Update protobuf-java to 3.25.6

[scala-steward-asf]

About this PR

📦 Updates com.google.protobuf:protobuf-java from 3.25.5 to 3.25.6

📜 GitHub Release Notes - Version Diff

Usage

✅ Please merge!

I'll automatically update this PR to resolve conflicts as long as you don't change it yourself.

If you'd like to skip this version, you can just close this PR. If you have any feedback, just mention me in the comments below.

Configure Scala Steward for your repository with a .scala-steward.conf file.

Have a fantastic day writing Scala!

⚙ Adjust future updates

Add this to your .scala-steward.conf file to ignore future updates of this dependency:

updates.ignore = [ { groupId = "com.google.protobuf", artifactId = "protobuf-java" } ]

Or, add this to slow down future updates of this dependency:

dependencyOverrides = [{
  pullRequests = { frequency = "30 days" },
  dependency = { groupId = "com.google.protobuf", artifactId = "protobuf-java" }
}]

^{labels: library-update, early-semver-patch, semver-spec-patch, commit-count:1}

[pjfanning]

hitting

[error] Test docs.javadsl.SerializationTest.protobufDeSer failed: java.util.concurrent.ExecutionException: java.lang.UnsupportedOperationException: As of 2022/09/29 (release 21.7) makeExtensionsImmutable should not be called from protobuf gencode. If you are seeing this message, your gencode is vulnerable to a denial of service attack. You should regenerate your code using protobuf 25.6 or later. Use the latest version that meets your needs. However, if you understand the risks and wish to continue with vulnerable gencode, you can set the system property `-Dcom.google.protobuf.use_unsafe_pre22_gencode` on the command line. See security vulnerability: https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2, took 1.959s
[error]     at java.util.concurrent.CompletableFuture.reportGet(CompletableFuture.java:357)
[error]     at java.util.concurrent.CompletableFuture.get(CompletableFuture.java:1928)
[error]     at scala.concurrent.java8.FuturesConvertersImpl$CF.super$get(FutureConvertersImpl.scala:92)
[error]     at scala.concurrent.java8.FuturesConvertersImpl$CF.$anonfun$get$2(FutureConvertersImpl.scala:92)
[error]     at scala.concurrent.BlockContext$DefaultBlockContext$.blockOn(BlockContext.scala:57)
[error]     at scala.concurrent.package$.blocking(package.scala:146)
[error]     at scala.concurrent.java8.FuturesConvertersImpl$CF.get(FutureConvertersImpl.scala:92)
[error]     at docs.javadsl.SerializationTest.protobufDeSer(SerializationTest.java:210)
[error]     ...
[error] Caused by: java.lang.UnsupportedOperationException: As of 2022/09/29 (release 21.7) makeExtensionsImmutable should not be called from protobuf gencode. If you are seeing this message, your gencode is vulnerable to a denial of service attack. You should regenerate your code using protobuf 25.6 or later. Use the latest version that meets your needs. However, if you understand the risks and wish to continue with vulnerable gencode, you can set the system property `-Dcom.google.protobuf.use_unsafe_pre22_gencode` on the command line. See security vulnerability: https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2
[error]     at com.google.protobuf.GeneratedMessage.warnPre22Gencode(GeneratedMessage.java:327)
[error]     at com.google.protobuf.GeneratedMessageV3.makeExtensionsImmutable(GeneratedMessageV3.java:531)
[error]     at docs.javadsl.proto.OrderMessages$Order.this(OrderMessages.java:113)
[error]     at docs.javadsl.proto.OrderMessages$Order.this(OrderMessages.java:48)
[error]     at docs.javadsl.proto.OrderMessages$Order$1.parsePartialFrom(OrderMessages.java:571)
[error]     at docs.javadsl.proto.OrderMessages$Order$1.parsePartialFrom(OrderMessages.java:565)
[error]     at com.google.protobuf.AbstractParser.parsePartialFrom(AbstractParser.java:135)
[error]     at com.google.protobuf.AbstractParser.parseFrom(AbstractParser.java:168)
[error]     at com.google.protobuf.AbstractParser.parseFrom(AbstractParser.java:180)
[error]     at com.google.protobuf.AbstractParser.parseFrom(AbstractParser.java:185)
[error]     at com.google.protobuf.AbstractParser.parseFrom(AbstractParser.java:25)
[error]     at docs.javadsl.proto.OrderMessages$Order.parseFrom(OrderMessages.java:251)
[error]     at org.apache.pekko.stream.javadsl.Source.$anonfun$map$1(Source.scala:2217)
[error]     at org.apache.pekko.stream.impl.fusing.Map$$anon$1.onPush(Ops.scala:64)
[error]     at org.apache.pekko.stream.impl.fusing.GraphInterpreter.processPush(GraphInterpreter.scala:556)
[error]     at org.apache.pekko.stream.impl.fusing.GraphInterpreter.execute(GraphInterpreter.scala:434)
[error]     at org.apache.pekko.stream.impl.fusing.GraphInterpreterShell.runBatch(ActorGraphInterpreter.scala:662)
[error]     at org.apache.pekko.stream.impl.fusing.GraphInterpreterShell$AsyncInput.execute(ActorGraphInterpreter.scala:532)
[error]     at org.apache.pekko.stream.impl.fusing.GraphInterpreterShell.processEvent(ActorGraphInterpreter.scala:637)
[error]     at org.apache.pekko.stream.impl.fusing.ActorGraphInterpreter.org$apache$pekko$stream$impl$fusing$ActorGraphInterpreter$$processEvent(ActorGraphInterpreter.scala:813)
[error]     at org.apache.pekko.stream.impl.fusing.ActorGraphInterpreter$$anonfun$receive$1.applyOrElse(ActorGraphInterpreter.scala:831)
[error]     at org.apache.pekko.actor.Actor.aroundReceive(Actor.scala:547)

[pjfanning]

It looks like we need to regenerate the protobuf java file:
https://github.com/apache/pekko-connectors-kafka/blob/cbb57a9e8635b49416b99539bfbb32c7423454b0/java-tests/src/test/java/docs/javadsl/proto/OrderMessages.java

Similar issue to apache/pekko#1748

This looks like it is just a local test dependency - so it isn't urgent for us to fix this

[pjfanning]

lgtm - I regenerated the OrderMessages.java file with protoc 25.6