Bump google-protobuf from 3.21.4 to 4.0.0 #151

dependabot · 2025-08-19T14:01:02Z

Bumps google-protobuf from 3.21.4 to 4.0.0.

Release notes

Sourced from google-protobuf's releases.

v4.0.0

What's Changed

Backport: binary proto serialization/deserialization changes and enable protobuf Editions 2023 (breaking change)

Backport: Fix JSPB binary utf8 decoding and validate by default (breaking change)

Do not ignore descriptor extensions

Limit global resolution to globalThis by (breaking change)

Changelog

Sourced from google-protobuf's changelog.

"""Generates package naming variables for use with rules_pkg."""

load("@bazel_tools//tools/cpp:toolchain_utils.bzl", "find_cpp_toolchain") load("@rules_pkg//pkg:providers.bzl", "PackageVariablesInfo")

_PROTOBUF_JAVASCRIPT_VERSION = "4.0.0"

def _package_naming_impl(ctx): values = {} values["version"] = _PROTOBUF_JAVASCRIPT_VERSION
if ctx.attr.platform != "":
    values["platform"] = ctx.attr.platform
    return PackageVariablesInfo(values = values)
infer from the current cpp toolchain.
toolchain = find_cpp_toolchain(ctx)
cpu = toolchain.cpu
system_name = toolchain.target_gnu_system_name
rename cpus to match what we want artifacts to be
if cpu == "systemz":
cpu = "s390_64"
elif cpu == "aarch64":
cpu = "aarch_64"
elif cpu == "ppc64":
cpu = "ppcle_64"
use the system name to determine the os and then create platform names
if "apple" in system_name:
values["platform"] = "osx-" + cpu
elif "linux" in system_name:
values["platform"] = "linux-" + cpu
elif "mingw" in system_name:
if cpu == "x86_64":
values["platform"] = "win64"
else:
values["platform"] = "win32"
else:
values["platform"] = "unknown"
return PackageVariablesInfo(values = values)
package_naming = rule( implementation = _package_naming_impl, attrs = { # Necessary data dependency for find_cpp_toolchain. "_cc_toolchain": attr.label( default = Label("@bazel_tools//tools/cpp:current_cc_toolchain"), ),

... (truncated)

Commits

861c802 Bump module versions for 4.0.0 release
0db1d6b enable builds on macos x86_64 and aarch64 runners
78f5b15 Prepare 4.0.0 release
100c10b Update windows build from windows-2019 -> 2022 image
e6d7638 Limit global resolution to globalThis
3050f03 Do not ignore descriptor extensions
4ce9069 Enable protobuf edition 2023 support
f418f58 Bump protoc version to 31.1
28bf5df Bump protobuf version to 31.0
0768cc9 Fix path for rules_pkg providers.bzl load
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [google-protobuf](https://github.com/protocolbuffers/protobuf-javascript) from 3.21.4 to 4.0.0. - [Release notes](https://github.com/protocolbuffers/protobuf-javascript/releases) - [Changelog](https://github.com/protocolbuffers/protobuf-javascript/blob/main/protobuf_javascript_release.bzl) - [Commits](protocolbuffers/protobuf-javascript@v3.21.4...v4.0.0) --- updated-dependencies: - dependency-name: google-protobuf dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

sonarqubecloud · 2025-08-19T14:01:23Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Aug 19, 2025

oracle-contributor-agreement bot added the OCA Verified All contributors have signed the Oracle Contributor Agreement. label Aug 19, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump google-protobuf from 3.21.4 to 4.0.0 #151

Bump google-protobuf from 3.21.4 to 4.0.0 #151

Uh oh!

dependabot bot commented on behalf of github Aug 19, 2025

infer from the current cpp toolchain.

rename cpus to match what we want artifacts to be

use the system name to determine the os and then create platform names

Uh oh!

sonarqubecloud bot commented Aug 19, 2025

Uh oh!

Uh oh!

Bump google-protobuf from 3.21.4 to 4.0.0 #151

Are you sure you want to change the base?

Bump google-protobuf from 3.21.4 to 4.0.0 #151

Uh oh!

Conversation

dependabot bot commented on behalf of github Aug 19, 2025

v4.0.0

What's Changed

infer from the current cpp toolchain.

rename cpus to match what we want artifacts to be

use the system name to determine the os and then create platform names

Uh oh!

sonarqubecloud bot commented Aug 19, 2025

Quality Gate passed

Uh oh!

Uh oh!