googleapis · parthea · Jun 2, 2026 · Jun 2, 2026 · Jun 2, 2026 · Jun 2, 2026
@@ -29,12 +29,12 @@ else:
     release_status = "Development Status :: 5 - Production/Stable"
 
 dependencies = [
-    "google-api-core[grpc] >= 2.10.0, < 3.0.0",
+    "google-api-core[grpc] >= 2.24.2, < 3.0.0",
     "google-auth >= 2.14.1, <3.0.0",
     "googleapis-common-protos >= 1.53.0",
     "grpcio >= 1.10.0",
-    "proto-plus >= 1.22.3, <2.0.0",
-    "protobuf >= 4.25.8, < 8.0.0",
+    "proto-plus >= 1.26.1, <2.0.0",
+    "protobuf >= 6.33.5, < 8.0.0",
     {% if api.requires_package(('google', 'iam', 'v1')) %}
     "grpc-google-iam-v1",
     {% endif %}

@@ -69,7 +69,7 @@ else:   # pragma: NO COVER
 
         def parse_version_to_tuple(version_string: str):
             """Safely converts a semantic version string to a comparable tuple of integers.
-            Example: "4.25.8" -> (4, 25, 8)
+            Example: "6.33.5" -> (6, 33, 5)
             Ignores non-numeric parts and handles common version formats.
             Args:
                 version_string: Version string in the format "x.y.z" or "x.y.z<suffix>"
@@ -98,9 +98,9 @@ else:   # pragma: NO COVER
                 return (None, "--")
 
         _dependency_package = "google.protobuf"
-        _next_supported_version = "4.25.8"
-        _next_supported_version_tuple = (4, 25, 8)
-        _recommendation = " (we recommend 6.x)"
+        _next_supported_version = "6.33.5"
+        _next_supported_version_tuple = (6, 33, 5)
+        _recommendation = " (we recommend 7.x)"
         (_version_used, _version_used_string) = _get_version(_dependency_package)
         if _version_used and _version_used < _next_supported_version_tuple:
             warnings.warn(f"Package {_package_label} depends on " +

@@ -7,14 +7,14 @@ allowed version.
 -->
 {% set pypi_packages = {
     ("google", "apps", "card", "v1"): {"package_name": "google-apps-card", "lower_bound": "0.3.0", "upper_bound": "1.0.0"},
-    ("google", "apps", "script", "type"): {"package_name": "google-apps-script-type", "lower_bound": "0.2.0", "upper_bound": "1.0.0"},
-    ("google", "geo", "type"): {"package_name": "google-geo-type", "lower_bound": "0.1.0", "upper_bound": "1.0.0"},
-    ("google", "identity", "accesscontextmanager", "v1"): {"package_name": "google-cloud-access-context-manager", "lower_bound": "0.2.0", "upper_bound": "1.0.0"},
-    ("google", "cloud", "documentai", "v1"): {"package_name": "google-cloud-documentai", "lower_bound": "2.4.1", "upper_bound": "4.0.0"},
-    ("google", "cloud", "kms", "v1"): {"package_name": "google-cloud-kms", "lower_bound": "2.13.0", "upper_bound": "4.0.0"},
-    ("google", "cloud", "osconfig", "v1"): {"package_name": "google-cloud-os-config", "lower_bound": "1.13.0", "upper_bound": "2.0.0"},
-    ("google", "iam", "v1"): {"package_name": "grpc-google-iam-v1", "lower_bound": "0.14.0", "upper_bound": "1.0.0"},
-    ("google", "iam", "v2"): {"package_name": "google-cloud-iam", "lower_bound": "2.12.2", "upper_bound": "3.0.0"},
+    ("google", "apps", "script", "type"): {"package_name": "google-apps-script-type", "lower_bound": "0.3.14", "upper_bound": "1.0.0"},
+    ("google", "geo", "type"): {"package_name": "google-geo-type", "lower_bound": "0.3.12", "upper_bound": "1.0.0"},
+    ("google", "identity", "accesscontextmanager", "v1"): {"package_name": "google-cloud-access-context-manager", "lower_bound": "0.2.2", "upper_bound": "1.0.0"},
+    ("google", "cloud", "documentai", "v1"): {"package_name": "google-cloud-documentai", "lower_bound": "3.2.1", "upper_bound": "4.0.0"},
+    ("google", "cloud", "kms", "v1"): {"package_name": "google-cloud-kms", "lower_bound": "3.4.1", "upper_bound": "4.0.0"},
+    ("google", "cloud", "osconfig", "v1"): {"package_name": "google-cloud-os-config", "lower_bound": "1.20.1", "upper_bound": "2.0.0"},
+    ("google", "iam", "v1"): {"package_name": "grpc-google-iam-v1", "lower_bound": "0.14.2", "upper_bound": "1.0.0"},
+    ("google", "iam", "v2"): {"package_name": "google-cloud-iam", "lower_bound": "2.18.2", "upper_bound": "3.0.0"},
     ("google", "shopping", "type"): {"package_name": "google-shopping-type", "lower_bound": "1.0.0", "upper_bound": "2.0.0"}
 }
 %}
@@ -33,16 +33,15 @@ else:
     release_status = "Development Status :: 5 - Production/Stable"
 
 dependencies = [
-    "google-api-core[grpc] >= 2.17.1, <3.0.0",
+    "google-api-core[grpc] >= 2.24.2, <3.0.0",
     # Exclude incompatible versions of `google-auth`
     # See https://github.com/googleapis/google-cloud-python/issues/12364
     "google-auth >= 2.14.1, <3.0.0,!=2.24.0,!=2.25.0",
     "grpcio >= 1.59.0, < 2.0.0",
     "grpcio >= 1.75.1, < 2.0.0; python_version >= '3.14'",
-    "proto-plus >= 1.22.3, <2.0.0",
-    "proto-plus >= 1.25.0, <2.0.0; python_version >= '3.13'",
+    "proto-plus >= 1.26.1, <2.0.0",
     {# Explicitly exclude protobuf versions mentioned in https://cloud.google.com/support/bulletins#GCP-2022-019 #}
-    "protobuf >= 4.25.8, < 8.0.0",
+    "protobuf >= 6.33.5, < 8.0.0",
     {% for package_tuple, package_info in pypi_packages.items() %}
     {# Quick check to make sure `package_info.package_name` is not the package being generated so we don't circularly include this package in its own constraints file. #}
     {% if api.naming.warehouse_package_name != package_info.package_name %}
@@ -55,7 +54,6 @@ dependencies = [
 extras = {
 {% if rest_async_io_enabled %}
     "async_rest": [
-        "google-api-core[grpc] >= 2.21.0, < 3.0.0",
         "google-auth[aiohttp] >= 2.35.0, <3.0.0"
     ],
 {% endif %}

@@ -8,11 +8,11 @@
 # pinning their versions to their lower bounds.
 # For example, if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0",
 # then this file should have google-cloud-foo==1.14.0
-google-api-core==2.21.0
+google-api-core==2.24.2
 google-auth==2.35.0
 grpcio==1.59.0
-proto-plus==1.22.3
-protobuf==4.25.8
+proto-plus==1.26.1
+protobuf==6.33.5
 {% for package_tuple, package_info in pypi_packages.items() %}
 {# Quick check to make sure `package_info.package_name` is not the package being generated so we don't circularly include this package in its own constraints file. #}
 {% if api.naming.warehouse_package_name != package_info.package_name %}

@@ -5,11 +5,11 @@
 # pinning their versions to their lower bounds.
 # For example, if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0",
 # then this file should have google-cloud-foo==1.14.0
-google-api-core==2.17.1
+google-api-core==2.24.2
 google-auth==2.14.1
 grpcio==1.59.0
-proto-plus==1.22.3
-protobuf==4.25.8
+proto-plus==1.26.1
+protobuf==6.33.5
 {% for package_tuple, package_info in pypi_packages.items() %}
 {# Quick check to make sure `package_info.package_name` is not the package being generated so we don't circularly include this package in its own constraints file. #}
 {% if api.naming.warehouse_package_name != package_info.package_name %}

@@ -10,7 +10,7 @@ google-api-core>=2
 google-auth>=2
 grpcio>=1
 proto-plus>=1
-protobuf>=6
+protobuf>=7
 {% for package_tuple, package_info in pypi_packages.items() %}
 {# Quick check to make sure `package_info.package_name` is not the package being generated so we don't circularly include this package in its own constraints file. #}
 {% if api.naming.warehouse_package_name != package_info.package_name %}

@@ -10,7 +10,7 @@ google-api-core>=2
 google-auth>=2
 grpcio>=1
 proto-plus>=1
-protobuf>=6
+protobuf>=7
 {% for package_tuple, package_info in pypi_packages.items() %}
 {# Quick check to make sure `package_info.package_name` is not the package being generated so we don't circularly include this package in its own constraints file. #}
 {% if api.naming.warehouse_package_name != package_info.package_name %}

@@ -3,7 +3,7 @@ google-api-core
 googleapis-common-protos
 jinja2
 MarkupSafe
-protobuf>=4.25.8
+protobuf>=6.33.5 # for CVE-2026-0994. See https://github.com/advisories/GHSA-7gcm-g887-7qv7 and https://protobuf.dev/support/version-support/#python
 pypandoc
 PyYAML
 grpc-google-iam-v1

@@ -28,17 +28,17 @@
     # Ensure that the lower bounds of these dependencies match what we have in the
     # templated setup.py.j2: https://github.com/googleapis/gapic-generator-python/blob/main/gapic/templates/setup.py.j2
     "click >= 6.7",
-    "google-api-core[grpc] >= 1.34.1, <3.0.0,!=2.0.*,!=2.1.*,!=2.2.*,!=2.3.*,!=2.4.*,!=2.5.*,!=2.6.*,!=2.7.*,!=2.8.*,!=2.9.*,!=2.10.*",
-    "googleapis-common-protos >= 1.55.0",
-    "grpcio >= 1.24.3",
+    "google-api-core[grpc] >= 2.24.2, < 3.0.0",
+    "googleapis-common-protos >= 1.55.0, < 2.0.0",
+    "grpcio >= 1.24.3, < 2.0.0",
     # 2.11.0 is required which adds the `default` argument to `jinja-filters.map()`
     # https://jinja.palletsprojects.com/en/3.0.x/templates/#jinja-filters.map
     # https://jinja.palletsprojects.com/en/2.11.x/changelog/#version-2-11-0
     "jinja2 >= 2.11",
-    "protobuf >= 4.25.8, < 8.0.0",
+    "protobuf >= 6.33.5, < 8.0.0",
     "pypandoc >= 1.4",
     "PyYAML >= 5.1.1",
-    "grpc-google-iam-v1 >= 0.14.0, < 1.0.0",
+    "grpc-google-iam-v1 >= 0.14.2, < 1.0.0",
     "libcst >= 0.4.9, < 2.0.0",
     "inflection >= 0.5.1, < 1.0.0",
 ]

@@ -129,7 +129,7 @@
 
         def parse_version_to_tuple(version_string: str):
             """Safely converts a semantic version string to a comparable tuple of integers.
-            Example: "4.25.8" -> (4, 25, 8)
+            Example: "6.33.5" -> (6, 33, 5)
             Ignores non-numeric parts and handles common version formats.
             Args:
                 version_string: Version string in the format "x.y.z" or "x.y.z<suffix>"
@@ -158,9 +158,9 @@ def _get_version(dependency_name):
                 return (None, "--")
 
         _dependency_package = "google.protobuf"
-        _next_supported_version = "4.25.8"
-        _next_supported_version_tuple = (4, 25, 8)
-        _recommendation = " (we recommend 6.x)"
+        _next_supported_version = "6.33.5"
+        _next_supported_version_tuple = (6, 33, 5)
+        _recommendation = " (we recommend 7.x)"
         (_version_used, _version_used_string) = _get_version(_dependency_package)
         if _version_used and _version_used < _next_supported_version_tuple:
             warnings.warn(f"Package {_package_label} depends on " +

@@ -39,18 +39,17 @@
     release_status = "Development Status :: 5 - Production/Stable"
 
 dependencies = [
-    "google-api-core[grpc] >= 2.17.1, <3.0.0",
+    "google-api-core[grpc] >= 2.24.2, <3.0.0",
     # Exclude incompatible versions of `google-auth`
     # See https://github.com/googleapis/google-cloud-python/issues/12364
     "google-auth >= 2.14.1, <3.0.0,!=2.24.0,!=2.25.0",
     "grpcio >= 1.59.0, < 2.0.0",
     "grpcio >= 1.75.1, < 2.0.0; python_version >= '3.14'",
-    "proto-plus >= 1.22.3, <2.0.0",
-    "proto-plus >= 1.25.0, <2.0.0; python_version >= '3.13'",
-    "protobuf >= 4.25.8, < 8.0.0",
-    "google-cloud-access-context-manager >= 0.2.0, <1.0.0",
-    "google-cloud-os-config >= 1.13.0, <2.0.0",
-    "grpc-google-iam-v1 >= 0.14.0, <1.0.0",
+    "proto-plus >= 1.26.1, <2.0.0",
+    "protobuf >= 6.33.5, < 8.0.0",
+    "google-cloud-access-context-manager >= 0.2.2, <1.0.0",
+    "google-cloud-os-config >= 1.20.1, <2.0.0",
+    "grpc-google-iam-v1 >= 0.14.2, <1.0.0",
 ]
 extras = {
 }

@@ -4,11 +4,11 @@
 # pinning their versions to their lower bounds.
 # For example, if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0",
 # then this file should have google-cloud-foo==1.14.0
-google-api-core==2.17.1
+google-api-core==2.24.2
 google-auth==2.14.1
 grpcio==1.59.0
-proto-plus==1.22.3
-protobuf==4.25.8
-google-cloud-access-context-manager==0.2.0
-google-cloud-os-config==1.13.0
-grpc-google-iam-v1==0.14.0
+proto-plus==1.26.1
+protobuf==6.33.5
+google-cloud-access-context-manager==0.2.2
+google-cloud-os-config==1.20.1
+grpc-google-iam-v1==0.14.2
@@ -9,7 +9,7 @@ google-api-core>=2
 google-auth>=2
 grpcio>=1
 proto-plus>=1
-protobuf>=6
+protobuf>=7
 google-cloud-access-context-manager>=0
 google-cloud-os-config>=1
 grpc-google-iam-v1>=0
@@ -9,7 +9,7 @@ google-api-core>=2
 google-auth>=2
 grpcio>=1
 proto-plus>=1
-protobuf>=6
+protobuf>=7
 google-cloud-access-context-manager>=0
 google-cloud-os-config>=1
 grpc-google-iam-v1>=0
@@ -56,7 +56,7 @@
 
         def parse_version_to_tuple(version_string: str):
             """Safely converts a semantic version string to a comparable tuple of integers.
-            Example: "4.25.8" -> (4, 25, 8)
+            Example: "6.33.5" -> (6, 33, 5)
             Ignores non-numeric parts and handles common version formats.
             Args:
                 version_string: Version string in the format "x.y.z" or "x.y.z<suffix>"
@@ -85,9 +85,9 @@ def _get_version(dependency_name):
                 return (None, "--")
 
         _dependency_package = "google.protobuf"
-        _next_supported_version = "4.25.8"
-        _next_supported_version_tuple = (4, 25, 8)
-        _recommendation = " (we recommend 6.x)"
+        _next_supported_version = "6.33.5"
+        _next_supported_version_tuple = (6, 33, 5)
+        _recommendation = " (we recommend 7.x)"
         (_version_used, _version_used_string) = _get_version(_dependency_package)
         if _version_used and _version_used < _next_supported_version_tuple:
             warnings.warn(f"Package {_package_label} depends on " +

@@ -39,15 +39,14 @@
     release_status = "Development Status :: 5 - Production/Stable"
 
 dependencies = [
-    "google-api-core[grpc] >= 2.17.1, <3.0.0",
+    "google-api-core[grpc] >= 2.24.2, <3.0.0",
     # Exclude incompatible versions of `google-auth`
     # See https://github.com/googleapis/google-cloud-python/issues/12364
     "google-auth >= 2.14.1, <3.0.0,!=2.24.0,!=2.25.0",
     "grpcio >= 1.59.0, < 2.0.0",
     "grpcio >= 1.75.1, < 2.0.0; python_version >= '3.14'",
-    "proto-plus >= 1.22.3, <2.0.0",
-    "proto-plus >= 1.25.0, <2.0.0; python_version >= '3.13'",
-    "protobuf >= 4.25.8, < 8.0.0",
+    "proto-plus >= 1.26.1, <2.0.0",
+    "protobuf >= 6.33.5, < 8.0.0",
 ]
 extras = {
 }

@@ -4,8 +4,8 @@
 # pinning their versions to their lower bounds.
 # For example, if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0",
 # then this file should have google-cloud-foo==1.14.0
-google-api-core==2.17.1
+google-api-core==2.24.2
 google-auth==2.14.1
 grpcio==1.59.0
-proto-plus==1.22.3
-protobuf==4.25.8
+proto-plus==1.26.1
+protobuf==6.33.5
@@ -9,4 +9,4 @@ google-api-core>=2
 google-auth>=2
 grpcio>=1
 proto-plus>=1
-protobuf>=6
+protobuf>=7
@@ -9,4 +9,4 @@ google-api-core>=2
 google-auth>=2
 grpcio>=1
 proto-plus>=1
-protobuf>=6
+protobuf>=7
@@ -118,7 +118,7 @@
 
         def parse_version_to_tuple(version_string: str):
             """Safely converts a semantic version string to a comparable tuple of integers.
-            Example: "4.25.8" -> (4, 25, 8)
+            Example: "6.33.5" -> (6, 33, 5)
             Ignores non-numeric parts and handles common version formats.
             Args:
                 version_string: Version string in the format "x.y.z" or "x.y.z<suffix>"
@@ -147,9 +147,9 @@ def _get_version(dependency_name):
                 return (None, "--")
 
         _dependency_package = "google.protobuf"
-        _next_supported_version = "4.25.8"
-        _next_supported_version_tuple = (4, 25, 8)
-        _recommendation = " (we recommend 6.x)"
+        _next_supported_version = "6.33.5"
+        _next_supported_version_tuple = (6, 33, 5)
+        _recommendation = " (we recommend 7.x)"
         (_version_used, _version_used_string) = _get_version(_dependency_package)
         if _version_used and _version_used < _next_supported_version_tuple:
             warnings.warn(f"Package {_package_label} depends on " +

@@ -39,16 +39,15 @@
     release_status = "Development Status :: 5 - Production/Stable"
 
 dependencies = [
-    "google-api-core[grpc] >= 2.17.1, <3.0.0",
+    "google-api-core[grpc] >= 2.24.2, <3.0.0",
     # Exclude incompatible versions of `google-auth`
     # See https://github.com/googleapis/google-cloud-python/issues/12364
     "google-auth >= 2.14.1, <3.0.0,!=2.24.0,!=2.25.0",
     "grpcio >= 1.59.0, < 2.0.0",
     "grpcio >= 1.75.1, < 2.0.0; python_version >= '3.14'",
-    "proto-plus >= 1.22.3, <2.0.0",
-    "proto-plus >= 1.25.0, <2.0.0; python_version >= '3.13'",
-    "protobuf >= 4.25.8, < 8.0.0",
-    "grpc-google-iam-v1 >= 0.14.0, <1.0.0",
+    "proto-plus >= 1.26.1, <2.0.0",
+    "protobuf >= 6.33.5, < 8.0.0",
+    "grpc-google-iam-v1 >= 0.14.2, <1.0.0",
 ]
 extras = {
 }

@@ -4,9 +4,9 @@
 # pinning their versions to their lower bounds.
 # For example, if setup.py has "google-cloud-foo >= 1.14.0, < 2.0.0",
 # then this file should have google-cloud-foo==1.14.0
-google-api-core==2.17.1
+google-api-core==2.24.2
 google-auth==2.14.1
 grpcio==1.59.0
-proto-plus==1.22.3
-protobuf==4.25.8
-grpc-google-iam-v1==0.14.0
+proto-plus==1.26.1
+protobuf==6.33.5
+grpc-google-iam-v1==0.14.2
@@ -9,5 +9,5 @@ google-api-core>=2
 google-auth>=2
 grpcio>=1
 proto-plus>=1
-protobuf>=6
+protobuf>=7
 grpc-google-iam-v1>=0
@@ -9,5 +9,5 @@ google-api-core>=2
 google-auth>=2
 grpcio>=1
 proto-plus>=1
-protobuf>=6
+protobuf>=7
 grpc-google-iam-v1>=0