From b8a897475447dd0b8dfe92515ab7da2c847d7dd0 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 26 May 2026 11:01:00 -0700
Subject: [PATCH] Bump the dependencies group with 3 updates
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps the dependencies group with 3 updates: [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf), org.ow2.asm:asm and [org.apache.maven.plugins:maven-site-plugin](https://github.com/apache/maven-site-plugin).

Updates `com.google.protobuf:protobuf-java` from 4.34.1 to 4.35.0
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a href="https://github.com/protocolbuffers/protobuf/commits">compare view</a></li>
</ul>
</details>
<br />

Updates `org.ow2.asm:asm` from 9.10 to 9.10.1

Updates `org.apache.maven.plugins:maven-site-plugin` from 3.21.0 to 3.22.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/apache/maven-site-plugin/releases">org.apache.maven.plugins:maven-site-plugin's releases</a>.</em></p>
<blockquote>
<h2>3.22.0</h2>
<!-- raw HTML omitted -->
<h2>🚀 New features and improvements</h2>
<ul>
<li>Upgrade to Doxia 2.1.0 (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1269">#1269</a>) <a href="https://github.com/kwin"><code>@​kwin</code></a></li>
<li>Upgrade to Doxia Site Tools 2.1.0 (<a href="https://github.com/apache/maven-site-plugin/commit/1b3cff68bcfe20f11dd9f9b7a94d7c91bc9e5768">1b3cff6</a>) <a href="https://github.com/kwin"><code>@​kwin</code></a></li>
<li>Add blocking &quot;auto-refresh&quot; goal (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1267">#1267</a>) <a href="https://github.com/kwin"><code>@​kwin</code></a></li>
<li>Allow to give alternative source directories (<a href="https://github.com/apache/maven-site-plugin/commit/1b3cff68bcfe20f11dd9f9b7a94d7c91bc9e5768">1b3cff6</a>) <a href="https://github.com/kwin"><code>@​kwin</code></a></li>
<li>Throw UOE for unsupported MultiPageSinkFactory.createSink(...) overloads (<a href="https://github.com/apache/maven-site-plugin/commit/a27b283af8e486ee7d9a66ea58e0ff678153b6ad">a27b283</a>) <a href="https://github.com/kwin"><code>@​kwin</code></a></li>
</ul>
<h2>📝 Documentation updates</h2>
<ul>
<li>Several site improvements (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1272">#1272</a>) <a href="https://github.com/kwin"><code>@​kwin</code></a></li>
<li>Convert Site source from APT to Markdown (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1265">#1265</a>) <a href="https://github.com/kwin"><code>@​kwin</code></a></li>
</ul>
<h2>👻 Maintenance</h2>
<ul>
<li>Fix GitHub CI configuration on new master (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1257">#1257</a>) <a href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li>remove missing module (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1258">#1258</a>) <a href="https://github.com/hboutemy"><code>@​hboutemy</code></a></li>
<li><a href="https://issues.apache.org/jira/browse/MSITE-977">[MSITE-977]</a> - Remove broken links (<a href="https://redirect.github.com/apache/maven-site-plugin/issues/211">#211</a>) (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1256">#1256</a>) <a href="https://github.com/hboutemy"><code>@​hboutemy</code></a></li>
<li>chore: Migrate Junit3/4 to Junit5 (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1243">#1243</a>) <a href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li>Allow to manually execute release drafter (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/236">#236</a>) <a href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li>Enable GitHub Issues (Maven 3) (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/234">#234</a>) <a href="https://github.com/Bukama"><code>@​Bukama</code></a></li>
<li>Drop additional configuration for requirementsHistories (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/221">#221</a>) <a href="https://github.com/slawekjaranowski"><code>@​slawekjaranowski</code></a></li>
<li>Convert to Guice injection (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/218">#218</a>) <a href="https://github.com/elharo"><code>@​elharo</code></a></li>
<li>[<a href="https://issues.apache.org/jira/browse/MSITE-986">MSITE-986</a>] Refresh download page (<a href="https://github.com/apache/maven-site-plugin/commit/12c8a9d89a6a4865e1c94c766f715131ee6f5eb5">12c8a9d0</a>) <a href="https://github.com/yuhaowin"><code>@​yuhaowin</code></a></li>
<li>Rename &quot;Goals&quot; to &quot;Plugin Documentation&quot; (<a href="https://github.com/apache/maven-site-plugin/commit/f489a1ec552ff8bab6628a788089d5d2707138fa">f489a1e</a>) <a href="https://github.com/Bukama"><code>@​Bukama</code></a></li>
</ul>
<h2>📦 Dependency updates</h2>
<ul>
<li>Bump org.apache.maven.plugins:maven-plugins from 47 to 48 (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1271">#1271</a>) @<a href="https://github.com/apps/dependabot">dependabot[bot]</a></li>
<li>Bump org.apache.logging.log4j:log4j-core from 2.25.3 to 2.25.4 in /src/it/projects/MSITE-497/apps/app (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1263">#1263</a>) @<a href="https://github.com/apps/dependabot">dependabot[bot]</a></li>
<li>Bump commons-io:commons-io from 2.21.0 to 2.22.0 (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1268">#1268</a>) @<a href="https://github.com/apps/dependabot">dependabot[bot]</a></li>
<li>Backport Update to parent 47 to 3.x branch (<a href="https://redirect.github.com/apache/maven-site-plugin/issues/1235">#1235</a>) (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1237">#1237</a>) <a href="https://github.com/Bukama"><code>@​Bukama</code></a></li>
<li>Bump org.codehaus.mojo:mrm-maven-plugin from 1.7.0 to 1.7.1 (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1225">#1225</a>) @<a href="https://github.com/apps/dependabot">dependabot[bot]</a></li>
<li>Bump org.apache.maven:maven-archiver from 3.6.5 to 3.6.6 (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1212">#1212</a>) @<a href="https://github.com/apps/dependabot">dependabot[bot]</a></li>
<li>Bump org.apache.commons:commons-lang3 from 3.19.0 to 3.20.0 (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1207">#1207</a>) @<a href="https://github.com/apps/dependabot">dependabot[bot]</a></li>
<li>Bump org.codehaus.plexus:plexus-archiver from 4.10.0 to 4.10.4 (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1203">#1203</a>) @<a href="https://github.com/apps/dependabot">dependabot[bot]</a></li>
<li>Bump org.codehaus.plexus:plexus-i18n from 1.0.0 to 1.1.0 (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1204">#1204</a>) @<a href="https://github.com/apps/dependabot">dependabot[bot]</a></li>
<li>Bump jettyVersion from 9.4.56.v20240826 to 9.4.58.v20250814 (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1194">#1194</a>) @<a href="https://github.com/apps/dependabot">dependabot[bot]</a></li>
<li>Bump org.codehaus.mojo:mrm-maven-plugin from 1.6.0 to 1.7.0 (<a href="https://redirect.github.com/apache/maven-site-plugin/pull/1193">#1193</a>) @<a href="https://github.com/apps/dependabot">dependabot[bot]</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/apache/maven-site-plugin/commit/f9f7cc659f6b967395c1fb36674f4c2d6123e3b2"><code>f9f7cc6</code></a> [maven-release-plugin] prepare release maven-site-plugin-3.22.0</li>
<li><a href="https://github.com/apache/maven-site-plugin/commit/f7b57ea776d53c85cc2ce8d13b29cc97a4c9c1a1"><code>f7b57ea</code></a> Bump org.codehaus.plexus:plexus-interactivity-api from 1.3 to 1.5.1</li>
<li><a href="https://github.com/apache/maven-site-plugin/commit/282aa04b919388503381028f43bbd14a65bed990"><code>282aa04</code></a> Several site improvements (<a href="https://redirect.github.com/apache/maven-site-plugin/issues/1272">#1272</a>)</li>
<li><a href="https://github.com/apache/maven-site-plugin/commit/55ebd9fb33a76b2f3aaf81dfdf4e8475bb3e4b4b"><code>55ebd9f</code></a> Upgrade to Doxia 2.1.0</li>
<li><a href="https://github.com/apache/maven-site-plugin/commit/93ecbb6cf28a5a796f5a36e0d3c969904885c988"><code>93ecbb6</code></a> Improve goal description</li>
<li><a href="https://github.com/apache/maven-site-plugin/commit/106d259ef1657f6a0a4220329a8031f82fd795e4"><code>106d259</code></a> Improve error messages</li>
<li><a href="https://github.com/apache/maven-site-plugin/commit/a7511e9cf2eff0e49a5cafa546bb24ed3048c2eb"><code>a7511e9</code></a> Fix additional PR comments</li>
<li><a href="https://github.com/apache/maven-site-plugin/commit/c3c1c0f31e80b5b80023779a48d0632ecb4bdd17"><code>c3c1c0f</code></a> Rename from &quot;hot-reload&quot; to &quot;auto-refresh&quot;</li>
<li><a href="https://github.com/apache/maven-site-plugin/commit/5fb15045d5e23d66bb106a525543021c8af2df49"><code>5fb1504</code></a> Add blocking &quot;hot-reload&quot; goal</li>
<li><a href="https://github.com/apache/maven-site-plugin/commit/2d9a4891ec9d3a6a8cf36b07166f325594813fb7"><code>2d9a489</code></a> Bump org.apache.maven.plugins:maven-plugins from 47 to 48 (<a href="https://redirect.github.com/apache/maven-site-plugin/issues/1271">#1271</a>)</li>
<li>Additional commits viewable in <a href="https://github.com/apache/maven-site-plugin/compare/maven-site-plugin-3.21.0...maven-site-plugin-3.22.0">compare view</a></li>
</ul>
</details>
<br />

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions

</details>

Fixes https://github.com/google/truth/pull/1650

COPYBARA_INTEGRATE_REVIEW=https://github.com/google/truth/pull/1650 from google:dependabot/maven/dependencies-fe09fd7adf b25929c5888b602e125718e87a15eced371c90d1
PiperOrigin-RevId: 921567298
---
 pom.xml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/pom.xml b/pom.xml
index abdf83f07..884eafc3e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -30,7 +30,7 @@
     -->
     <guava.jre.version>33.4.3-jre</guava.jre.version>
     <gwt.version>2.11.0</gwt.version>
-    <protobuf.version>4.34.1</protobuf.version>
+    <protobuf.version>4.35.0</protobuf.version>
     <!-- Property for protobuf-lite protocArtifact, which isn't a "normal" Maven dep. -->
     <!-- TODO(cpovirk): Use protobuf.version instead. But that requires finding the new way to request the Lite runtime. -->
     <protobuf-lite.protoc.version>3.1.0</protobuf-lite.protoc.version>
@@ -128,7 +128,7 @@
       <dependency>
         <groupId>org.ow2.asm</groupId>
         <artifactId>asm</artifactId>
-        <version>9.10</version>
+        <version>9.10.1</version>
       </dependency>
       <dependency>
         <groupId>com.google.jsinterop</groupId>
@@ -236,7 +236,7 @@
         <!-- https://stackoverflow.com/a/51093732/28465 -->
         <plugin>
           <artifactId>maven-site-plugin</artifactId>
-          <version>3.21.0</version>
+          <version>3.22.0</version>
         </plugin>
         <plugin>
           <artifactId>maven-project-info-reports-plugin</artifactId>