dev: bump the safe group with 9 updates

[dependabot]

Bumps the safe group with 9 updates:

Package	From	To
github.com/grpc-ecosystem/grpc-gateway/v2	2.26.0	2.26.1
github.com/nats-io/nats.go	1.38.0	1.39.0
golang.org/x/crypto	0.32.0	0.33.0
golang.org/x/net	0.34.0	0.35.0
golang.org/x/oauth2	0.25.0	0.26.0
golang.org/x/sync	0.10.0	0.11.0
google.golang.org/genproto/googleapis/api	0.0.0-20250115164207-1a7da9e5054f	0.0.0-20250204164813-702378808489
google.golang.org/genproto/googleapis/rpc	0.0.0-20250115164207-1a7da9e5054f	0.0.0-20250204164813-702378808489
google.golang.org/protobuf	1.36.4	1.36.5

Updates github.com/grpc-ecosystem/grpc-gateway/v2 from 2.26.0 to 2.26.1

Release notes

Sourced from github.com/grpc-ecosystem/grpc-gateway/v2's releases.

v2.26.1

What's Changed

• Prevent overwriting description of map fields by @​fredde-fisk in grpc-ecosystem/grpc-gateway#5158
• 5113. Validation of oneof nested objects by @​optician in grpc-ecosystem/grpc-gateway#5211

New Contributors

• @​fredde-fisk made their first contribution in grpc-ecosystem/grpc-gateway#5158
• @​optician made their first contribution in grpc-ecosystem/grpc-gateway#5211

Full Changelog: grpc-ecosystem/grpc-gateway@v2.26.0...v2.26.1

Commits

• 3b8ac9f 5113. Validation of oneof nested objects (#5211)
• 4f1457d chore(deps): update googleapis digest to 2431239 (#5214)
• fb17f6e chore(deps): update googleapis digest to 8e62267 (#5213)
• 2fd9128 chore(deps): update googleapis digest to ad99638 (#5212)
• 3d82775 fix(deps): update module google.golang.org/protobuf to v1.36.5 (#5210)
• 801f278 chore(deps): update googleapis digest to fed8c26 (#5209)
• 9cbbcaf chore(deps): update googleapis digest to 2f843e2 (#5208)
• 9adca76 fix(deps): update module golang.org/x/text to v0.22.0 (#5206)
• 72f360d chore(deps): update golang docker tag to v1.23.6 (#5205)
• ce46021 chore(deps): update googleapis digest to f426820 (#5204)
• Additional commits viewable in compare view

Updates github.com/nats-io/nats.go from 1.38.0 to 1.39.0

Release notes

Sourced from github.com/nats-io/nats.go's releases.

v1.39.0

Changelog

Overview

This release bumps the minimal go version in go.mod to 1.22.

Added

• JetStream:
  • Added PullMaxMessagesWithBytesLimit option for Consume and Messages (#1789)
  • Added Metadata to OrderedConsumerConfig. Thanks @​mwain for the contribution (#1737)
  • Added JetStream.Options() and JetStream.Conn() methods to JetStream interface (#1792)
• KeyValue:
  • Added ListKeysFiltered for listing keys with multiple filters. Thanks @​somratdutta for the contribution (#1711)

Fixed

• JetStream:
  • Fixed invalid heartbeat timer for Consumer.Messages() (#1786)
• ObjectStore:
  • Fixed invalid error being returned from DeleteObjectStore (#1762)
• WebSockets:
  • Fixed protocol parsing errors with websocket compression and PONGs. Thanks @​rsafonseca for the contribution (#1790)
• Core NATS:
  • Protect against possible nil pointer panic (#1771)

Changed

• Bump go version to v1.22 (#1773)

Improved

• Fixed typo in JetStream docs. Thanks @​davydog187 for the contribution (#1758)
• Improved documentation of JetStream Consume and Messages options (#1770)
• Removed obsolete build tags (#1787)

Complete Changes

nats-io/nats.go@v1.38.0...v1.39.0

Commits

• 901c987 Release v1.39.0 (#1798)
• 5a2c74a [IMPROVED] Enhance documentation for PullMaxMessagesWithBytesLimit and PullMa...
• 81d2fae [ADDED] PullMaxMessagesWithFetchSizeLimit option for Consume and Messages (#1...
• b1be9bf [IMPROVED] Use faster gha runners and fix leaking goroutines in Service API (...
• faec055 [ADDED] Options() and Conn() methods to JetStream (#1792)
• 16e780e [FIXED] Protect against potential panics (#1771)
• dfb52ad [FIXED] Protocol parsing errors with ws compression and pongs (#1790)
• f7dfee9 [FIXED] Invalid heartbeat timer for Consumer.Messages (#1786)
• 5945afd [IMPROVED] Remove obsolete build tags (#1787)
• bb3ad1c Update go.sum (#1782)
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.32.0 to 0.33.0

Commits

• 9290511 go.mod: update golang.org/x dependencies
• fa5273e x509roots/fallback: update bundle
• a8ea4be ssh: add ServerConfig.PreAuthConnCallback, ServerPreAuthConn (banner) interface
• 71d3a4c acme: support challenges that require the ACME client to send a non-empty JSO...
• See full diff in compare view

Updates golang.org/x/net from 0.34.0 to 0.35.0

Commits

• df97a48 go.mod: update golang.org/x dependencies
• 2dab271 route: treat short sockaddr lengths as unspecified
• b914489 internal/http3: refactor in prep for sharing transport/server code
• ebd23f8 route: fix parsing network address of length zero
• 938a9fb internal/http3: add request/response body transfer
• 145b2d7 internal/http3: add RoundTrip
• 5bda71a internal/http3: define connection and stream error types
• 3c1185a internal/http3: return error on mid-frame EOF
• a6c2c7f http2, internal/httpcommon: factor out common request header logic for h2/h3
• c72e89d internal/http3: QPACK encoding and decoding
• Additional commits viewable in compare view

Updates golang.org/x/oauth2 from 0.25.0 to 0.26.0

Commits

• b9c813b google: add warning about externally-provided credentials
• See full diff in compare view

Updates golang.org/x/sync from 0.10.0 to 0.11.0

Commits

• fe3591b sync/errgroup: improve documentation for semaphore limit behavior
• See full diff in compare view

Updates google.golang.org/genproto/googleapis/api from 0.0.0-20250115164207-1a7da9e5054f to 0.0.0-20250204164813-702378808489

Commits

• See full diff in compare view

Updates google.golang.org/genproto/googleapis/rpc from 0.0.0-20250115164207-1a7da9e5054f to 0.0.0-20250204164813-702378808489

Commits

• See full diff in compare view

Updates google.golang.org/protobuf from 1.36.4 to 1.36.5

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions