Bump the all-deps group across 1 directory with 6 updates

[dependabot]

Bumps the all-deps group with 6 updates in the / directory:

Package	From	To
github.com/apache/beam/sdks/v2	2.67.0	2.68.0
github.com/usbarmory/tamago	0.0.0-20250310080134-5e23c7fd40b0	1.25.1
golang.org/x/crypto	0.41.0	0.42.0
golang.org/x/oauth2	0.30.0	0.31.0
google.golang.org/grpc	1.75.0	1.75.1
google.golang.org/protobuf	1.36.8	1.36.9

Updates github.com/apache/beam/sdks/v2 from 2.67.0 to 2.68.0

Release notes

Sourced from github.com/apache/beam/sdks/v2's releases.

Beam 2.68.0 release

We are happy to present the new 2.68.0 release of Beam. This release includes both improvements and new functionality. See the download page for this release.

For more information on changes in 2.68.0, check out the detailed release notes.

Highlights

• [Python] Prism runner now enabled by default for most Python pipelines using the direct runner (#34612). This may break some tests, see apache/beam#34612 for details on how to handle issues.

I/Os

• Upgraded Iceberg dependency to 1.9.2 (#35981)

New Features / Improvements

• BigtableRead Connector for BeamYaml added with new Config Param (#35696)
• MongoDB Java driver upgraded from 3.12.11 to 5.5.0 with API refactoring and GridFS implementation updates (Java) (#35946).
• Introduced a dedicated module for JUnit-based testing support: sdks/java/testing/junit, which provides TestPipelineExtension for JUnit 5 while maintaining backward compatibility with existing JUnit 4 TestRule-based tests (Java) (#18733, #35688).
  • To use JUnit 5 with Beam tests, add a test-scoped dependency on org.apache.beam:beam-sdks-java-testing-junit.
• Google CloudSQL enrichment handler added (Python) (#34398). Beam now supports data enrichment capabilities using SQL databases, with built-in support for:
  • Managed PostgreSQL, MySQL, and Microsoft SQL Server instances on CloudSQL
  • Unmanaged SQL database instances not hosted on CloudSQL (e.g., self-hosted or on-premises databases)
• [Python] Added the ReactiveThrottler and ThrottlingSignaler classes to streamline throttling behavior in DoFns, expose throttling mechanisms for users (#35984)
• Added a pipeline option to specify the processing timeout for a single element by any PTransform (Java/Python/Go) (#35174).
  • When specified, the SDK harness automatically restarts if an element takes too long to process. Beam runner may then retry processing of the same work item.
  • Use the --element_processing_timeout_minutes option to reduce the chance of having stalled pipelines due to unexpected cases of slow processing, where slowness might not happen again if processing of the same element is retried.
• (Python) Adding GCP Spanner Change Stream support for Python (apache_beam.io.gcp.spanner) (#24103).

Breaking Changes

• Previously deprecated Beam ZetaSQL component has been removed (#34423). ZetaSQL users could migrate to Calcite SQL with BigQuery dialect enabled.
• Upgraded Beam vendored Calcite to 1.40.0 for Beam SQL (#35483), which improves support for BigQuery and other SQL dialects. Note: Minor behavior changes are observed such as output significant digits related to casting.
• (Python) The deterministic fallback coder for complex types like NamedTuple, Enum, and dataclasses now uses cloudpickle instead of dill. If your pipeline is affected, you may see a warning like: "Using fallback deterministic coder for type X...". You can revert to the previous behavior by using the pipeline option --update_compatibility_version=2.67.0 (35725). Report any pickling related issues to #34903
• (Python) Prism runner now enabled by default for most Python pipelines using the direct runner (#34612). This may break some tests, see apache/beam#34612 for details on how to handle issues.
• Dropped Java 8 support for IO expansion-service. Cross-language pipelines using this expansion service will need a Java11+ runtime (#35981.

Deprecations

• Python SDK native SpannerIO (apache_beam/io/gcp/experimental/spannerio) is deprecated. Use cross-language wrapper (apache_beam/io/gcp/spanner) instead (Python) (#35860).
• Samza runner is deprecated and scheduled for removal in Beam 3.0 (#35448).
• Twister2 runner is deprecated and scheduled for removal in Beam 3.0 (#35905)).

... (truncated)

Changelog

Sourced from github.com/apache/beam/sdks/v2's changelog.

[2.68.0] - 2025-09-22

Highlights

• [Python] Prism runner now enabled by default for most Python pipelines using the direct runner (#34612). This may break some tests, see apache/beam#34612 for details on how to handle issues.

I/Os

• Upgraded Iceberg dependency to 1.9.2 (#35981)

New Features / Improvements

• BigtableRead Connector for BeamYaml added with new Config Param (#35696)
• MongoDB Java driver upgraded from 3.12.11 to 5.5.0 with API refactoring and GridFS implementation updates (Java) (#35946).
• Introduced a dedicated module for JUnit-based testing support: sdks/java/testing/junit, which provides TestPipelineExtension for JUnit 5 while maintaining backward compatibility with existing JUnit 4 TestRule-based tests (Java) (#18733, #35688).
  • To use JUnit 5 with Beam tests, add a test-scoped dependency on org.apache.beam:beam-sdks-java-testing-junit.
• Google CloudSQL enrichment handler added (Python) (#34398). Beam now supports data enrichment capabilities using SQL databases, with built-in support for:
  • Managed PostgreSQL, MySQL, and Microsoft SQL Server instances on CloudSQL
  • Unmanaged SQL database instances not hosted on CloudSQL (e.g., self-hosted or on-premises databases)
• [Python] Added the ReactiveThrottler and ThrottlingSignaler classes to streamline throttling behavior in DoFns, expose throttling mechanisms for users (#35984)
• Added a pipeline option to specify the processing timeout for a single element by any PTransform (Java/Python/Go) (#35174).
  • When specified, the SDK harness automatically restarts if an element takes too long to process. Beam runner may then retry processing of the same work item.
  • Use the --element_processing_timeout_minutes option to reduce the chance of having stalled pipelines due to unexpected cases of slow processing, where slowness might not happen again if processing of the same element is retried.
• (Python) Adding GCP Spanner Change Stream support for Python (apache_beam.io.gcp.spanner) (#24103).

Breaking Changes

• Previously deprecated Beam ZetaSQL component has been removed (#34423). ZetaSQL users could migrate to Calcite SQL with BigQuery dialect enabled.
• Upgraded Beam vendored Calcite to 1.40.0 for Beam SQL (#35483), which improves support for BigQuery and other SQL dialects. Note: Minor behavior changes are observed such as output significant digits related to casting.
• (Python) The deterministic fallback coder for complex types like NamedTuple, Enum, and dataclasses now uses cloudpickle instead of dill. If your pipeline is affected, you may see a warning like: "Using fallback deterministic coder for type X...". You can revert to the previous behavior by using the pipeline option --update_compatibility_version=2.67.0 (35725). Report any pickling related issues to #34903
• (Python) Prism runner now enabled by default for most Python pipelines using the direct runner (#34612). This may break some tests, see apache/beam#34612 for details on how to handle issues.
• Dropped Java 8 support for IO expansion-service. Cross-language pipelines using this expansion service will need a Java11+ runtime (#35981).

Deprecations

• Python SDK native SpannerIO (apache_beam/io/gcp/experimental/spannerio) is deprecated. Use cross-language wrapper (apache_beam/io/gcp/spanner) instead (Python) (#35860).
• Samza runner is deprecated and scheduled for removal in Beam 3.0 (#35448).
• Twister2 runner is deprecated and scheduled for removal in Beam 3.0 (#35905)).

Bugfixes

• (Python) Fixed Java YAML provider fails on Windows (#35617).
• Fixed BigQueryIO creating temporary datasets in wrong project when temp_dataset is specified with a different project than the pipeline project. For some jobs, temporary datasets will now be created in the correct project (Python) (#35813).
• (Go) Fix duplicates due to reads after blind writes to Bag State (#35869).
  • Earlier Go SDK versions can avoid the issue by not reading in the same call after a blind write.

Commits

• 1cd03d3 Set version for 2.68.0 RC2
• 04dade2 Fix ml gradle (#36135)
• 3461a46 Fix CVE-2025-48734, CVE-2024-13009 (#36106) (#36109)
• a039097 Pin Avro 1.12 in expansion service container (#36113)
• f6db8b2 Merge pull request #36104 from apache/cp-36098
• 2e36894 Fix portableLocalRunnerJuliaSetWithSetupPy
• 0ff479f Merge pull request #36097 from ahmedabu98/cp36092
• ed436b7 Cherry pick #35981 (#36079)
• 2732a1d pin avro 1.12.0 in expansion service (#36092)
• 2483717 Cherrypick #36063: [Java] Fix expensive OneOfType precondition messages by ma...
• Additional commits viewable in compare view

Updates github.com/usbarmory/tamago from 0.0.0-20250310080134-5e23c7fd40b0 to 1.25.1

Release notes

Sourced from github.com/usbarmory/tamago's releases.

v1.25.1

This release introduces improved CPU idle management support functions for amd64, enabling the following pattern on single-core CPUs:

if cpu.NumCPU() == 1 {
    runtime.Idle = func(pollUntil int64) {
        if pollUntil == 0 {
            return
        }
    cpu.SetAlarm(pollUntil)
    cpu.WaitInterrupt()
    cpu.SetAlarm(0)
}

}

Major changes for tamago package API:

• amd64: (*CPU).WaitInterrupt: new function to suspend execution until an interrupt is received
• amd64: (*CPU).SetAlarm: new function to set LAPIC LVT Timer in TSC-Deadline mode
• amd64: (*CPU).Features.TSCDeadline: new boolean for TSC-Deadline mode detection
• amd64: (*CPU).Halt: function removed in favor of race-free (*CPU).WaitInterrupt
• arm: (*CPU).Halt: function removed in favor of existing (*CPU).WaitInterrupt
• user/linux: added experimental support for GOARCH=arm64 and README file

Major changes for tamago package internals:

• amd64: IRQ_WAKEUP (255) is now allocated to (*CPU).SetAlarm and not passed to application ISR
• amd64: LAPIC and interrupts now enabled on supplemental cores (APs)
• amd64: IRQ handling is improved in terms of performance and race condition protection

Full Changelog: usbarmory/tamago@v1.25.0...v1.25.1

This release requires GOOS=tamago support in the Go distribution, it requires at least tamago-go1.25.0. The experimental user/linux package support for GOARCH=arm64 requires usbarmory/tamago-go@255baf0.

v1.25.0

Full Changelog: usbarmory/tamago@v1.24.6...v1.25.0

This release requires GOOS=tamago support in the Go distribution, it requires at least tamago-go1.25.0.

v1.24.6

Major changes for tamago package API:

• amd64.InitSMP: new function for initialization of supplemental cores and runtime SMP support
• amd64.(*CPU).NumCPU: new function to report initialized cores
• microvm (Firecracker/QEMU), vm (Cloud Hypervisor): SMP initialization via amd64.InitSMP
• amd64.(*CPU).ServiceInterrupts: new function to replace amd64.ServiceInterrupts()

Major changes for tamago package internals:

... (truncated)

Commits

• See full diff in compare view

Updates golang.org/x/crypto from 0.41.0 to 0.42.0

Commits

• 5307a0c go.mod: update golang.org/x dependencies
• 9d77937 acme: include order problem in OrderError
• 8f580de ssh: remove Go 1.24 build tag for ML-KEM kex
• a4d1237 ssh/knownhosts: improve IPv6 support in Normalize
• b8d8dae curve25519: include potential fips140=only error in panic message
• f5a2eab ssh: use curve25519.X25519 instead of curve25519.ScalarMult
• 44ecf3a all: upgrade go directive to at least 1.24.0 [generated]
• See full diff in compare view

Updates golang.org/x/oauth2 from 0.30.0 to 0.31.0

Commits

• 014cf77 all: upgrade go directive to at least 1.24.0 [generated]
• 3c76ce5 endpoints: correct Naver OAuth2 endpoint URLs
• See full diff in compare view

Updates google.golang.org/grpc from 1.75.0 to 1.75.1

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.75.1

Bug Fixes

• transport: Fix a data race while copying headers for stats handlers in the std lib http2 server transport. (#8519)
• xdsclient:
  • Fix a data race caused while reporting load to LRS. (#8483)
  • Fix regression preventing empty node IDs when creating an LRS client. (#8483)
• server: Fix a regression preventing streams from being cancelled or timed out when blocked on flow control. (#8528)

Commits

• b4dc263 Change version to 1.75.1 (#8559)
• 1fffee7 Cherry-pick #8528 to v1.75.x (#8555)
• a52e42b Cherry pick #8483 into v1.75.x (#8541)
• 369c9aa Cherry-pick #8519 to v1.75.x (#8530)
• 7269d5f Change version to 1.75.1-dev (#8494)
• See full diff in compare view

Updates google.golang.org/protobuf from 1.36.8 to 1.36.9

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dpebot]

/gcbrun