chore(deps): update protobuf to v34 (major)

[renovate-bot]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change
com_google_protobuf	http_archive	major	v29.3 → v34.0-rc1.1
protocolbuffers/protobuf		major	v29.3 → v34.0-rc1.1

---

Release Notes

protocolbuffers/protobuf (com_google_protobuf)

v34.0-rc1.1: Protocol Buffers v34.0-rc1

Compare Source

Announcements

• This version includes breaking changes to: C++, Objective-C, PHP, Python.
• [Bazel] Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (0a5c2f6)
• [C++] Make generator headers private (3a2af35)
• [C++] Add a debug check that the target of CopyFrom is not a descendant of the source. (7a75898)
• [C++] Add [[nodiscard]] to many APIs. (a70115f)
• [C++] Make the arena-enabled constructors of RepeatedField, RepeatedPtrField, and Map private. (ef890c3)
• [C++] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (b76faa9)
• [C++] Removes proto2::util::MessageDifferencer::AddIgnoreCriteria that takes a raw pointer as an argument in favor of the overload that takes a unique_ptr. Remove macro PROTOBUF_FUTURE_REMOVE_ADD_IGNORE_CRITERIA (b115358)
• [C++] Remove deprecated FieldDescriptor::has_optional_keyword() in OSS. Use is_repeated() or has_presence() instead (68346ec)
• [C++] Remove AddUnusedImportTrackFile() and ClearUnusedImportTrackFiles(). Remove PROTOBUF_FUTURE_RENAME_ADD_UNUSED_IMPORT (837a2cd)
• [C++] Remove deprecated FieldDescriptor::is_optional() in OSS. Use (!is_required() && !is_repeated()) instead (9dbc5d4)
• [C++] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (c301c2c)
• [C++] All entity names have length limit (2afb0dc)
• [ObjC] Remove generate_minimal_imports generation option warning (45b1297)
• [ObjC] Fix nullability annotations on some GPB*Dictionary types. (ea67d6d)
• [ObjC] Remove -[GPBFieldDescriptor optional] (3414dc1)
• [Other] Remove deprecated flag for enabling MSVC support (97c979b)
• [PHP] Remove deprecated PHP APIs (9c45014)
• [PHP] Remove deprecated PHP APIs FieldDescriptor getLabel, use IsRepeated or isRequired instead. (4208121, cd76e67, 4208121)
• [PHP] Add PHP typehints for setters and remove redundant GPBUtil checks (#​25296) (aee03b7)
• [PHP] support default values for editions/proto2 (#​25161) (b01099d)
• [Python] Raise errors in OSS when assign bool to int/enum field in Python Proto. (5b116fe)
• [Python] Remove float_format/double_format from python proto text_format (e4854a1)
• [Python] Raise TypeError when convert non-timedelta to Duration, or convert non-datetime to Timestamp in python proto. (Original code may raise ArributeError) (00aaca1)
• [Python] Remove float_precision from python proto json_format (f027f1f)
• [Python] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (b76faa9)
• [Python] Remove deprecated FieldDescriptor.label (0a8ff55)
• [Python] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (c301c2c)
• Protobuf News may include additional announcements or pre-announcements for upcoming changes.
• Migration Guide may include additional guidance for breaking changes.

Bazel

• Fix: cc_toolchain should prefer protoc when prebuilt flag is flipped. (#​25168) (8c857c3)
• Breaking change: Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (0a5c2f6)
• Feat(bazel): wire up prebuilt protoc toolchain (#​24115) (cc23698)
• Migrate proto_descriptor_set (#​23369) (8d4dfdd)

Compiler

• Ruby codegen: support generation of rbs files (#​15633) (6ebdf85)
• Avoid collision name problems between a message named Xyz and a direct sibling enum named XyzView (eba53e8)
• Generalizing and implementing ValidateFeatureSupport for both Options and Features during proto parsing (ed3c571)
• Fix a bug with custom features outside of the pb package. (872d3ce)
• Fix import option handling when include_imports isn't set. (9ef9e80)
• Fix a bug in STRICT check of namespaced enums to properly check for 'reserved 1 to max' (1229d4a)
• Prevent accidental stripping of debug_redact options via import option. (f58b098)

C++

• Add EnumerateEnumValues function. (397d5d9)
• Add conformance tests for utf8 validation. (e8923a8)
• Disable constinit on MSVC for static library builds (783da0a)
• Breaking change: Make generator headers private (3a2af35)
• Add bounds checking to ExtractSubrange. (5687acc)
• This CL starts failing on [unverified_lazy = true] on extensions, which have been (d2a42e7)
• Refine the conditions for the MSVC constinit workaround (38927bf)
• Add conformance test cases about handling of google.protobuf.Empty inside any Any in JSON. (0f3dd06)
• Remove PROTOBUF_CONSTEXPR to unconditionally use constexpr (7f431bb)
• Add bounds checking to DeleteSubrange, create new helper, RuntimeAssertInBoundsGE, and modify LogIndexOutOfBoundsAndAbort to customize the message being logged. (71cc97c)
• Breaking change: Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (c301c2c)
• Fix issue where BinaryToJson a Skip()'s failure on unknown fields was ignored instead of resulting in a parse failure. (2ec322e)
• Breaking change: Add [[nodiscard]] to many APIs. (a70115f)
• Abort on out of bounds accesses. (3acf23c)
• Fix JSON printing of Any of an empty message in C++Proto. (014f676)
• FieldMaskUtil::TrimMessage: Handle repeated messages. (0f109cb)
• Breaking change: Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (b76faa9)
• Generalizing and implementing ValidateFeatureSupport for both Options and Features during proto parsing (ed3c571)
• Breaking change: Remove deprecated FieldDescriptor::has_optional_keyword() in OSS. Use is_repeated() or has_presence() instead (68346ec)
• Test that all entity names have some limit, and that passing that limit will (2afb0dc)
• Breaking change: Remove deprecated FieldDescriptor::is_optional() in OSS. Use (!is_required() && !is_repeated()) instead (9dbc5d4)
• Breaking change: Remove AddUnusedImportTrackFile() and ClearUnusedImportTrackFiles(). Remove PROTOBUF_FUTURE_RENAME_ADD_UNUSED_IMPORT (837a2cd)
• Breaking change: Removes proto2::util::MessageDifferencer::AddIgnoreCriteria that takes a raw pointer as an argument in favor of the overload that takes a unique_ptr. Remove macro PROTOBUF_FUTURE_REMOVE_ADD_IGNORE_CRITERIA (b115358)
• Mark mutable repeated fields/maps as [[nodiscard]] (bc60e2e)
• Apply [[nodiscard]] to constant, non-message accessors. (46575f0)
• Add [[nodiscard]] to many const methods of Message/Reflection. (8c981b8)
• Fix a bug with custom features outside of the pb package. (872d3ce)
• Delete safe_boundary_check as this now supported via build flag, --//third_party/protobuf:bounds_check_mode. (3079d15)
• Add [[nodiscard]] to const message field accessors. (60f60d0)
• CMake: Stop building tests by default (related to #​20539) (#​24373) (88261aa)
• Optimize TcParser::RepeatedVarint (88efe88)
• Add nodiscard to has_/_size accessors. (40fe103)
• Enable removed arena pointers from all fields. (1f3fe2e)
• Fix a bug in STRICT check of namespaced enums to properly check for 'reserved 1 to max' (1229d4a)
• Breaking change: Add a debug check that the target of CopyFrom is not a descendant of the source. (7a75898)
• Breaking change: Make the arena-enabled constructors of RepeatedField, RepeatedPtrField, and Map private. (ef890c3)
• Update AddAlreadyReserved/AddNAlreadyReserved to use the runtime bounds checks. (b8e690a)
• Use __builtin_operator_new to faciliate compiler optimizations of these allocs. (4624d81)
• Add has_default_instance() to ImplicitWeakTypeHandler (818b8ef)
• Add a macro to make RepeatedField(Arena*) constructor private in a future release. (b39f10c)
• Use __builtin_operator_new to faciliate compiler optimizations of these allocs. (195da19)
• Change LogIndexOutOfBoundsAndAbort logging message. (bc0b635)

Java

• Optimize TextFormatEscaper to just return the String input if it didn't need any escaping. (e536204)
• Adding deprecation comment when isInitialized() accessor is deprecated (2732c60)
• Deprecating isInitialized() if there aren't required fields (2607595)
• Avoid skipping descriptors with option dependencies (1bc2c63)
• Remove PROTOBUF_CONSTEXPR to unconditionally use constexpr (7f431bb)
• Correctly apply JSON recursion limit when parsing an Any-of-Any. (33b16e8)
• Avoid potential exceptions on serialize in the face of malformed lazy extensions. (531c644)
• Remove unused canUseUnsafe() protected method from GeneratedMessage (1041d62)
• Apply [[nodiscard]] to constant, non-message accessors. (46575f0)
• Add check if sun.misc.Unsafe is present but throws on use, to use the preexisting no-Unsafe paths if it does. (3514901)
• Fix a bug with custom features outside of the pb package. (872d3ce)
• Expose NestedInFileClass naming helpers for Java immutable. (0c48552)
• Add nodiscard to has_/_size accessors. (40fe103)
• Remove defunct protected mergeFromAndMakeImmutableInternal method. This method was planned to be used by gencode but was never used in practice. (57770eb)
• Fix bugs in Java Large Enums that have aliased values, and improve performance of valueOf / forNumber. (57338e8)
• Remove unused test-only method Protobuf.registerSchemaOverride (8e623d1)
• Remove unused method com.google.protobuf.Protobuf.mergeFrom(T,Reader) (7b6be54)
• Remove unused method com.google.protobuf.Protobuf.makeImmutable (8fa15e9)
• Mark com.google.protobuf.Protobuf.registerSchema as private (db16bca)
• Remove "public" from methods in com.google.protobuf.Protobuf (f50c425)
• Remove unused method com.google.protobuf.Protobuf.getTotalSchemaSize() (dead64c)
• Fix large java enums not being honored on lite runtime. (ec3c8a7)

Csharp

• Fix: apply recursion limits when parsing JSON well-known types with deep arrays (c3ddacb)

Objective-C

• Adds support for 3 modes for proto extension generation: (0bc4192)
• Breaking change: Remove generate_minimal_imports generation option warning (45b1297)
• Emit hassers for oneofs in objectivec. (2aae07e)
• Breaking change: Fix nullability annotations on some GPB*Dictionary types. (ea67d6d)
• Breaking change: Remove -[GPBFieldDescriptor optional] (3414dc1)

Rust

• Rust protobuf: use crate name aliases to disambiguate generated dependencies (1f07ec6)
• Avoid collision name problems between a message named Xyz and a direct sibling enum named XyzView (eba53e8)
• Mark MessageMut trait as + Send (bc517b9)
• Protobuf-rust: adapt for rules_rust 0.67 (eb8d34e)
• Adapt for rules_rust 0.66.0. (adb1957)
• Expose protobuf::message_eq() free function on the Rust Protobuf runtime api. (cfa8f67)
• Protobuf-rust: pass DepVariantInfo's attributes explicitily (a42e64f)
• See also UPB changes below, which may affect Rust.

Python

• Prevent crashes when creating objects during interpreter shutdown (46061cb)
• Drop Python 3.9 support (bbc9dd9)
• Breaking change: Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (c301c2c)
• Breaking change: Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (b76faa9)
• Support more chars in type URLs in the Python text-format parser. (4459a20)
• Breaking change: Raise errors in OSS when assign bool to int/enum field in Python Proto. (5b116fe)
• Breaking change: Remove float_format/double_format from python proto text_format (e4854a1)
• Two new functions in PyProto_API to manage DescriptorPools (59f2a6e)
• Breaking change: Remove deprecated FieldDescriptor.label (0a8ff55)
• Python Proto scalar repeated numpy binding. (1eb4e52)
• Python Proto Free Threading tests/experimental (b8bef14)
• Add Python 3.14 test coverage (8e35431)
• Put ABSL annotations back in descriptor (e2ddebe)
• Free threading compat - Only access interned_descriptors behind a mutex (13fe37f)
• Breaking change: Remove float_precision from python proto json_format (f027f1f)
• Breaking change: Raise TypeError when convert non-timedelta to Duration, or convert non-datetime to Timestamp in python proto. (Original code may raise ArributeError) (00aaca1)
• Python: kwargs initialization would silently swallow some errors with repeated fields. (412d0a2)
• Fix Python cpp memory crash when MergeFrom Oneof. (26d08d5)

PHP

• Feat(php): Add PHP typehints for setters and remove redundant GPBUtil checks (#​25296) (aee03b7)
• Raise minimum php version to 8.2.0. Drop tests for 8.1. (5d29dca)
• Feat(php): support default values for editions/proto2 (#​25161) (b01099d)
• Breaking change: Remove deprecated PHP APIs FieldDescriptor getLabel, use IsRepeated or isRequired instead. (4208121)
• Automated rollback of commit 8f569de. (94fe944)
• Breaking change: Remove deprecated PHP APIs FieldDescriptor getLabel, use IsRepeated or isRequired instead (cd76e67)
• Breaking change: Remove deprecated PHP APIs (9c45014)
• Make PHPDoc for enum getters/setters correspond to enum class. (#​24515) (996e04c)
• Add option for PHP to emit default values for JSON. (#​23985) (6df6c8a)
• Implement hasPresence helper in PHP, remove broken hasOptionalKeyword. (69efbc6)

PHP C-Extension

• Raise minimum php version to 8.2.0. Drop tests for 8.1. (5d29dca)
• Feat(php): support default values for editions/proto2 (#​25161) (b01099d)
• Breaking change: Remove deprecated PHP APIs FieldDescriptor getLabel, use IsRepeated or isRequired instead. (4208121)
• Automated rollback of commit 8f569de. (94fe944)
• Add option for PHP to emit default values for JSON. (#​23985) (6df6c8a)
• Implement hasPresence helper in PHP, remove broken hasOptionalKeyword. (69efbc6)
• See also UPB changes below, which may affect PHP C-Extension.

Ruby

• Ruby codegen: support generation of rbs files (#​15633) (6ebdf85)
• Support Ruby 4.0 (#​25051) (93f4eba)

UPB (Python/PHP/Ruby C-Extension)

• Add conformance tests for utf8 validation. (e8923a8)
• Added more validations of syntax and edition when parsing descriptors. (4c5c4b2)
• Fixes a compiler crash when building the Windows arm64 Ruby/Python extension (0e84323)
• Add BTI to branch targets when branch protection is enabled. This resolves (a3ca522)
• Enable edition 2024 in upb generators (e44d421)

Other

• Drop Bazel 7 tests for bazel, python, partially java partially cpp. (b046c9a)
• Update protobuf's dep on bazel-skylib to version 1.9.0 (27e67a7)
• Breaking change: Remove deprecated flag for enabling MSVC support (97c979b)
• Protobuf: update php from macos-13 to macos-15-intel (7b9feca)
• Bazel: Remove hardcoded dependency on //:protoc from language runtimes (#​19679) (4986a77)
• Move ObjC to the next major version to be ready for release in 2026Q1. (31cadad)

v33.4: Protocol Buffers v33.4

Compare Source

Announcements

• Protobuf News may include additional announcements or pre-announcements for upcoming changes.

Other

• Refactor(bazel): publish a separate .tar.gz (#​24065) (47b3385)
• Bazel: Remove hardcoded dependency on //:protoc from language runtimes (#​19679) (453cfb2)

v33.3: Protocol Buffers v33.3

Compare Source

Announcements

• Protobuf News may include additional announcements or pre-announcements for upcoming changes.

Bazel

• Fix: cc_toolchain should prefer protoc when prebuilt flag is flipped. (#​25168) (7b30360)
• Locked down visibility of the new flags and config settings. (04ca1b7)
• Feat(bazel): wire up prebuilt protoc toolchain (#​24115) (aeaede0)

Compiler

• Create editions test_utils to fix existing brittle tests in command_line_interface_unittest and code_generator_unittest. (cb0a8c5)
• Add edition unstable for development work. (44e090c)
• Add conformance test for edition unstable (d167dd0)

C++

• Add edition unstable for development work. (44e090c)
• Add conformance test for edition unstable (d167dd0)

Java

• Add conformance test for edition unstable (d167dd0)
• Correctly apply JSON recursion limit when parsing an Any-of-Any. (94c7f73)

Csharp

• Add conformance test for edition unstable (d167dd0)

Python

• Add conformance test for edition unstable (d167dd0)
• Automated rollback of commit 38ca2d3. (184b5e8)

UPB (Python/PHP/Ruby C-Extension)

• Add conformance test for edition unstable (d167dd0)
• Fix unused parameter warnings. (cd0cb21)

Other

• Don't ignore platform requirements (aeedbc6)
• Update GitHub Actions to use macOS-14 (again). (f7b18f8)
• Delete redundant ARM tests (d4e7a81)
• Protobuf: update php from macos-13 to macos-15-intel (9027d6b)
• Update GitHub Actions to use macOS-14. (f0907f3)

v33.2: Protocol Buffers v33.2

Compare Source

Announcements

• Protobuf News may include additional announcements or pre-announcements for upcoming changes.

Compiler

• Add EDITION_UNSTABLE for new edition development (9247790)
• Fix a bug with custom features outside of the pb package. (483173d)
• Reserving a declaration for the Impress proto plugin. (8a0b438)

C++

• Remove unnecessary uses of future changes to descriptor.proto (50c9e62)
• Fix a bug with custom features outside of the pb package. (483173d)

Java

• Fix a bug with custom features outside of the pb package. (483173d)

Csharp

• Add EDITION_UNSTABLE for new edition development (9247790)
• Use generic Marshal.SizeOf when possible (#​21964) (#​24673) (9f263cd)
• Regenerate stale files (058bffa)

PHP

• Add EDITION_UNSTABLE for new edition development (9247790)

PHP C-Extension

• Regenerate staleness tests (e9f62c6)
• Add EDITION_UNSTABLE for new edition development (9247790)
• Regenerate stale files (058bffa)
• See also UPB changes below, which may affect PHP C-Extension.

Ruby

Ruby C-Extension

• Regenerate staleness tests (e9f62c6)
• Regenerate stale files (058bffa)
• See also UPB changes below, which may affect Ruby C-Extension.

UPB (Python/PHP/Ruby C-Extension)

• Regenerate staleness tests (e9f62c6)
• Add BTI to branch targets when branch protection is enabled. This resolves (72a48f9)
• Extract arm64 asm check (13ee2ce)

v33.1: Protocol Buffers v33.1

Compare Source

Announcements

• Protobuf News may include additional announcements or pre-announcements for upcoming changes.

C++

• Fix Any hasbit consistency issue in OSS. (#​24400) (59db671)

Java

• Expose NestedInFileClass naming helpers for Java immutable. (#​24401) (5737cd2)

v33.0: Protocol Buffers v33.0

Compare Source

Announcements

• Protobuf News may include additional announcements or pre-announcements for upcoming changes.

Bazel

• Feat: update bazel central registry publish workflow (#​23465) (#​23913) (d5217fd)
• Add target_compatible_with parameter to proto_toolchain in Bazel rules (#​22429) (30d2332)
• Bazel: add missing rules_cc loads (#​23584) (d98e2ef)

Compiler

• Disable symbol visibility enforcement by default in C++ runtime (ae308fc)
• Ship all option dependencies to plugins along with regular ones. (abeb130)

C++

• Avoid calling deprecated arena-enabled constructors in arena.h. (813a7ef)
• Add a macro to make RepeatedField(Arena*) constructor private in a future release. (768db14)
• Add a macro to make Map(Arena*) constructor private in a future release. (543a17f)
• Optimize ReadPackedVarint (3d94d83)
• Add a macro to make RepeatedPtrField(Arena*) constructor private in a future release (6422b9d)
• Add IsEmpty() function to reflection. (b64e490)
• Refactor RuntimeAssertInBounds to remove repeated logic and make Get/Mutable easier to read. (2f270c4)
• Disable symbol visibility enforcement by default in C++ runtime (ae308fc)
• Fix a bug in the main C++ JSON parser/serializer camelcasing of certain non-style-compliant names incorrectly, in a way that would prevent it from interoperating with any other implementation on those fields. (e25e267)
• Fail early for messages with more than 65k fields. (90824aa)
• Add option to C++ JSON Parser/Serializer to allow customers to affirmatively disable legacy bug-compatibilty behaviors. (6ea1640)
• Fix mishandling on JSON serialization of Timestamp with invalid negative and too-large nanos value. (a959f27)
• Preserve features in type resolver (c7030f4)
• Add a DCHECK that ArenaStringPtr::Set(char*, Arena*) is not called with (95b1763)

Java

Restored compatibility of runtime with gencode created with protoc <3.21

With this release, compatibility of the runtime with older gencode down to 3.0.0 is restored, compared to the previous support minimum of gencode created with 3.22+. Note that it is still strongly recommended to regenerate your gencode with a newer protoc and to avoid using gencode which was created with an old protoc.

Generated code from this range is covered by CVE-2022-3171 and is potentially vulnerable to a Denial of Service risk.

JavaProto 4.x previously dropped compatibility with the potentially vulnerable generated code, having the behavior of:

• The vulnerable generated code was source-incompatible with new runtime (would not compile when built from source)
• The vulnerable generated code was ABI-incompatible with new runtime (when using a .class file compiled against old runtime, a NoSuchMethodException would be thrown at parse time).

Starting with this release:

• The vulnerable generated code is now source-compatible (will compile).
• The first time each potentially vulnerable type is parsed, an error message will be logged noting that potentially vulnerable generated code is in use and the name of the corresponding type.
• Environment variables may be set to either throw an exception instead (-Dcom.google.protobuf.error_on_unsafe_pre22_gencode) or to entirely silence the logged messages (-Dcom.google.protobuf.use_unsafe_pre22_gencode)

This change was made based on community feedback regarding the difficulty in identifying and quickly remediating stale gencode in their transitive dependencies weighed against a careful evaluation of the realistic risk exposure of DoS (with no risk of other concerns including information leak or RCE).

We strongly recommend that any users who observe the log messages to regenerate the corresponding code with a newer protoc. We recommend that any security-conscious services opt into the error_on_unsafe_pre22_gencode behavior to preclude any risk of a Denial of Service surface area being exposed.

A future 4.x release may flip the default behavior to error by default as a measure to further help the ecosystem avoid the Denial of Service risks, while still maintaining the ability to opt into continuing to use insecure gencode for users who are parsing trusted inputs and where the difficulty of regenerating is high.

Changes

• Switch the pre22 warning to use CopyOnWriteArraySet. (#​23969) (e55224c)
• Expose helpers for checking if messages and enums are nested. (8de4002)
• Fix a bug calculating the file name in the absense of directories. (c4ff7a6)
• Clarify the public APIs of GeneratorNames helpers. (537ac35)
• Expose helpers to predict generated class names in java. (eba6df2)
• Deprecate ClassName methods in favor of new QualifiedClassName ones. (ca4fb2f)
• Restore the 3-argument internalBuildGeneratedFileFrom. (4376591)
• Fix large java enums not being honored on lite runtime. (a995803)
• Slightly relax Java Poison Pill on prerelease versions (-rc1, -dev, etc). (7b0bee3)
• Avoid boxing/unboxing varint, fixed32, and fixed64 fields in UnknownFieldSet.Field (810272f)
• Readd new*List() methods on GeneratedMessageV3. (badaf41)
• Add Values.of(Map<String, Value> values). (c518f25)
• Fix handling of optional dependencies in java generator. (8d51e34)
• Restore ABI compatibility for extension methods which was previously (knowingly) broken with 4.x: 94a2a44 (ea33ae8)
• Restore Protobuf Java extension modifiers in gencode that were previously removed in 7bff169 (f2257f5)
• Ship all option dependencies to plugins along with regular ones. (abeb130)
• Optimize redaction state calculation (e05db5c)
• Add isPlaceholder() accessors to file, message, and enum descriptors (f978ec2)
• Improve Java gencode static initialization to avoid unnecessary temporaries again (745e15b)
• Improve Java gencode static initialization to avoid unnecessary temporaries (b68b673)
• Remove protobuf-util usages of guava except annotations. (5768acd)
• Restore compatibility of runtime with pre-3.22.x gencode impacted by CVE-2022-3171 (7c51e5b)
• Expose an iterator for GeneratedMessage.ExtendableMessage.extensions (b25d39e)

Rust

• Change Rust prelude to bring in traits as _ (c3f7e8d)
• Make message Muts Send (8bff944)
• See also UPB changes below, which may affect Rust.

Python

• Publish s390x wheels for Python/upb. (56b2b89)
• Fix a crash that happens during shutdown due to looking up modules in the cache (d57d270)
• Add construction support for repeated Timestamp/Duration/Struct/ListValue. (5f6c013)
• Fix handling of repeated extension fields in PyProto JSON (07ef676)
• Fixed a parser bug where closed enums are parsed incorrectly for non-repeated extensions. (c36f728)
• Fixed mypy errors by setting __slots__ to empty in .pyi files. (38ca2d3)
• Raise warnings for float_precision from python json_format. (4659cd7)
• Raise warnings when assign bool to int/enum field in Python Proto. This will turn into error in 34.0 release. (4ee55d7)

PHP

• Fix(php): php errors on repeated field (#​23372) (

---

Configuration

📅 Schedule: Branch creation - Monday through Friday ( * * * * 1-5 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.