Skip to content

chore: [DevOps] bump the production-minor-patch group with 5 updates#1203

Merged
sap-cloud-sdk-bot[bot] merged 1 commit into
mainfrom
dependabot/maven/main/production-minor-patch-410d1a3d95
Jun 16, 2026
Merged

chore: [DevOps] bump the production-minor-patch group with 5 updates#1203
sap-cloud-sdk-bot[bot] merged 1 commit into
mainfrom
dependabot/maven/main/production-minor-patch-410d1a3d95

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Contributor

Bumps the production-minor-patch group with 5 updates:

Package From To
io.swagger.core.v3:swagger-models 2.2.50 2.2.51
io.swagger.parser.v3:swagger-parser 2.1.43 2.1.44
io.swagger.parser.v3:swagger-parser-core 2.1.43 2.1.44
com.google.errorprone:error_prone_annotations 2.49.0 2.50.0
io.grpc:grpc-bom 1.81.0 1.82.0

Updates io.swagger.core.v3:swagger-models from 2.2.50 to 2.2.51

Updates io.swagger.parser.v3:swagger-parser from 2.1.43 to 2.1.44

Release notes

Sourced from io.swagger.parser.v3:swagger-parser's releases.

Swagger-parser 2.1.44 released!

  • fix: Replace the unsafe Yaml instantiation in ReferenceVisitor.getYam… (#2344)
Commits

Updates io.swagger.parser.v3:swagger-parser-core from 2.1.43 to 2.1.44

Updates io.swagger.parser.v3:swagger-parser-core from 2.1.43 to 2.1.44

Updates com.google.errorprone:error_prone_annotations from 2.49.0 to 2.50.0

Release notes

Sourced from com.google.errorprone:error_prone_annotations's releases.

Error Prone 2.50.0

New checks:

Closed issues: #5553, #5649, #5778

Full changelog: google/error-prone@v2.49.0...v2.50.0

Commits
  • d802cff Release Error Prone 2.50.0
  • b12b5f2 In StringCharset, move the description from explanation to summary.
  • a7ca02a Update AssertThrowsUtils to emit var thrown = assertThrows(...) instead o...
  • 6b56517 Fix handling of nested tags in UnrecognisedJavadocTag
  • d36e74f Remove translation of the fail() message into assertThrows(). We already ...
  • c3581e9 Fix JavacFileManager compiler crash during speculative recompiles in modular ...
  • da1f32b Remove assignments from assertThrows() lambdas. A large percentage of remai...
  • dee62f7 Update AssertThrowsBlockToExpression to re-write single VariableTrees int...
  • 4939448 Only hoist the last statement into the assertThrows() lambda.
  • 30fd05a refactor: Rename JavaLangClash bug pattern to AvoidCommonTypeNames
  • Additional commits viewable in compare view

Updates io.grpc:grpc-bom from 1.81.0 to 1.82.0

Release notes

Sourced from io.grpc:grpc-bom's releases.

v1.82.0

This release drops support for Bazel 7. It may still run, but we are no longer testing it. We are testing Bazel 8 and 9.

We are anticipating requiring Netty 4.2 in the next release. Please file an issue if you still need Netty 4.1 support.

Behavior Changes

  • xds: Disable Priority LB child policy retention cache (#12806). Previously, when a priority became inactive, its associated child load balancer was kept in a deactivated state for potential reuse. Now, inactive child balancers are immediately torn down and removed.
  • xds: skip DiscoveryRequest for unsubscribed types on stream ready (#12782). When the bootstrap declares more than one xDS server (e.g. a default server for LDS/CDS plus an authority-specific EDS-only server), grpc-java was sending CDS/LDS DiscoveryRequests to the EDS-only server too. That server replies UNIMPLEMENTED, which tears down the stream and EDS data never arrives. This fix makes it skip DiscoveryRequests for resource types we don't actually subscribe to on a given server.

Improvements

  • Remove JSR-305 @ThreadSafe annotation and replace with JavaDoc (#12762). Removes JSR-305 annotations but instead of replacing it with ErrorProne's ThreadSafe, sticks to adding a JavaDoc comment. This is done only in public non-final classes and interfaces. This allows Java applications that have moved away from javax to compile and avoids a bug in Immutables and Lombok (and possibly other annotation processors) from failing when JSR-305 is not present.
  • core: Reduce per-stream idle memory on the server by 0.5 KB (b38df6c94). The main improvement here is not retaining the request Metadata for the life of the RPC. That means RPCs with larger request Metadata would see a larger benefit.
  • core: Clarify missing content-type on HTTP error responses (#12720). Adjusts the diagnostic for the missing rather than invalid content-type, in the Status description.
  • core: throw IOException when ProxySelector returns null or empty list (#12793). ProxySelector.select(URI) is required to return a non-null, non-empty list. Some implementations violate this, which previously caused an opaque crash in ProxyDetectorImpl. Now it detects this case explicitly and fails gracefully, naming the offending ProxySelector class to help with debugging.
  • okhttp: enable TLS 1.3 by default for Android clients, retain TLS 1.2-only for desktop JVM (f43013161)
  • xds: Reduce per-endpoint memory from CDS LB (cc0d1a810). This is most noticeable when there are many endpoints returned by EDS, but the LB policy only uses a few of them, like pick_first.
  • xds: pre-parse custom metric names in WRR load balancer (#12773) (324fce715). This reduces the per-RPC overhead of the gRFC A114 support added in v1.81.0
  • xds: Propagate status cause through XdsDepManager (13b4b9727). This preserves more information for failures communicating with the control plane.
  • binder: Give clear error when message is larger than parcel (d92ca44a1)

Bug Fixes

  • xds: Trust Manager fix for certain scenarios where SAN validation shouldn't use the SNI sent (#12775) (bb153a83f).
  • core: Cancel DelayedClientCall when application listener throws (#12761). Align DelayedClientCall.DelayedListener with ClientCallImpl's existing behavior for listener exceptions. When the application listener throws from onHeaders/onMessage/onReady, catch the Throwable, cancel the call with CANCELLED (cause = the throwable), and swallow subsequent callbacks. Previously, a throw from the application listener escaped to the callExecutor's uncaught-exception handler. The real call was not cancelled and the transport kept delivering callbacks to an already broken listener
  • core,opentelemetry: Fix server metric labels on early close (#12774). Addresses the server-side OpenTelemetry metric labeling bug where a generated method can be recorded as grpc.method="other" if streamClosed() happens before serverCallStarted().
  • core: Fix pick_first NPE with GRPC_EXPERIMENTAL_ENABLE_NEW_PICK_FIRST=true when accepting resolved addresses and in CONNECTING state (#12814). It makes sure that whenever PickFirstLeafLoadBalancer transitions into CONNECTING the current address in the addressIndex has a corresponding subchannel. This prevents an NPE in acceptResolvedAddresses in some situations.
  • okhttp: HPACK should fail on varint overflow (ec1099254). This should have no visible impact in normal use. It mostly just makes it easier to debug broken implementations
  • xds: When using the file watcher certificate provider, reload cert/key even if only one of them changes (f4125c591)
  • compiler: Avoid compile error on weird proto file names (f021befcd)

New Features

  • googleapis: support ?force-xds query parameter in the google-c2p resolver (#12760) (86fa86063). This disables environment checks and uses xDS unconditionally. Please note that this feature has not yet seen comprehensive testing.

Dependencies

  • Upgrade Netty to 4.1.133 (ada087b9d)
  • bazel: Upgrade googleapis proto repo to commit 1dbb1a14 (ec0a9c976). This fixed a rules_go incompatibility issue with Bazel 9.1. But it also greatly reduced the overall transitive dependencies, as the C++ grpc repo is no longer a dependency
  • bazel: Upgrade workflows to Bazel 8 (039ad7779) add Bazel 9.1.0 to our CI matrix (17be0d3d1)
  • protoc-gen-grpc-java: Linux binaries are now built with Ubuntu 20.04 instead of 18.04 (8802dc35b5, da98b04b09)

Thanks to

@​becomeStar
@​bengtsson1-flir
@​jnowjack-lucidchart
@​Kainsin
@​kenkangxgwe

... (truncated)

Commits
  • 78fb519 Bump version to 1.82.0
  • b62b0fc Update README etc to reference 1.82.0
  • 8802dc3 build: downgrade multiarch to Ubuntu 20.04 and consolidate images (#12830)
  • be300bd kokoro: Avoid brew on Mac OS
  • 4111f6f core: throw IOException when ProxySelector returns null or empty list (#12793)
  • 9410caf Revert "xds: CEL implementation (#12770)" (#12823)
  • a6916c9 core: Fix pick_first NPE when accepting resolved addresses and in `CONNECTING...
  • 52f2cd5 Revert "okhttp: Optimize HPACK to index :path" (#12820)
  • cc0d1a8 xds: Reduce per-endpoint memory from CDS
  • 17be0d3 Add Bazel 9.1.0 to our CI matrix
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore: [DevOps] bump the production-minor-patch group with 5 updates
5c88458 
Bumps the production-minor-patch group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| io.swagger.core.v3:swagger-models | `2.2.50` | `2.2.51` |
| [io.swagger.parser.v3:swagger-parser](https://github.com/swagger-api/swagger-parser) | `2.1.43` | `2.1.44` |
| io.swagger.parser.v3:swagger-parser-core | `2.1.43` | `2.1.44` |
| [com.google.errorprone:error_prone_annotations](https://github.com/google/error-prone) | `2.49.0` | `2.50.0` |
| [io.grpc:grpc-bom](https://github.com/grpc/grpc-java) | `1.81.0` | `1.82.0` |


Updates `io.swagger.core.v3:swagger-models` from 2.2.50 to 2.2.51

Updates `io.swagger.parser.v3:swagger-parser` from 2.1.43 to 2.1.44
- [Release notes](https://github.com/swagger-api/swagger-parser/releases)
- [Commits](swagger-api/swagger-parser@v2.1.43...v2.1.44)

Updates `io.swagger.parser.v3:swagger-parser-core` from 2.1.43 to 2.1.44

Updates `io.swagger.parser.v3:swagger-parser-core` from 2.1.43 to 2.1.44

Updates `com.google.errorprone:error_prone_annotations` from 2.49.0 to 2.50.0
- [Release notes](https://github.com/google/error-prone/releases)
- [Commits](google/error-prone@v2.49.0...v2.50.0)

Updates `io.grpc:grpc-bom` from 1.81.0 to 1.82.0
- [Release notes](https://github.com/grpc/grpc-java/releases)
- [Commits](grpc/grpc-java@v1.81.0...v1.82.0)

---
updated-dependencies:
- dependency-name: io.swagger.core.v3:swagger-models
  dependency-version: 2.2.51
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: io.swagger.parser.v3:swagger-parser
  dependency-version: 2.1.44
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: io.swagger.parser.v3:swagger-parser-core
  dependency-version: 2.1.44
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: io.swagger.parser.v3:swagger-parser-core
  dependency-version: 2.1.44
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-minor-patch
- dependency-name: com.google.errorprone:error_prone_annotations
  dependency-version: 2.50.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
- dependency-name: io.grpc:grpc-bom
  dependency-version: 1.82.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jun 15, 2026
@sap-cloud-sdk-bot sap-cloud-sdk-bot Bot enabled auto-merge (squash) June 16, 2026 11:56
@sap-cloud-sdk-bot sap-cloud-sdk-bot Bot merged commit 45b2a0a into main Jun 16, 2026
13 checks passed
@sap-cloud-sdk-bot sap-cloud-sdk-bot Bot deleted the dependabot/maven/main/production-minor-patch-410d1a3d95 branch June 16, 2026 11:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sap-cloud-sdk-bot sap-cloud-sdk-bot[bot] sap-cloud-sdk-bot[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants