chore(deps): bump the gomod-version-updates group across 1 directory with 7 updates

[dependabot]

Bumps the gomod-version-updates group with 4 updates in the / directory: github.com/envoyproxy/protoc-gen-validate, github.com/golang-jwt/jwt/v5, github.com/grpc-ecosystem/grpc-gateway/v2 and github.com/zitadel/oidc/v3.

Updates github.com/envoyproxy/protoc-gen-validate from 1.3.0 to 1.3.3

Release notes

Sourced from github.com/envoyproxy/protoc-gen-validate's releases.

v1.3.3

One more release attempt to get Python published on PyPI. 😄

What's Changed

• Update Python 3.9 references to 3.10 by @​stefanvanburen in bufbuild/protoc-gen-validate#1370

Full Changelog: bufbuild/protoc-gen-validate@v1.3.2...v1.3.3

v1.3.2

Fixing the v1.3.1 release, which was fixing the v1.3.0 release 😄.

What's Changed

• Attempt to fix release by @​stefanvanburen in bufbuild/protoc-gen-validate#1368

Full Changelog: bufbuild/protoc-gen-validate@v1.3.1...v1.3.2

v1.3.1

This is a release to get out Python support for 3.13, which failed to publish to PyPI in v1.3.0.

What's Changed

• Bump the java group across 1 directory with 4 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1332
• Bump actions/checkout from 5 to 6 in the github-actions group by @​dependabot[bot] in bufbuild/protoc-gen-validate#1330
• Fix Java deployment by @​pkwarren in bufbuild/protoc-gen-validate#1335
• Update settings.xml to use SONATYPE_USERNAME env var by @​pkwarren in bufbuild/protoc-gen-validate#1336
• Run deployment with release profile by @​pkwarren in bufbuild/protoc-gen-validate#1337
• Remove maven settings.xml file by @​pkwarren in bufbuild/protoc-gen-validate#1338
• Bump the java group in /java with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1334
• Bump the github-actions group with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1341
• Bump the java group in /java with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1340
• Bump the go-tests group in /tests with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1339
• Bump the java group across 1 directory with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1343
• Support for latest setuptools by @​matejsp in bufbuild/protoc-gen-validate#1345
• Replace deprecated java_proto_library from rules_java by @​mmorel-35 in bufbuild/protoc-gen-validate#1349
• Bump golang.org/x/net from 0.48.0 to 0.49.0 in /tests in the go-tests group by @​dependabot[bot] in bufbuild/protoc-gen-validate#1350
• Bump the java group across 1 directory with 4 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1351
• Bump wheel from 0.45.1 to 0.46.2 by @​dependabot[bot] in bufbuild/protoc-gen-validate#1352
• Update go and deps by @​rodaine in bufbuild/protoc-gen-validate#1355
• Update python and deps by @​rodaine in bufbuild/protoc-gen-validate#1354
• Bump the java group in /java with 2 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1356
• Bump the python-root group across 1 directory with 4 updates by @​dependabot[bot] in bufbuild/protoc-gen-validate#1357

Full Changelog: bufbuild/protoc-gen-validate@v1.3.0...v1.3.1

Commits

• 92b9a7d Update Python 3.9 references to 3.10 (#1370)
• e72f3dc Attempt to fix release (#1368)
• 39d950b Bump the python-root group across 1 directory with 4 updates (#1357)
• c4c1414 Bump the java group in /java with 2 updates (#1356)
• 05cc215 Update python and deps (#1354)
• 1a76a21 Update go and deps (#1355)
• 3212c98 Bump wheel from 0.45.1 to 0.46.2 (#1352)
• 4231822 Bump the java group across 1 directory with 4 updates (#1351)
• 187ff66 Bump golang.org/x/net from 0.48.0 to 0.49.0 in /tests in the go-tests group (...
• ae40bad Replace deprecated java_proto_library from rules_java (#1349)
• Additional commits viewable in compare view

Updates github.com/golang-jwt/jwt/v5 from 5.3.0 to 5.3.1

Release notes

Sourced from github.com/golang-jwt/jwt/v5's releases.

v5.3.1

What's Changed

🔐 Features

• Add spellcheck Github action to catch common spelling mistakes by @​equalsgibson in golang-jwt/jwt#458
• Add WithNotBeforeRequired parser option and add test coverage by @​equalsgibson in golang-jwt/jwt#456
• Update godoc example func to properly refer to NewWithClaims() by @​equalsgibson in golang-jwt/jwt#459
• Update github workflows by @​mfridman in golang-jwt/jwt#462
• Additional test for CustomClaims that validates unmarshalling behaviour by @​equalsgibson in golang-jwt/jwt#457
• Fix early file close in jwt cli by @​mfridman in golang-jwt/jwt#472
• Add TPM signature reference by @​salrashid123 in golang-jwt/jwt#473
• Remove misleading ParserOptions documentation in golang-jwt/jwt#484
• Save signature to Token struct after successful signing by @​EgorSheff in golang-jwt/jwt#417
• Set token.Signature in ParseUnverified by @​slickwilli in golang-jwt/jwt#414

👒 Dependencies

• Bump crate-ci/typos from 1.34.0 to 1.35.3 by @​dependabot[bot] in golang-jwt/jwt#461
• Bump crate-ci/typos from 1.35.4 to 1.36.2 by @​dependabot[bot] in golang-jwt/jwt#470
• Bump github/codeql-action from 3 to 4 by @​dependabot[bot] in golang-jwt/jwt#478
• Bump crate-ci/typos from 1.36.2 to 1.39.0 by @​dependabot[bot] in golang-jwt/jwt#480
• Bump golangci/golangci-lint-action from 8 to 9 by @​dependabot[bot] in golang-jwt/jwt#481
• Bump actions/setup-go from 5 to 6 by @​dependabot[bot] in golang-jwt/jwt#469
• Bump crate-ci/typos from 1.39.0 to 1.40.0 by @​dependabot[bot] in golang-jwt/jwt#488
• Bump actions/checkout from 5 to 6 by @​dependabot[bot] in golang-jwt/jwt#487
• Bump crate-ci/typos from 1.40.0 to 1.41.0 by @​dependabot[bot] in golang-jwt/jwt#490
• Bump crate-ci/typos from 1.41.0 to 1.42.1 by @​dependabot[bot] in golang-jwt/jwt#492

New Contributors

• @​equalsgibson made their first contribution in golang-jwt/jwt#458
• @​salrashid123 made their first contribution in golang-jwt/jwt#473
• @​EgorSheff made their first contribution in golang-jwt/jwt#417
• @​slickwilli made their first contribution in golang-jwt/jwt#414

Full Changelog: golang-jwt/jwt@v5.3.0...v5.3.1

Commits

• 7ceae61 Add release.yml for changelog configuration
• dce8e4d Set token.Signature in ParseUnverified (#414)
• 8889e20 Save signature to Token struct after successful signing (#417)
• d237f82 ci: update github-actions schedule interval to monthly
• d8dce95 Bump crate-ci/typos from 1.41.0 to 1.42.1 (#492)
• e931803 Bump crate-ci/typos from 1.40.0 to 1.41.0 (#490)
• e6a0afa Bump actions/checkout from 5 to 6 (#487)
• 9f85c9e Bump crate-ci/typos from 1.39.0 to 1.40.0 (#488)
• 60a8669 Bump actions/setup-go from 5 to 6 (#469)
• 76f5828 Remove misleading ParserOptions documentation (#484)
• Additional commits viewable in compare view

Updates github.com/grpc-ecosystem/grpc-gateway/v2 from 2.27.4 to 2.28.0

Release notes

Sourced from github.com/grpc-ecosystem/grpc-gateway/v2's releases.

v2.28.0

What's Changed

• feat: add option to disable chunked headers by @​irenarindos in grpc-ecosystem/grpc-gateway#6354
• fix(protoc-gen-openapiv2): fix panic on enum resolution in nested messages by @​franchb in grpc-ecosystem/grpc-gateway#6367

New Contributors

• @​irenarindos made their first contribution in grpc-ecosystem/grpc-gateway#6354

Full Changelog: grpc-ecosystem/grpc-gateway@v2.27.8...v2.28.0

v2.27.8

What's Changed

• Fix opaque missing imports casing by @​kellen-miller in grpc-ecosystem/grpc-gateway#6304
• Revert "fix(protoc-gen-openapiv2): prevent panic when generating OpenAPI for multiple files" by @​johanbrandhorst in grpc-ecosystem/grpc-gateway#6309
• fix(protoc-gen-openapiv2): fix naming cache for multi-file generation by @​franchb in grpc-ecosystem/grpc-gateway#6315
• fix(openapiv2): exclude oneof fields from required with proto3 field semantics by @​sessa in grpc-ecosystem/grpc-gateway#6335

New Contributors

• @​sessa made their first contribution in grpc-ecosystem/grpc-gateway#6335

Full Changelog: grpc-ecosystem/grpc-gateway@v2.27.7...v2.27.8

v2.27.7

Re-release of v2.26.7 as v2.27.7 for correct semver ordering.

v2.27.6

What's Changed

• feat(generator): harden opaque imports and fix snake case to go casing by @​kellen-miller in grpc-ecosystem/grpc-gateway#6279
• fix(protoc-gen-openapiv2): prevent panic when generating OpenAPI for multiple files by @​franchb in grpc-ecosystem/grpc-gateway#6275

New Contributors

• @​franchb made their first contribution in grpc-ecosystem/grpc-gateway#6275

Full Changelog: grpc-ecosystem/grpc-gateway@v2.27.5...v2.27.6

v2.27.5

What's Changed

• Issue5799 by @​rohitlohar45 in grpc-ecosystem/grpc-gateway#6123
• fix: Add example repo in Java to README by @​majiayu000 in grpc-ecosystem/grpc-gateway#6199
• fix: Use summary/description instead of title for field comments in openapi gen by @​iamrajiv in grpc-ecosystem/grpc-gateway#6223
• fix(gengateway): use pointer for bodyData in OpaqueAPI PATCH requests by @​kop in grpc-ecosystem/grpc-gateway#6246
• fix(gengateway): use opaque chain for setting path params by @​kellen-miller in grpc-ecosystem/grpc-gateway#6215

New Contributors

• @​majiayu000 made their first contribution in grpc-ecosystem/grpc-gateway#6199
• @​kellen-miller made their first contribution in grpc-ecosystem/grpc-gateway#6215

Full Changelog: grpc-ecosystem/grpc-gateway@v2.27.4...v2.27.5

Commits

• 13a31f4 fix(protoc-gen-openapiv2): fix panic on enum resolution in nested messages (#...
• 8e678ff chore(deps): update googleapis digest to 27ffde2 (#6369)
• 41651ff chore(deps): update googleapis digest to b026ba8 (#6368)
• d083140 chore(deps): update googleapis digest to 537554c (#6365)
• eb2fada chore(deps): update googleapis digest to 7b25d8c (#6364)
• d8dddc9 chore(deps): update googleapis digest to 6781051 (#6363)
• 3c4354f chore(deps): update googleapis digest to 055f92c (#6362)
• b2eb1b5 fix(deps): update module google.golang.org/grpc to v1.79.1 (#6361)
• 61b9d73 chore(deps): update googleapis digest to d84d3c2 (#6360)
• e0880e3 chore(deps): update googleapis digest to 6eead6e (#6359)
• Additional commits viewable in compare view

Updates github.com/zitadel/oidc/v3 from 3.45.1 to 3.45.4

Release notes

Sourced from github.com/zitadel/oidc/v3's releases.

v3.45.4

3.45.4 (2026-02-09)

Bug Fixes

• grant type in device code validation error message (#845) (c238329)

v3.45.3

3.45.3 (2026-01-12)

Bug Fixes

• tracing: renamed tracer in op (#809) (d105faf), closes #808

v3.45.2

3.45.2 (2026-01-12)

Bug Fixes

• consistently handle string-valued boolean fields from non-compliant OIDC providers (#791) (b4dca67), closes #139

Commits

• c238329 fix: grant type in device code validation error message (#845)
• 8b037f2 chore(deps): bump github.com/go-chi/chi/v5 from 5.2.4 to 5.2.5 (#843)
• 88aa633 chore(deps): bump go.opentelemetry.io/otel/trace from 1.39.0 to 1.40.0 (#842)
• 04dce9b chore(deps): bump github.com/bmatcuk/doublestar/v4 from 4.9.2 to 4.10.0 (#841)
• 055666a chore(deps): bump github.com/sirupsen/logrus from 1.9.3 to 1.9.4 (#840)
• 04873b4 chore(deps): bump github.com/go-chi/chi/v5 from 5.2.3 to 5.2.4 (#835)
• cc9705f Fix(op example): Example Introspection missing expiry check (#834)
• a38a7e3 chore(deps): bump github.com/zitadel/logging from 0.6.2 to 0.7.0 (#839)
• d105faf fix(tracing): renamed tracer in op (#809)
• b4dca67 fix: consistently handle string-valued boolean fields from non-compliant OIDC...
• Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.34.0 to 0.35.0

Commits

• 89ff2e1 google: add safer credentials JSON loading options.
• See full diff in compare view

Updates google.golang.org/genproto/googleapis/api from 0.0.0-20251222181119-0a764e51fe1b to 0.0.0-20260209200024-4cfbd4190f57

Commits

• See full diff in compare view

Updates google.golang.org/grpc from 1.78.0 to 1.79.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.79.1

Bug Fixes

• grpc: Remove the -dev suffix from the User-Agent header. (grpc/grpc-go#8902)

Release 1.79.0

API Changes

• mem: Add experimental API SetDefaultBufferPool to change the default buffer pool. (#8806)
  • Special Thanks: @​vanja-p
• experimental/stats: Update MetricsRecorder to require embedding the new UnimplementedMetricsRecorder (a no-op struct) in all implementations for forward compatibility. (#8780)

Behavior Changes

• balancer/weightedtarget: Remove handling of Addresses and only handle Endpoints in resolver updates. (#8841)

New Features

• experimental/stats: Add support for asynchronous gauge metrics through the new AsyncMetricReporter and RegisterAsyncReporter APIs. (#8780)
• pickfirst: Add support for weighted random shuffling of endpoints, as described in gRFC A113.
  • This is enabled by default, and can be turned off using the environment variable GRPC_EXPERIMENTAL_PF_WEIGHTED_SHUFFLING. (#8864)
• xds: Implement :authority rewriting, as specified in gRFC A81. (#8779)
• balancer/randomsubsetting: Implement the random_subsetting LB policy, as specified in gRFC A68. (#8650)
  • Special Thanks: @​marek-szews

Bug Fixes

• credentials/tls: Fix a bug where the port was not stripped from the authority override before validation. (#8726)
  • Special Thanks: @​Atul1710
• xds/priority: Fix a bug causing delayed failover to lower-priority clusters when a higher-priority cluster is stuck in CONNECTING state. (#8813)
• health: Fix a bug where health checks failed for clients using legacy compression options (WithDecompressor or RPCDecompressor). (#8765)
  • Special Thanks: @​sanki92
• transport: Fix an issue where the HTTP/2 server could skip header size checks when terminating a stream early. (#8769)
  • Special Thanks: @​joybestourous
• server: Propagate status detail headers, if available, when terminating a stream during request header processing. (#8754)
  • Special Thanks: @​joybestourous

Performance Improvements

• credentials/alts: Optimize read buffer alignment to reduce copies. (#8791)
• mem: Optimize pooling and creation of buffer objects. (#8784)
• transport: Reduce slice re-allocations by reserving slice capacity. (#8797)

Commits

• 782f2de Change version to 1.79.1 (#8902)
• 850eccb Change version to 1.79.1-dev (#8851)
• 765ff05 Change version to 1.79.0 (#8850)
• 68804be Cherry pick #8864 to v1.79.x (#8896)
• 0381eb6 xds: Support :authority header rewriting for LOGICAL_DNS clusters (#8822)
• 90f571d xds: remove references to ResolverState.Addresses (#8841)
• 679565f xds: remove HashKey field from xdsresource.Endpoint struct (#8844)
• bb2073d mem: Allow overriding the default buffer pool. (#8806)
• bd4444a Fix flaky TestServer_RedundantUpdateSuppression. (#8839)
• 623b3f0 test: add regression test for RecvMsg() error shadowing #7510 (#8820)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions