Bump the all-deps group across 1 directory with 3 updates

[dependabot]

Bumps the all-deps group with 3 updates in the / directory: github.com/apache/beam/sdks/v2, google.golang.org/grpc and google.golang.org/protobuf.

Updates github.com/apache/beam/sdks/v2 from 2.61.0 to 2.62.0

Release notes

Sourced from github.com/apache/beam/sdks/v2's releases.

Beam 2.62.0 release

We are happy to present the new 2.62.0 release of Beam. This release includes both improvements and new functionality. See the download page for this release.

For more information on changes in 2.62.0, check out the detailed release notes.

New Features / Improvements

• Added support for stateful processing in Spark Runner for streaming pipelines. Timer functionality is not yet supported and will be implemented in a future release (#33237).
• The datetime module is now available for use in jinja templatization for yaml.
• Improved batch performance of SparkRunner's GroupByKey (#20943).
• Support OnWindowExpiration in Prism (#32211).
  • This enables initial Java GroupIntoBatches support.
• Support OrderedListState in Prism (#32929).

I/Os

• gcs-connector config options can be set via GcsOptions (Java) (#32769).
• [Managed Iceberg] Support partitioning by time (year, month, day, hour) for types date, time, timestamp, and timestamp(tz) (#32939)
• Upgraded the default version of Hadoop dependencies to 3.4.1. Hadoop 2.10.2 is still supported (Java) (#33011).
• [BigQueryIO] Create managed BigLake tables dynamically (#33125)

Breaking Changes

• Upgraded ZetaSQL to 2024.11.1 (#32902). Java11+ is now needed if Beam's ZetaSQL component is used.

Bugfixes

• Fixed EventTimeTimer ordering in Prism. (#32222).
• [Managed Iceberg] Fixed a bug where DataFile metadata was assigned incorrect partition values (#33549).

Security Fixes

• Fixed (CVE-2024-47561)[https://www.cve.org/CVERecord?id=CVE-2024-47561] (Java) by upgrading Avro version to 1.11.4

For the most up to date list of known issues, see https://github.com/apache/beam/blob/master/CHANGES.md

List of Contributors

According to git shortlog, the following people contributed to the 2.62.0 release. Thank you to all contributors!

Ahmed Abualsaud, Ahmet Altay, Alex Merose, Andrew Crites, Arnout Engelen, Attila Doroszlai, Bartosz Zablocki, Chamikara Jayalath, Claire McGinty, Claude van der Merwe, Damon Douglas, Danny McCormick, Gabija Balvociute, Hai Joey Tran, Hakampreet Singh Pandher, Ian Sullivan, Jack McCluskey, Jan Lukavský, Jeff Kinard, Jeffrey Kinard, Laura Detmer, Kenneth Knowles, Martin Trieu, Mattie Fu, Michel Davit, Naireen Hussain, Nick Anikin, Radosław Stankiewicz, Ravi Magham, Reeba Qureshi, Robert Bradshaw, Robert Burke, Rohit Sinha, S. Veyrié, Sam Whittle, Shingo Furuyama, Shunping Huang, Svetak Sundhar, Valentyn Tymofieiev, Vlado Djerek, XQ Hu, Yi Hu, twosom

Changelog

Sourced from github.com/apache/beam/sdks/v2's changelog.

[2.62.0] - 2025-01-21

I/Os

• gcs-connector config options can be set via GcsOptions (Java) (#32769).
• [Managed Iceberg] Support partitioning by time (year, month, day, hour) for types date, time, timestamp, and timestamp(tz) (#32939)
• Upgraded the default version of Hadoop dependencies to 3.4.1. Hadoop 2.10.2 is still supported (Java) (#33011).
• [BigQueryIO] Create managed BigLake tables dynamically (#33125)

New Features / Improvements

• Added support for stateful processing in Spark Runner for streaming pipelines. Timer functionality is not yet supported and will be implemented in a future release (#33237).
• The datetime module is now available for use in jinja templatization for yaml.
• Improved batch performance of SparkRunner's GroupByKey (#20943).
• Support OnWindowExpiration in Prism (#32211).
  • This enables initial Java GroupIntoBatches support.
• Support OrderedListState in Prism (#32929).
• Add apache_beam.ml.rag package with RAG types, base chunking, LangChain chunking and HuggingFace embedding components (Python) (#33364).

Breaking Changes

• Upgraded ZetaSQL to 2024.11.1 (#32902). Java11+ is now needed if Beam's ZetaSQL component is used.

Bugfixes

• Fixed EventTimeTimer ordering in Prism. (#32222).
• [Managed Iceberg] Fixed a bug where DataFile metadata was assigned incorrect partition values (#33549).

Security Fixes

• Fixed (CVE-2024-47561)[https://www.cve.org/CVERecord?id=CVE-2024-47561] (Java) by upgrading Avro version to 1.11.4

Known Issues

• [Python] If you are using the official Apache Beam Python containers for version 2.62.0, be aware that they include NumPy version 1.26.4. It is strongly recommended that you explicitly specify numpy==1.26.4 in your project's dependency list. (#33639).
• [Dataflow Streaming Appliance] Commits fail with KeyCommitTooLargeException when a key outputs >180MB of results. Bug affects versions 2.60.0 to 2.62.0,
  • fix will be released with 2.63.0. #33588.
  • To resolve this issue, downgrade to 2.59.0 or upgrade to 2.63.0 or enable Streaming Engine.

Commits

• df0ad59 Set version for 2.62.0 RC1
• 77f38cd Cherrypick #33549 to Release 2.62.0 branch (Iceberg partition value race cond...
• 0c54e6a Merge pull request #33546: Cherry-pick #33505 to 2.62.0 release branch (Build...
• 1cc4b4c Build wheels on gha runners instead of local runners (#33505)
• 48e18c4 Merge pull request #33535: Cherry pick #33231 to 2.62.0 release branch ([BigQ...
• eab8303 [BigQueryIO] fetch updated schema for newly created Storage API stream writer...
• b2b2f14 Merge pull request #33486: Cherry-pick #33483 to release 2.62.0 (Fix bounded ...
• 88f1f3c Merge pull request #33479: [Release-2.62] cherry-pick #33472 into release bra...
• e8cd8a6 Fix bounded trie merge when merging on empty trie
• e72ad94 Make Beam expansion service shadowJar multi-release so it processes multi-rel...
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.69.4 to 1.70.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.70.0

Behavior Changes

• client: reject service configs containing an invalid retryPolicy in accordance with gRFCs A21 and A6. (#7905)
  • Note that this is a potential breaking change for some users using an invalid configuration, but continuing to allow this behavior would violate our cross-language compatibility requirements.

New Features

• xdsclient: fallback to a secondary management server (if specified in the bootstrap configuration) when the primary is down is enabled by default. Can be disabled by setting the environment variable GRPC_EXPERIMENTAL_XDS_FALLBACK to false. (#7949)
• experimental/credentials: experimental transport credentials are added which don't enforce ALPN. (#7980)
  • These credentials will be removed in an upcoming grpc-go release. Users must not rely on these credentials directly. Instead, they should either vendor a specific version of gRPC or copy the relevant credentials into their own codebase if absolutely necessary.

Bug Fixes

• xds: fix a possible deadlock that happens when both the client application and the xDS management server (responsible for configuring the client) are using the xds:/// scheme in their target URIs. (#8011)

Performance

• server: for unary requests, free raw request message data as soon as parsing is finished instead of waiting until the method handler returns. (#7998)
  • Special Thanks: @​lqs

Documentation

• examples/features/gracefulstop: add example to demonstrate server graceful stop. (#7865)

Commits

• 98a0092 Change version to 1.70.0 (#7984)
• bf380de Cherrypick #7998, #8011, #8010 into 1.70.x (#8028)
• 54b3eb9 experimental/credentials: Add credentials that don't enforce ALPN (#7980) (#8...
• 62b9185 clustetresolver: Copy endpoints.Addresses slice from DNS updates to avoid dat...
• 724f450 examples/features/csm_observability: use helloworld client and server instead...
• e8d5feb rbac: add method name to :path in headers (#7965)
• e912015 cleanup: Fix usages of non-constant format strings (#7959)
• 681334a cleanup: replace dial with newclient (#7943)
• 063d352 internal/resolver: introduce a new resolver to handle target URI and proxy ad...
• 10c7e13 outlierdetection: Support health listener for ejection updates (#7908)
• Additional commits viewable in compare view

Updates google.golang.org/protobuf from 1.36.3 to 1.36.4

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[AlCutter]

/gcbrun