build(deps): bump protocolbuffers/protobuf from 33.5 to 34.0 by dependabot[bot] · Pull Request #2297 · sigstore/fulcio

dependabot · 2026-03-02T02:33:46Z

Bumps protocolbuffers/protobuf from 33.5 to 34.0.

Release notes

Sourced from protocolbuffers/protobuf's releases.

Protocol Buffers v34.0

Announcements

This version includes potential breaking changes with major version bump to: Objective-C, Python, PHP, C++. Bazel

[Objective-C] Remove -[GPBFieldDescriptor optional] (protocolbuffers/protobuf@3414dc1)

[Objective-C] Fix nullability annotations on some GPB*Dictionary types. (protocolbuffers/protobuf@ea67d6d)

[Objective-C] Remove generate_minimal_imports generation option warning (protocolbuffers/protobuf@45b1297)

[Python] Raise errors in OSS when assign bool to int/enum field in Python Proto. (protocolbuffers/protobuf@5b116fe)

[Python] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (protocolbuffers/protobuf@c301c2c)

[Python] Remove deprecated FieldDescriptor.label (protocolbuffers/protobuf@0a8ff55)

[Python] Remove float_format/double_format from python proto text_format (protocolbuffers/protobuf@e4854a1)

[Python] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (protocolbuffers/protobuf@b76faa9)

[Python] Raise TypeError when convert non-timedelta to Duration, or convert non-datetime to Timestamp in python proto. (Original code may raise ArributeError) (protocolbuffers/protobuf@00aaca1)

[Python] Remove float_precision from python proto json_format (protocolbuffers/protobuf@f027f1f)

[PHP] Remove deprecated PHP APIs FieldDescriptor getLabel, use IsRepeated or isRequired instead. (protocolbuffers/protobuf@4208121)

[PHP] Remove deprecated PHP APIs (protocolbuffers/protobuf@9c45014)

[PHP] Add PHP typehints for setters and remove redundant GPBUtil checks (protocolbuffers/protobuf@aee03b7)

[PHP] support default values for editions/proto2 (protocolbuffers/protobuf@b01099d)

[C++] Remove deprecated UseDeprecatedLegacyJsonFieldConflicts() (protocolbuffers/protobuf@c301c2c)

[C++] Add a debug check that the target of CopyFrom is not a descendant of the source. (protocolbuffers/protobuf@7a75898)

[C++] Add [[nodiscard]] to many APIs. (protocolbuffers/protobuf@a70115f)

[C++] Make generator headers private (protocolbuffers/protobuf@3a2af35)

[C++] Remove deprecated FieldDescriptor::has_optional_keyword() in OSS. Use is_repeated() or has_presence() instead (protocolbuffers/protobuf@68346ec)

[C++] Remove deprecated FieldDescriptor::label() in OSS. Use is_repeated() or is_required() instead (protocolbuffers/protobuf@b76faa9)

[C++] Remove deprecated FieldDescriptor::is_optional() in OSS. Use (!is_required() && !is_repeated()) instead (protocolbuffers/protobuf@9dbc5d4)

[C++] Remove AddUnusedImportTrackFile() and ClearUnusedImportTrackFiles(). Remove PROTOBUF_FUTURE_RENAME_ADD_UNUSED_IMPORT (protocolbuffers/protobuf@837a2cd)

[C++] Removes proto2::util::MessageDifferencer::AddIgnoreCriteria that takes a raw pointer as an argument in favor of the overload that takes a unique_ptr. Remove macro PROTOBUF_FUTURE_REMOVE_ADD_IGNORE_CRITERIA (protocolbuffers/protobuf@b115358)

[C++] Make the arena-enabled constructors of RepeatedField, RepeatedPtrField, and Map private. (protocolbuffers/protobuf@ef890c3)

[C++] All entity names have length limit (protocolbuffers/protobuf@2afb0dc)

[Other] Remove deprecated flag for enabling MSVC support (protocolbuffers/protobuf@97c979b)

[Bazel] Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (protocolbuffers/protobuf@0a5c2f6)

[Bazel] Change @protobuf//bazel/flags:prefer_prebuilt_proto flag to True. (protocolbuffers/protobuf@84a30b5)

[Bazel] Only respect the Starlark versions of --proto_toolchain_for*(protocolbuffers/protobuf@b5685c4)

Protobuf News may include additional announcements or pre-announcements for upcoming changes.

Bazel

Only respect the Starlark versions of --proto_toolchain_for*. This is a breaking change. (#26090) (#26091) (protocolbuffers/protobuf@b5685c4)

Breaking change: Change @protobuf//bazel/flags:prefer_prebuilt_proto flag to True. (protocolbuffers/protobuf@84a30b5)

Dropped support for Bazel 7. (protocolbuffers/protobuf@304c9ba)

Don't check for native protobuf flags if the proto fragment doesn't exist. (#25803) (protocolbuffers/protobuf@5975f13)

Fix the prefer_prebuilt_protoc alias to use the correct originally announced location (protocolbuffers/protobuf@732ed49)

Actually fix breaking change related to upb_proto_reflection_library (protocolbuffers/protobuf@86d434b)

Fix breaking change related to upb_c_proto_library and upb_proto_reflection_library (protocolbuffers/protobuf@b0150c0)

Add an alias to undo accidental unannounced breaking change (protocolbuffers/protobuf@e71d379)

Moved prebuilt-related Bazel files to standard locations. (protocolbuffers/protobuf@cfe8991)

Refactored and rearranged Bazel rules. (protocolbuffers/protobuf@d7dd1e1)

Removed the third_party/upb/upb/bazel directory. (protocolbuffers/protobuf@7efbfe1)

Introduce Starlark versions of Protobuf flags. (protocolbuffers/protobuf@d1f4b2f)

Fix: cc_toolchain should prefer protoc when prebuilt flag is flipped. (#25168) (protocolbuffers/protobuf@8c857c3)

Breaking change: Remove deprecated ProtoInfo.transitive_imports. Use equivalent transitive_sources instead (protocolbuffers/protobuf@0a5c2f6)

Feat(bazel): wire up prebuilt protoc toolchain (#24115) (protocolbuffers/protobuf@cc23698)

... (truncated)

Commits

eb26ab3 add git checkout
46ee7dd remove release_notes
fc0a292 add "git fetch --all" to release_prep
a8bf1aa try v34.0-hack1 to run release_prep.sh
7aee2f9 hard code v34.0 when run release_prep.sh
dddb98e Revert "replace github.ref_name to 34.0-hack1"
5b1ae8a replace github.ref_name to 34.0-hack1
b0dfeba change to 34.0-hack1 tag
c7b2895 change tag to 34.0-hack
ce6bde4 remove version when calling local workflows
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [protocolbuffers/protobuf](https://github.com/protocolbuffers/protobuf) from 33.5 to 34.0. - [Release notes](https://github.com/protocolbuffers/protobuf/releases) - [Commits](protocolbuffers/protobuf@v33.5...34.0) --- updated-dependencies: - dependency-name: protocolbuffers/protobuf dependency-version: '34.0' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code labels Mar 2, 2026

dependabot bot requested a review from a team as a code owner March 2, 2026 02:33

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code labels Mar 2, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump protocolbuffers/protobuf from 33.5 to 34.0#2297

build(deps): bump protocolbuffers/protobuf from 33.5 to 34.0#2297
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/protocolbuffers/protobuf-34.0

dependabot bot commented on behalf of github Mar 2, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Mar 2, 2026

Protocol Buffers v34.0

Announcements

Bazel

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants