fix: update all dependencies

[renovate-bot]

This PR contains the following updates:

Package	Change	Age	Confidence	Type	Update
github.com/googleapis/gax-go/v2	v2.16.0 → v2.17.0			require	minor
go (source)	1.25.6 → 1.25.7			toolchain	patch
google.golang.org/api	v0.263.0 → v0.265.0			require	minor
google.golang.org/genproto/googleapis/api	8636f87 → 546029d			require	digest
google.golang.org/genproto/googleapis/rpc	8636f87 → 546029d			require	digest
com.google.api:gax-grpc	2.74.0 → 2.74.1			test	patch
com.google.errorprone:error_prone_annotations (source)	2.45.0 → 2.47.0			compile	minor
com.google.cloud:sdk-platform-java-config	3.56.0 → 3.56.1			parent	patch

---

Release Notes

googleapis/gax-go (github.com/googleapis/gax-go/v2)

v2.17.0: v2 2.17.0

Compare Source

Features

• update Invoke to add retry count to context (#​462) (ea7096d5)

golang/go (go)

v1.25.7

googleapis/google-api-go-client (google.golang.org/api)

v0.265.0

Compare Source

Features

• Add checksums for single chunk json uploads (#​3448) (0f1cb7b)
• all: Auto-regenerate discovery clients (#​3473) (e617dd5)
• all: Auto-regenerate discovery clients (#​3476) (986f556)
• all: Auto-regenerate discovery clients (#​3477) (cdb1738)
• all: Auto-regenerate discovery clients (#​3479) (2aa3478)
• all: Auto-regenerate discovery clients (#​3480) (29bd843)
• all: Auto-regenerate discovery clients (#​3482) (afa65b7)

v0.264.0

Compare Source

Features

• all: Auto-regenerate discovery clients (#​3464) (5c164fc)
• all: Auto-regenerate discovery clients (#​3472) (52bd769)

google/error-prone (com.google.errorprone:error_prone_annotations)

v2.47.0: Error Prone 2.47.0

Compare Source

New checks:

• InterruptedInCatchBlock: Detect accidental calls to Thread.interrupted() inside of catch(InterruptedException e) blocks.
• RefactorSwitch: Refactorings to simplify arrow switches
• UnnamedVariable: Rename unused variables to _

Closed issues: #​1811, #​4168, #​5459, #​5460

Full changelog: google/error-prone@v2.46.0...v2.47.0

v2.46.0: Error Prone 2.46.0

Compare Source

Changes:

• The javac flag -XDaddTypeAnnotationsToSymbol=true is now required for Error Prone invocations on JDK 21, to enable the javac fix for JDK-8225377: type annotations are not visible to javac plugins across compilation boundaries. See #​5426 for details.
• Remove deprecated value attribute from @IncompatibleModifiers and @RequiredModifiers (#​2122)
• Error Prone API changes to encapsulate references to internal javac APIs for end position handling (EndPosTable, DiagnosticPosition) (5440bb4, 06c2905, f3915ec)

New checks:

• DuplicateAssertion: detect duplicated assertion lines where the argument to assertThat is pure
• IfChainToSwitch: suggest converting chains of if-statements into arrow switches
• ScannerUseDelimiter: discourage Scanner.useDelimiter("\\A")
• AddNullMarkedToClass: refactoring to add @NullMarked annotation to top level classes

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[forking-renovate]

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 2 additional dependencies were updated

Details:

Package	Change
google.golang.org/genproto	v0.0.0-20251202230838-ff82c1b0f217 -> v0.0.0-20260128011058-8636f8732409
google.golang.org/genproto/googleapis/api	v0.0.0-20251202230838-ff82c1b0f217 -> v0.0.0-20260128011058-8636f8732409

File name: snippets/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 5 additional dependencies were updated

Details:

Package	Change
github.com/googleapis/gax-go/v2	v2.16.0 -> v2.17.0
google.golang.org/api	v0.263.0 -> v0.265.0
google.golang.org/genproto	v0.0.0-20251202230838-ff82c1b0f217 -> v0.0.0-20260128011058-8636f8732409
google.golang.org/genproto/googleapis/api	v0.0.0-20251202230838-ff82c1b0f217 -> v0.0.0-20260128011058-8636f8732409
google.golang.org/genproto/googleapis/rpc	v0.0.0-20260128011058-8636f8732409 -> v0.0.0-20260203192932-546029d2fa20

File name: spannerlib/go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• 3 additional dependencies were updated

Details:

Package	Change
github.com/googleapis/gax-go/v2	v2.16.0 -> v2.17.0
google.golang.org/api	v0.263.0 -> v0.265.0
google.golang.org/genproto	v0.0.0-20251202230838-ff82c1b0f217 -> v0.0.0-20260128011058-8636f8732409

[gemini-code-assist]

Summary of Changes

Hello @renovate-bot, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request performs a comprehensive update of both Go and Java dependencies used within the project. The updates bring the Go toolchain, various Google API client libraries, and several Java components to their latest stable versions. This ensures the project benefits from the most recent bug fixes, performance enhancements, and new features provided by these upstream libraries, maintaining compatibility and security.

Highlights

• Go Toolchain Update: The Go toolchain has been updated from version 1.25.6 to 1.25.7 across all Go modules (benchmarks, main, snippets, spannerlib).
• Go Google API Client Updates: Key Google Go API client libraries have been updated: github.com/googleapis/gax-go/v2 to v2.17.0 (including a feature to add retry count to context for Invoke), google.golang.org/api to v0.265.0 (adding checksums for single chunk JSON uploads and auto-regenerated discovery clients), and google.golang.org/genproto related modules to their latest digest versions.
• Java Dependency Updates: Several Java dependencies have been updated in spannerlib/wrappers/spannerlib-java/pom.xml: com.google.cloud:sdk-platform-java-config to 3.56.1, com.google.errorprone:error_prone_annotations to 2.47.0 (introducing new static analysis checks like InterruptedInCatchBlock and RefactorSwitch), and com.google.api:gax-grpc to 2.74.1.

Changelog

• benchmarks/go.mod
  • Updated Go toolchain from go1.25.6 to go1.25.7.
  • Updated google.golang.org/api from v0.263.0 to v0.265.0.
• benchmarks/go.sum
  • Updated checksums for google.golang.org/api.
• go.mod
  • Updated Go toolchain from go1.25.6 to go1.25.7.
  • Updated github.com/googleapis/gax-go/v2 from v2.16.0 to v2.17.0.
  • Updated google.golang.org/api from v0.263.0 to v0.265.0.
  • Updated google.golang.org/genproto/googleapis/rpc and google.golang.org/genproto/googleapis/api to newer digest versions.
• go.sum
  • Updated checksums for github.com/googleapis/gax-go/v2, google.golang.org/api, and google.golang.org/genproto related modules.
• snippets/go.mod
  • Updated Go toolchain from go1.25.6 to go1.25.7.
  • Updated github.com/googleapis/gax-go/v2 from v2.16.0 to v2.17.0.
  • Updated google.golang.org/api from v0.263.0 to v0.265.0.
  • Updated google.golang.org/genproto/googleapis/rpc and google.golang.org/genproto/googleapis/api to newer digest versions.
• snippets/go.sum
  • Updated checksums for github.com/googleapis/gax-go/v2, google.golang.org/api, and google.golang.org/genproto related modules.
• spannerlib/go.mod
  • Updated Go toolchain from go1.25.6 to go1.25.7.
  • Updated github.com/googleapis/gax-go/v2 from v2.16.0 to v2.17.0.
  • Updated google.golang.org/api from v0.263.0 to v0.265.0.
  • Updated google.golang.org/genproto/googleapis/api and google.golang.org/genproto/googleapis/rpc to newer digest versions.
• spannerlib/go.sum
  • Updated checksums for github.com/googleapis/gax-go/v2, google.golang.org/api, and google.golang.org/genproto related modules.
• spannerlib/wrappers/spannerlib-java/pom.xml
  • Updated parent com.google.cloud:sdk-platform-java-config from 3.56.0 to 3.56.1.
  • Updated com.google.errorprone:error_prone_annotations from 2.45.0 to 2.47.0.
  • Updated test dependency com.google.api:gax-grpc from 2.74.0 to 2.74.1.

Activity

• This pull request was automatically generated by renovate-bot to update dependencies.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request updates a number of Go and Java dependencies. The Java dependency updates appear to be safe. However, the Go module files (go.mod) show misaligned versions for google.golang.org/genproto and its sub-packages. Using different versions of related packages can lead to build or runtime issues. I've added comments to the affected go.mod files with suggestions on how to resolve these inconsistencies to improve the stability and maintainability of the project.

[gemini-code-assist]

The versions of google.golang.org/genproto/... dependencies seem to be misaligned. google.golang.org/genproto/googleapis/rpc is at version ...-546029d..., while google.golang.org/genproto and google.golang.org/genproto/googleapis/api are at an older version ...-8636f87... (see lines 61-62).

This can lead to subtle issues. It's best to use a consistent version for all google.golang.org/genproto packages. Running go mod tidy should resolve this by aligning the versions of these related packages. If not, you might need to add an explicit require for google.golang.org/genproto with the latest version and then run go mod tidy.

[gemini-code-assist]

The versions of google.golang.org/genproto/... dependencies seem to be misaligned. google.golang.org/genproto and google.golang.org/genproto/googleapis/api are at version ...-8636f87..., while google.golang.org/genproto/googleapis/rpc is at ...-546029d....

This can lead to subtle issues. It's best to use a consistent version for all google.golang.org/genproto packages. You can achieve this by adding an explicit require for google.golang.org/genproto with the latest version and then running go mod tidy.

For example, add this to your require block:

google.golang.org/genproto v0.0.0-20260203192932-546029d2fa20

Then run go mod tidy to align all related transitive dependencies.

[gemini-code-assist]

There are a couple of issues with the dependencies in this go.mod file:

1. Misaligned genproto versions: google.golang.org/genproto/googleapis/api and .../rpc are at version ...-546029d..., but the base google.golang.org/genproto is at an older version ...-8636f87... (see line 64). This can lead to subtle build or runtime issues. It's best to align all google.golang.org/genproto packages to the same version.

2. Transitive dependencies listed as direct: Dependencies like google.golang.org/api, .../api, and .../rpc are listed as direct dependencies. If they are not directly imported by code in this module, they should be indirect. Since there are no Go files in this directory, they are likely transitive dependencies.

To fix this, you can run go get google.golang.org/genproto@v0.0.0-20260203192932-546029d2fa20 to update the base package, and then run go mod tidy to clean up the direct and indirect dependencies.