fix(deps): update dependency google-auth to v2

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
google-auth	1.35.0 -> 2.36.0

---

Release Notes

googleapis/google-auth-library-python (google-auth)

v2.36.0

Compare Source

Features

• IAM signblob retries (#​1600) (484c8db)
• Making iam endpoint universe-aware (#​1604) (16c728d)
• Support External Account Authorized User as a Source Credential for impersonated credentials in ADC (#​1608) (875796c)

Bug Fixes

• Adding default parameters to updated interfaces (#​1622) (8cf1cb1)
• Change universe_domain to universe-domain (#​1613) (168fcc6)
• Remove base class to avoid type conflict (#​1619) (9e2789a)
• Revert templates for iam endpoints (#​1614) (0a4363a)
• Update secret (#​1611) (f070de0)
• Update secret (#​1617) (10f42a7)
• Update secret (#​1621) (6be19fb)

v2.35.0

Compare Source

Features

• Add cred info to ADC creds (#​1587) (6f75dd5)
• Add support for asynchronous AuthorizedSession api (#​1577) (2910b6b)

Bug Fixes

• Remove token_info call from token refresh path (#​1595) (afb9e5a)

v2.34.0

Compare Source

Features

• auth: Update get_client_ssl_credentials to support X.509 workload certs (#​1558) (18c2ec1)

Bug Fixes

• Retry token request on retryable status code (#​1563) (f858a15)

v2.33.0

Compare Source

Features

• Implement async StaticCredentials using access tokens (#​1559) (dc17dfc)
• Implement base classes for credentials and request sessions (#​1551) (036dac4)

Bug Fixes

• metadata: Enhance retry logic for metadata server access in _metadata.py (#​1545) (61c2432)

Documentation

• Update argument for Credentials initialization (#​1557) (40b9ed9)

v2.32.0

Compare Source

Features

• Adds support for X509 workload credential type (#​1541) (1270217)

v2.31.0

Compare Source

Features

• Adds X509 workload cert logic (#​1527) (05220e0)

Bug Fixes

• Added py.typed to MANIFEST.in (#​1526) (1829a3b)
• Pass trust_env kwarg to ClientSession (#​1533) (6c15c9a), closes #​1530

v2.30.0

Compare Source

Features

• Add WebAuthn plugin component to handle WebAuthn get assertion request (#​1464) (e25f336)
• ECP Provider drop cryptography requirement (#​1524) (a821d71)
• Enable webauthn plugin for security keys (#​1528) (e2d5e63)

Bug Fixes

• Fix id_token iam endpoint for non-gdu service credentials (#​1506) (93d681e)
• Makes default token_url universe aware (#​1514) (045776e)

v2.29.0

Compare Source

Features

• Adds support for custom suppliers in AWS and Identity Pool credentials (#​1496) (3af1768)

Bug Fixes

• Refactor tech debt in aws and identity pool credentials (#​1501) (ce435b0)

v2.28.2

Compare Source

Bug Fixes

• Remove gce log for expected 404 (#​1491) (cb04e49)

v2.28.1

Compare Source

Bug Fixes

• Typo when setting the state for the pickle deserializer. (#​1479) (08b5cc3)

v2.28.0

Compare Source

Features

• Adding universe domain support for downscroped credentials (#​1463) (fa8b7b2)

Bug Fixes

• Change log level to debug for return_none_for_not_found_error (#​1473) (a036b47)
• Make requests import conditional for gce universe domain (#​1476) (9bb64c8)

v2.27.0

Compare Source

Features

• Add optional account association for Authorized User credentials. (#​1458) (988153d)

Bug Fixes

• Allow custom universe domain for gce creds (#​1460) (7db5823)
• Conditionally import requests only if no request was passed by the caller. (#​1456) (9cd6742)

v2.26.2

Compare Source

Bug Fixes

• Read universe_domain for external account authorized user (#​1450) (1cc7df3)

v2.26.1

Compare Source

Bug Fixes

• Ensure that refresh worker is pickle-able. (#​1447) (421c184)

v2.26.0

Compare Source

Features

• Add optional non blocking refresh for sync auth code (a6dc2c3)
• Add optional non blocking refresh for sync auth code (#​1368) (a6dc2c3)

Bug Fixes

• External account user cred universe domain support (#​1437) (75068f9)
• Guard delete statements. Add default fallback for _use_non_blocking_refresh. (#​1445) (776d634)

v2.25.2

Compare Source

Bug Fixes

• Fix user cred universe domain issue (#​1436) (ae314a8)

v2.25.1

Compare Source

Bug Fixes

• Fix vm universe_domain bug (#​1433) (8683520)

v2.25.0

Compare Source

Features

• Add custom tls signer for ECP Provider. (39eb287)
• Add custom tls signer for ECP Provider. (#​1402) (39eb287)

Bug Fixes

• Add with_universe_domain (#​1408) (505910c)
• Fixes issue where Python37DeprecationWarning cannot be filtered (#​1428) (f22f767)
• Remove broken link in Python37DeprecationWarning (#​1430) (e2db602)

v2.24.0

Compare Source

Features

• Add support for Python 3.12 (#​1421) (307916c)
• Add universe domain support for VM cred (#​1409) (7ab0fce)
• Modify the token refresh window (#​1419) (c6af1d6)

Bug Fixes

• Add missing before request to async oauth2 credentials. (#​1420) (8eaa878)
• Auto create self signed jwt cred (#​1418) (6c610a5)
• Migrate datetime.utcnow for python 3.12 (#​1413) (e4d9c27)

Documentation

• Update user cred doc (#​1414) (3f426bc)

v2.23.4

Compare Source

Bug Fixes

• Export detect_gce_residency_linux function (#​1403) (809da13)

v2.23.3

Compare Source

Bug Fixes

• Serialize signer keys on getstate for pickling (#​1394) (8b783b9), closes #​1383

v2.23.2

Compare Source

Bug Fixes

• Support urllib3<2.0 versions (#​1390) (07c464a)

v2.23.1

Compare Source

Bug Fixes

• Less restrictive content-type header check for google authentication (ignores charset) (#​1382) (7039beb)
• Trust boundary meta header renaming and using the schema from backend team. (#​1384) (2503d4a)
• Update urllib3 to >= 2.0.5 (#​1389) (a99f3bb)

v2.23.0

Compare Source

Features

• Add get_bq_config_path() to _cloud_sdk.py (9f52f66)
• Add get_bq_config_path() to _cloud_sdk.py (#​1358) (9f52f66)

Bug Fixes

• Expose universe domain in credentials (#​1380) (8b8fce6)
• Make external_account resistant to string type 'expires_in' responses from non-compliant services (#​1379) (01d3770)
• Missing ssj for impersonate cred (#​1377) (7d453dc)
• Skip checking projectid on cred if env var is set (#​1349) (a4135a3)

v2.22.0

Compare Source

Features

• Adding meta header for trust boundary (#​1334) (908c8d1)
• Introduce compatibility with native namespace packages (#​1205) (2f75922)

Bug Fixes

• Deprecate UserAccessTokenCredentials (#​1344) (5f97fe9)

v2.21.0

Compare Source

Features

• Add framework for BYOID metrics headers (#​1332) (1a8f50c)

Bug Fixes

• Pypy unit test build (#​1335) (33e4263)

v2.20.0

Compare Source

Features

• Add public API load_credentials_from_dict (#​1326) (5467ad7)

Bug Fixes

• Expiry in compute_engine.IDTokenCredentials (#​1327) (56a6159), closes #​1323
• Expiry in impersonated_credentials.IDTokenCredentials (#​1330) (d1b887c)
• Invalid dev version identifiers in setup.py (#​1322) (a9b8f12), closes #​1321

v2.19.1

Compare Source

Bug Fixes

• Check id token error response (#​1315) (2a71f7b)
• Fix "AttributeError: 'str' object has no attribute 'get'" (dac7cc3)

Documentation

• Replacing abc.com with example.com (dac7cc3)

v2.19.0

Compare Source

Features

• Add metrics (part 1) (#​1298) (246dd07)
• Add metrics (part 2) (#​1303) (ebd5af7)
• Add metrics (part 3) (#​1305) (c7011b6)
• Expose universe_domain for external account creds (#​1296) (ee07053)
• Remove python 2.7 from setup.py and nox tests (#​1301) (8437490)

v2.18.1

Compare Source

Bug Fixes

• Self signed jwt token should be string type (#​1294) (17356fd)

v2.18.0

Compare Source

Features

• Add smbios check to detect GCE residency (#​1276) (22d241b)
• Universe domain support for service account (#​1286) (821c1b6)

v2.17.3

Compare Source

Bug Fixes

• Add useEmailAzp claim for id token iam flow (#​1270) (7a9c6f2)

v2.17.2

Compare Source

Bug Fixes

• Do not create new JWT credentials if they make the same claims as the existing. (#​1267) (eebb7b6)

v2.17.1

Compare Source

Bug Fixes

• Print out reauth plugin error and raise if challenge output is None (#​1265) (08d22fe)

v2.17.0

Compare Source

Features

• Experimental service account iam endpoint flow for id token (#​1258) (8ff0de5)

Bug Fixes

• Python: Remove aws url validation (#​1254) (20a966b)

v2.16.3

Compare Source

Bug Fixes

• Read both applicationId and relyingPartyId. (#​1246) (e125dfe)

v2.16.2

Compare Source

Bug Fixes

• Call gcloud config get project to get project for user cred (#​1243) (c078a13)
• Do not use hardcoded string 'python', when you mean sys.executable. (#​1233) (91ac8e6)
• Don't retry if error or error_description is not string (#​1241) (e2d263a)
• Improve ADC related errors and warnings (#​1237) (2dfa213)

v2.16.1

Compare Source

Bug Fixes

• Add support for python 3.11 (#​1212) (1fc95e3)
• Remove 3PI config url validation (#​1220) (8b95515)
• Update the docs generator interpreter to unblock documentation build (#​1218) (9d36c2f)

v2.16.0

Compare Source

Features

• AwsCredentials should not call metadata server if security creds and region are retrievable through the environment variables (#​1195) (5e27c8f)
• Wrap all python built-in exceptions into library excpetions (#​1191) (a83af39)

Bug Fixes

• Allow get_project_id to take a request (#​1203) (9a4d23a)
• Make OAUTH2.0 client resistant to string type 'expires_in' responses from non-compliant services (#​1208) (9fc7b1c)

v2.15.0

Compare Source

Features

• Add api_key credentials (#​1184) (370293e)
• Introduce a way to provide scopes granted by user (#​1189) (189f504)

Bug Fixes

• Allow mtls sts endpoint for external account token urls. (#​1185) (c86dd69)
• CI broken by removal of py.path (#​1194) (f719415)
• Ensure JWT segments have the right types (#​1162) (fc843cd)
• Updated the lower bound of interactive timeout and fix the kwarg… (#​1182) (50c0fd2)

v2.14.1

Compare Source

Bug Fixes

• Apply quota project for compute cred in adc (#​1177) (b9aa92a)
• Update minimum required version of cryptography in pyopenssl extra (#​1176) (e9e76d1)
• Validate url domain for aws metadata urls (#​1174) (f9d7d77)

v2.14.0

Compare Source

Features

• Add token_info_url to external account credentials (#​1168) (9adee75)
• Read Quota Project from Environment Variable (#​1163) (57b3e42)

Bug Fixes

• Adding more properties to external_account_authorized_user (#​1169) (a12b96d)

v2.13.0

Compare Source

Features

• Adds new external account authorized user credentials (#​1160) (523f811)
• Implement pluggable auth interactive mode (#​1131) (44a189f)
• Introduce the functionality to override token_uri in credentials (#​1159) (73bc7e9)

Bug Fixes

• Adding one more pattern to relax the regex check for sts and impersonation url endpoints (#​1158) (75326e3)

v2.12.0

Compare Source

Features

• Retry behavior (#​1113) (78d3790)

Bug Fixes

• Modify RefreshError exception to use gcloud ADC command. (#​1149) (059fd35)
• Revert "Update token refresh threshold from 20 seconds to 5 minutes". (186464b)

v2.11.1

Compare Source

Bug Fixes

• Fix socket leak in impersonated_credentials (#​1123) (b1eb467), closes #​1122
• Make pluggable auth tests work in all environments (#​1114) (bb5c979)
• Skip oauth2client adapter tests if oauth2client is not installed (#​1132) (d15092f)
• Update token refresh threshold from 20 seconds to 5 minutes (#​1146) (261a561)

Documentation

• samples: Add auth samples and tests (#​1102) (ac87520)

v2.11.0

Compare Source

Features

• add integration tests for configurable token lifespan (#​1103) (124bae6)

Bug Fixes

• Async certificate retrieving (#​1101) (05f125d)

v2.10.0

Compare Source

Features

• add integration tests for pluggable auth (#​1073) (f8d776a)
• support for configurable token lifetime (0dc6a9a)
• support for configurable token lifetime (#​1079) (0dc6a9a)

Bug Fixes

• async certificate decoding (#​1085) (741c6c6)
• Async system tests were not unwrapping async_generators (#​1086) (29d248a)
• Fix IDTokenCredentials update bug (#​1072) (b62c25c)
• make expiration_time optional in response schema (#​1091) (032fb8d)
• refactor credential subclass parameters (#​1095) (8d15f69)

v2.9.1

Compare Source

Bug Fixes

• there was a raise missing for throwing exceptions (#​1077) (d1f17b0)

v2.9.0

Compare Source

Features

• pluggable auth support (#​1045) (de14f4e)

v2.8.0

Compare Source

Features

• add experimental GDCH support (#​1044) (94fb5e2)

v2.7.0

Compare Source

Features

• add experimental enterprise cert support (#​1052) (dda7dda)
• add experimental GDCH support (#​1022) (5367aac)
• Pluggable auth support (#​995) (62daa73)

Bug Fixes

• validate urls for external accounts (#​1031) (61b1f15)

Reverts

• pluggable auth support #​995 (#​1039) (513d999)
• revert experimental GDCH support (#​1022) (#​1042) (c720995)

Documentation

• fix changelog header to consistent size (#​1046) (e64d084)

v2.6.6

Compare Source

Bug Fixes

• silence TypeError during tear down stage (#​1027) (952a6aa)

v2.6.5

Compare Source

Bug Fixes

• add additional missing import in _default.py (#​1018) (638331b)

v2.6.4

Compare Source

Bug Fixes

• fix missing import in _default.py (#​1015) (63f4e38)

v2.6.3

Compare Source

Bug Fixes

• change requests lib import place (#​1010) (c753c08)
• clean up HTTP session and pool during tear down phase (#​1007) (d057376)
• pin click version and update sys test creds (#​1008) (ae2804b)

v2.6.2

Compare Source

Bug Fixes

• Rename aws imdsv2 url field and update token lifetime (#​982) (818e6d2)

Miscellaneous Chores

• let release-please finish the release (#​991) (d2bdc9a)

[v2.6.0](https://redirect.github.com/googleapis/google-a

---

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone US/Eastern, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[asadali145]

Closing this one, As I won't be able to work and too many renovate PRs are causing delay in checks.

[renovate]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update. You will not get PRs for any future 2.x releases. But if you manually upgrade to 2.x then Renovate will re-enable minor and patch updates automatically.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.