From 95d1382c4bced3fa31ecf34ee35abd210b760598 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 30 Jul 2024 11:24:50 +0800
Subject: [PATCH] ORC-1750: Bump `protobuf-java` to 3.25.4

Bumps [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf) from 3.25.3 to 3.25.4.
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/protocolbuffers/protobuf/commit/e915ce24b3d43c0fffcbf847354288c07dda1de0"><code>e915ce2</code></a> Updating version.json and repo version numbers to: 25.4</li>
<li><a href="https://github.com/protocolbuffers/protobuf/commit/6eb8b00091826ad683d87bb47f628564b2fc488d"><code>6eb8b00</code></a> Merge pull request <a href="https://redirect.github.com/protocolbuffers/protobuf/issues/17525">#17525</a> from protocolbuffers/fix-25.x-staleness</li>
<li><a href="https://github.com/protocolbuffers/protobuf/commit/d491c4cd63964571642d3d71fa4163121ab4e93d"><code>d491c4c</code></a> Merge branch '25.x' into fix-25.x-staleness</li>
<li><a href="https://github.com/protocolbuffers/protobuf/commit/314fc8b134c3769efa99651d5daebf57578a01cc"><code>314fc8b</code></a> drop 2.7 in linux test (<a href="https://redirect.github.com/protocolbuffers/protobuf/issues/17524">#17524</a>)</li>
<li><a href="https://github.com/protocolbuffers/protobuf/commit/eb1fdd39b44817f63d14c3e3321128e04350d220"><code>eb1fdd3</code></a> fix targets</li>
<li><a href="https://github.com/protocolbuffers/protobuf/commit/a5dadc3eeedd3e35d9cb02ac5c9a5670994c1abe"><code>a5dadc3</code></a> update bazel to 6.3.2</li>
<li><a href="https://github.com/protocolbuffers/protobuf/commit/c3b9b4fb21ae324694c7e8ba53ee1ac3155adae9"><code>c3b9b4f</code></a> backport staleness changes to 25.x</li>
<li><a href="https://github.com/protocolbuffers/protobuf/commit/fb0520ebb2f75b60456526e0a18daa2155ba6187"><code>fb0520e</code></a> Merge pull request <a href="https://redirect.github.com/protocolbuffers/protobuf/issues/17514">#17514</a> from protocolbuffers/cp-25</li>
<li><a href="https://github.com/protocolbuffers/protobuf/commit/bdb1f75fdb0224960972d59faac0ee889cfcf053"><code>bdb1f75</code></a> Downgrade CMake to 3.29 to workaround Abseil issue.</li>
<li><a href="https://github.com/protocolbuffers/protobuf/commit/165cf123c13df4fc6a38a9324c85309c4d571348"><code>165cf12</code></a> Check that size is non-negative when reading string or bytes in StreamDecoder.</li>
<li>Additional commits viewable in <a href="https://github.com/protocolbuffers/protobuf/compare/v3.25.3...v3.25.4">compare view</a></li>
</ul>
</details>
<br />

<details>
<summary>Most Recent Ignore Conditions Applied to This Pull Request</summary>

| Dependency Name | Ignore Conditions |
| --- | --- |
| com.google.protobuf:protobuf-java | [>= 4.a, < 5] |
</details>

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.google.protobuf:protobuf-java&package-manager=maven&previous-version=3.25.3&new-version=3.25.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

Closes #1991 from dependabot[bot]/dependabot/maven/java/com.google.protobuf-protobuf-java-3.25.4.

Authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Shaoyun Chen <csy@apache.org>
(cherry picked from commit 21a63806a8222dbee79f0476431133bcf147c04d)
Signed-off-by: Dongjoon Hyun <dongjoon@apache.org>
---
 java/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/pom.xml b/java/pom.xml
index 04b960e2e1..3075d391d9 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -78,7 +78,7 @@
     <orc-format.version>1.0.0</orc-format.version>
     <!-- Build Properties -->
     <project.build.outputTimestamp>2024-08-11T21:58:47Z</project.build.outputTimestamp>
-    <protobuf.version>3.25.3</protobuf.version>
+    <protobuf.version>3.25.4</protobuf.version>
     <slf4j.version>2.0.11</slf4j.version>
     <storage-api.version>2.8.1</storage-api.version>
     <surefire.version>3.0.0-M5</surefire.version>