVersion&quot; (<a
href="https://redirect.github.com/apache/maven-compiler-plugin/pull/223">#223</a>)
<a href="https://github.com/kwin"><code>@​kwin</code></a></li>
</ul>
<h2>📦 Dependency updates</h2>
<ul>
<li><a
href="https://issues.apache.org/jira/browse/MCOMPILER-575">[MCOMPILER-575]</a>
- Bump plexusCompilerVersion from 2.14.2 to 2.15.0 (<a
href="https://redirect.github.com/apache/maven-compiler-plugin/pull/227">#227</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump apache/maven-gh-actions-shared from 3 to 4 (<a
href="https://redirect.github.com/apache/maven-compiler-plugin/pull/226">#226</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
</ul>
<h2>📝 Documentation updates</h2>
<ul>
<li><a
href="https://issues.apache.org/jira/browse/MCOMPILER-548">[MCOMPILER-548]</a>
- JDK 21 throws annotations processing warning that can not be turned
off (<a
href="https://redirect.github.com/apache/maven-compiler-plugin/pull/200">#200</a>)
<a href="https://github.com/hgschmie"><code>@​hgschmie</code></a></li>
</ul>
<h2>👻 Maintenance</h2>
<ul>
<li><a
href="https://issues.apache.org/jira/browse/MCOMPILER-584">[MCOMPILER-584]</a>
- Refresh page - Using Non-Javac Compilers (<a
href="https://redirect.github.com/apache/maven-compiler-plugin/pull/231">#231</a>)
<a
href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MCOMPILER-585">[MCOMPILER-585]</a>
- Refresh plugins versions in ITs (<a
href="https://redirect.github.com/apache/maven-compiler-plugin/pull/230">#230</a>)
<a
href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li>subject verb agreement (<a
href="https://redirect.github.com/apache/maven-compiler-plugin/pull/221">#221</a>)
<a href="https://github.com/elharo"><code>@​elharo</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/maven-compiler-plugin/commit/a1415aa3833df5985ecdc2b854ef516d3afbf348"><code>a1415aa</code></a>
[maven-release-plugin] prepare release maven-compiler-plugin-3.13.0</li>
<li><a
href="https://github.com/apache/maven-compiler-plugin/commit/b2b9196f61198daddcac513d849c0d808e02c8d7"><code>b2b9196</code></a>
[MCOMPILER-574] Propagate cause of exception in
AbstractCompilerMojo</li>
<li><a
href="https://github.com/apache/maven-compiler-plugin/commit/6d2ce5a46507ea6c44c2d4a81aaf183baad2784e"><code>6d2ce5a</code></a>
[MCOMPILER-584] Refresh page - Using Non-Javac Compilers</li>
<li><a
href="https://github.com/apache/maven-compiler-plugin/commit/eebad60f7500c3db44050f599d5fc13f01af116b"><code>eebad60</code></a>
[MCOMPILER-585] Refresh plugins versions in ITs</li>
<li><a
href="https://github.com/apache/maven-compiler-plugin/commit/ceacf6884dc98be921f78cbb6de9a88213955471"><code>ceacf68</code></a>
[MCOMPILER-582] Automatic detection of release option for JDK &lt;
9</li>
<li><a
href="https://github.com/apache/maven-compiler-plugin/commit/110293f730f03bd2361aafb39789055b52efe6ab"><code>110293f</code></a>
[MCOMPILER-583] Require Maven 3.6.3</li>
<li><a
href="https://github.com/apache/maven-compiler-plugin/commit/90131df544a466a7d2f35e2c1da88f56b2b9368e"><code>90131df</code></a>
[MCOMPILER-575] Bump plexusCompilerVersion from 2.14.2 to 2.15.0 (<a
href="https://redirect.github.com/apache/maven-compiler-plugin/issues/227">#227</a>)</li>
<li><a
href="https://github.com/apache/maven-compiler-plugin/commit/74cfc72acae4f55708bca189b2170167e83df6b3"><code>74cfc72</code></a>
[MCOMPILER-548] JDK 21 throws annotations processing warning that can
not be ...</li>
<li><a
href="https://github.com/apache/maven-compiler-plugin/commit/f85aa27d7cc28664ed7cfdd19b8e250652a66471"><code>f85aa27</code></a>
Bump apache/maven-gh-actions-shared from 3 to 4</li>
<li><a
href="https://github.com/apache/maven-compiler-plugin/commit/d59ef49ead31f7d85c24f98ca6747f9b3a1906a2"><code>d59ef49</code></a>
extract Maven 3.3.1 specific method call</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/maven-compiler-plugin/compare/maven-compiler-plugin-3.12.1...maven-compiler-plugin-3.13.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.2.3 to
3.5.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/apache/maven-surefire/releases">org.apache.maven.plugins:maven-surefire-plugin's
releases</a>.</em></p>
<blockquote>
<h2>3.5.2</h2>
<!-- raw HTML omitted -->
<h2>🚀 New features and improvements</h2>
<ul>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-2278">[SUREFIRE-2278]</a>
- Don't say please. (<a
href="https://redirect.github.com/apache/maven-surefire/pull/792">#792</a>)
<a href="https://github.com/elharo"><code>@​elharo</code></a></li>
</ul>
<h2>📦 Dependency updates</h2>
<ul>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-2281">[SUREFIRE-2281]</a>
- Doxia 2.0.0 ga (<a
href="https://redirect.github.com/apache/maven-surefire/pull/794">#794</a>)
<a href="https://github.com/michael-o"><code>@​michael-o</code></a></li>
<li>Bump commons-io:commons-io from 2.2 to 2.14.0 in
/surefire-its/src/test/resources/surefire-979-smartStackTrace-wrongClassloader/module1
(<a
href="https://redirect.github.com/apache/maven-surefire/pull/789">#789</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
</ul>
<h2>👻 Maintenance</h2>
<ul>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-2282">[SUREFIRE-2282]</a>
- surefire-report-plugin: Update Introduction documenta… (<a
href="https://redirect.github.com/apache/maven-surefire/pull/796">#796</a>)
<a href="https://github.com/michael-o"><code>@​michael-o</code></a></li>
<li>Reduce cyclomatic complexity (<a
href="https://redirect.github.com/apache/maven-surefire/pull/793">#793</a>)
<a href="https://github.com/elharo"><code>@​elharo</code></a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/apache/maven-surefire/compare/surefire-3.5.1...surefire-3.5.2">https://github.com/apache/maven-surefire/compare/surefire-3.5.1...surefire-3.5.2</a></p>
<h2>3.5.1</h2>
<!-- raw HTML omitted -->
<h2>🚀 New features and improvements</h2>
<ul>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-2270">[SUREFIRE-2270]</a>
- Use JUnit5 in surefire-shadefire (<a
href="https://redirect.github.com/apache/maven-surefire/pull/783">#783</a>)
<a
href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-2266">[SUREFIRE-2266]</a>
- Execute ITs in parallel (<a
href="https://redirect.github.com/apache/maven-surefire/pull/781">#781</a>)
<a
href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-2264">[SUREFIRE-2264]</a>
- Limit usage of commons-io from surefire-shared-utils (<a
href="https://redirect.github.com/apache/maven-surefire/pull/777">#777</a>)
<a
href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
</ul>
<h2>🐛 Bug Fixes</h2>
<ul>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-2267">[SUREFIRE-2267]</a>
- Packages for commons-codec should be relocated in
surefire-shared-utils (<a
href="https://redirect.github.com/apache/maven-surefire/pull/782">#782</a>)
<a
href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-1737">[SUREFIRE-1737]</a>
- Fix disable in statelessTestsetReporter (<a
href="https://redirect.github.com/apache/maven-surefire/pull/780">#780</a>)
<a
href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-2257">[SUREFIRE-2257]</a>
- [REGRESSION] NPEx: Cannot invoke &quot;Object.toString()&quot; … (<a
href="https://redirect.github.com/apache/maven-surefire/pull/774">#774</a>)
<a href="https://github.com/michael-o"><code>@​michael-o</code></a></li>
</ul>
<h2>📦 Dependency updates</h2>
<ul>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-2273">[SUREFIRE-2273]</a>
- Bump org.hamcrest:hamcrest from 2.2 to 3.0 (<a
href="https://redirect.github.com/apache/maven-surefire/pull/784">#784</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-2272">[SUREFIRE-2272]</a>
- Bump org.codehaus.plexus:plexus-java from 1.2.0 to 1.3.0 - JDK 23
support (<a
href="https://redirect.github.com/apache/maven-surefire/pull/786">#786</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-2226">[SUREFIRE-2226]</a>
- Upgrade to Maven Verifier 2.0.0-M1 (<a
href="https://redirect.github.com/apache/maven-surefire/pull/706">#706</a>)
<a href="https://github.com/michael-o"><code>@​michael-o</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-2265">[SUREFIRE-2265]</a>
- Bump commons-io:commons-io from 2.16.1 to 2.17.0 (<a
href="https://redirect.github.com/apache/maven-surefire/pull/779">#779</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-2263">[SUREFIRE-2263]</a>
- Use the latest version of surefire for self build (<a
href="https://redirect.github.com/apache/maven-surefire/pull/776">#776</a>)
<a
href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-2262">[SUREFIRE-2262]</a>
- Bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0 (<a
href="https://redirect.github.com/apache/maven-surefire/pull/775">#775</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
</ul>
<h2>👻 Maintenance</h2>
<ul>
<li><a
href="https://issues.apache.org/jira/browse/SUREFIRE-2269">[SUREFIRE-2269]</a>
- Allow fail during clean in surefire-its (<a
href="https://redirect.github.com/apache/maven-surefire/pull/785">#785</a>)
<a
href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
</ul>
<h2>3.5.0</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/maven-surefire/commit/ea9f049756acf7a3be5234061624c02bd725c9d3"><code>ea9f049</code></a>
[maven-release-plugin] prepare release surefire-3.5.2</li>
<li><a
href="https://github.com/apache/maven-surefire/commit/e1f94a0281f0db1f9169e06b7ad149a27afd3c46"><code>e1f94a0</code></a>
[SUREFIRE-2276] JUnit5's TestTemplate failures treated as flakes with
retries</li>
<li><a
href="https://github.com/apache/maven-surefire/commit/d24adb4cd702253fa3bf1799e6f067c61d78d75f"><code>d24adb4</code></a>
[SUREFIRE-2277] RunResult#getFlakes() is lost during
serialisation/deserialis...</li>
<li><a
href="https://github.com/apache/maven-surefire/commit/4385e9498b41df32b9016c60feb51396dcec5e1a"><code>4385e94</code></a>
Remove links to non-existing report</li>
<li><a
href="https://github.com/apache/maven-surefire/commit/88819715a698a2d85a2297443a1cb030a0a4f039"><code>8881971</code></a>
Remove outdated FAQ</li>
<li><a
href="https://github.com/apache/maven-surefire/commit/012183448e0af139455af71bcdc9ccae82365d38"><code>0121834</code></a>
[SUREFIRE-2283] FAQ site contains broken link to failsafe-plugin</li>
<li><a
href="https://github.com/apache/maven-surefire/commit/91d16c36f1c90226df4b891f81184140cf805c3c"><code>91d16c3</code></a>
Fix formatting of XML schema files</li>
<li><a
href="https://github.com/apache/maven-surefire/commit/6cb417a41402be2f6150a6137598cc97c2dd8ad6"><code>6cb417a</code></a>
Add .xsd to .gitattributes</li>
<li><a
href="https://github.com/apache/maven-surefire/commit/9ce5221100aa3fce8643abcdc2a35bc0c59050ef"><code>9ce5221</code></a>
[SUREFIRE-2282] surefire-report-plugin: Update Introduction
documentation page</li>
<li><a
href="https://github.com/apache/maven-surefire/commit/620b983ffdaa9e258c6a355a476777cfe6b88c0d"><code>620b983</code></a>
[SUREFIRE-2281] Upgrade to Doxia 2.0.0 GA Stack</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/maven-surefire/compare/surefire-3.2.3...surefire-3.5.2">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.apache.maven.plugins:maven-javadoc-plugin` from 3.6.3 to
3.11.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/apache/maven-javadoc-plugin/releases">org.apache.maven.plugins:maven-javadoc-plugin's
releases</a>.</em></p>
<blockquote>
<h2>maven-javadoc-plugin-3.10.1</h2>
<h2>What's Changed</h2>
<ul>
<li>[MJAVADOC-810] [REGRESSION] MJAVADOC-791 causes forked Maven
execution fail if any toolchains or settings file isn't present by <a
href="https://github.com/cstamas"><code>@​cstamas</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/313">apache/maven-javadoc-plugin#313</a></li>
<li>Bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/314">apache/maven-javadoc-plugin#314</a></li>
<li>Bump org.codehaus.plexus:plexus-io from 3.5.0 to 3.5.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/315">apache/maven-javadoc-plugin#315</a></li>
<li>Bump commons-io:commons-io from 2.16.1 to 2.17.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/319">apache/maven-javadoc-plugin#319</a></li>
<li>[MJAVADOC-812] [REGRESSION] maven-javadoc-plugin 3.10.0 creates
empty… by <a
href="https://github.com/michael-o"><code>@​michael-o</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/320">apache/maven-javadoc-plugin#320</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.10.0...maven-javadoc-plugin-3.10.1">https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.10.0...maven-javadoc-plugin-3.10.1</a></p>
<h2>maven-javadoc-plugin-3.10.0</h2>
<h1>❗ NOTICE</h1>
<p>Due to <code>Doxia 2.x</code> stack <code>maven-site-plugin</code>
<strong>3.20+</strong> is requred.</p>
<h2>What's Changed</h2>
<ul>
<li>Add test for custom <code>FixJavadocMojo#defaultVersion</code> by <a
href="https://github.com/Marcono1234"><code>@​Marcono1234</code></a> in
<a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/305">apache/maven-javadoc-plugin#305</a></li>
<li>Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.15.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/304">apache/maven-javadoc-plugin#304</a></li>
<li>Improve URL handling by <a
href="https://github.com/michael-o"><code>@​michael-o</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/310">apache/maven-javadoc-plugin#310</a></li>
<li>Bump org.apache.commons:commons-lang3 from 3.15.0 to 3.16.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/307">apache/maven-javadoc-plugin#307</a></li>
<li>Bump org.hamcrest:hamcrest-core from 2.2 to 3.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/306">apache/maven-javadoc-plugin#306</a></li>
<li>Improve ITs by <a
href="https://github.com/michael-o"><code>@​michael-o</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/311">apache/maven-javadoc-plugin#311</a></li>
<li>Bump org.apache.maven.plugins:maven-plugins from 42 to 43 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/294">apache/maven-javadoc-plugin#294</a></li>
<li>[MJAVADOC-809] Align Mojo class names by <a
href="https://github.com/michael-o"><code>@​michael-o</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/312">apache/maven-javadoc-plugin#312</a></li>
<li>[MJAVADOC-784] Upgrade to Doxia 2.0.0 Milestone Stack by <a
href="https://github.com/michael-o"><code>@​michael-o</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/204">apache/maven-javadoc-plugin#204</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.8.0...maven-javadoc-plugin-3.10.0">https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.8.0...maven-javadoc-plugin-3.10.0</a></p>
<h2>maven-javadoc-plugin-3.8.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump org.springframework:spring-context from 4.3.29.RELEASE to
5.2.21.RELEASE in /src/it/projects/MJAVADOC-434_fixcompile by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/280">apache/maven-javadoc-plugin#280</a></li>
<li>Fix usage documentation mentioning <code>nohelp</code> default value
by <a href="https://github.com/indyteo"><code>@​indyteo</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/286">apache/maven-javadoc-plugin#286</a></li>
<li>[MJAVADOC-796] Do not follow links for Java 12+ by <a
href="https://github.com/michael-o"><code>@​michael-o</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/287">apache/maven-javadoc-plugin#287</a></li>
<li>[MJAVADOC-800] Bump org.codehaus.plexus:plexus-io from 3.4.2 to
3.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/291">apache/maven-javadoc-plugin#291</a></li>
<li>Remove outdated invoker conditions by <a
href="https://github.com/michael-o"><code>@​michael-o</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/292">apache/maven-javadoc-plugin#292</a></li>
<li>Bump org.assertj:assertj-core from 3.26.0 to 3.26.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/293">apache/maven-javadoc-plugin#293</a></li>
<li>Bump org.apache.maven.shared:maven-common-artifact-filters from
3.2.0 to 3.4.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/288">apache/maven-javadoc-plugin#288</a></li>
<li>[MJAVADOC-799] Remove inconsistent
<code>AbstractFixJavadocMojo#defaultVersion</code> default value by <a
href="https://github.com/Marcono1234"><code>@​Marcono1234</code></a> in
<a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/295">apache/maven-javadoc-plugin#295</a></li>
<li>[MJAVADOC-801] Upgrade to Clirr Maven Plugin 2.8 in fix goals by <a
href="https://github.com/michael-o"><code>@​michael-o</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/296">apache/maven-javadoc-plugin#296</a></li>
<li>[MJAVADOC-803] Add default parameter to force root locale by <a
href="https://github.com/michael-o"><code>@​michael-o</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/298">apache/maven-javadoc-plugin#298</a></li>
<li>[MJAVADOC-783] Invalid path when using TagletArtifact and TagletPath
by <a href="https://github.com/michael-o"><code>@​michael-o</code></a>
in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/300">apache/maven-javadoc-plugin#300</a></li>
<li>[MJAVADOC-775] Option 'taglets/taglet/tagletpath' ignored when
pointing to a JAR by <a
href="https://github.com/kriegaex"><code>@​kriegaex</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/255">apache/maven-javadoc-plugin#255</a></li>
<li>[MJAVADOC-804] Remove temporary directories created by tests by <a
href="https://github.com/pzygielo"><code>@​pzygielo</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/301">apache/maven-javadoc-plugin#301</a></li>
<li>[MJAVADOC-603] javadoc:fix failure on JDK10:
java.lang.ClassNotFoundE… by <a
href="https://github.com/michael-o"><code>@​michael-o</code></a> in <a
href="https://redirect.github.com/apache/maven-javadoc-plugin/pull/303">apache/maven-javadoc-plugin#303</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.7.0...maven-javadoc-plugin-3.8.0">https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.7.0...maven-javadoc-plugin-3.8.0</a></p>
<h2>3.7.0</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/maven-javadoc-plugin/commit/619650c667070ef114d571c0f075ce456ace1cf8"><code>619650c</code></a>
[maven-release-plugin] prepare release maven-javadoc-plugin-3.11.1</li>
<li><a
href="https://github.com/apache/maven-javadoc-plugin/commit/e314da0226d100eae39d96d7a0cbdad799879dca"><code>e314da0</code></a>
[MJAVADOC-821] Align toolchain discovery code with Maven Compiler
Plugin</li>
<li><a
href="https://github.com/apache/maven-javadoc-plugin/commit/62a686180915de1e3c0a2f71081776eacfd1d4c3"><code>62a6861</code></a>
[MJAVADOC-820] [REGRESSION] MJAVADOC-787 was merged incompletely</li>
<li><a
href="https://github.com/apache/maven-javadoc-plugin/commit/d1090c50ce66e10ab0adcadb996b0fe790c900b6"><code>d1090c5</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li><a
href="https://github.com/apache/maven-javadoc-plugin/commit/ee030f719f4bc7df1671f6dfe5993f778b57a504"><code>ee030f7</code></a>
[maven-release-plugin] prepare release maven-javadoc-plugin-3.11.0</li>
<li><a
href="https://github.com/apache/maven-javadoc-plugin/commit/6c5fdc06d76fdd429c4d3ae01e70be8917c64bea"><code>6c5fdc0</code></a>
[MJAVADOC-819] Align archive generation code with Maven Source
Plugin</li>
<li><a
href="https://github.com/apache/maven-javadoc-plugin/commit/3a90de597adff7c8f8c4a420400f24c7386e9880"><code>3a90de5</code></a>
[MJAVADOC-787] Automatic detection of release option for JDK &lt; 9</li>
<li><a
href="https://github.com/apache/maven-javadoc-plugin/commit/373172d8782ad011cc14e20ac78a84d032ad1d4b"><code>373172d</code></a>
[MJAVADOC-817] Upgrade to Doxia 2.0.0 GA Stack</li>
<li><a
href="https://github.com/apache/maven-javadoc-plugin/commit/ba266c0fe11a822bf3fb19c365a174246eae29f9"><code>ba266c0</code></a>
Fix SCM tag</li>
<li><a
href="https://github.com/apache/maven-javadoc-plugin/commit/5775ce13455d565bd10b15cbeb94310074dee8a3"><code>5775ce1</code></a>
Fix typo</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.6.3...maven-javadoc-plugin-3.11.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.apache.maven.plugins:maven-source-plugin` from 3.3.0 to
3.3.1
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/maven-source-plugin/commit/f80596e4eb587cf99452b67b43ee9729fdadbf3a"><code>f80596e</code></a>
[maven-release-plugin] prepare release maven-source-plugin-3.3.1</li>
<li><a
href="https://github.com/apache/maven-source-plugin/commit/7626998d262931570c969abe3fc60cf911fd6820"><code>7626998</code></a>
Bump apache/maven-gh-actions-shared from 3 to 4</li>
<li><a
href="https://github.com/apache/maven-source-plugin/commit/83c963c0fffadd3257e9a1ca9266cfac98c057c3"><code>83c963c</code></a>
Bump org.apache.maven.plugins:maven-plugins from 39 to 41 (<a
href="https://redirect.github.com/apache/maven-source-plugin/issues/18">#18</a>)</li>
<li><a
href="https://github.com/apache/maven-source-plugin/commit/40ae49538beebc793f16a91578629383de114edb"><code>40ae495</code></a>
Bump org.codehaus.plexus:plexus-archiver from 4.8.0 to 4.9.1 (<a
href="https://redirect.github.com/apache/maven-source-plugin/issues/20">#20</a>)</li>
<li><a
href="https://github.com/apache/maven-source-plugin/commit/073462bf11ad9cf61cab6a2ed213bb8af5349f35"><code>073462b</code></a>
Bump org.apache.maven:maven-archiver from 3.6.0 to 3.6.1 (<a
href="https://redirect.github.com/apache/maven-source-plugin/issues/21">#21</a>)</li>
<li><a
href="https://github.com/apache/maven-source-plugin/commit/0b1c82366e306c9d138a3a83950326071c2fc7c6"><code>0b1c823</code></a>
Fix typos in AbstractSourceJarMojo exception</li>
<li><a
href="https://github.com/apache/maven-source-plugin/commit/099c65a64ac20e9f1133b41e2d1906944f6c13c3"><code>099c65a</code></a>
[MSOURCES-142] Bump org.codehaus.plexus:plexus-archiver from 4.7.1 to
4.8.0 (...</li>
<li><a
href="https://github.com/apache/maven-source-plugin/commit/1edeea47f80bc5c5903e88c1adbff56501248a8b"><code>1edeea4</code></a>
[MSOURCES-139] Fix typo in AbstractSourceJarMojo exception</li>
<li><a
href="https://github.com/apache/maven-source-plugin/commit/436966ed7f93611d5faa6534478347b99c40f488"><code>436966e</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li>See full diff in <a
href="https://github.com/apache/maven-source-plugin/compare/maven-source-plugin-3.3.0...maven-source-plugin-3.3.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.apache.maven.plugins:maven-release-plugin` from 3.0.1 to
3.1.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/apache/maven-release/releases">org.apache.maven.plugins:maven-release-plugin's
releases</a>.</em></p>
<blockquote>
<h2>3.1.0</h2>
<!-- raw HTML omitted -->
<h2>🚀 New features and improvements</h2>
<ul>
<li><a
href="https://issues.apache.org/jira/browse/MRELEASE-1145">[MRELEASE-1145]</a>
- Upgrade to Maven 3.6.3 (<a
href="https://redirect.github.com/apache/maven-release/pull/217">#217</a>)
<a href="https://github.com/michael-o"><code>@​michael-o</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MRELEASE-1139">[MRELEASE-1139]</a>
- Improve logging of sources for used credentials (<a
href="https://redirect.github.com/apache/maven-release/pull/209">#209</a>)
<a href="https://github.com/kwin"><code>@​kwin</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MRELEASE-1134">[MRELEASE-1134]</a>
- Pass interactive flag to SCM provider (<a
href="https://redirect.github.com/apache/maven-release/pull/197">#197</a>)
<a href="https://github.com/kwin"><code>@​kwin</code></a></li>
</ul>
<h2>🐛 Bug Fixes</h2>
<ul>
<li><a
href="https://issues.apache.org/jira/browse/MRELEASE-1064">[MRELEASE-1064]</a>
- [REGRESSION] release:branch uses <a
href="https://github.com/releaseLabel"><code>@​releaseLabel</code></a>
instea… (<a
href="https://redirect.github.com/apache/maven-release/pull/221">#221</a>)
<a href="https://github.com/michael-o"><code>@​michael-o</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MRELEASE-1147">[MRELEASE-1147]</a>
- <a
href="https://github.com/junitVersion"><code>@​junitVersion</code></a>@
never replaced in UTs (make explicit) (<a
href="https://redirect.github.com/apache/maven-release/pull/220">#220</a>)
<a href="https://github.com/michael-o"><code>@​michael-o</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MRELEASE-1148">[MRELEASE-1148]</a>
- Release Manage pulls in transitive dependencies (<a
href="https://redirect.github.com/apache/maven-release/pull/219">#219</a>)
<a href="https://github.com/michael-o"><code>@​michael-o</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MRELEASE-1146">[MRELEASE-1146]</a>
- maven-release-plugin tests do not properly check for … (<a
href="https://redirect.github.com/apache/maven-release/pull/218">#218</a>)
<a href="https://github.com/michael-o"><code>@​michael-o</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MRELEASE-1109">[MRELEASE-1109]</a>
- patch JDomModel (<a
href="https://redirect.github.com/apache/maven-release/pull/201">#201</a>)
<a
href="https://github.com/mkolesnikov"><code>@​mkolesnikov</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MRELEASE-1109">[MRELEASE-1109]</a>
- Support CI friendly versions (<a
href="https://redirect.github.com/apache/maven-release/pull/198">#198</a>)
<a href="https://github.com/kwin"><code>@​kwin</code></a></li>
</ul>
<h2>📦 Dependency updates</h2>
<ul>
<li>Bump scmVersion from 2.0.1 to 2.1.0 (<a
href="https://redirect.github.com/apache/maven-release/pull/213">#213</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.apache.maven.shared:maven-invoker from 3.2.0 to 3.3.0 (<a
href="https://redirect.github.com/apache/maven-release/pull/215">#215</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.codehaus.plexus:plexus-interactivity-api from 1.2 to 1.3
(<a
href="https://redirect.github.com/apache/maven-release/pull/210">#210</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.codehaus.plexus:plexus-interpolation from 1.26 to 1.27 (<a
href="https://redirect.github.com/apache/maven-release/pull/206">#206</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.xmlunit:xmlunit-core from 2.9.1 to 2.10.0 (<a
href="https://redirect.github.com/apache/maven-release/pull/214">#214</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MRELEASE-1144">[MRELEASE-1144]</a>
- Upgrade to Parent 42 (<a
href="https://redirect.github.com/apache/maven-release/pull/216">#216</a>)
<a href="https://github.com/michael-o"><code>@​michael-o</code></a></li>
<li>Bump apache/maven-gh-actions-shared from 3 to 4 (<a
href="https://redirect.github.com/apache/maven-release/pull/212">#212</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.codehaus.plexus:plexus-interactivity-api from 1.1 to 1.2
(<a
href="https://redirect.github.com/apache/maven-release/pull/207">#207</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.codehaus.mojo:mrm-maven-plugin from 1.5.0 to 1.6.0 (<a
href="https://redirect.github.com/apache/maven-release/pull/200">#200</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.apache.maven.plugins:maven-invoker-plugin from 3.5.1 to
3.6.0 (<a
href="https://redirect.github.com/apache/maven-release/pull/204">#204</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.apache.commons:commons-lang3 from 3.12.0 to 3.14.0 (<a
href="https://redirect.github.com/apache/maven-release/pull/205">#205</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MRELEASE-1128">[MRELEASE-1128]</a>
- update maven-scm to 2.0.1 (<a
href="https://redirect.github.com/apache/maven-release/pull/192">#192</a>)
<a href="https://github.com/elharo"><code>@​elharo</code></a></li>
</ul>
<h2>👻 Maintenance</h2>
<ul>
<li>Bump release-drafter/release-drafter from 5 to 6 (<a
href="https://redirect.github.com/apache/maven-release/pull/211">#211</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li><a
href="https://issues.apache.org/jira/browse/MRELEASE-1136">[MRELEASE-1136]</a>
- Upgrade parent pom to 41 (<a
href="https://redirect.github.com/apache/maven-release/pull/208">#208</a>)
<a
href="https://github.com/slachiewicz"><code>@​slachiewicz</code></a></li>
<li>fixup hamcrest dependencies (<a
href="https://redirect.github.com/apache/maven-release/pull/194">#194</a>)
<a href="https://github.com/elharo"><code>@​elharo</code></a></li>
<li>prefer JDK String replace methods to Plexus ones (<a
href="https://redirect.github.com/apache/maven-release/pull/193">#193</a>)
<a href="https://github.com/elharo"><code>@​elharo</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/maven-release/commit/4f350d44478d2bf72a8da60395e0c1d1e045369a"><code>4f350d4</code></a>
[maven-release-plugin] prepare release maven-release-3.1.1</li>
<li><a
href="https://github.com/apache/maven-release/commit/06f6de43312ee6cab4ec1a194781a61c5db5bdf9"><code>06f6de4</code></a>
[MRELEASE-1153] Revert parts of MRELEASE-1109
(8dfcb47996320af5e6f0b2d50eac20...</li>
<li><a
href="https://github.com/apache/maven-release/commit/985d0bcd3f9bd28fc8e78e9c0744abe66aeea7ef"><code>985d0bc</code></a>
[MRELEASE-1149] Current release of the plugin has configuration docs
missing</li>
<li><a
href="https://github.com/apache/maven-release/commit/47e94b43951778aa9cca7ebd960aa114efa9931a"><code>47e94b4</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li><a
href="https://github.com/apache/maven-release/commit/f2f9f4efe88d1f79e50de41265c76d013589c619"><code>f2f9f4e</code></a>
[maven-release-plugin] prepare release maven-release-3.1.0</li>
<li><a
href="https://github.com/apache/maven-release/commit/e109d3b1e6c480fbf50a973055040052e72e07e0"><code>e109d3b</code></a>
Bump scmVersion from 2.0.1 to 2.1.0</li>
<li><a
href="https://github.com/apache/maven-release/commit/5f794a1d1743a11063e89c316ddfb53534ab1d03"><code>5f794a1</code></a>
Bump org.apache.maven.shared:maven-invoker from 3.2.0 to 3.3.0</li>
<li><a
href="https://github.com/apache/maven-release/commit/28201bb9b0bbc4232a481a0bedb9046708a12fec"><code>28201bb</code></a>
Bump org.codehaus.plexus:plexus-interactivity-api from 1.2 to 1.3</li>
<li><a
href="https://github.com/apache/maven-release/commit/854760634a6dea3caa52bee55c499d2b2bace3b4"><code>8547606</code></a>
Bump org.codehaus.plexus:plexus-interpolation from 1.26 to 1.27</li>
<li><a
href="https://github.com/apache/maven-release/commit/adf6aaf30eeec868226264b67556f95e9b3f7427"><code>adf6aaf</code></a>
Bump org.xmlunit:xmlunit-core from 2.9.1 to 2.10.0</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/maven-release/compare/maven-release-3.0.1...maven-release-3.1.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.codehaus.mojo:versions-maven-plugin` from 2.16.2 to 2.18.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/mojohaus/versions/releases">org.codehaus.mojo:versions-maven-plugin's
releases</a>.</em></p>
<blockquote>
<h2>2.18.0</h2>
<h2>❗ NOTICE</h2>
<p>Due to <code>Doxia 2.x</code> stack <code>maven-site-plugin</code>
<strong>3.20+</strong> is required.
<a
href="https://cwiki.apache.org/confluence/display/MAVEN/Towards+Doxia+2.0.0+Stack">https://cwiki.apache.org/confluence/display/MAVEN/Towards+Doxia+2.0.0+Stack</a></p>
<h2>Changes</h2>
<h2>🚀 New features and improvements</h2>
<ul>
<li>Upgrade to Doxia 2.x stack (<a
href="https://redirect.github.com/mojohaus/versions/pull/1180">#1180</a>)
<a
href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li>Remove implementation of dynamic version goal (<a
href="https://redirect.github.com/mojohaus/versions/pull/1179">#1179</a>)
<a
href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li>fix: Removed non-fully functional dynamic version goal (<a
href="https://redirect.github.com/mojohaus/versions/pull/1172">#1172</a>)
<a href="https://github.com/jimisola"><code>@​jimisola</code></a></li>
<li>Resolves <a
href="https://redirect.github.com/mojohaus/versions/issues/1131">#1131</a>:
Suppress logging when allowMajorUpdates, allowMinorUp… (<a
href="https://redirect.github.com/mojohaus/versions/pull/1132">#1132</a>)
<a href="https://github.com/gmshake"><code>@​gmshake</code></a></li>
<li>Move <code>expression: {blah} no value</code>
<code>System.out</code> to logs (<a
href="https://redirect.github.com/mojohaus/versions/pull/1119">#1119</a>)
<a
href="https://github.com/JackPGreen"><code>@​JackPGreen</code></a></li>
<li>Improve speed of versions:resolve-ranges in case parents contain
many version properties (<a
href="https://redirect.github.com/mojohaus/versions/pull/1122">#1122</a>)
<a
href="https://github.com/m-schutte-ohra-nl"><code>@​m-schutte-ohra-nl</code></a></li>
</ul>
<h2>🐛 Bug Fixes</h2>
<ul>
<li>Resolves <a
href="https://redirect.github.com/mojohaus/versions/issues/1060">#1060</a>:
Bugfix in UpdateParentMojo + add tests (<a
href="https://redirect.github.com/mojohaus/versions/pull/1181">#1181</a>)
<a href="https://github.com/andrzejj0"><code>@​andrzejj0</code></a></li>
<li>Resolves#1066: Fixed a possible NPE in interpolateVersion (<a
href="https://redirect.github.com/mojohaus/versions/pull/1166">#1166</a>)
<a href="https://github.com/andrzejj0"><code>@​andrzejj0</code></a></li>
<li>Resolves <a
href="https://redirect.github.com/mojohaus/versions/issues/1067">#1067</a>:
Bug fix: incorrect arguments of PomHelper::createProjectBuilderRequest
(<a
href="https://redirect.github.com/mojohaus/versions/pull/1164">#1164</a>)
<a href="https://github.com/andrzejj0"><code>@​andrzejj0</code></a></li>
<li>Resolves <a
href="https://redirect.github.com/mojohaus/versions/issues/1137">#1137</a>:
using PomHelper.getGroupId if groupId of the current project root is
empty (<a
href="https://redirect.github.com/mojohaus/versions/pull/1162">#1162</a>)
<a href="https://github.com/andrzejj0"><code>@​andrzejj0</code></a></li>
<li>bugix/ protect internal data in multi thread env. (<a
href="https://redirect.github.com/mojohaus/versions/pull/1133">#1133</a>)
<a href="https://github.com/jgraglia"><code>@​jgraglia</code></a></li>
<li>Fixed <a
href="https://redirect.github.com/mojohaus/versions/issues/1123">#1123</a>
- Missing link in examples to recoding changes and use dy… (<a
href="https://redirect.github.com/mojohaus/versions/pull/1124">#1124</a>)
<a
href="https://github.com/khmarbaise"><code>@​khmarbaise</code></a></li>
</ul>
<h2>📦 Dependency updates</h2>
<ul>
<li>Upgrade to Doxia 2.x stack (<a
href="https://redirect.github.com/mojohaus/versions/pull/1180">#1180</a>)
<a
href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li>Bump byteBuddyVersion from 1.15.7 to 1.15.10 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1173">#1173</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump com.fasterxml.woodstox:woodstox-core from 7.0.0 to 7.1.0 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1171">#1171</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.codehaus.groovy:groovy-all from 2.0.0 to 2.4.21 in
/versions-maven-plugin/src/it/it-property-updates-report-002-slow (<a
href="https://redirect.github.com/mojohaus/versions/pull/1161">#1161</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump byteBuddyVersion from 1.15.5 to 1.15.7 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1163">#1163</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump byteBuddyVersion from 1.15.4 to 1.15.5 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1160">#1160</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump byteBuddyVersion from 1.15.3 to 1.15.4 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1156">#1156</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.codehaus.mojo:mojo-parent from 85 to 86 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1139">#1139</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump byteBuddyVersion from 1.15.1 to 1.15.3 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1151">#1151</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.codehaus.plexus:plexus-utils from 4.0.1 to 4.0.2 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1148">#1148</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump commons-io:commons-io from 2.16.1 to 2.17.0 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1143">#1143</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump byteBuddyVersion from 1.15.0 to 1.15.1 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1135">#1135</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.apache.commons:commons-lang3 from 3.16.0 to 3.17.0 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1136">#1136</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump byteBuddyVersion from 1.14.19 to 1.15.0 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1134">#1134</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump byteBuddyVersion from 1.14.18 to 1.14.19 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1129">#1129</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.codehaus.mojo:mojo-parent from 84 to 85 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1128">#1128</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.apache.commons:commons-lang3 from 3.15.0 to 3.16.0 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1126">#1126</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.hamcrest:hamcrest from 2.2 to 3.0 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1125">#1125</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump commons-codec:commons-codec from 1.17.0 to 1.17.1 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1117">#1117</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump org.apache.commons:commons-lang3 from 3.14.0 to 3.15.0 (<a
href="https://redirect.github.com/mojohaus/versions/pull/1118">#1118</a>)
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
</ul>
<h2>📝 Documentation updates</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/mojohaus/versions/commit/814c9b14fc5fa921d3274773d02daff09d20158a"><code>814c9b1</code></a>
[maven-release-plugin] prepare release 2.18.0</li>
<li><a
href="https://github.com/mojohaus/versions/commit/64a38147c73cad84d15e5f9017660d7849c8d70f"><code>64a3814</code></a>
Upgrade to Doxia 2.x stack</li>
<li><a
href="https://github.com/mojohaus/versions/commit/a3ab213ccab235d1da4aa449585a99e52fa68968"><code>a3ab213</code></a>
Resolves <a
href="https://redirect.github.com/mojohaus/versions/issues/1060">#1060</a>:
Bugfix in UpdateParentMojo + add tests (<a
href="https://redirect.github.com/mojohaus/versions/issues/1181">#1181</a>)</li>
<li><a
href="https://github.com/mojohaus/versions/commit/380264f46e1edaa38e6e930a28b81424b9425156"><code>380264f</code></a>
Remove implementation of dynamic version goal</li>
<li><a
href="https://github.com/mojohaus/versions/commit/7e3b710b1998ca1e88c64880b3fe46661d4b23c4"><code>7e3b710</code></a>
Drop Maven Wrapper from project</li>
<li><a
href="https://github.com/mojohaus/versions/commit/a9270bbc17962f170a0a7447d1f31109e602c46a"><code>a9270bb</code></a>
Bump project version to 2.18.0-SNAPSHOT</li>
<li><a
href="https://github.com/mojohaus/versions/commit/d115f7a76cd72487ebabbba9ba5d4ae4b75544f2"><code>d115f7a</code></a>
Moved to modello-stax. Removed &quot;versionDefinition&quot; from
rule.mdo. (<a
href="https://redirect.github.com/mojohaus/versions/issues/1176">#1176</a>)</li>
<li><a
href="https://github.com/mojohaus/versions/commit/3841bb673873d619d25869726dbdb7a29395414c"><code>3841bb6</code></a>
fix: Removed non-fully functional dynamic version goal (<a
href="https://redirect.github.com/mojohaus/versions/issues/1172">#1172</a>)</li>
<li><a
href="https://github.com/mojohaus/versions/commit/a899699548adef25a319512e904a8f4f085452ca"><code>a899699</code></a>
Using Stax2 (Woodstox) instead of plexus-xml (Xpp) to process XML
documents; ...</li>
<li><a
href="https://github.com/mojohaus/versions/commit/8f4864082dfd8fbac3ef79f31271fc74cf517405"><code>8f48640</code></a>
Bump byteBuddyVersion from 1.15.7 to 1.15.10</li>
<li>Additional commits viewable in <a
href="https://github.com/mojohaus/versions/compare/2.16.2...2.18.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.apache.maven.plugins:maven-gpg-plugin` from 3.1.0 to 3.2.7
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/apache/maven-gpg-plugin/releases">org.apache.maven.plugins:maven-gpg-plugin's
releases</a>.</em></p>
<blockquote>
<h2>3.2.7</h2>
<p>Fixes a lingering issue affecting whole 3.2.x lineage, that resulted
in &quot;bad passphrase&quot; on Windows OS with GPG signer (see
MGPG-136 for details).</p>
<h2>What's Changed</h2>
<ul>
<li>[MGPG-136] Windows passphrase corruption by <a
href="https://github.com/cstamas"><code>@​cstamas</code></a> in <a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/120">apache/maven-gpg-plugin#120</a></li>
<li>Bump com.kohlschutter.junixsocket:junixsocket-core from 2.10.0 to
2.10.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/121">apache/maven-gpg-plugin#121</a></li>
<li>Bump commons-io:commons-io from 2.16.1 to 2.17.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/119">apache/maven-gpg-plugin#119</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/apache/maven-gpg-plugin/compare/maven-gpg-plugin-3.2.6...maven-gpg-plugin-3.2.7">https://github.com/apache/maven-gpg-plugin/compare/maven-gpg-plugin-3.2.6...maven-gpg-plugin-3.2.7</a></p>
<h2>3.2.6</h2>
<h1><a
href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317521&amp;version=12354997">Release
Notes - Maven GPG Plugin - Version 3.2.6</a></h1>
<!-- raw HTML omitted -->
<!-- raw HTML omitted -->
<hr />
<h2>What's Changed</h2>
<ul>
<li>[MGPG-135] Support Overriding / Enhance the signer in
AbstractGpgMojo by <a
href="https://github.com/laeubi"><code>@​laeubi</code></a> in <a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/112">apache/maven-gpg-plugin#112</a></li>
<li>Bump org.apache.maven.plugins:maven-invoker-plugin from 3.7.0 to
3.8.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/114">apache/maven-gpg-plugin#114</a></li>
<li>[MGPG-140] Update Maven to 3.9.9 by <a
href="https://github.com/cstamas"><code>@​cstamas</code></a> in <a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/116">apache/maven-gpg-plugin#116</a></li>
<li>[MGPG-138] Drop direct use of plexus-cipher and secdispatcher by <a
href="https://github.com/cstamas"><code>@​cstamas</code></a> in <a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/115">apache/maven-gpg-plugin#115</a></li>
<li>[MGPG-141] Remove use of deprecated classes by <a
href="https://github.com/cstamas"><code>@​cstamas</code></a> in <a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/117">apache/maven-gpg-plugin#117</a></li>
<li>Add FAQ for &quot;no pinentry&quot; issue by <a
href="https://github.com/cstamas"><code>@​cstamas</code></a> in <a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/118">apache/maven-gpg-plugin#118</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/laeubi"><code>@​laeubi</code></a> made
their first contribution in <a
href="https://redirect.github.com/apache/maven-gpg-plugin/pull/112">apache/maven-gpg-plugin#112</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/43af21cbe6e62e417e5037c359f79dd7878b4908"><code>43af21c</code></a>
[maven-release-plugin] prepare release maven-gpg-plugin-3.2.7</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/8c5a8d2eb990b3d9db8bc2f5563a0aeb4dbb5eea"><code>8c5a8d2</code></a>
[MGPG-144] Bump commons-io:commons-io from 2.16.1 to 2.17.0 (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/issues/119">#119</a>)</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/cb5422fc4f2372a58772e0b8a9a20b072696a7f4"><code>cb5422f</code></a>
[MGPG-143] Bump com.kohlschutter.junixsocket:junixsocket-core from
2.10.0 to ...</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/6b2a27f3a60e8c92079f14e5240ee8c353ccfa35"><code>6b2a27f</code></a>
[MGPG-136] Windows passphrase corruption (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/issues/120">#120</a>)</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/31e87e0062b7eacc3506fc6dea94e7ff509c16b9"><code>31e87e0</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/1c9a14c0eec9dae40baa4a5db674e6a7ec012be4"><code>1c9a14c</code></a>
[maven-release-plugin] prepare release maven-gpg-plugin-3.2.6</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/bbe6156400212b3fe063d218399ba09c24795f44"><code>bbe6156</code></a>
Add FAQ for &quot;no pinentry&quot; issue (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/issues/118">#118</a>)</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/5b9427333ab4b7b48b297a8b9a4158688211f14a"><code>5b94273</code></a>
[MGPG-141] Remove use of deprecated classes (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/issues/117">#117</a>)</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/afdfd28bab4a0530cfd655397716a36adc1644b6"><code>afdfd28</code></a>
[MGPG-138] Drop direct use of plexus-cipher and secdispatcher (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/issues/115">#115</a>)</li>
<li><a
href="https://github.com/apache/maven-gpg-plugin/commit/7516e7c73d6e5c8c3d6c2cbab9d55deb3987f388"><code>7516e7c</code></a>
[MGPG-140] Update Maven to 3.9.9 (<a
href="https://redirect.github.com/apache/maven-gpg-plugin/issues/116">#116</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/maven-gpg-plugin/compare/maven-gpg-plugin-3.1.0...maven-gpg-plugin-3.2.7">compare
view</a></li>
</ul>
</details>
<br />

Updates `commons-validator:commons-validator` from 1.8.0 to 1.9.0

Updates `com.google.protobuf:protobuf-java` from 3.25.1 to 4.28.3
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/protocolbuffers/protobuf/commits">compare
view</a></li>
</ul>
</details>
<br />

Updates `com.google.protobuf:protobuf-java-util` from 3.25.1 to 4.28.3

Updates `com.google.protobuf:protobuf-java-util` from 3.25.1 to 4.28.3

Updates `org.jacoco:jacoco-maven-plugin` from 0.8.11 to 0.8.12
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/jacoco/jacoco/releases">org.jacoco:jacoco-maven-plugin's
releases</a>.</em></p>
<blockquote>
<h2>0.8.12</h2>
<h2>New Features</h2>
<ul>
<li>JaCoCo now officially supports Java 22 (GitHub <a
href="https://redirect.github.com/jacoco/jacoco/issues/1596">#1596</a>).</li>
<li>Experimental support for Java 23 class files (GitHub <a
href="https://redirect.github.com/jacoco/jacoco/issues/1553">#1553</a>).</li>
</ul>
<h2>Fixed bugs</h2>
<ul>
<li>Branches added by the Kotlin compiler for functions with default
arguments and having more than 32 parameters are filtered out during
generation of report (GitHub <a
href="https://redirect.github.com/jacoco/jacoco/issues/1556">#1556</a>).</li>
<li>Branch added by the Kotlin compiler version 1.5.0 and above for
reading from lateinit property is filtered out during generation of
report (GitHub <a
href="https://redirect.github.com/jacoco/jacoco/issues/1568">#1568</a>).</li>
</ul>
<h2>Non-functional Changes</h2>
<ul>
<li>JaCoCo now depends on ASM 9.7 (GitHub <a
href="https://redirect.github.com/jacoco/jacoco/issues/1600">#1600</a>).</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/jacoco/jacoco/commit/dbfb6f2ad904158b5b40a93fea222e263aeaf9ab"><code>dbfb6f2</code></a>
Prepare release 0.8.12</li>
<li><a
href="https://github.com/jacoco/jacoco/commit/a50585b9e0770c363c56d887a8f639dc05411073"><code>a50585b</code></a>
Upgrade maven-plugin-plugin to 3.6.4 (<a
href="https://redirect.github.com/jacoco/jacoco/issues/1604">#1604</a>)</li>
<li><a
href="https://github.com/jacoco/jacoco/commit/fd63cc5478bcd7b32e2070d93ead8c879b423841"><code>fd63cc5</code></a>
Configure labels that Dependabot assigns to PRs (<a
href="https://redirect.github.com/jacoco/jacoco/issues/1603">#1603</a>)</li>
<li><a
href="https://github.com/jacoco/jacoco/commit/03a53334c1e3a28ed587feb5adbfa3c0aa536990"><code>03a5333</code></a>
Add configuration for Dependabot to simplify updates of ASM (<a
href="https://redirect.github.com/jacoco/jacoco/issues/1601">#1601</a>)</li>
<li><a
href="https://github.com/jacoco/jacoco/commit/40ff9fb3b13bb484344936dde4a90b083b79cdbd"><code>40ff9fb</code></a>
Upgrade ASM to 9.7 (<a
href="https://redirect.github.com/jacoco/jacoco/issues/1600">#1600</a>)</li>
<li><a
href="https://github.com/jacoco/jacoco/commit/907717832435f5085b67d02e1eeec5b63b0f415b"><code>9077178</code></a>
Happy birthday Java 22! (<a
href="https://redirect.github.com/jacoco/jacoco/issues/1596">#1596</a>)</li>
<li><a
href="https://github.com/jacoco/jacoco/commit/7edd1b511a174a663f633c34ae8c951a0ae77d20"><code>7edd1b5</code></a>
Bump actions/setup-java from 4.1.0 to 4.2.1 (<a
href="https://redirect.github.com/jacoco/jacoco/issues/1594">#1594</a>)</li>
<li><a
href="https://github.com/jacoco/jacoco/commit/e50b547bc26ff198acfd16311c028f340af38699"><code>e50b547</code></a>
Upgrade ECJ to 3.37.0 (<a
href="https://redirect.github.com/jacoco/jacoco/issues/1590">#1590</a>)</li>
<li><a
href="https://github.com/jacoco/jacoco/commit/a1144d02ff0f89d6603214676730a2d5616cf466"><code>a1144d0</code></a>
Upgrade maven-site-plugin to 3.12.1 (<a
href="https://redirect.github.com/jacoco/jacoco/issues/1586">#1586</a>)</li>
<li><a
href="https://github.com/jacoco/jacoco/commit/04b0141d6ae5e6d1f00f15341b29dd4734ab778a"><code>04b0141</code></a>
Bump actions/setup-java from 4.0.0 to 4.1.0 (<a
href="https://redirect.github.com/jacoco/jacoco/issues/1587">#1587</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/jacoco/jacoco/compare/v0.8.11...v0.8.12">compare
view</a></li>
</ul>
</details>
<br />

Updates `org.apache.maven.plugins:maven-shade-plugin` from 3.5.1 to
3.6.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/maven-shade-plugin/commit/9a572e232d652a12a2404fe3cbe57fb588a87318"><code>9a572e2</code></a>
[maven-release-plugin] prepare release maven-shade-plugin-3.6.0</li>
<li><a
href="https://github.com/apache/maven-shade-plugin/commit/ade2e359214c4094876b0100c97b9a55aecc4c2e"><code>ade2e35</code></a>
[MSHADE-428] Prevent null value in array of transformers (<a
href="https://redirect.github.com/apache/maven-shade-plugin/issues/229">#229</a>)</li>
<li><a
href="https://github.com/apache/maven-shade-plugin/commit/b573b8c498ea12cd2b84edb45be3036d9853d03e"><code>b573b8c</code></a>
[MSHADE-478] Extra JARs feature (<a
href="https://redirect.github.com/apache/maven-shade-plugin/issues/228">#228</a>)</li>
<li><a
href="https://github.com/apache/maven-shade-plugin/commit/199ffaecd26a912527173ed4edae366e48a00998"><code>199ffae</code></a>
Drop the cruft (<a
href="https://redirect.github.com/apache/maven-shade-plugin/issues/225">#225</a>)</li>
<li><a
href="https://github.com/apache/maven-shade-plugin/commit/912a81d95da870e2384359b2836caca4f2d1299f"><code>912a81d</code></a>
Bump maven-gh-actions-shared to v4</li>
<li><a
href="https://github.com/apache/maven-shade-plugin/commit/80e44203f4ed2169b6186a29a7112aa8ed01c7a3"><code>80e4420</code></a>
[maven-release-plugin] prepare for next development iteration</li>
<li><a
href="https://github.com/apache/maven-shade-plugin/commit/19618cde0df300251dfd49bb5a043e31b8dfe8c0"><code>19618cd</code></a>
[maven-release-plugin] prepare release maven-shade-plugin-3.5.3</li>
<li><a
href="https://github.com/apache/maven-shade-plugin/commit/faf233e315c7d8876a9714e15f3427429de0f9dd"><code>faf233e</code></a>
[MSHADE-472] upgrade parent POM</li>
<li><a href="https://github.com/apache/maven-shade-plugin/commit/7de9...

_Description has been truncated_

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 java/pgv-artifacts/pom.xml            |  4 ++--
 java/pgv-java-grpc/pom.xml            |  2 +-
 java/pgv-java-stub/pom.xml            |  2 +-
 java/pgv-java-validation/pom.xml      |  4 ++--
 java/pgv-test-coverage-report/pom.xml |  2 +-
 java/pom.xml                          | 24 ++++++++++++------------
 6 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/java/pgv-artifacts/pom.xml b/java/pgv-artifacts/pom.xml
index b6b8c541c..8acf93eeb 100644
--- a/java/pgv-artifacts/pom.xml
+++ b/java/pgv-artifacts/pom.xml
@@ -17,7 +17,7 @@
             <plugin>
                 <groupId>org.codehaus.mojo</groupId>
                 <artifactId>exec-maven-plugin</artifactId>
-                <version>3.1.1</version>
+                <version>3.5.0</version>
                 <executions>
                     <execution>
                         <id>osx-x86_64</id>
@@ -165,7 +165,7 @@
             <plugin>
                 <groupId>org.codehaus.mojo</groupId>
                 <artifactId>build-helper-maven-plugin</artifactId>
-                <version>3.5.0</version>
+                <version>3.6.0</version>
                 <executions>
                     <execution>
                         <id>attach-artifacts</id>
diff --git a/java/pgv-java-grpc/pom.xml b/java/pgv-java-grpc/pom.xml
index 73c5ceb09..3de173c43 100644
--- a/java/pgv-java-grpc/pom.xml
+++ b/java/pgv-java-grpc/pom.xml
@@ -109,7 +109,7 @@
             <plugin>
                 <groupId>org.jacoco</groupId>
                 <artifactId>jacoco-maven-plugin</artifactId>
-                <version>0.8.11</version>
+                <version>0.8.12</version>
                 <executions>
                     <execution>
                         <goals>
diff --git a/java/pgv-java-stub/pom.xml b/java/pgv-java-stub/pom.xml
index f4de7d2de..e36f462d6 100644
--- a/java/pgv-java-stub/pom.xml
+++ b/java/pgv-java-stub/pom.xml
@@ -113,7 +113,7 @@
             <plugin>
                 <groupId>org.jacoco</groupId>
                 <artifactId>jacoco-maven-plugin</artifactId>
-                <version>0.8.11</version>
+                <version>0.8.12</version>
                 <executions>
                     <execution>
                         <goals>
diff --git a/java/pgv-java-validation/pom.xml b/java/pgv-java-validation/pom.xml
index e4104e967..dc9745474 100644
--- a/java/pgv-java-validation/pom.xml
+++ b/java/pgv-java-validation/pom.xml
@@ -93,7 +93,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-shade-plugin</artifactId>
-                <version>3.5.1</version>
+                <version>3.6.0</version>
                 <executions>
                     <execution>
                         <phase>package</phase>
@@ -116,7 +116,7 @@
             <plugin>
                 <groupId>org.jacoco</groupId>
                 <artifactId>jacoco-maven-plugin</artifactId>
-                <version>0.8.11</version>
+                <version>0.8.12</version>
                 <executions>
                     <execution>
                         <goals>
diff --git a/java/pgv-test-coverage-report/pom.xml b/java/pgv-test-coverage-report/pom.xml
index 711871e17..244a895ce 100644
--- a/java/pgv-test-coverage-report/pom.xml
+++ b/java/pgv-test-coverage-report/pom.xml
@@ -38,7 +38,7 @@
             <plugin>
                 <groupId>org.jacoco</groupId>
                 <artifactId>jacoco-maven-plugin</artifactId>
-                <version>0.8.11</version>
+                <version>0.8.12</version>
                 <executions>
                     <execution>
                         <goals>
diff --git a/java/pom.xml b/java/pom.xml
index c1b94e8d7..b879c2370 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -39,17 +39,17 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 
         <protoc.version>3.22.2</protoc.version>
-        <google.protobuf.version>3.25.1</google.protobuf.version>
+        <google.protobuf.version>4.28.3</google.protobuf.version>
         <protobuf.maven.plugin.version>0.6.1</protobuf.maven.plugin.version>
 
         <re2j.version>1.7</re2j.version>
-        <commons.validator.version>1.8.0</commons.validator.version>
-        <grpc.version>1.60.1</grpc.version>
+        <commons.validator.version>1.9.0</commons.validator.version>
+        <grpc.version>1.68.1</grpc.version>
         <junit.version>4.13.2</junit.version>
-        <assertj.version>3.25.1</assertj.version>
+        <assertj.version>3.26.3</assertj.version>
         <java.release>8</java.release>
         <java.version>1.8</java.version>
-        <proto-google-common-protos.version>2.30.0</proto-google-common-protos.version>
+        <proto-google-common-protos.version>2.49.0</proto-google-common-protos.version>
     </properties>
 
     <dependencies>
@@ -72,7 +72,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
-                <version>3.12.1</version>
+                <version>3.13.0</version>
                 <configuration>
                     <release>${java.release}</release>
                     <source>${java.version}</source>
@@ -84,7 +84,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
-                <version>3.2.3</version>
+                <version>3.5.2</version>
                 <configuration>
                     <useSystemClassLoader>false</useSystemClassLoader>
                 </configuration>
@@ -93,7 +93,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-javadoc-plugin</artifactId>
-                <version>3.6.3</version>
+                <version>3.11.1</version>
                 <configuration>
                     <author>false</author>
                     <breakiterator>true</breakiterator>
@@ -115,7 +115,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-source-plugin</artifactId>
-                <version>3.3.0</version>
+                <version>3.3.1</version>
                 <executions>
                     <execution>
                         <id>attach-sources</id>
@@ -136,7 +136,7 @@
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-release-plugin</artifactId>
-                        <version>3.0.1</version>
+                        <version>3.1.1</version>
                         <configuration>
                             <autoVersionSubmodules>true</autoVersionSubmodules>
                             <tagNameFormat>v@{project.version}-java</tagNameFormat>
@@ -151,7 +151,7 @@
                     <plugin>
                         <groupId>org.codehaus.mojo</groupId>
                         <artifactId>versions-maven-plugin</artifactId>
-                        <version>2.16.2</version>
+                        <version>2.18.0</version>
                     </plugin>
 
                     <plugin>
@@ -176,7 +176,7 @@
                     <plugin>
                         <groupId>org.apache.maven.plugins</groupId>
                         <artifactId>maven-gpg-plugin</artifactId>
-                        <version>3.1.0</version>
+                        <version>3.2.7</version>
                         <executions>
                             <execution>
                                 <id>sign-artifacts</id>

From bbd0e2576f527626b85196a2df7dc7a2b0b90ab3 Mon Sep 17 00:00:00 2001
From: Keith Smiley <keithbsmiley@gmail.com>
Date: Tue, 26 Nov 2024 09:28:37 -0800
Subject: [PATCH 10/27] Update bazel and deps (#1111)

This modernizes the bazel setup to support 7.x, still using the
WORKSPACE
---
 .bazelignore                                  |   1 +
 .bazelrc                                      |   2 +
 .bazelversion                                 |   2 +-
 WORKSPACE                                     |  13 ++-
 bazel/dependency_imports.bzl                  |   9 +-
 bazel/extra_dependency_imports.bzl            |  22 ++++
 bazel/protobuf.bzl                            |   1 +
 bazel/repositories.bzl                        |  82 ++++----------
 example-workspace/.bazelrc                    |   2 +-
 example-workspace/.bazelversion               |   1 +
 example-workspace/BUILD                       |  27 ++---
 example-workspace/WORKSPACE                   |   9 +-
 example-workspace/foo/BUILD                   |   8 +-
 .../src/main/java/io/envoyproxy/pgv/BUILD     |   2 +-
 python/BUILD                                  |   9 +-
 python/requirements.in                        |   2 +-
 python/requirements.txt                       | 100 ++++++++++++++++++
 python/setup.cfg                              |   2 +-
 requirements.txt                              |   2 +-
 tests/harness/BUILD                           |   7 +-
 tests/harness/cases/BUILD                     |  36 +------
 tests/harness/cases/other_package/BUILD       |  10 +-
 tests/harness/cases/sort/BUILD                |  10 +-
 tests/harness/cases/yet_another_package/BUILD |  10 +-
 validate/BUILD                                |   7 +-
 25 files changed, 221 insertions(+), 155 deletions(-)
 create mode 100644 .bazelignore
 create mode 100644 .bazelrc
 create mode 100644 bazel/extra_dependency_imports.bzl
 mode change 100644 => 120000 example-workspace/.bazelrc
 create mode 120000 example-workspace/.bazelversion
 create mode 100644 python/requirements.txt

diff --git a/.bazelignore b/.bazelignore
new file mode 100644
index 000000000..f321e2271
--- /dev/null
+++ b/.bazelignore
@@ -0,0 +1 @@
+example-workspace
diff --git a/.bazelrc b/.bazelrc
new file mode 100644
index 000000000..1fdd383d5
--- /dev/null
+++ b/.bazelrc
@@ -0,0 +1,2 @@
+# TODO: Add support for bzlmod
+common --enable_bzlmod=false
diff --git a/.bazelversion b/.bazelversion
index 6abaeb2f9..a8a188756 100644
--- a/.bazelversion
+++ b/.bazelversion
@@ -1 +1 @@
-6.2.0
+7.1.2
diff --git a/WORKSPACE b/WORKSPACE
index 29e4f9d6f..6e5744726 100644
--- a/WORKSPACE
+++ b/WORKSPACE
@@ -4,11 +4,18 @@ load("//bazel:repositories.bzl", "pgv_dependencies")
 
 pgv_dependencies()
 
+load("@rules_python//python:repositories.bzl", "py_repositories")
+
+py_repositories()
+
 load("//bazel:dependency_imports.bzl", "pgv_dependency_imports")
 
 pgv_dependency_imports()
 
-load("//:dependencies.bzl", "go_third_party")
+load("//bazel:extra_dependency_imports.bzl", "pgv_extra_dependency_imports")
+
+pgv_extra_dependency_imports()
+
+load("@maven//:defs.bzl", "pinned_maven_install")
 
-# gazelle:repository_macro dependencies.bzl%go_third_party
-go_third_party()
+pinned_maven_install()
diff --git a/bazel/dependency_imports.bzl b/bazel/dependency_imports.bzl
index 65c61dcf1..666edf7a8 100644
--- a/bazel/dependency_imports.bzl
+++ b/bazel/dependency_imports.bzl
@@ -1,15 +1,16 @@
 load("@bazel_gazelle//:deps.bzl", "gazelle_dependencies")
 load("@com_google_protobuf//:protobuf_deps.bzl", "protobuf_deps")
 load("@io_bazel_rules_go//go:deps.bzl", "go_register_toolchains", "go_rules_dependencies")
-load("@rules_proto//proto:repositories.bzl", "rules_proto_dependencies", "rules_proto_toolchains")
-load("@rules_python//python:pip.bzl", "pip_install")
+load("@rules_proto//proto:repositories.bzl", "rules_proto_dependencies")
+load("@rules_proto//proto:toolchains.bzl", "rules_proto_toolchains")
+load("@rules_python//python:pip.bzl", "pip_parse")
 
 def _pgv_pip_dependencies():
     # This rule translates the specified requirements.in (which must be same as install_requires from setup.cfg)
     # into @pgv_pip_deps//:requirements.bzl.
-    pip_install(
+    pip_parse(
         name = "pgv_pip_deps",
-        requirements = "@com_envoyproxy_protoc_gen_validate//python:requirements.in",
+        requirements_lock = "@com_envoyproxy_protoc_gen_validate//python:requirements.txt",
     )
 
 def _pgv_go_dependencies():
diff --git a/bazel/extra_dependency_imports.bzl b/bazel/extra_dependency_imports.bzl
new file mode 100644
index 000000000..b78260665
--- /dev/null
+++ b/bazel/extra_dependency_imports.bzl
@@ -0,0 +1,22 @@
+load("@bazel_features//:deps.bzl", "bazel_features_deps")
+load("@com_google_protobuf//:protobuf_deps.bzl", "PROTOBUF_MAVEN_ARTIFACTS")
+load("@pgv_pip_deps//:requirements.bzl", "install_deps")
+load("@rules_jvm_external//:defs.bzl", "maven_install")
+load("//:dependencies.bzl", "go_third_party")
+
+def pgv_extra_dependency_imports():
+    bazel_features_deps()
+
+    install_deps()
+
+    # gazelle:repository_macro dependencies.bzl%go_third_party
+    go_third_party()
+
+    maven_install(
+        artifacts = PROTOBUF_MAVEN_ARTIFACTS,
+        maven_install_json = "@com_google_protobuf//:maven_install.json",
+        repositories = [
+            "https://repo1.maven.org/maven2",
+            "https://repo.maven.apache.org/maven2",
+        ],
+    )
diff --git a/bazel/protobuf.bzl b/bazel/protobuf.bzl
index 62f0869a0..67557f64d 100644
--- a/bazel/protobuf.bzl
+++ b/bazel/protobuf.bzl
@@ -238,4 +238,5 @@ java_proto_gen_validate = rule(
         "srcjar": "lib%{name}-src.jar",
     },
     implementation = _java_proto_gen_validate_impl,
+    toolchains = ["@bazel_tools//tools/jdk:toolchain_type"],
 )
diff --git a/bazel/repositories.bzl b/bazel/repositories.bzl
index 0cdd25a71..a585c0c42 100644
--- a/bazel/repositories.bzl
+++ b/bazel/repositories.bzl
@@ -1,4 +1,3 @@
-load("@bazel_tools//tools/build_defs/repo:git.bzl", "git_repository")
 load("@bazel_tools//tools/build_defs/repo:http.bzl", "http_archive")
 load("@bazel_tools//tools/build_defs/repo:jvm.bzl", "jvm_maven_import_external")
 
@@ -8,29 +7,26 @@ def pgv_dependencies(maven_repos = _DEFAULT_REPOSITORIES):
     if not native.existing_rule("io_bazel_rules_go"):
         http_archive(
             name = "io_bazel_rules_go",
-            sha256 = "91585017debb61982f7054c9688857a2ad1fd823fc3f9cb05048b0025c47d023",
+            sha256 = "33acc4ae0f70502db4b893c9fc1dd7a9bf998c23e7ff2c4517741d4049a976f8",
             urls = [
-                "https://mirror.bazel.build/github.com/bazelbuild/rules_go/releases/download/v0.42.0/rules_go-v0.42.0.zip",
-                "https://github.com/bazelbuild/rules_go/releases/download/v0.42.0/rules_go-v0.42.0.zip",
+                "https://mirror.bazel.build/github.com/bazelbuild/rules_go/releases/download/v0.48.0/rules_go-v0.48.0.zip",
+                "https://github.com/bazelbuild/rules_go/releases/download/v0.48.0/rules_go-v0.48.0.zip",
             ],
         )
 
     if not native.existing_rule("bazel_gazelle"):
         http_archive(
             name = "bazel_gazelle",
-            sha256 = "d3fa66a39028e97d76f9e2db8f1b0c11c099e8e01bf363a923074784e451f809",
-            urls = [
-                "https://mirror.bazel.build/github.com/bazelbuild/bazel-gazelle/releases/download/v0.33.0/bazel-gazelle-v0.33.0.tar.gz",
-                "https://github.com/bazelbuild/bazel-gazelle/releases/download/v0.33.0/bazel-gazelle-v0.33.0.tar.gz",
-            ],
+            sha256 = "d76bf7a60fd8b050444090dfa2837a4eaf9829e1165618ee35dceca5cbdf58d5",
+            url = "https://github.com/bazelbuild/bazel-gazelle/releases/download/v0.37.0/bazel-gazelle-v0.37.0.tar.gz",
         )
 
     if not native.existing_rule("com_google_protobuf"):
         http_archive(
             name = "com_google_protobuf",
-            url = "https://github.com/protocolbuffers/protobuf/archive/v3.15.3.tar.gz",
-            sha256 = "b10bf4e2d1a7586f54e64a5d9e7837e5188fc75ae69e36f215eb01def4f9721b",
-            strip_prefix = "protobuf-3.15.3",
+            url = "https://github.com/protocolbuffers/protobuf/releases/download/v27.0/protobuf-27.0.tar.gz",
+            sha256 = "da288bf1daa6c04d03a9051781caa52aceb9163586bff9aa6cfb12f69b9395aa",
+            strip_prefix = "protobuf-27.0",
         )
 
     # TODO(akonradi): This shouldn't be necessary since the same http_archive block is imported by
@@ -51,14 +47,6 @@ def pgv_dependencies(maven_repos = _DEFAULT_REPOSITORIES):
             urls = ["https://github.com/bazelbuild/bazel-skylib/releases/download/1.4.2/bazel-skylib-1.4.2.tar.gz"],
         )
 
-    if not native.existing_rule("six"):
-        http_archive(
-            name = "six",
-            build_file = "@com_google_protobuf//:third_party/six.BUILD",
-            sha256 = "d16a0141ec1a18405cd4ce8b4613101da75da0e9a7aec5bdd4fa804d0e0eba73",
-            urls = ["https://pypi.python.org/packages/source/s/six/six-1.12.0.tar.gz"],
-        )
-
     if not native.existing_rule("com_google_re2j"):
         jvm_maven_import_external(
             name = "com_google_re2j",
@@ -83,40 +71,6 @@ def pgv_dependencies(maven_repos = _DEFAULT_REPOSITORIES):
             server_urls = maven_repos,
         )
 
-    if not native.existing_rule("guava"):
-        native.bind(
-            name = "guava",
-            actual = "@com_google_guava//jar",
-        )
-
-    if not native.existing_rule("com_google_gson"):
-        jvm_maven_import_external(
-            name = "com_google_gson",
-            artifact = "com.google.code.gson:gson:2.8.5",
-            artifact_sha256 = "233a0149fc365c9f6edbd683cfe266b19bdc773be98eabdaf6b3c924b48e7d81",
-            server_urls = maven_repos,
-        )
-
-    if not native.existing_rule("gson"):
-        native.bind(
-            name = "gson",
-            actual = "@com_google_gson//jar",
-        )
-
-    if not native.existing_rule("error_prone_annotations_maven"):
-        jvm_maven_import_external(
-            name = "error_prone_annotations_maven",
-            artifact = "com.google.errorprone:error_prone_annotations:2.3.2",
-            artifact_sha256 = "357cd6cfb067c969226c442451502aee13800a24e950fdfde77bcdb4565a668d",
-            server_urls = maven_repos,
-        )
-
-    if not native.existing_rule("error_prone_annotations"):
-        native.bind(
-            name = "error_prone_annotations",
-            actual = "@error_prone_annotations_maven//jar",
-        )
-
     if not native.existing_rule("org_apache_commons_validator"):
         jvm_maven_import_external(
             name = "org_apache_commons_validator",
@@ -128,15 +82,23 @@ def pgv_dependencies(maven_repos = _DEFAULT_REPOSITORIES):
     if not native.existing_rule("rules_python"):
         http_archive(
             name = "rules_python",
-            sha256 = "b593d13bb43c94ce94b483c2858e53a9b811f6f10e1e0eedc61073bd90e58d9c",
-            strip_prefix = "rules_python-0.12.0",
-            url = "https://github.com/bazelbuild/rules_python/archive/refs/tags/0.12.0.tar.gz",
+            sha256 = "4912ced70dc1a2a8e4b86cec233b192ca053e82bc72d877b98e126156e8f228d",
+            strip_prefix = "rules_python-0.32.2",
+            url = "https://github.com/bazelbuild/rules_python/releases/download/0.32.2/rules_python-0.32.2.tar.gz",
         )
 
     if not native.existing_rule("rules_proto"):
         http_archive(
             name = "rules_proto",
-            sha256 = "2490dca4f249b8a9a3ab07bd1ba6eca085aaf8e45a734af92aad0c42d9dc7aaf",
-            strip_prefix = "rules_proto-218ffa7dfa5408492dc86c01ee637614f8695c45",
-            urls = ["https://github.com/bazelbuild/rules_proto/archive/218ffa7dfa5408492dc86c01ee637614f8695c45.tar.gz"],
+            sha256 = "303e86e722a520f6f326a50b41cfc16b98fe6d1955ce46642a5b7a67c11c0f5d",
+            strip_prefix = "rules_proto-6.0.0",
+            url = "https://github.com/bazelbuild/rules_proto/releases/download/6.0.0/rules_proto-6.0.0.tar.gz",
+        )
+
+    if not native.existing_rule("rules_cc"):
+        http_archive(
+            name = "rules_cc",
+            sha256 = "2037875b9a4456dce4a79d112a8ae885bbc4aad968e6587dca6e64f3a0900cdf",
+            strip_prefix = "rules_cc-0.0.9",
+            url = "https://github.com/bazelbuild/rules_cc/releases/download/0.0.9/rules_cc-0.0.9.tar.gz",
         )
diff --git a/example-workspace/.bazelrc b/example-workspace/.bazelrc
deleted file mode 100644
index 36db65165..000000000
--- a/example-workspace/.bazelrc
+++ /dev/null
@@ -1 +0,0 @@
-build --incompatible_use_cc_configure_from_rules_cc
diff --git a/example-workspace/.bazelrc b/example-workspace/.bazelrc
new file mode 120000
index 000000000..adb61980d
--- /dev/null
+++ b/example-workspace/.bazelrc
@@ -0,0 +1 @@
+../.bazelrc
\ No newline at end of file
diff --git a/example-workspace/.bazelversion b/example-workspace/.bazelversion
new file mode 120000
index 000000000..b33260497
--- /dev/null
+++ b/example-workspace/.bazelversion
@@ -0,0 +1 @@
+../.bazelversion
\ No newline at end of file
diff --git a/example-workspace/BUILD b/example-workspace/BUILD
index 75ce9c8b2..04fd48d2e 100644
--- a/example-workspace/BUILD
+++ b/example-workspace/BUILD
@@ -1,3 +1,10 @@
+load("@rules_python//python:defs.bzl", "py_binary")
+# Example python binary that uses the dynamic python validation code.
+#
+# Exactly as example_cc above except different label. Example:
+#
+# bazel run //:example_py -- $(pwd)/valid.textproto
+
 # Example C++ binary that uses the generated validation code.
 #
 # This binary attempts to read files named on the command line as binary protos.
@@ -26,37 +33,33 @@ cc_binary(
     deps = ["//foo:bar_cc_proto"],
 )
 
-# Example python binary that uses the dynamic python validation code.
-#
-# Exactly as example_cc above except different label. Example:
-#
-# bazel run //:example_py -- $(pwd)/valid.textproto
-
 py_binary(
     name = "example_py",
     srcs = ["example.py"],
     main = "example.py",
     srcs_version = "PY3",
     deps = [
-        "@com_google_protobuf//:protobuf_python",
-        "@com_envoyproxy_protoc_gen_validate//python:validator_py",
         "//foo:bar_py_proto",
+        "@com_envoyproxy_protoc_gen_validate//python:validator_py",
     ],
 )
 
 # Test that the example textproto inputs evoke the right responses.
 [
     sh_test(
-        name = "example_{lang}_test_{which}".format(lang=lang, which=which),
+        name = "example_{lang}_test_{which}".format(
+            lang = lang,
+            which = which,
+        ),
         srcs = ["example_test.sh"],
         args = [
-            "$(location :example_{lang})".format(lang=lang),
+            "$(location :example_{lang})".format(lang = lang),
             str(code),
-            "$(location :{which})".format(which=which),
+            "$(location :{which})".format(which = which),
         ],
         data = [
             which,
-            ":example_{lang}".format(lang=lang),
+            ":example_{lang}".format(lang = lang),
         ],
     )
     for lang in (
diff --git a/example-workspace/WORKSPACE b/example-workspace/WORKSPACE
index 95d52d705..cfb04f2f7 100644
--- a/example-workspace/WORKSPACE
+++ b/example-workspace/WORKSPACE
@@ -15,12 +15,15 @@ load("@com_envoyproxy_protoc_gen_validate//bazel:repositories.bzl", "pgv_depende
 
 pgv_dependencies()
 
+load("@rules_python//python:repositories.bzl", "py_repositories")
+
+py_repositories()
+
 # Perform any necessary actions to initialize dependencies.
 load("@com_envoyproxy_protoc_gen_validate//bazel:dependency_imports.bzl", "pgv_dependency_imports")
 
 pgv_dependency_imports()
 
-load("@com_envoyproxy_protoc_gen_validate//:dependencies.bzl", "go_third_party")
+load("@com_envoyproxy_protoc_gen_validate//bazel:extra_dependency_imports.bzl", "pgv_extra_dependency_imports")
 
-# gazelle:repository_macro dependencies.bzl%go_third_party
-go_third_party()
+pgv_extra_dependency_imports()
diff --git a/example-workspace/foo/BUILD b/example-workspace/foo/BUILD
index 4bcff3250..42fb03e4e 100644
--- a/example-workspace/foo/BUILD
+++ b/example-workspace/foo/BUILD
@@ -1,5 +1,5 @@
 load("@com_envoyproxy_protoc_gen_validate//bazel:pgv_proto_library.bzl", "pgv_cc_proto_library")
-load("@com_google_protobuf//:protobuf.bzl", "py_proto_library")
+load("@rules_python//python:proto.bzl", "py_proto_library")
 
 package(
     default_visibility = ["//visibility:public"],
@@ -35,9 +35,5 @@ cc_test(
 
 py_proto_library(
     name = "bar_py_proto",
-    srcs = ["bar.proto"],
-    deps = [
-        "@com_envoyproxy_protoc_gen_validate//validate:validate_py",
-        "@com_google_protobuf//:protobuf_python",
-    ],
+    deps = ["bar_proto"],
 )
diff --git a/java/pgv-java-stub/src/main/java/io/envoyproxy/pgv/BUILD b/java/pgv-java-stub/src/main/java/io/envoyproxy/pgv/BUILD
index 2839b30a0..7a49670b7 100644
--- a/java/pgv-java-stub/src/main/java/io/envoyproxy/pgv/BUILD
+++ b/java/pgv-java-stub/src/main/java/io/envoyproxy/pgv/BUILD
@@ -5,7 +5,7 @@ java_library(
     srcs = glob(["*.java"]),
     visibility = ["//visibility:public"],
     deps = [
-        "//external:guava",
+        "@com_google_guava//jar",
         "@com_google_protobuf//:protobuf_java",
         "@com_google_protobuf//:protobuf_java_util",
         "@com_google_re2j//jar",
diff --git a/python/BUILD b/python/BUILD
index bf99c5f5d..23bccc91c 100644
--- a/python/BUILD
+++ b/python/BUILD
@@ -1,11 +1,18 @@
-load("@rules_python//python:defs.bzl", "py_library")
 load("@pgv_pip_deps//:requirements.bzl", "all_requirements")
+load("@rules_python//python:defs.bzl", "py_library")
+load("@rules_python//python:pip.bzl", "compile_pip_requirements")
 
 exports_files([
+    "requirements.txt",
     "requirements.in",
     "setup.cfg",
 ])
 
+compile_pip_requirements(
+    name = "requirements",
+    src = "requirements.in",
+)
+
 py_library(
     name = "validator_py",
     srcs = glob(["**/*.py"]),
diff --git a/python/requirements.in b/python/requirements.in
index f0fc9389e..29cb02904 100644
--- a/python/requirements.in
+++ b/python/requirements.in
@@ -3,5 +3,5 @@
 # See requirements_test.py for more context.
 validate-email>=1.3
 Jinja2>=2.11.1
-protobuf>=3.6.1
+protobuf>=5.27.0
 astunparse>=1.6.3
diff --git a/python/requirements.txt b/python/requirements.txt
new file mode 100644
index 000000000..371d0c840
--- /dev/null
+++ b/python/requirements.txt
@@ -0,0 +1,100 @@
+#
+# This file is autogenerated by pip-compile with Python 3.10
+# by the following command:
+#
+#    bazel run //python:requirements.update
+#
+astunparse==1.6.3 \
+    --hash=sha256:5ad93a8456f0d084c3456d059fd9a92cce667963232cbf763eac3bc5b7940872 \
+    --hash=sha256:c2652417f2c8b5bb325c885ae329bdf3f86424075c4fd1a128674bc6fba4b8e8
+    # via -r python/requirements.in
+jinja2==3.1.4 \
+    --hash=sha256:4a3aee7acbbe7303aede8e9648d13b8bf88a429282aa6122a993f0ac800cb369 \
+    --hash=sha256:bc5dd2abb727a5319567b7a813e6a2e7318c39f4f487cfe6c89c6f9c7d25197d
+    # via -r python/requirements.in
+markupsafe==2.1.5 \
+    --hash=sha256:00e046b6dd71aa03a41079792f8473dc494d564611a8f89bbbd7cb93295ebdcf \
+    --hash=sha256:075202fa5b72c86ad32dc7d0b56024ebdbcf2048c0ba09f1cde31bfdd57bcfff \
+    --hash=sha256:0e397ac966fdf721b2c528cf028494e86172b4feba51d65f81ffd65c63798f3f \
+    --hash=sha256:17b950fccb810b3293638215058e432159d2b71005c74371d784862b7e4683f3 \
+    --hash=sha256:1f3fbcb7ef1f16e48246f704ab79d79da8a46891e2da03f8783a5b6fa41a9532 \
+    --hash=sha256:2174c595a0d73a3080ca3257b40096db99799265e1c27cc5a610743acd86d62f \
+    --hash=sha256:2b7c57a4dfc4f16f7142221afe5ba4e093e09e728ca65c51f5620c9aaeb9a617 \
+    --hash=sha256:2d2d793e36e230fd32babe143b04cec8a8b3eb8a3122d2aceb4a371e6b09b8df \
+    --hash=sha256:30b600cf0a7ac9234b2638fbc0fb6158ba5bdcdf46aeb631ead21248b9affbc4 \
+    --hash=sha256:397081c1a0bfb5124355710fe79478cdbeb39626492b15d399526ae53422b906 \
+    --hash=sha256:3a57fdd7ce31c7ff06cdfbf31dafa96cc533c21e443d57f5b1ecc6cdc668ec7f \
+    --hash=sha256:3c6b973f22eb18a789b1460b4b91bf04ae3f0c4234a0a6aa6b0a92f6f7b951d4 \
+    --hash=sha256:3e53af139f8579a6d5f7b76549125f0d94d7e630761a2111bc431fd820e163b8 \
+    --hash=sha256:4096e9de5c6fdf43fb4f04c26fb114f61ef0bf2e5604b6ee3019d51b69e8c371 \
+    --hash=sha256:4275d846e41ecefa46e2015117a9f491e57a71ddd59bbead77e904dc02b1bed2 \
+    --hash=sha256:4c31f53cdae6ecfa91a77820e8b151dba54ab528ba65dfd235c80b086d68a465 \
+    --hash=sha256:4f11aa001c540f62c6166c7726f71f7573b52c68c31f014c25cc7901deea0b52 \
+    --hash=sha256:5049256f536511ee3f7e1b3f87d1d1209d327e818e6ae1365e8653d7e3abb6a6 \
+    --hash=sha256:58c98fee265677f63a4385256a6d7683ab1832f3ddd1e66fe948d5880c21a169 \
+    --hash=sha256:598e3276b64aff0e7b3451b72e94fa3c238d452e7ddcd893c3ab324717456bad \
+    --hash=sha256:5b7b716f97b52c5a14bffdf688f971b2d5ef4029127f1ad7a513973cfd818df2 \
+    --hash=sha256:5dedb4db619ba5a2787a94d877bc8ffc0566f92a01c0ef214865e54ecc9ee5e0 \
+    --hash=sha256:619bc166c4f2de5caa5a633b8b7326fbe98e0ccbfacabd87268a2b15ff73a029 \
+    --hash=sha256:629ddd2ca402ae6dbedfceeba9c46d5f7b2a61d9749597d4307f943ef198fc1f \
+    --hash=sha256:656f7526c69fac7f600bd1f400991cc282b417d17539a1b228617081106feb4a \
+    --hash=sha256:6ec585f69cec0aa07d945b20805be741395e28ac1627333b1c5b0105962ffced \
+    --hash=sha256:72b6be590cc35924b02c78ef34b467da4ba07e4e0f0454a2c5907f473fc50ce5 \
+    --hash=sha256:7502934a33b54030eaf1194c21c692a534196063db72176b0c4028e140f8f32c \
+    --hash=sha256:7a68b554d356a91cce1236aa7682dc01df0edba8d043fd1ce607c49dd3c1edcf \
+    --hash=sha256:7b2e5a267c855eea6b4283940daa6e88a285f5f2a67f2220203786dfa59b37e9 \
+    --hash=sha256:823b65d8706e32ad2df51ed89496147a42a2a6e01c13cfb6ffb8b1e92bc910bb \
+    --hash=sha256:8590b4ae07a35970728874632fed7bd57b26b0102df2d2b233b6d9d82f6c62ad \
+    --hash=sha256:8dd717634f5a044f860435c1d8c16a270ddf0ef8588d4887037c5028b859b0c3 \
+    --hash=sha256:8dec4936e9c3100156f8a2dc89c4b88d5c435175ff03413b443469c7c8c5f4d1 \
+    --hash=sha256:97cafb1f3cbcd3fd2b6fbfb99ae11cdb14deea0736fc2b0952ee177f2b813a46 \
+    --hash=sha256:a17a92de5231666cfbe003f0e4b9b3a7ae3afb1ec2845aadc2bacc93ff85febc \
+    --hash=sha256:a549b9c31bec33820e885335b451286e2969a2d9e24879f83fe904a5ce59d70a \
+    --hash=sha256:ac07bad82163452a6884fe8fa0963fb98c2346ba78d779ec06bd7a6262132aee \
+    --hash=sha256:ae2ad8ae6ebee9d2d94b17fb62763125f3f374c25618198f40cbb8b525411900 \
+    --hash=sha256:b91c037585eba9095565a3556f611e3cbfaa42ca1e865f7b8015fe5c7336d5a5 \
+    --hash=sha256:bc1667f8b83f48511b94671e0e441401371dfd0f0a795c7daa4a3cd1dde55bea \
+    --hash=sha256:bec0a414d016ac1a18862a519e54b2fd0fc8bbfd6890376898a6c0891dd82e9f \
+    --hash=sha256:bf50cd79a75d181c9181df03572cdce0fbb75cc353bc350712073108cba98de5 \
+    --hash=sha256:bff1b4290a66b490a2f4719358c0cdcd9bafb6b8f061e45c7a2460866bf50c2e \
+    --hash=sha256:c061bb86a71b42465156a3ee7bd58c8c2ceacdbeb95d05a99893e08b8467359a \
+    --hash=sha256:c8b29db45f8fe46ad280a7294f5c3ec36dbac9491f2d1c17345be8e69cc5928f \
+    --hash=sha256:ce409136744f6521e39fd8e2a24c53fa18ad67aa5bc7c2cf83645cce5b5c4e50 \
+    --hash=sha256:d050b3361367a06d752db6ead6e7edeb0009be66bc3bae0ee9d97fb326badc2a \
+    --hash=sha256:d283d37a890ba4c1ae73ffadf8046435c76e7bc2247bbb63c00bd1a709c6544b \
+    --hash=sha256:d9fad5155d72433c921b782e58892377c44bd6252b5af2f67f16b194987338a4 \
+    --hash=sha256:daa4ee5a243f0f20d528d939d06670a298dd39b1ad5f8a72a4275124a7819eff \
+    --hash=sha256:db0b55e0f3cc0be60c1f19efdde9a637c32740486004f20d1cff53c3c0ece4d2 \
+    --hash=sha256:e61659ba32cf2cf1481e575d0462554625196a1f2fc06a1c777d3f48e8865d46 \
+    --hash=sha256:ea3d8a3d18833cf4304cd2fc9cbb1efe188ca9b5efef2bdac7adc20594a0e46b \
+    --hash=sha256:ec6a563cff360b50eed26f13adc43e61bc0c04d94b8be985e6fb24b81f6dcfdf \
+    --hash=sha256:f5dfb42c4604dddc8e4305050aa6deb084540643ed5804d7455b5df8fe16f5e5 \
+    --hash=sha256:fa173ec60341d6bb97a89f5ea19c85c5643c1e7dedebc22f5181eb73573142c5 \
+    --hash=sha256:fa9db3f79de01457b03d4f01b34cf91bc0048eb2c3846ff26f66687c2f6d16ab \
+    --hash=sha256:fce659a462a1be54d2ffcacea5e3ba2d74daa74f30f5f143fe0c58636e355fdd \
+    --hash=sha256:ffee1f21e5ef0d712f9033568f8344d5da8cc2869dbd08d87c84656e6a2d2f68
+    # via jinja2
+protobuf==5.27.0 \
+    --hash=sha256:07f2b9a15255e3cf3f137d884af7972407b556a7a220912b252f26dc3121e6bf \
+    --hash=sha256:2f83bf341d925650d550b8932b71763321d782529ac0eaf278f5242f513cc04e \
+    --hash=sha256:56937f97ae0dcf4e220ff2abb1456c51a334144c9960b23597f044ce99c29c89 \
+    --hash=sha256:587be23f1212da7a14a6c65fd61995f8ef35779d4aea9e36aad81f5f3b80aec5 \
+    --hash=sha256:673ad60f1536b394b4fa0bcd3146a4130fcad85bfe3b60eaa86d6a0ace0fa374 \
+    --hash=sha256:744489f77c29174328d32f8921566fb0f7080a2f064c5137b9d6f4b790f9e0c1 \
+    --hash=sha256:7cb65fc8fba680b27cf7a07678084c6e68ee13cab7cace734954c25a43da6d0f \
+    --hash=sha256:a17f4d664ea868102feaa30a674542255f9f4bf835d943d588440d1f49a3ed15 \
+    --hash=sha256:aabbbcf794fbb4c692ff14ce06780a66d04758435717107c387f12fb477bf0d8 \
+    --hash=sha256:b276e3f477ea1eebff3c2e1515136cfcff5ac14519c45f9b4aa2f6a87ea627c4 \
+    --hash=sha256:f51f33d305e18646f03acfdb343aac15b8115235af98bc9f844bf9446573827b
+    # via -r python/requirements.in
+six==1.16.0 \
+    --hash=sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926 \
+    --hash=sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254
+    # via astunparse
+validate-email==1.3 \
+    --hash=sha256:784719dc5f780be319cdd185dc85dd93afebdb6ebb943811bc4c7c5f9c72aeaf
+    # via -r python/requirements.in
+wheel==0.43.0 \
+    --hash=sha256:465ef92c69fa5c5da2d1cf8ac40559a8c940886afcef87dcf14b9470862f1d85 \
+    --hash=sha256:55c570405f142630c6b9f72fe09d9b67cf1477fcf543ae5b8dcb1f5b7377da81
+    # via astunparse
diff --git a/python/setup.cfg b/python/setup.cfg
index 155a38076..21b531228 100644
--- a/python/setup.cfg
+++ b/python/setup.cfg
@@ -20,7 +20,7 @@ packages = find:
 install_requires =
     validate-email>=1.3
     Jinja2>=2.11.1
-    protobuf>=3.6.1
+    protobuf>=5.27.0
     astunparse>=1.6.3
 python_requires = >=3.6
 
diff --git a/requirements.txt b/requirements.txt
index ec8539360..8f62755c6 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -6,5 +6,5 @@ build==0.3.0
 twine==3.3.0
 wheel==0.38.1
 setuptools==70.0.0
-protobuf==3.20.2
+protobuf==5.27.0
 setuptools_scm[toml]>=6.2
diff --git a/tests/harness/BUILD b/tests/harness/BUILD
index c5dfc5637..f206df7b4 100644
--- a/tests/harness/BUILD
+++ b/tests/harness/BUILD
@@ -1,9 +1,9 @@
 load("@io_bazel_rules_go//go:def.bzl", "go_library")
+load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
 load("@rules_cc//cc:defs.bzl", "cc_proto_library")
 load("@rules_java//java:defs.bzl", "java_proto_library")
 load("@rules_proto//proto:defs.bzl", "proto_library")
-load("@com_google_protobuf//:protobuf.bzl", "py_proto_library")
-load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
+load("@rules_python//python:proto.bzl", "py_proto_library")
 
 proto_library(
     name = "harness_proto",
@@ -44,7 +44,6 @@ go_library(
 
 py_proto_library(
     name = "harness_py_proto",
-    srcs = ["harness.proto"],
     visibility = ["//visibility:public"],
-    deps = ["@com_google_protobuf//:protobuf_python"],
+    deps = [":harness_proto"],
 )
diff --git a/tests/harness/cases/BUILD b/tests/harness/cases/BUILD
index 2d7529dfc..adb0ec86f 100644
--- a/tests/harness/cases/BUILD
+++ b/tests/harness/cases/BUILD
@@ -1,6 +1,6 @@
 load("@rules_java//java:defs.bzl", "java_proto_library")
 load("@rules_proto//proto:defs.bzl", "proto_library")
-load("@com_google_protobuf//:protobuf.bzl", "py_proto_library")
+load("@rules_python//python:proto.bzl", "py_proto_library")
 load(
     "//bazel:pgv_proto_library.bzl",
     "pgv_cc_proto_library",
@@ -34,8 +34,8 @@ proto_library(
     visibility = ["//visibility:public"],
     deps = [
         "//tests/harness/cases/other_package:embed_proto",
-        "//tests/harness/cases/yet_another_package:embed_proto",
         "//tests/harness/cases/sort:sort_proto",
+        "//tests/harness/cases/yet_another_package:embed_proto",
         "//validate:validate_proto",
         "@com_google_protobuf//:any_proto",
         "@com_google_protobuf//:duration_proto",
@@ -50,8 +50,8 @@ pgv_go_proto_library(
     proto = ":cases_proto",
     deps = [
         "//tests/harness/cases/other_package:go",
-        "//tests/harness/cases/yet_another_package:go",
         "//tests/harness/cases/sort:go",
+        "//tests/harness/cases/yet_another_package:go",
         "@org_golang_google_protobuf//types/known/anypb:go_default_library",
         "@org_golang_google_protobuf//types/known/durationpb:go_default_library",
         "@org_golang_google_protobuf//types/known/timestamppb:go_default_library",
@@ -63,8 +63,8 @@ pgv_cc_proto_library(
     name = "cc",
     cc_deps = [
         "//tests/harness/cases/other_package:cc",
-        "//tests/harness/cases/yet_another_package:cc",
         "//tests/harness/cases/sort:cc",
+        "//tests/harness/cases/yet_another_package:cc",
     ],
     visibility = ["//tests:__subpackages__"],
     deps = [":cases_proto"],
@@ -88,34 +88,8 @@ pgv_java_proto_library(
     deps = [":cases_proto"],
 )
 
-# There is not currently a canonical implementation of py_proto_library in Bazel.
-# This py_proto_library implementation is from "github.com/protocolbuffers/protobuf" and works differently from other
-# languages' canonical implementations - for example, it doesn't take "proto_library" targets as input.
 py_proto_library(
     name = "cases_py_proto",
-    srcs = [
-        "bool.proto",
-        "bytes.proto",
-        "enums.proto",
-        "kitchen_sink.proto",
-        "maps.proto",
-        "messages.proto",
-        "numbers.proto",
-        "oneofs.proto",
-        "repeated.proto",
-        "strings.proto",
-        "wkt_any.proto",
-        "wkt_duration.proto",
-        "wkt_nested.proto",
-        "wkt_timestamp.proto",
-        "wkt_wrappers.proto",
-    ],
     visibility = ["//visibility:public"],
-    deps = [
-        "//validate:validate_py",
-        "//tests/harness/cases/other_package:embed_python_proto",
-        "//tests/harness/cases/yet_another_package:embed_python_proto",
-        "//tests/harness/cases/sort:sort_python_proto",
-        "@com_google_protobuf//:protobuf_python",
-    ],
+    deps = [":cases_proto"],
 )
diff --git a/tests/harness/cases/other_package/BUILD b/tests/harness/cases/other_package/BUILD
index 215c07472..ed14ab064 100644
--- a/tests/harness/cases/other_package/BUILD
+++ b/tests/harness/cases/other_package/BUILD
@@ -1,8 +1,8 @@
-load("@rules_java//java:defs.bzl", "java_proto_library")
-load("@com_google_protobuf//:protobuf.bzl", "py_proto_library")
 load("@io_bazel_rules_go//go:def.bzl", "go_library")
 load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
+load("@rules_java//java:defs.bzl", "java_proto_library")
 load("@rules_proto//proto:defs.bzl", "proto_library")
+load("@rules_python//python:proto.bzl", "py_proto_library")
 load(
     "//bazel:pgv_proto_library.bzl",
     "pgv_cc_proto_library",
@@ -71,10 +71,6 @@ pgv_java_proto_library(
 
 py_proto_library(
     name = "embed_python_proto",
-    srcs = ["embed.proto"],
+    deps = [":embed_proto"],
     visibility = ["//visibility:public"],
-    deps = [
-        "//validate:validate_py",
-        "@com_google_protobuf//:protobuf_python",
-    ],
 )
diff --git a/tests/harness/cases/sort/BUILD b/tests/harness/cases/sort/BUILD
index b2a1b75f9..1077297b9 100644
--- a/tests/harness/cases/sort/BUILD
+++ b/tests/harness/cases/sort/BUILD
@@ -1,8 +1,8 @@
-load("@rules_java//java:defs.bzl", "java_proto_library")
-load("@com_google_protobuf//:protobuf.bzl", "py_proto_library")
 load("@io_bazel_rules_go//go:def.bzl", "go_library")
 load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
+load("@rules_java//java:defs.bzl", "java_proto_library")
 load("@rules_proto//proto:defs.bzl", "proto_library")
+load("@rules_python//python:proto.bzl", "py_proto_library")
 load(
     "//bazel:pgv_proto_library.bzl",
     "pgv_cc_proto_library",
@@ -71,10 +71,6 @@ pgv_java_proto_library(
 
 py_proto_library(
     name = "sort_python_proto",
-    srcs = ["sort.proto"],
+    deps = [":sort_proto"],
     visibility = ["//visibility:public"],
-    deps = [
-        "//validate:validate_py",
-        "@com_google_protobuf//:protobuf_python",
-    ],
 )
diff --git a/tests/harness/cases/yet_another_package/BUILD b/tests/harness/cases/yet_another_package/BUILD
index 5365c0e05..5518b6a55 100644
--- a/tests/harness/cases/yet_another_package/BUILD
+++ b/tests/harness/cases/yet_another_package/BUILD
@@ -1,8 +1,8 @@
-load("@rules_java//java:defs.bzl", "java_proto_library")
-load("@com_google_protobuf//:protobuf.bzl", "py_proto_library")
 load("@io_bazel_rules_go//go:def.bzl", "go_library")
 load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
+load("@rules_java//java:defs.bzl", "java_proto_library")
 load("@rules_proto//proto:defs.bzl", "proto_library")
+load("@rules_python//python:proto.bzl", "py_proto_library")
 load(
     "//bazel:pgv_proto_library.bzl",
     "pgv_cc_proto_library",
@@ -71,10 +71,6 @@ pgv_java_proto_library(
 
 py_proto_library(
     name = "embed_python_proto",
-    srcs = ["embed.proto"],
+    deps = [":embed_proto"],
     visibility = ["//visibility:public"],
-    deps = [
-        "//validate:validate_py",
-        "@com_google_protobuf//:protobuf_python",
-    ],
 )
diff --git a/validate/BUILD b/validate/BUILD
index a9d38c51b..7d40181e9 100644
--- a/validate/BUILD
+++ b/validate/BUILD
@@ -1,9 +1,9 @@
-load("@com_google_protobuf//:protobuf.bzl", "py_proto_library")
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
 load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
 load("@rules_cc//cc:defs.bzl", "cc_library", "cc_proto_library")
 load("@rules_java//java:defs.bzl", "java_proto_library")
 load("@rules_proto//proto:defs.bzl", "proto_library")
-load("@io_bazel_rules_go//go:def.bzl", "go_library")
+load("@rules_python//python:proto.bzl", "py_proto_library")
 
 package(
     default_visibility =
@@ -27,8 +27,7 @@ cc_proto_library(
 
 py_proto_library(
     name = "validate_py",
-    srcs = ["validate.proto"],
-    deps = ["@com_google_protobuf//:protobuf_python"],
+    deps = [":validate_proto"],
 )
 
 go_proto_library(

From d93623d0695ecd9aba898d56a2f091cca1473430 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 27 Nov 2024 09:40:41 -0800
Subject: [PATCH 11/27] Bump the go-tests group across 1 directory with 2
 updates (#1185)

---
 tests/go.mod | 4 ++--
 tests/go.sum | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/tests/go.mod b/tests/go.mod
index 3c742129e..a09956aad 100644
--- a/tests/go.mod
+++ b/tests/go.mod
@@ -3,8 +3,8 @@ module github.com/envoyproxy/protoc-gen-validate/tests
 go 1.21.1
 
 require (
-	golang.org/x/net v0.30.0
-	google.golang.org/protobuf v1.35.1
+	golang.org/x/net v0.31.0
+	google.golang.org/protobuf v1.35.2
 )
 
 require golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
diff --git a/tests/go.sum b/tests/go.sum
index cb632ff50..545cda182 100644
--- a/tests/go.sum
+++ b/tests/go.sum
@@ -1,8 +1,8 @@
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4=
-golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU=
+golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
+golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
 golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 h1:H2TDz8ibqkAF6YGhCdN3jS9O0/s90v0rJh3X/OLHEUk=
 golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8=
-google.golang.org/protobuf v1.35.1 h1:m3LfL6/Ca+fqnjnlqQXNpFPABW1UD7mjh8KO2mKFytA=
-google.golang.org/protobuf v1.35.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io=
+google.golang.org/protobuf v1.35.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=

From a3a04824931e3d3fd7b83af53f897be01c3c817f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 2 Dec 2024 09:09:40 -0800
Subject: [PATCH 12/27] Bump the python group in /python with 2 updates (#1190)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps the python group in /python with 2 updates:
[wheel](https://github.com/pypa/wheel) and
[protobuf](https://github.com/protocolbuffers/protobuf).

Updates `wheel` from 0.43.0 to 0.45.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/wheel/releases">wheel's
releases</a>.</em></p>
<blockquote>
<h2>0.45.1</h2>
<ul>
<li>Fixed pure Python wheels converted from eggs and wininst files
having the ABI tag in the file name</li>
</ul>
<h2>0.45.0</h2>
<ul>
<li>
<p>Refactored the <code>convert</code> command to not need setuptools to
be installed</p>
</li>
<li>
<p>Don't configure setuptools logging unless running
<code>bdist_wheel</code></p>
</li>
<li>
<p>Added a redirection from <code>wheel.bdist_wheel.bdist_wheel</code>
to <code>setuptools.command.bdist_wheel.bdist_wheel</code> to improve
compatibility with <code>setuptools</code>' latest fixes.</p>
<p>Projects are still advised to migrate away from the deprecated module
and import the <code>setuptools</code>' implementation explicitly. (PR
by <a
href="https://github.com/abravalheri"><code>@​abravalheri</code></a>)</p>
</li>
</ul>
<h2>0.44.0</h2>
<ul>
<li>Canonicalized requirements in METADATA file (PR by Wim
Jeantine-Glenn)</li>
<li>Deprecated the <code>bdist_wheel</code> module, as the code was
migrated to <code>setuptools</code> itself</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/wheel/blob/main/docs/news.rst">wheel's
changelog</a>.</em></p>
<blockquote>
<h1>Release Notes</h1>
<p><strong>0.45.1 (2024-11-23)</strong></p>
<ul>
<li>Fixed pure Python wheels converted from eggs and wininst files
having the ABI tag in
the file name</li>
</ul>
<p><strong>0.45.0 (2024-11-08)</strong></p>
<ul>
<li>
<p>Refactored the <code>convert</code> command to not need setuptools to
be installed</p>
</li>
<li>
<p>Don't configure setuptools logging unless running
<code>bdist_wheel</code></p>
</li>
<li>
<p>Added a redirection from <code>wheel.bdist_wheel.bdist_wheel</code>
to
<code>setuptools.command.bdist_wheel.bdist_wheel</code> to improve
compatibility with
<code>setuptools</code>' latest fixes.</p>
<p>Projects are still advised to migrate away from the deprecated module
and import
the <code>setuptools</code>' implementation explicitly. (PR by <a
href="https://github.com/abravalheri"><code>@​abravalheri</code></a>)</p>
</li>
</ul>
<p><strong>0.44.0 (2024-08-04)</strong></p>
<ul>
<li>Canonicalized requirements in METADATA file (PR by Wim
Jeantine-Glenn)</li>
<li>Deprecated the <code>bdist_wheel</code> module, as the code was
migrated to <code>setuptools</code>
itself</li>
</ul>
<p><strong>0.43.0 (2024-03-11)</strong></p>
<ul>
<li>Dropped support for Python 3.7</li>
<li>Updated vendored <code>packaging</code> to 24.0</li>
</ul>
<p><strong>0.42.0 (2023-11-26)</strong></p>
<ul>
<li>Allowed removing build tag with <code>wheel tags --build
&quot;&quot;</code></li>
<li>Fixed <code>wheel pack</code> and <code>wheel tags</code> writing
updated <code>WHEEL</code> fields after a
blank line, causing other tools to ignore them</li>
<li>Fixed <code>wheel pack</code> and <code>wheel tags</code> writing
<code>WHEEL</code> with CRLF line endings or
a mix of CRLF and LF</li>
<li>Fixed <code>wheel pack --build-number &quot;&quot;</code> not
removing build tag from <code>WHEEL</code>
(above changes by Benjamin Gilbert)</li>
</ul>
<p><strong>0.41.3 (2023-10-30)</strong></p>
<ul>
<li>Updated vendored <code>packaging</code> to 23.2</li>
<li>Fixed ABI tag generation for CPython 3.13a1 on Windows (PR by Sam
Gross)</li>
</ul>
<p><strong>0.41.2 (2023-08-22)</strong></p>
<ul>
<li>Fixed platform tag detection for GraalPy and 32-bit python running
on an aarch64
kernel (PR by Matthieu Darbois)</li>
<li>Fixed <code>wheel tags</code> to not list directories in
<code>RECORD</code> files</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/wheel/commit/7855525de4093257e7bfb434877265e227356566"><code>7855525</code></a>
Created a new release</li>
<li><a
href="https://github.com/pypa/wheel/commit/d343391c20f8f6cc89a61a6f1573522c59d3d7a3"><code>d343391</code></a>
Fixed wrong wheel file names in converted pure-Python eggs/wininsts</li>
<li><a
href="https://github.com/pypa/wheel/commit/d78f0e372199f8294556345d867af4d3cf118418"><code>d78f0e3</code></a>
Created a new release</li>
<li><a
href="https://github.com/pypa/wheel/commit/f064c699209e36ec2948537b7cadabf84a110c30"><code>f064c69</code></a>
Added license files for vendored <code>packaging</code></li>
<li><a
href="https://github.com/pypa/wheel/commit/68387afcd33cb514a4da811d2fc5de73c8797e48"><code>68387af</code></a>
Only configure setuptools logging if bdist_wheel is imported (<a
href="https://redirect.github.com/pypa/wheel/issues/641">#641</a>)</li>
<li><a
href="https://github.com/pypa/wheel/commit/c81f5c954a8ca7698e6df9de39cf0013295949fa"><code>c81f5c9</code></a>
Refactored the <code>wheel convert</code> command to not require
setuptools (<a
href="https://redirect.github.com/pypa/wheel/issues/640">#640</a>)</li>
<li><a
href="https://github.com/pypa/wheel/commit/e43464d32feaddddb235ffe21b4bf13c1193465d"><code>e43464d</code></a>
Adjusted target Python versions in GitHub CI</li>
<li><a
href="https://github.com/pypa/wheel/commit/e9894e71bc62e5808710bc8c2c268de51aef52d4"><code>e9894e7</code></a>
Tweaked pytest settings to make the tracebacks easier to read</li>
<li><a
href="https://github.com/pypa/wheel/commit/baf6bf89562cb42a0ca71cc1e804600b161952eb"><code>baf6bf8</code></a>
Removed Cirrus CI configuration</li>
<li><a
href="https://github.com/pypa/wheel/commit/28c1ba1e2a6d08edc03c73e29293a571888981f9"><code>28c1ba1</code></a>
Improved compatibility with future versions of <code>setuptools</code>
(<a
href="https://redirect.github.com/pypa/wheel/issues/638">#638</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/wheel/compare/0.43.0...0.45.1">compare
view</a></li>
</ul>
</details>
<br />

Updates `protobuf` from 5.27.0 to 5.29.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/2d4414f384dc499af113b5991ce3eaa9df6dd931"><code>2d4414f</code></a>
Updating version.json and repo version numbers to: 29.0</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/870e5996a5f764b51ac22614aa07070941e555e1"><code>870e599</code></a>
Revert upgrade to rules_java 8.3.1. This is a partial roll-back of
fb8ee79 (#...</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/02cffa463c3c38316467e168e13972da003fe58e"><code>02cffa4</code></a>
Fix typo in BCR maintainer name config for acozzette@ (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/19307">#19307</a>)</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/7537b0387c3c620ccbe40477743e3352f39c9b9a"><code>7537b03</code></a>
Remove Bazel 6 in BCR presubmits (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/19309">#19309</a>)</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/325aa800a9ec6472e5156f60000af1016bc9b4f4"><code>325aa80</code></a>
Merge pull request <a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/19305">#19305</a>
from protocolbuffers/29.x-202411182222</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/c13eb62f87405900cdf8ef92a8831526fcc55602"><code>c13eb62</code></a>
Updating version.json and repo version numbers to: 29.0-dev</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/71c259485c2a40105144c4f0f0d1910a6ae0d169"><code>71c2594</code></a>
Updating version.json and repo version numbers to: 29.0-rc3</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/b69ea96ef9c11e557a19d971b1ef10a8732c7013"><code>b69ea96</code></a>
Fixed non-conformance in JSON parsing for empty strings in numeric
fields. (#...</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/fb8ee79637773d51e6e15679c1509aed2f9bf9d0"><code>fb8ee79</code></a>
Upgrade rules_cc 0.0.15 and rules_java 8.3.1 (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/19215">#19215</a>)</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/6f310d5d88585e6badf12620fb18e11242c5b838"><code>6f310d5</code></a>
Add missing line to docstring after Args (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/19213">#19213</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/protocolbuffers/protobuf/compare/v5.27.0...v5.29.0">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 python/requirements.txt | 38 +++++++++++++++++++-------------------
 1 file changed, 19 insertions(+), 19 deletions(-)

diff --git a/python/requirements.txt b/python/requirements.txt
index 371d0c840..b33fdaffb 100644
--- a/python/requirements.txt
+++ b/python/requirements.txt
@@ -7,11 +7,11 @@
 astunparse==1.6.3 \
     --hash=sha256:5ad93a8456f0d084c3456d059fd9a92cce667963232cbf763eac3bc5b7940872 \
     --hash=sha256:c2652417f2c8b5bb325c885ae329bdf3f86424075c4fd1a128674bc6fba4b8e8
-    # via -r python/requirements.in
+    # via -r requirements.in
 jinja2==3.1.4 \
     --hash=sha256:4a3aee7acbbe7303aede8e9648d13b8bf88a429282aa6122a993f0ac800cb369 \
     --hash=sha256:bc5dd2abb727a5319567b7a813e6a2e7318c39f4f487cfe6c89c6f9c7d25197d
-    # via -r python/requirements.in
+    # via -r requirements.in
 markupsafe==2.1.5 \
     --hash=sha256:00e046b6dd71aa03a41079792f8473dc494d564611a8f89bbbd7cb93295ebdcf \
     --hash=sha256:075202fa5b72c86ad32dc7d0b56024ebdbcf2048c0ba09f1cde31bfdd57bcfff \
@@ -74,27 +74,27 @@ markupsafe==2.1.5 \
     --hash=sha256:fce659a462a1be54d2ffcacea5e3ba2d74daa74f30f5f143fe0c58636e355fdd \
     --hash=sha256:ffee1f21e5ef0d712f9033568f8344d5da8cc2869dbd08d87c84656e6a2d2f68
     # via jinja2
-protobuf==5.27.0 \
-    --hash=sha256:07f2b9a15255e3cf3f137d884af7972407b556a7a220912b252f26dc3121e6bf \
-    --hash=sha256:2f83bf341d925650d550b8932b71763321d782529ac0eaf278f5242f513cc04e \
-    --hash=sha256:56937f97ae0dcf4e220ff2abb1456c51a334144c9960b23597f044ce99c29c89 \
-    --hash=sha256:587be23f1212da7a14a6c65fd61995f8ef35779d4aea9e36aad81f5f3b80aec5 \
-    --hash=sha256:673ad60f1536b394b4fa0bcd3146a4130fcad85bfe3b60eaa86d6a0ace0fa374 \
-    --hash=sha256:744489f77c29174328d32f8921566fb0f7080a2f064c5137b9d6f4b790f9e0c1 \
-    --hash=sha256:7cb65fc8fba680b27cf7a07678084c6e68ee13cab7cace734954c25a43da6d0f \
-    --hash=sha256:a17f4d664ea868102feaa30a674542255f9f4bf835d943d588440d1f49a3ed15 \
-    --hash=sha256:aabbbcf794fbb4c692ff14ce06780a66d04758435717107c387f12fb477bf0d8 \
-    --hash=sha256:b276e3f477ea1eebff3c2e1515136cfcff5ac14519c45f9b4aa2f6a87ea627c4 \
-    --hash=sha256:f51f33d305e18646f03acfdb343aac15b8115235af98bc9f844bf9446573827b
-    # via -r python/requirements.in
+protobuf==5.29.0 \
+    --hash=sha256:0cd67a1e5c2d88930aa767f702773b2d054e29957432d7c6a18f8be02a07719a \
+    --hash=sha256:0d10091d6d03537c3f902279fcf11e95372bdd36a79556311da0487455791b20 \
+    --hash=sha256:17d128eebbd5d8aee80300aed7a43a48a25170af3337f6f1333d1fac2c6839ac \
+    --hash=sha256:34a90cf30c908f47f40ebea7811f743d360e202b6f10d40c02529ebd84afc069 \
+    --hash=sha256:445a0c02483869ed8513a585d80020d012c6dc60075f96fa0563a724987b1001 \
+    --hash=sha256:6c3009e22717c6cc9e6594bb11ef9f15f669b19957ad4087214d69e08a213368 \
+    --hash=sha256:85286a47caf63b34fa92fdc1fd98b649a8895db595cfa746c5286eeae890a0b1 \
+    --hash=sha256:88c4af76a73183e21061881360240c0cdd3c39d263b4e8fb570aaf83348d608f \
+    --hash=sha256:c931c61d0cc143a2e756b1e7f8197a508de5365efd40f83c907a9febf36e6b43 \
+    --hash=sha256:e467f81fdd12ded9655cea3e9b83dc319d93b394ce810b556fb0f421d8613e86 \
+    --hash=sha256:ea7fb379b257911c8c020688d455e8f74efd2f734b72dc1ea4b4d7e9fd1326f2
+    # via -r requirements.in
 six==1.16.0 \
     --hash=sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926 \
     --hash=sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254
     # via astunparse
 validate-email==1.3 \
     --hash=sha256:784719dc5f780be319cdd185dc85dd93afebdb6ebb943811bc4c7c5f9c72aeaf
-    # via -r python/requirements.in
-wheel==0.43.0 \
-    --hash=sha256:465ef92c69fa5c5da2d1cf8ac40559a8c940886afcef87dcf14b9470862f1d85 \
-    --hash=sha256:55c570405f142630c6b9f72fe09d9b67cf1477fcf543ae5b8dcb1f5b7377da81
+    # via -r requirements.in
+wheel==0.45.1 \
+    --hash=sha256:661e1abd9198507b1409a20c02106d9670b2576e916d58f520316666abca6729 \
+    --hash=sha256:708e7481cc80179af0e556bbf0cc00b8444c7321e2700b8d8580231d13017248
     # via astunparse

From 771831da5155c643a86b1d0cca888acb85f799d8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 9 Dec 2024 05:31:59 -0800
Subject: [PATCH 13/27] Bump protobuf from 5.29.0 to 5.29.1 in /python in the
 python group (#1193)

Bumps the python group in /python with 1 update:
[protobuf](https://github.com/protocolbuffers/protobuf).

Updates `protobuf` from 5.29.0 to 5.29.1
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/796e49f6ca82f763d1087d2ff7355d2f0d7b71b1"><code>796e49f</code></a>
Updating version.json and repo version numbers to: 29.1</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/ba6da44dd0910910ea4aad90afc9ea0ae0afc9cf"><code>ba6da44</code></a>
Rename maven to protobuf_maven in MODULE.bazel (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/18641">#18641</a>)
(<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/19477">#19477</a>)</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/5864b5078a0187a1a16d4d2ed6f55972511d0a94"><code>5864b50</code></a>
Revert &quot;Remove deprecated service.py usages from test&quot;. For
29.x only (<a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/19434">#19434</a>)</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/e0a3978b678be0f3aab8689770b64d1465d2479e"><code>e0a3978</code></a>
Merge pull request <a
href="https://redirect.github.com/protocolbuffers/protobuf/issues/19425">#19425</a>
from protocolbuffers/29.x-202411271837</li>
<li><a
href="https://github.com/protocolbuffers/protobuf/commit/9e78ac7afae5fe45f56d47bf831fd7d86c99e954"><code>9e78ac7</code></a>
Updating version.json and repo version numbers to: 29.1-dev</li>
<li>See full diff in <a
href="https://github.com/protocolbuffers/protobuf/compare/v5.29.0...v5.29.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=protobuf&package-manager=pip&previous-version=5.29.0&new-version=5.29.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 python/requirements.txt | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

diff --git a/python/requirements.txt b/python/requirements.txt
index b33fdaffb..99d164067 100644
--- a/python/requirements.txt
+++ b/python/requirements.txt
@@ -74,18 +74,18 @@ markupsafe==2.1.5 \
     --hash=sha256:fce659a462a1be54d2ffcacea5e3ba2d74daa74f30f5f143fe0c58636e355fdd \
     --hash=sha256:ffee1f21e5ef0d712f9033568f8344d5da8cc2869dbd08d87c84656e6a2d2f68
     # via jinja2
-protobuf==5.29.0 \
-    --hash=sha256:0cd67a1e5c2d88930aa767f702773b2d054e29957432d7c6a18f8be02a07719a \
-    --hash=sha256:0d10091d6d03537c3f902279fcf11e95372bdd36a79556311da0487455791b20 \
-    --hash=sha256:17d128eebbd5d8aee80300aed7a43a48a25170af3337f6f1333d1fac2c6839ac \
-    --hash=sha256:34a90cf30c908f47f40ebea7811f743d360e202b6f10d40c02529ebd84afc069 \
-    --hash=sha256:445a0c02483869ed8513a585d80020d012c6dc60075f96fa0563a724987b1001 \
-    --hash=sha256:6c3009e22717c6cc9e6594bb11ef9f15f669b19957ad4087214d69e08a213368 \
-    --hash=sha256:85286a47caf63b34fa92fdc1fd98b649a8895db595cfa746c5286eeae890a0b1 \
-    --hash=sha256:88c4af76a73183e21061881360240c0cdd3c39d263b4e8fb570aaf83348d608f \
-    --hash=sha256:c931c61d0cc143a2e756b1e7f8197a508de5365efd40f83c907a9febf36e6b43 \
-    --hash=sha256:e467f81fdd12ded9655cea3e9b83dc319d93b394ce810b556fb0f421d8613e86 \
-    --hash=sha256:ea7fb379b257911c8c020688d455e8f74efd2f734b72dc1ea4b4d7e9fd1326f2
+protobuf==5.29.1 \
+    --hash=sha256:012ce28d862ff417fd629285aca5d9772807f15ceb1a0dbd15b88f58c776c98c \
+    --hash=sha256:027fbcc48cea65a6b17028510fdd054147057fa78f4772eb547b9274e5219331 \
+    --hash=sha256:1fc55267f086dd4050d18ef839d7bd69300d0d08c2a53ca7df3920cc271a3c34 \
+    --hash=sha256:22c1f539024241ee545cbcb00ee160ad1877975690b16656ff87dde107b5f110 \
+    --hash=sha256:32600ddb9c2a53dedc25b8581ea0f1fd8ea04956373c0c07577ce58d312522e0 \
+    --hash=sha256:50879eb0eb1246e3a5eabbbe566b44b10348939b7cc1b267567e8c3d07213853 \
+    --hash=sha256:5a41deccfa5e745cef5c65a560c76ec0ed8e70908a67cc8f4da5fce588b50d57 \
+    --hash=sha256:683be02ca21a6ffe80db6dd02c0b5b2892322c59ca57fd6c872d652cb80549cb \
+    --hash=sha256:8ee1461b3af56145aca2800e6a3e2f928108c749ba8feccc6f5dd0062c410c0d \
+    --hash=sha256:b5ba1d0e4c8a40ae0496d0e2ecfdbb82e1776928a205106d14ad6985a09ec155 \
+    --hash=sha256:d473655e29c0c4bbf8b69e9a8fb54645bc289dead6d753b952e7aa660254ae18
     # via -r requirements.in
 six==1.16.0 \
     --hash=sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926 \

From 453111746422d0b7fc8202acf2f3ea4e987f81bb Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 9 Dec 2024 07:32:22 -0800
Subject: [PATCH 14/27] Bump golang.org/x/net from 0.31.0 to 0.32.0 in /tests
 in the go-tests group (#1195)

Bumps the go-tests group in /tests with 1 update:
[golang.org/x/net](https://github.com/golang/net).

Updates `golang.org/x/net` from 0.31.0 to 0.32.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/net/commit/285e1cf6650f407805ea8af9255624961b768479"><code>285e1cf</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/net/commit/d0a1049b7e05d3d6f62570a8381a22301a97ae73"><code>d0a1049</code></a>
route: remove unused sizeof* consts on freebsd</li>
<li><a
href="https://github.com/golang/net/commit/6e414109c26d44bf2c146302818fc3bcc49b97b2"><code>6e41410</code></a>
http2: fix benchmarks using common frame read/write functions</li>
<li><a
href="https://github.com/golang/net/commit/4be12533d8e2957bafe945c501689eba78cbf0f6"><code>4be1253</code></a>
route: change from syscall to x/sys/unix</li>
<li><a
href="https://github.com/golang/net/commit/bc37675919d77638c33240a80610699db46fb739"><code>bc37675</code></a>
http2: limit number of PINGs bundled with RST_STREAMs</li>
<li><a
href="https://github.com/golang/net/commit/e9cd716925e5c6cfb200c82f9d9bf6bc4118d47a"><code>e9cd716</code></a>
route: fix parse of zero-length sockaddrs in RIBs</li>
<li><a
href="https://github.com/golang/net/commit/9a518991035b3a8f23c03004d4db041a7fa6c06f"><code>9a51899</code></a>
http2: add SETTINGS_ENABLE_CONNECT_PROTOCOL support</li>
<li>See full diff in <a
href="https://github.com/golang/net/compare/v0.31.0...v0.32.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.31.0&new-version=0.32.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 tests/go.mod | 2 +-
 tests/go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/tests/go.mod b/tests/go.mod
index a09956aad..1fc524121 100644
--- a/tests/go.mod
+++ b/tests/go.mod
@@ -3,7 +3,7 @@ module github.com/envoyproxy/protoc-gen-validate/tests
 go 1.21.1
 
 require (
-	golang.org/x/net v0.31.0
+	golang.org/x/net v0.32.0
 	google.golang.org/protobuf v1.35.2
 )
 
diff --git a/tests/go.sum b/tests/go.sum
index 545cda182..a5d225149 100644
--- a/tests/go.sum
+++ b/tests/go.sum
@@ -1,7 +1,7 @@
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
-golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
+golang.org/x/net v0.32.0 h1:ZqPmj8Kzc+Y6e0+skZsuACbx+wzMgo5MQsJh9Qd6aYI=
+golang.org/x/net v0.32.0/go.mod h1:CwU0IoeOlnQQWJ6ioyFrfRuomB8GKF6KbYXZVyeXNfs=
 golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 h1:H2TDz8ibqkAF6YGhCdN3jS9O0/s90v0rJh3X/OLHEUk=
 golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8=
 google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io=

From 95cf35a999144afa35a9f376ac792b4d501c72fe Mon Sep 17 00:00:00 2001
From: Matej Spiller Muys <matej.spiller@gmail.com>
Date: Mon, 9 Dec 2024 21:46:25 +0100
Subject: [PATCH 15/27] Require astunparse for older python versions (#1198)

Solving #1192
---
 python/requirements.in                    | 2 +-
 python/setup.cfg                          | 7 ++++++-
 tests/harness/python/requirements_test.py | 4 ++--
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/python/requirements.in b/python/requirements.in
index 29cb02904..ef6573917 100644
--- a/python/requirements.in
+++ b/python/requirements.in
@@ -4,4 +4,4 @@
 validate-email>=1.3
 Jinja2>=2.11.1
 protobuf>=5.27.0
-astunparse>=1.6.3
+astunparse>=1.6.3; python_version<"3.10"
diff --git a/python/setup.cfg b/python/setup.cfg
index 21b531228..a35a464d4 100644
--- a/python/setup.cfg
+++ b/python/setup.cfg
@@ -14,6 +14,11 @@ classifiers =
     Programming Language :: Python :: 3.6
     Programming Language :: Python :: 3.7
     Programming Language :: Python :: 3.8
+    Programming Language :: Python :: 3.9
+    Programming Language :: Python :: 3.10
+    Programming Language :: Python :: 3.11
+    Programming Language :: Python :: 3.12
+    Programming Language :: Python :: 3.13
 
 [options]
 packages = find:
@@ -21,7 +26,7 @@ install_requires =
     validate-email>=1.3
     Jinja2>=2.11.1
     protobuf>=5.27.0
-    astunparse>=1.6.3
+    astunparse>=1.6.3; python_version<"3.10"
 python_requires = >=3.6
 
 [options.data_files]
diff --git a/tests/harness/python/requirements_test.py b/tests/harness/python/requirements_test.py
index 2aac6fe04..f498c4147 100755
--- a/tests/harness/python/requirements_test.py
+++ b/tests/harness/python/requirements_test.py
@@ -15,10 +15,10 @@
 
 with open('python/requirements.in', 'r') as reqs:
     lines = reqs.readlines()
-    requirements_dot_in_set = {line.strip() for line in lines if line.strip() and not line.startswith("#")}
+    requirements_dot_in_set = {line.strip('\n') for line in lines if line.strip() and not line.startswith("#")}
 
 config = configparser.ConfigParser()
 config.read('python/setup.cfg')
-setup_dot_cfg_set = {line for line in config['options']['install_requires'].split() if not line.startswith("#")}
+setup_dot_cfg_set = {line for line in config['options']['install_requires'].split('\n') if line and not line.startswith("#")}
 
 assert requirements_dot_in_set == setup_dot_cfg_set

From 2f3df6bf47fe253da6fc1358f5fca4e04488e5f5 Mon Sep 17 00:00:00 2001
From: Marcel <maleo@google.com>
Date: Tue, 17 Dec 2024 13:46:08 +0100
Subject: [PATCH 16/27] Return a provider from a rule instead of a struct
 (#1200)

This is now longer allowed in Bazel 8 and was flipped via
`--incompatible_disallow_struct_provider_syntax`.

Once merged, please also backport to the v1.1.1-SNAPSHOTS.
---
 bazel/protobuf.bzl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/bazel/protobuf.bzl b/bazel/protobuf.bzl
index 67557f64d..08d9d561e 100644
--- a/bazel/protobuf.bzl
+++ b/bazel/protobuf.bzl
@@ -96,7 +96,7 @@ def _protoc_gen_validate_impl(ctx, lang, protos, out_files, protoc_args, package
         use_default_shell_env = True,
     )
 
-    return struct(
+    return DefaultInfo(
         files = depset(out_files),
     )
 

From 4027b94866a25a16e882c5dbc67a4ceb385e0f86 Mon Sep 17 00:00:00 2001
From: Sam Small <32686969+smallsamantha@users.noreply.github.com>
Date: Fri, 20 Dec 2024 13:19:13 -0500
Subject: [PATCH 17/27] Update Buf logo in README (#1203)

---
 .github/buf-logo.svg | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/.github/buf-logo.svg b/.github/buf-logo.svg
index 73ed09565..2a24f001f 100644
--- a/.github/buf-logo.svg
+++ b/.github/buf-logo.svg
@@ -1 +1,10 @@
-<svg width="100" height="101" fill="none" xmlns="http://www.w3.org/2000/svg"><path d="M7.144 78.583H0V.017h7.144v78.566ZM21.43 78.583h-7.143V.017h7.144v78.566ZM35.715 78.583H28.57V.017h7.144v78.566ZM50 78.583h-7.144V.017H50v78.566ZM64.286 78.583h-7.143V.017h7.143v78.566ZM78.576 78.583h-7.143V.017h7.143v78.566Z" fill="#77E1FF"/><path d="M28.576 100.018h-7.143V21.452h7.143v78.566ZM42.856 100.014h-7.143V21.448h7.143v78.566ZM57.142 100.018H50V21.452h7.144v78.566ZM71.433 100.014h-7.144V21.448h7.144v78.566ZM85.717 100.014h-7.144V21.448h7.144v78.566ZM99.999 100.018h-7.143V21.452h7.143v78.566Z" fill="#161EDE"/></svg>
+<svg width="85" height="80" viewBox="0 0 85 80" fill="none" xmlns="http://www.w3.org/2000/svg">
+<rect x="25.4114" y="20.7058" width="8.47059" height="59.2941" fill="#0E5DF5"/>
+<rect x="42.3533" y="20.7058" width="8.47059" height="59.2941" fill="#0E5DF5"/>
+<rect x="59.2942" y="20.7058" width="8.47059" height="59.2941" fill="#0E5DF5"/>
+<rect x="76.2352" y="20.7058" width="8.47059" height="59.2941" fill="#0E5DF5"/>
+<rect width="8.47059" height="59.2941" fill="#5FDCFF"/>
+<rect x="16.9409" width="8.47059" height="59.2941" fill="#5FDCFF"/>
+<rect x="33.8821" width="8.47059" height="59.2941" fill="#5FDCFF"/>
+<rect x="50.8237" width="8.47059" height="59.2941" fill="#5FDCFF"/>
+</svg>

From bbd2e1f4421343f57d75a136299c9394b13416a9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 2 Jan 2025 06:31:01 -0800
Subject: [PATCH 18/27] Bump the go-tests group across 1 directory with 2
 updates (#1212)

Bumps the go-tests group with 2 updates in the /tests directory:
[golang.org/x/net](https://github.com/golang/net) and
google.golang.org/protobuf.

Updates `golang.org/x/net` from 0.32.0 to 0.33.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/net/commit/dfc720dfe0cfc125116068c20efcdcb5e4eab464"><code>dfc720d</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/net/commit/8e66b04771e35c4e4125e8c60334b34e2423effb"><code>8e66b04</code></a>
html: use strings.EqualFold instead of lowering ourselves</li>
<li><a
href="https://github.com/golang/net/commit/b935f7b5d723c82894e1a1fd936a94dd2d1eae46"><code>b935f7b</code></a>
html: avoid endless loop on error token</li>
<li><a
href="https://github.com/golang/net/commit/9af49ef148d7d8b3e4cbbd9cc0cd37f2a520a4a3"><code>9af49ef</code></a>
route: remove unused sizeof* consts</li>
<li><a
href="https://github.com/golang/net/commit/6705db9a4df8f2cf16aed83e773e7a0213788b7a"><code>6705db9</code></a>
quic: clean up crypto streams when dropping packet protection keys</li>
<li><a
href="https://github.com/golang/net/commit/4ef7588d2b3f83775099797baac43c34e2e23200"><code>4ef7588</code></a>
quic: handle ACK frame in packet which drops number space</li>
<li><a
href="https://github.com/golang/net/commit/552d8ac903a11a9fde71a88732f5b58b6b394178"><code>552d8ac</code></a>
Revert &quot;route: change from syscall to x/sys/unix&quot;</li>
<li><a
href="https://github.com/golang/net/commit/13a7c0108bd38aad013797cdb95e6bfca0bbcec6"><code>13a7c01</code></a>
Revert &quot;route: remove unused sizeof* consts on freebsd&quot;</li>
<li>See full diff in <a
href="https://github.com/golang/net/compare/v0.32.0...v0.33.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `google.golang.org/protobuf` from 1.35.2 to 1.36.1


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 tests/go.mod | 4 ++--
 tests/go.sum | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/tests/go.mod b/tests/go.mod
index 1fc524121..7f8691421 100644
--- a/tests/go.mod
+++ b/tests/go.mod
@@ -3,8 +3,8 @@ module github.com/envoyproxy/protoc-gen-validate/tests
 go 1.21.1
 
 require (
-	golang.org/x/net v0.32.0
-	google.golang.org/protobuf v1.35.2
+	golang.org/x/net v0.33.0
+	google.golang.org/protobuf v1.36.1
 )
 
 require golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
diff --git a/tests/go.sum b/tests/go.sum
index a5d225149..540ae475b 100644
--- a/tests/go.sum
+++ b/tests/go.sum
@@ -1,8 +1,8 @@
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
-golang.org/x/net v0.32.0 h1:ZqPmj8Kzc+Y6e0+skZsuACbx+wzMgo5MQsJh9Qd6aYI=
-golang.org/x/net v0.32.0/go.mod h1:CwU0IoeOlnQQWJ6ioyFrfRuomB8GKF6KbYXZVyeXNfs=
+golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
 golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 h1:H2TDz8ibqkAF6YGhCdN3jS9O0/s90v0rJh3X/OLHEUk=
 golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2/go.mod h1:K8+ghG5WaK9qNqU5K3HdILfMLy1f3aNYFI/wnl100a8=
-google.golang.org/protobuf v1.35.2 h1:8Ar7bF+apOIoThw1EdZl0p1oWvMqTHmpA2fRTyZO8io=
-google.golang.org/protobuf v1.35.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/gk=
+google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=

From d1191c81d0b1adc055c53d461322b71f39891b8a Mon Sep 17 00:00:00 2001
From: Chris Roche <github@rodaine.com>
Date: Thu, 2 Jan 2025 11:26:38 -0800
Subject: [PATCH 19/27] Update go deps (#1215)

Bumps minimum Go version to 1.21
---
 go.mod |  8 ++++----
 go.sum | 16 +++++++++-------
 2 files changed, 13 insertions(+), 11 deletions(-)

diff --git a/go.mod b/go.mod
index f84755965..235e177a9 100644
--- a/go.mod
+++ b/go.mod
@@ -1,18 +1,18 @@
 module github.com/envoyproxy/protoc-gen-validate
 
-go 1.19
+go 1.21.1
 
 require (
 	github.com/iancoleman/strcase v0.3.0
 	github.com/lyft/protoc-gen-star/v2 v2.0.4-0.20230330145011-496ad1ac90a4
-	golang.org/x/net v0.30.0
-	google.golang.org/protobuf v1.34.2
+	golang.org/x/net v0.33.0
+	google.golang.org/protobuf v1.36.1
 )
 
 require (
 	github.com/spf13/afero v1.10.0 // indirect
 	golang.org/x/mod v0.17.0 // indirect
-	golang.org/x/text v0.19.0 // indirect
+	golang.org/x/text v0.21.0 // indirect
 	golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
 )
 
diff --git a/go.sum b/go.sum
index 5b44e82b0..0496e718f 100644
--- a/go.sum
+++ b/go.sum
@@ -94,6 +94,7 @@ github.com/google/go-cmp v0.5.1/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
+github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
 github.com/google/martian/v3 v3.0.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
 github.com/google/martian/v3 v3.1.0/go.mod h1:y5Zk1BBys9G+gd6Jrk0W3cC1+ELVxBWuIGO+w/tUAp0=
@@ -224,8 +225,8 @@ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.30.0 h1:AcW1SDZMkb8IpzCdQUaIq2sP4sZ4zw+55h6ynffypl4=
-golang.org/x/net v0.30.0/go.mod h1:2wGyMJ5iFasEhkwi13ChkO/t1ECNC4X4eBKkVFyYFlU=
+golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -245,7 +246,8 @@ golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJ
 golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ=
+golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ=
+golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -290,8 +292,8 @@ golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
-golang.org/x/text v0.19.0 h1:kTxAhCbGbxhK0IwgSKiMO5awPoDQ0RpfiVYBfK860YM=
-golang.org/x/text v0.19.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY=
+golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
+golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -436,8 +438,8 @@ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2
 google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
 google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
-google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg=
-google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
+google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/gk=
+google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=

From c220710fc5a66140e40b7d36d4952548253883a1 Mon Sep 17 00:00:00 2001
From: apocelipes <seve3r@outlook.com>
Date: Fri, 3 Jan 2025 03:45:09 +0800
Subject: [PATCH 20/27] Prealloc msgs in multierr.Error (#1209)

"msgs"'s length is known, preallocate it can save memories.

Co-authored-by: Chris Roche <github@rodaine.com>
---
 templates/goshared/msg.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/templates/goshared/msg.go b/templates/goshared/msg.go
index 98657f495..f3030da12 100644
--- a/templates/goshared/msg.go
+++ b/templates/goshared/msg.go
@@ -95,7 +95,7 @@ type {{ multierrname . }} []error
 
 // Error returns a concatenation of all the error messages it wraps.
 func (m {{ multierrname . }}) Error() string {
-	var msgs []string
+	msgs := make([]string, 0, len(m))
 	for _, err := range m {
 		msgs = append(msgs, err.Error())
 	}

From ddbe9d792510b9aa4c28cbb5731f14c0334202b6 Mon Sep 17 00:00:00 2001
From: "Philip K. Warren" <pkwarren@users.noreply.github.com>
Date: Mon, 6 Jan 2025 11:50:52 -0600
Subject: [PATCH 21/27] Update Maven dependencies (#1218)

Update Maven dependencies to the latest. Add Guava as a compile
dependency. Clean up build to use dependency management.

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .gitignore                                    |   5 +-
 java/pgv-java-grpc/pom.xml                    |  49 +++---
 java/pgv-java-stub/pom.xml                    |  21 ++-
 .../dependency-reduced-pom.xml                | 142 ------------------
 java/pgv-java-validation/pom.xml              |  27 +++-
 java/pgv-test-coverage-report/pom.xml         |  15 ++
 java/pom.xml                                  | 100 ++++++++----
 7 files changed, 159 insertions(+), 200 deletions(-)
 delete mode 100644 java/pgv-java-validation/dependency-reduced-pom.xml

diff --git a/.gitignore b/.gitignore
index 4229c3a5a..d6f7c6dde 100644
--- a/.gitignore
+++ b/.gitignore
@@ -39,10 +39,11 @@ __pycache__/
 /tests/harness/cases/**/*.h
 
 /java/.idea
-/java/**/.project
+/java/**/*.class
 /java/**/*.iml
+/java/**/.project
+/java/**/dependency-reduced-pom.xml
 /java/**/target
-/java/**/*.class
 .vscode
 .project
 .classpath
diff --git a/java/pgv-java-grpc/pom.xml b/java/pgv-java-grpc/pom.xml
index 3de173c43..d4fab1ef6 100644
--- a/java/pgv-java-grpc/pom.xml
+++ b/java/pgv-java-grpc/pom.xml
@@ -10,46 +10,51 @@
     <artifactId>pgv-java-grpc</artifactId>
     <name>PGV-Java gRPC Interceptors</name>
 
-    <dependencyManagement>
-        <dependencies>
-            <dependency>
-                <groupId>io.grpc</groupId>
-                <artifactId>grpc-bom</artifactId>
-                <version>${grpc.version}</version>
-                <type>pom</type>
-                <scope>import</scope>
-            </dependency>
-        </dependencies>
-    </dependencyManagement>
-
     <dependencies>
         <dependency>
             <groupId>com.google.api.grpc</groupId>
             <artifactId>proto-google-common-protos</artifactId>
-            <version>${proto-google-common-protos.version}</version>
         </dependency>
         <dependency>
-            <groupId>io.grpc</groupId>
-            <artifactId>grpc-core</artifactId>
+            <groupId>com.google.protobuf</groupId>
+            <artifactId>protobuf-java</artifactId>
         </dependency>
         <dependency>
             <groupId>io.grpc</groupId>
-            <artifactId>grpc-testing</artifactId>
-            <scope>test</scope>
+            <artifactId>grpc-api</artifactId>
         </dependency>
         <dependency>
             <groupId>io.grpc</groupId>
             <artifactId>grpc-protobuf</artifactId>
         </dependency>
+        <dependency>
+            <groupId>com.google.guava</groupId>
+            <artifactId>guava</artifactId>
+            <scope>runtime</scope>
+        </dependency>
         <dependency>
             <groupId>io.grpc</groupId>
             <artifactId>grpc-stub</artifactId>
             <scope>test</scope>
         </dependency>
         <dependency>
-            <groupId>javax.annotation</groupId>
-            <artifactId>javax.annotation-api</artifactId>
-            <version>1.3.2</version>
+            <groupId>io.grpc</groupId>
+            <artifactId>grpc-testing</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>io.grpc</groupId>
+            <artifactId>grpc-util</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.assertj</groupId>
+            <artifactId>assertj-core</artifactId>
             <scope>test</scope>
         </dependency>
         <!-- Depend on artifacts to ensure they are built before this module -->
@@ -57,7 +62,8 @@
             <groupId>build.buf.protoc-gen-validate</groupId>
             <artifactId>protoc-gen-validate</artifactId>
             <version>${project.version}</version>
-            <type>pom</type>
+            <classifier>${os.detected.classifier}</classifier>
+            <type>exe</type>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -67,7 +73,6 @@
         </dependency>
     </dependencies>
 
-
     <build>
         <extensions>
             <extension>
diff --git a/java/pgv-java-stub/pom.xml b/java/pgv-java-stub/pom.xml
index e36f462d6..7f988d23b 100644
--- a/java/pgv-java-stub/pom.xml
+++ b/java/pgv-java-stub/pom.xml
@@ -11,10 +11,13 @@
     <name>PGV-Java Stubs</name>
 
     <dependencies>
+        <dependency>
+            <groupId>com.google.guava</groupId>
+            <artifactId>guava</artifactId>
+        </dependency>
         <dependency>
             <groupId>com.google.re2j</groupId>
             <artifactId>re2j</artifactId>
-            <version>${re2j.version}</version>
         </dependency>
         <dependency>
             <groupId>commons-validator</groupId>
@@ -30,19 +33,27 @@
         <dependency>
             <groupId>com.google.protobuf</groupId>
             <artifactId>protobuf-java</artifactId>
-            <version>${google.protobuf.version}</version>
         </dependency>
         <dependency>
             <groupId>com.google.protobuf</groupId>
             <artifactId>protobuf-java-util</artifactId>
-            <version>${google.protobuf.version}</version>
         </dependency>
-        <!-- Depend on artifacts to ensure they are built before this module -->
         <dependency>
             <groupId>build.buf.protoc-gen-validate</groupId>
             <artifactId>protoc-gen-validate</artifactId>
             <version>${project.version}</version>
-            <type>pom</type>
+            <classifier>${os.detected.classifier}</classifier>
+            <type>exe</type>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.assertj</groupId>
+            <artifactId>assertj-core</artifactId>
             <scope>test</scope>
         </dependency>
     </dependencies>
diff --git a/java/pgv-java-validation/dependency-reduced-pom.xml b/java/pgv-java-validation/dependency-reduced-pom.xml
deleted file mode 100644
index 814a3f3ae..000000000
--- a/java/pgv-java-validation/dependency-reduced-pom.xml
+++ /dev/null
@@ -1,142 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-  <parent>
-    <artifactId>pgv-java</artifactId>
-    <groupId>build.buf.protoc-gen-validate</groupId>
-    <version>VERSION</version>
-  </parent>
-  <modelVersion>4.0.0</modelVersion>
-  <artifactId>pgv-java-validation</artifactId>
-  <name>PGV-Java Validation Harness</name>
-  <build>
-    <extensions>
-      <extension>
-        <groupId>kr.motd.maven</groupId>
-        <artifactId>os-maven-plugin</artifactId>
-        <version>1.7.1</version>
-      </extension>
-    </extensions>
-    <plugins>
-      <plugin>
-        <groupId>org.xolstice.maven.plugins</groupId>
-        <artifactId>protobuf-maven-plugin</artifactId>
-        <version>${protobuf.maven.plugin.version}</version>
-        <executions>
-          <execution>
-            <id>protoc-java</id>
-            <goals>
-              <goal>compile</goal>
-            </goals>
-            <configuration>
-              <protoSourceRoot>../../</protoSourceRoot>
-              <includes>
-                <include>tests/harness/harness.proto</include>
-                <include>tests/harness/cases/*.proto</include>
-                <include>tests/harness/cases/other_package/*.proto</include>
-                <include>tests/harness/cases/yet_another_package/*.proto</include>
-                <include>tests/harness/cases/sort/*.proto</include>
-              </includes>
-            </configuration>
-          </execution>
-          <execution>
-            <id>protoc-java-pgv</id>
-            <goals>
-              <goal>compile-custom</goal>
-            </goals>
-            <configuration>
-              <protoSourceRoot>../../</protoSourceRoot>
-              <pluginParameter>lang=java</pluginParameter>
-              <includes>
-                <include>tests/harness/cases/*.proto</include>
-                <include>tests/harness/cases/other_package/*.proto</include>
-                <include>tests/harness/cases/yet_another_package/*.proto</include>
-              </includes>
-              <pluginId>java-pgv</pluginId>
-              <pluginArtifact>build.buf.protoc-gen-validate:protoc-gen-validate:${project.version}:exe:${os.detected.classifier}</pluginArtifact>
-            </configuration>
-          </execution>
-        </executions>
-        <configuration>
-          <protocArtifact>com.google.protobuf:protoc:${protoc.version}:exe:${os.detected.classifier}</protocArtifact>
-        </configuration>
-      </plugin>
-      <plugin>
-        <artifactId>maven-shade-plugin</artifactId>
-        <version>3.5.1</version>
-        <executions>
-          <execution>
-            <phase>package</phase>
-            <goals>
-              <goal>shade</goal>
-            </goals>
-            <configuration>
-              <finalName>java-harness</finalName>
-              <transformers>
-                <transformer>
-                  <manifestEntries>
-                    <Main-Class>io.envoyproxy.pgv.validation.JavaHarness</Main-Class>
-                  </manifestEntries>
-                </transformer>
-              </transformers>
-            </configuration>
-          </execution>
-        </executions>
-      </plugin>
-      <plugin>
-        <groupId>org.jacoco</groupId>
-        <artifactId>jacoco-maven-plugin</artifactId>
-        <version>0.8.10</version>
-        <executions>
-          <execution>
-            <goals>
-              <goal>prepare-agent</goal>
-            </goals>
-          </execution>
-          <execution>
-            <id>report</id>
-            <phase>prepare-package</phase>
-            <goals>
-              <goal>report</goal>
-            </goals>
-          </execution>
-        </executions>
-      </plugin>
-    </plugins>
-  </build>
-  <dependencies>
-    <dependency>
-      <groupId>build.buf.protoc-gen-validate</groupId>
-      <artifactId>protoc-gen-validate</artifactId>
-      <version>VERSION</version>
-      <type>pom</type>
-      <scope>compile</scope>
-    </dependency>
-    <dependency>
-      <groupId>junit</groupId>
-      <artifactId>junit</artifactId>
-      <version>4.13.2</version>
-      <scope>test</scope>
-      <exclusions>
-        <exclusion>
-          <artifactId>hamcrest-core</artifactId>
-          <groupId>org.hamcrest</groupId>
-        </exclusion>
-      </exclusions>
-    </dependency>
-    <dependency>
-      <groupId>org.assertj</groupId>
-      <artifactId>assertj-core</artifactId>
-      <version>3.24.2</version>
-      <scope>test</scope>
-      <exclusions>
-        <exclusion>
-          <artifactId>byte-buddy</artifactId>
-          <groupId>net.bytebuddy</groupId>
-        </exclusion>
-      </exclusions>
-    </dependency>
-  </dependencies>
-  <properties>
-    <skipNexusStagingDeployMojo>true</skipNexusStagingDeployMojo>
-  </properties>
-</project>
diff --git a/java/pgv-java-validation/pom.xml b/java/pgv-java-validation/pom.xml
index dc9745474..1f698ad96 100644
--- a/java/pgv-java-validation/pom.xml
+++ b/java/pgv-java-validation/pom.xml
@@ -21,10 +21,21 @@
             <version>${project.version}</version>
         </dependency>
 
+        <dependency>
+            <groupId>com.google.guava</groupId>
+            <artifactId>guava</artifactId>
+        </dependency>
         <dependency>
             <groupId>com.google.protobuf</groupId>
             <artifactId>protobuf-java</artifactId>
-            <version>${google.protobuf.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>com.google.protobuf</groupId>
+            <artifactId>protobuf-java-util</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.google.re2j</groupId>
+            <artifactId>re2j</artifactId>
         </dependency>
 
         <!-- Depend on artifacts to ensure they are built before this module -->
@@ -32,7 +43,19 @@
             <groupId>build.buf.protoc-gen-validate</groupId>
             <artifactId>protoc-gen-validate</artifactId>
             <version>${project.version}</version>
-            <type>pom</type>
+            <classifier>${os.detected.classifier}</classifier>
+            <scope>test</scope>
+            <type>exe</type>
+        </dependency>
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.assertj</groupId>
+            <artifactId>assertj-core</artifactId>
+            <scope>test</scope>
         </dependency>
     </dependencies>
 
diff --git a/java/pgv-test-coverage-report/pom.xml b/java/pgv-test-coverage-report/pom.xml
index 244a895ce..812d39eed 100644
--- a/java/pgv-test-coverage-report/pom.xml
+++ b/java/pgv-test-coverage-report/pom.xml
@@ -35,6 +35,21 @@
     </dependencies>
     <build>
         <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-dependency-plugin</artifactId>
+                <version>3.8.1</version>
+                <executions>
+                    <execution>
+                        <id>analyze</id>
+                        <goals>
+                            <goal>analyze-only</goal>
+                        </goals>
+                        <!-- Disable dependency analysis for test coverage module -->
+                        <phase>none</phase>
+                    </execution>
+                </executions>
+            </plugin>
             <plugin>
                 <groupId>org.jacoco</groupId>
                 <artifactId>jacoco-maven-plugin</artifactId>
diff --git a/java/pom.xml b/java/pom.xml
index b879c2370..b37174f64 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -27,45 +27,71 @@
         </license>
     </licenses>
 
-    <developers>
-        <developer>
-            <id>elliotmjackson</id>
-            <name>Elliot Jackson</name>
-            <email>ejackson@buf.build</email>
-        </developer>
-    </developers>
-
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 
         <protoc.version>3.22.2</protoc.version>
-        <google.protobuf.version>4.28.3</google.protobuf.version>
+        <google.guava.version>33.3.1-android</google.guava.version>
+        <google.protobuf.version>4.29.2</google.protobuf.version>
         <protobuf.maven.plugin.version>0.6.1</protobuf.maven.plugin.version>
 
         <re2j.version>1.7</re2j.version>
         <commons.validator.version>1.9.0</commons.validator.version>
-        <grpc.version>1.68.1</grpc.version>
+        <grpc.version>1.69.0</grpc.version>
         <junit.version>4.13.2</junit.version>
-        <assertj.version>3.26.3</assertj.version>
+        <assertj.version>3.27.2</assertj.version>
         <java.release>8</java.release>
         <java.version>1.8</java.version>
-        <proto-google-common-protos.version>2.49.0</proto-google-common-protos.version>
+        <proto-google-common-protos.version>2.50.0</proto-google-common-protos.version>
     </properties>
 
-    <dependencies>
-        <dependency>
-            <groupId>junit</groupId>
-            <artifactId>junit</artifactId>
-            <version>${junit.version}</version>
-            <scope>test</scope>
-        </dependency>
-        <dependency>
-            <groupId>org.assertj</groupId>
-            <artifactId>assertj-core</artifactId>
-            <version>${assertj.version}</version>
-            <scope>test</scope>
-        </dependency>
-    </dependencies>
+    <dependencyManagement>
+        <dependencies>
+            <dependency>
+                <groupId>com.google.protobuf</groupId>
+                <artifactId>protobuf-bom</artifactId>
+                <version>${google.protobuf.version}</version>
+                <scope>import</scope>
+                <type>pom</type>
+            </dependency>
+            <dependency>
+                <groupId>io.grpc</groupId>
+                <artifactId>grpc-bom</artifactId>
+                <version>${grpc.version}</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
+
+            <dependency>
+                <groupId>com.google.api.grpc</groupId>
+                <artifactId>proto-google-common-protos</artifactId>
+                <version>${proto-google-common-protos.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>com.google.guava</groupId>
+                <artifactId>guava</artifactId>
+                <version>${google.guava.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>com.google.re2j</groupId>
+                <artifactId>re2j</artifactId>
+                <version>${re2j.version}</version>
+            </dependency>
+
+            <dependency>
+                <groupId>junit</groupId>
+                <artifactId>junit</artifactId>
+                <version>${junit.version}</version>
+                <scope>test</scope>
+            </dependency>
+            <dependency>
+                <groupId>org.assertj</groupId>
+                <artifactId>assertj-core</artifactId>
+                <version>${assertj.version}</version>
+                <scope>test</scope>
+            </dependency>
+        </dependencies>
+    </dependencyManagement>
 
     <build>
         <plugins>
@@ -81,6 +107,26 @@
                 </configuration>
             </plugin>
 
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-dependency-plugin</artifactId>
+                <version>3.8.1</version>
+                <executions>
+                    <execution>
+                        <id>analyze</id>
+                        <goals>
+                            <goal>analyze-only</goal>
+                        </goals>
+                        <configuration>
+                            <failOnWarning>true</failOnWarning>
+                            <ignoredUnusedDeclaredDependencies>
+                                <ignoredUnusedDeclaredDependency>build.buf.protoc-gen-validate:protoc-gen-validate</ignoredUnusedDeclaredDependency>
+                            </ignoredUnusedDeclaredDependencies>
+                        </configuration>
+                    </execution>
+                </executions>
+            </plugin>
+
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
@@ -93,7 +139,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-javadoc-plugin</artifactId>
-                <version>3.11.1</version>
+                <version>3.11.2</version>
                 <configuration>
                     <author>false</author>
                     <breakiterator>true</breakiterator>

From c77a09accb27ad2ee172907e8fa48dab064f4a25 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 6 Jan 2025 12:10:05 -0600
Subject: [PATCH 22/27] Bump com.google.guava:guava from 33.3.1-android to
 33.4.0-android in /java in the java group across 1 directory (#1219)

Bumps the java group with 1 update in the /java directory:
[com.google.guava:guava](https://github.com/google/guava).

Updates `com.google.guava:guava` from 33.3.1-android to 33.4.0-android
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/google/guava/releases">com.google.guava:guava's
releases</a>.</em></p>
<blockquote>
<h2>33.4.0</h2>
<h3>Maven</h3>
<pre lang="xml"><code>&lt;dependency&gt;
  &lt;groupId&gt;com.google.guava&lt;/groupId&gt;
  &lt;artifactId&gt;guava&lt;/artifactId&gt;
  &lt;version&gt;33.4.0-jre&lt;/version&gt;
  &lt;!-- or, for Android: --&gt;
  &lt;version&gt;33.4.0-android&lt;/version&gt;
&lt;/dependency&gt;
</code></pre>
<h3>Jar files</h3>
<ul>
<li><a
href="https://repo1.maven.org/maven2/com/google/guava/guava/33.4.0-jre/guava-33.4.0-jre.jar">33.4.0-jre.jar</a></li>
<li><a
href="https://repo1.maven.org/maven2/com/google/guava/guava/33.4.0-android/guava-33.4.0-android.jar">33.4.0-android.jar</a></li>
</ul>
<p>Guava requires <a
href="https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies">one
runtime dependency</a>, which you can download here:</p>
<ul>
<li><a
href="https://repo1.maven.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar">failureaccess-1.0.1.jar</a></li>
</ul>
<h3>Javadoc</h3>
<ul>
<li><a
href="https://guava.dev/releases/33.4.0-jre/api/docs/">33.4.0-jre</a></li>
<li><a
href="https://guava.dev/releases/33.4.0-android/api/docs/">33.4.0-android</a></li>
</ul>
<h3>JDiff</h3>
<ul>
<li><a
href="https://guava.dev/releases/33.4.0-jre/api/diffs/">33.4.0-jre vs.
33.3.1-jre</a></li>
<li><a
href="https://guava.dev/releases/33.4.0-android/api/diffs/">33.4.0-android
vs. 33.3.1-android</a></li>
<li><a
href="https://guava.dev/releases/33.4.0-android/api/androiddiffs/">33.4.0-android
vs. 33.4.0-jre</a></li>
</ul>
<h3>Changelog</h3>
<ul>
<li>Exposed additional Java 8 APIs to Android users. (6082782134,
9b0109c662, 6ace8bc8ea, b650b9fe77, c6c268006c, 984f713d76, f9f3fffb87,
cdc225474e)</li>
<li><code>base</code>: Deprecated <code>Charsets</code> constants in
favor of <code>StandardCharsets</code>. We will not remove the
constants, but we recommend using <code>StandardCharsets</code> for
consistency. (45e6be2688)</li>
<li><code>base</code>: Added
<code>ToStringHelper.omitEmptyValues()</code>. (f5ec2ab85c)</li>
<li><code>collect</code>: Added an optimized <code>copyOf</code> method
to <code>TreeRangeMap</code>. (a46565dd1c)</li>
<li><code>collect.testing</code>: Fixed <code>@Require</code>
annotations so that features implied by absent features are not also
required to be absent. (81be061f85)</li>
<li><code>io</code>: Changed <code>ByteSink</code> and
<code>CharSink</code> to no longer call <code>flush()</code> in some
cases before <code>close()</code>. This is a no-op for well-behaved
streams, which internally flush their data as part of closing. However,
we have discovered some stream implementations that have overridden
<code>close()</code> to do nothing, including not to flush some buffered
data. If this change causes problems, the simplest fix is usually to
change the <code>close()</code> override to at least call
<code>flush()</code>. (6ace8bc8ea)</li>
<li><code>net</code>: Added <code>HttpHeaders.ALT_SVC</code> and
<code>MediaType.CBOR</code>. (503ba429f9, 7c0bf0892d)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/google/guava/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.google.guava:guava&package-manager=maven&previous-version=33.3.1-android&new-version=33.4.0-android)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 java/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/pom.xml b/java/pom.xml
index b37174f64..42a6038de 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -31,7 +31,7 @@
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 
         <protoc.version>3.22.2</protoc.version>
-        <google.guava.version>33.3.1-android</google.guava.version>
+        <google.guava.version>33.4.0-android</google.guava.version>
         <google.protobuf.version>4.29.2</google.protobuf.version>
         <protobuf.maven.plugin.version>0.6.1</protobuf.maven.plugin.version>
 

From 24313a12006314be6bfb989ffa468bf8deef49cb Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 13 Jan 2025 10:22:45 -0800
Subject: [PATCH 23/27] Bump the go group with 2 updates (#1223)

Bumps the go group with 2 updates:
[golang.org/x/net](https://github.com/golang/net) and
google.golang.org/protobuf.

Updates `golang.org/x/net` from 0.33.0 to 0.34.0
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/net/commit/8da7ed17cdaf5e1d42aa868f0b0322a207a17dcd"><code>8da7ed1</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/net/commit/2124140b044c3cbbd6a3ed7c45e2d4420be7039d"><code>2124140</code></a>
all: make function and struct comments match the names</li>
<li><a
href="https://github.com/golang/net/commit/e9d95ba163f72442cc09dca1865147a62351ac72"><code>e9d95ba</code></a>
http2: do not surface errors from a conn's idle timer expiring</li>
<li><a
href="https://github.com/golang/net/commit/c2be9921fe46b336b1991c4e5984666bd75b941f"><code>c2be992</code></a>
quic: remember which remote connection IDs have been retired</li>
<li>See full diff in <a
href="https://github.com/golang/net/compare/v0.33.0...v0.34.0">compare
view</a></li>
</ul>
</details>
<br />

Updates `google.golang.org/protobuf` from 1.36.1 to 1.36.2


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 4 ++--
 go.sum | 8 ++++----
 2 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/go.mod b/go.mod
index 235e177a9..e9145395b 100644
--- a/go.mod
+++ b/go.mod
@@ -5,8 +5,8 @@ go 1.21.1
 require (
 	github.com/iancoleman/strcase v0.3.0
 	github.com/lyft/protoc-gen-star/v2 v2.0.4-0.20230330145011-496ad1ac90a4
-	golang.org/x/net v0.33.0
-	google.golang.org/protobuf v1.36.1
+	golang.org/x/net v0.34.0
+	google.golang.org/protobuf v1.36.2
 )
 
 require (
diff --git a/go.sum b/go.sum
index 0496e718f..c4318ac81 100644
--- a/go.sum
+++ b/go.sum
@@ -225,8 +225,8 @@ golang.org/x/net v0.0.0-20201209123823-ac852fbbde11/go.mod h1:m0MpNAwzfU5UDzcl9v
 golang.org/x/net v0.0.0-20201224014010-6772e930b67b/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
-golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
+golang.org/x/net v0.34.0 h1:Mb7Mrk043xzHgnRM88suvJFwzVrRfHEHJEl5/71CKw0=
+golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
 golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -438,8 +438,8 @@ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2
 google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
 google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
-google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/gk=
-google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/protobuf v1.36.2 h1:R8FeyR1/eLmkutZOM5CWghmo5itiG9z0ktFlTVLuTmU=
+google.golang.org/protobuf v1.36.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=

From 74f67b94e9141c550e0f2df948ba95804fb0a9d6 Mon Sep 17 00:00:00 2001
From: Stefan VanBuren <stefan@vanburen.xyz>
Date: Wed, 15 Jan 2025 16:46:19 -0500
Subject: [PATCH 24/27] Drop Python 3.8 support (#1225)

---
 .github/workflows/ci.yaml |  2 +-
 Dockerfile                | 12 +++++-------
 Makefile                  |  8 ++++----
 python/setup.cfg          |  5 +----
 4 files changed, 11 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index ff25c7cf7..81a5c472f 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -13,7 +13,7 @@ env:
   GO_VER: '1.21.x'
   PGG_VER: 'v1.31.0'
   PROTOC_VER: '24.3'
-  PYTHON_VER: '3.8'
+  PYTHON_VER: '3.9'
   TEST_TAG: protoc-gen-validate:${{ github.sha }}
 
 jobs:
diff --git a/Dockerfile b/Dockerfile
index 0f09f8cf8..6f73e3839 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -12,13 +12,12 @@ ENV INSTALL_DEPS \
   wget \
   maven \
   patch \
-  python3 \
-  python3-distutils \
-  python3-setuptools \
+  python3.9 \
+  python3-pip \
   apt-transport-https \
   curl \
   openjdk-8-jdk \
-  gnupg 
+  gnupg
 
 RUN apt update \
   && apt install -y -q --no-install-recommends ${INSTALL_DEPS} \
@@ -63,14 +62,13 @@ RUN go install github.com/bazelbuild/buildtools/buildozer@${BDR_VER} \
 
 # python must be on PATH for the execution of py_binary bazel targets, but
 # the distribution we installed doesn't provide this alias
-RUN ln -s /usr/bin/python3.8 /usr/bin/python
+RUN ln -s /usr/bin/python3.9 /usr/bin/python
 
 WORKDIR ${GOPATH}/src/github.com/envoyproxy/protoc-gen-validate
 
 # python tooling for linting and uploading to PyPI
 COPY requirements.txt .
-RUN python3.8 -m easy_install pip \
-  && python3.8 -m pip install -r requirements.txt
+RUN pip3 install -r requirements.txt
 
 COPY . .
 
diff --git a/Makefile b/Makefile
index b130e602f..42973913a 100644
--- a/Makefile
+++ b/Makefile
@@ -143,14 +143,14 @@ prepare-python-release:
 .PHONY: python-release
 python-release: prepare-python-release
 	rm -rf python/dist
-	python3.8 -m build --no-isolation --sdist python
-	# the below command should be identical to `python3.8 -m build --wheel`
+	python3.9 -m build --no-isolation --sdist python
+	# the below command should be identical to `python3.9 -m build --wheel`
 	# however that returns mysterious `error: could not create 'build': File exists`.
 	# setuptools copies source and data files to a temporary build directory,
 	# but why there's a collision or why setuptools stopped respecting the `build_lib` flag is unclear.
 	# As a workaround, we build a source distribution and then separately build a wheel from it.
-	python3.8 -m pip wheel --wheel-dir python/dist --no-deps python/dist/*
-	python3.8 -m twine upload --verbose --skip-existing --repository ${PYPI_REPO} --username "__token__" --password ${PGV_PYPI_TOKEN} python/dist/*
+	python3.9 -m pip wheel --wheel-dir python/dist --no-deps python/dist/*
+	python3.9 -m twine upload --verbose --skip-existing --repository ${PYPI_REPO} --username "__token__" --password ${PGV_PYPI_TOKEN} python/dist/*
 
 .PHONY: check-generated
 check-generated: ## run during CI; this checks that the checked-in generated code matches the generated version.
diff --git a/python/setup.cfg b/python/setup.cfg
index a35a464d4..314aa1abf 100644
--- a/python/setup.cfg
+++ b/python/setup.cfg
@@ -11,9 +11,6 @@ license_files = LICENSE
 classifiers =
     Programming Language :: Python :: 3
     Programming Language :: Python :: 3 :: Only
-    Programming Language :: Python :: 3.6
-    Programming Language :: Python :: 3.7
-    Programming Language :: Python :: 3.8
     Programming Language :: Python :: 3.9
     Programming Language :: Python :: 3.10
     Programming Language :: Python :: 3.11
@@ -27,7 +24,7 @@ install_requires =
     Jinja2>=2.11.1
     protobuf>=5.27.0
     astunparse>=1.6.3; python_version<"3.10"
-python_requires = >=3.6
+python_requires = >=3.9
 
 [options.data_files]
 data = validate.proto

From 19960f4f77497baa34c64068e03888b779394243 Mon Sep 17 00:00:00 2001
From: Kevin Greene <kgreenek@gmail.com>
Date: Thu, 16 Jan 2025 11:15:55 -0800
Subject: [PATCH 25/27] Migrate to cc_proto_library from com_google_protobuf
 (#1226)

Closes https://github.com/bufbuild/protoc-gen-validate/issues/1199

This is a more minimal change to simply migrate away from rules_cc's
cc_proto_library without updating all the external deps.

This will prepare for the upcoming 0.1.X release of rules_cc where
cc_proto_library is removed.
---
 bazel/pgv_proto_library.bzl | 3 ++-
 tests/harness/BUILD         | 2 +-
 tests/harness/cc/BUILD      | 3 ++-
 validate/BUILD              | 3 ++-
 4 files changed, 7 insertions(+), 4 deletions(-)

diff --git a/bazel/pgv_proto_library.bzl b/bazel/pgv_proto_library.bzl
index b0b05ec0a..b8fb86555 100644
--- a/bazel/pgv_proto_library.bzl
+++ b/bazel/pgv_proto_library.bzl
@@ -1,3 +1,4 @@
+load("@com_google_protobuf//bazel:cc_proto_library.bzl", "cc_proto_library")
 load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
 load("@rules_cc//cc:defs.bzl", "cc_library")
 load(":protobuf.bzl", "cc_proto_gen_validate", "java_proto_gen_validate")
@@ -30,7 +31,7 @@ def pgv_cc_proto_library(
       **kargs: other keyword arguments that are passed to cc_library.
     """
 
-    native.cc_proto_library(
+    cc_proto_library(
         name = name + "_cc_proto",
         deps = deps,
     )
diff --git a/tests/harness/BUILD b/tests/harness/BUILD
index f206df7b4..d3bd77f44 100644
--- a/tests/harness/BUILD
+++ b/tests/harness/BUILD
@@ -1,6 +1,6 @@
+load("@com_google_protobuf//bazel:cc_proto_library.bzl", "cc_proto_library")
 load("@io_bazel_rules_go//go:def.bzl", "go_library")
 load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
-load("@rules_cc//cc:defs.bzl", "cc_proto_library")
 load("@rules_java//java:defs.bzl", "java_proto_library")
 load("@rules_proto//proto:defs.bzl", "proto_library")
 load("@rules_python//python:proto.bzl", "py_proto_library")
diff --git a/tests/harness/cc/BUILD b/tests/harness/cc/BUILD
index 929a826c8..09ff1f0ed 100644
--- a/tests/harness/cc/BUILD
+++ b/tests/harness/cc/BUILD
@@ -1,4 +1,5 @@
-load("@rules_cc//cc:defs.bzl", "cc_binary", "cc_library", "cc_proto_library", "cc_test")
+load("@com_google_protobuf//bazel:cc_proto_library.bzl", "cc_proto_library")
+load("@rules_cc//cc:defs.bzl", "cc_binary", "cc_library", "cc_test")
 load("@rules_proto//proto:defs.bzl", "proto_library")
 
 MSVC_C_OPTS = [
diff --git a/validate/BUILD b/validate/BUILD
index 7d40181e9..ef634dd81 100644
--- a/validate/BUILD
+++ b/validate/BUILD
@@ -1,6 +1,7 @@
+load("@com_google_protobuf//bazel:cc_proto_library.bzl", "cc_proto_library")
 load("@io_bazel_rules_go//go:def.bzl", "go_library")
 load("@io_bazel_rules_go//proto:def.bzl", "go_proto_library")
-load("@rules_cc//cc:defs.bzl", "cc_library", "cc_proto_library")
+load("@rules_cc//cc:defs.bzl", "cc_library")
 load("@rules_java//java:defs.bzl", "java_proto_library")
 load("@rules_proto//proto:defs.bzl", "proto_library")
 load("@rules_python//python:proto.bzl", "py_proto_library")

From 0350b039d4a6b1d8beea42e055fff9027de04669 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 21 Jan 2025 10:32:40 -0800
Subject: [PATCH 26/27] Bump google.golang.org/protobuf from 1.36.2 to 1.36.3
 in the go group (#1229)

Bumps the go group with 1 update: google.golang.org/protobuf.

Updates `google.golang.org/protobuf` from 1.36.2 to 1.36.3


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/protobuf&package-manager=go_modules&previous-version=1.36.2&new-version=1.36.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index e9145395b..5b1c93b15 100644
--- a/go.mod
+++ b/go.mod
@@ -6,7 +6,7 @@ require (
 	github.com/iancoleman/strcase v0.3.0
 	github.com/lyft/protoc-gen-star/v2 v2.0.4-0.20230330145011-496ad1ac90a4
 	golang.org/x/net v0.34.0
-	google.golang.org/protobuf v1.36.2
+	google.golang.org/protobuf v1.36.3
 )
 
 require (
diff --git a/go.sum b/go.sum
index c4318ac81..23bed73ee 100644
--- a/go.sum
+++ b/go.sum
@@ -438,8 +438,8 @@ google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2
 google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
 google.golang.org/protobuf v1.24.0/go.mod h1:r/3tXBNzIEhYS9I1OUVjXDlt8tc493IdKGjtUeSXeh4=
 google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
-google.golang.org/protobuf v1.36.2 h1:R8FeyR1/eLmkutZOM5CWghmo5itiG9z0ktFlTVLuTmU=
-google.golang.org/protobuf v1.36.2/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/protobuf v1.36.3 h1:82DV7MYdb8anAVi3qge1wSnMDrnKK7ebr+I0hHRN1BU=
+google.golang.org/protobuf v1.36.3/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=

From 7b06248484ceeaa947e93ca2747eccf336a88ecc Mon Sep 17 00:00:00 2001
From: Stefan VanBuren <svanburen@buf.build>
Date: Wed, 22 Jan 2025 15:15:32 -0500
Subject: [PATCH 27/27] Fix Python3.9 build (#1232)

This fixes the python3.9 build by installing the pip requirements with
python3.9 and ensuring python3.9-venv is installed.

Follow up to #1225.
---
 Dockerfile | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 6f73e3839..c546754b3 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -13,6 +13,7 @@ ENV INSTALL_DEPS \
   maven \
   patch \
   python3.9 \
+  python3.9-venv \
   python3-pip \
   apt-transport-https \
   curl \
@@ -68,7 +69,7 @@ WORKDIR ${GOPATH}/src/github.com/envoyproxy/protoc-gen-validate
 
 # python tooling for linting and uploading to PyPI
 COPY requirements.txt .
-RUN pip3 install -r requirements.txt
+RUN python3.9 -m pip install -r requirements.txt
 
 COPY . .