Skip to content

Bump google.golang.org/api from 0.267.0 to 0.274.0#1016

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/go_modules/google.golang.org/api-0.274.0
Open

Bump google.golang.org/api from 0.267.0 to 0.274.0#1016
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/go_modules/google.golang.org/api-0.274.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 6, 2026
edited
Loading

Bumps google.golang.org/api from 0.267.0 to 0.274.0.

Release notes

Sourced from google.golang.org/api's releases.

v0.274.0

0.274.0 (2026-04-02)

Features

v0.273.1

0.273.1 (2026-03-31)

Bug Fixes

  • Merge duplicate x-goog-request-params header (#3547) (2008108)

v0.273.0

0.273.0 (2026-03-23)

Features

v0.272.0

0.272.0 (2026-03-16)

Features

v0.271.0

0.271.0 (2026-03-10)

Features

v0.270.0

0.270.0 (2026-03-08)

... (truncated)

Changelog

Sourced from google.golang.org/api's changelog.

0.274.0 (2026-04-02)

Features

0.273.1 (2026-03-31)

Bug Fixes

  • Merge duplicate x-goog-request-params header (#3547) (2008108)

0.273.0 (2026-03-23)

Features

0.272.0 (2026-03-16)

Features

0.271.0 (2026-03-10)

Features

0.270.0 (2026-03-08)

Features

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added Dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Apr 6, 2026
@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 6, 2026
edited
Loading

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.
See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 6574e1c.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

go.mod

PackageVersionLicenseIssue Type
github.com/googleapis/enterprise-certificate-proxy0.3.14NullUnknown License

OpenSSF Scorecard

Scorecard details
PackageVersionScoreDetails
gomod/cloud.google.com/go/auth 0.20.0 🟢 8
Details
CheckScoreReason
Code-Review🟢 9Found 26/27 approved changesets -- score normalized to 9
Maintained🟢 1030 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Security-Policy🟢 10security policy file detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
Fuzzing🟢 10project is fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
gomod/github.com/googleapis/enterprise-certificate-proxy 0.3.14 UnknownUnknown
gomod/github.com/googleapis/gax-go/v2 2.21.0 🟢 7.3
Details
CheckScoreReason
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ -1No tokens found
Code-Review🟢 10all changesets reviewed
Maintained🟢 1030 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Security-Policy🟢 10security policy file detected
Dangerous-Workflow⚠️ -1no workflows found
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ -1no dependencies found
Binary-Artifacts🟢 10no binaries found in the repo
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Signed-Releases⚠️ -1no releases found
SAST⚠️ 2SAST tool is not run on all commits -- score normalized to 2
gomod/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc 0.67.0 🟢 8.8
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Dependency-Update-Tool🟢 10update tool detected
Maintained🟢 1030 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
License🟢 10license file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
SAST🟢 10SAST tool is run on all commits
Fuzzing🟢 10project is fuzzed
Branch-Protection🟢 4branch protection is not maximal on development and all release branches
Signed-Releases🟢 84 out of the last 4 releases have a total of 4 signed artifacts.
Pinned-Dependencies🟢 4dependency not pinned by hash detected -- score normalized to 4
Security-Policy🟢 10security policy file detected
Vulnerabilities🟢 100 existing vulnerabilities detected
CI-Tests🟢 1030 out of 30 merged PRs checked by a CI test -- score normalized to 10
Contributors🟢 10project has 39 contributing companies or organizations
gomod/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp 0.67.0 🟢 8.8
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Dependency-Update-Tool🟢 10update tool detected
Maintained🟢 1030 commit(s) and 12 issue activity found in the last 90 days -- score normalized to 10
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
License🟢 10license file detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
SAST🟢 10SAST tool is run on all commits
Fuzzing🟢 10project is fuzzed
Branch-Protection🟢 4branch protection is not maximal on development and all release branches
Signed-Releases🟢 84 out of the last 4 releases have a total of 4 signed artifacts.
Pinned-Dependencies🟢 4dependency not pinned by hash detected -- score normalized to 4
Security-Policy🟢 10security policy file detected
Vulnerabilities🟢 100 existing vulnerabilities detected
CI-Tests🟢 1030 out of 30 merged PRs checked by a CI test -- score normalized to 10
Contributors🟢 10project has 39 contributing companies or organizations
gomod/go.opentelemetry.io/otel 1.43.0 🟢 9.3
Details
CheckScoreReason
Dependency-Update-Tool🟢 10update tool detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 10all changesets reviewed
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 10all dependencies are pinned
CII-Best-Practices🟢 5badge detected: Passing
SAST🟢 10SAST tool is run on all commits
Fuzzing🟢 10project is fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
License🟢 10license file detected
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Signed-Releases🟢 85 out of the last 5 releases have a total of 5 signed artifacts.
Security-Policy🟢 10security policy file detected
CI-Tests🟢 1030 out of 30 merged PRs checked by a CI test -- score normalized to 10
Contributors🟢 10project has 42 contributing companies or organizations
gomod/go.opentelemetry.io/otel/metric 1.43.0 🟢 9.3
Details
CheckScoreReason
Dependency-Update-Tool🟢 10update tool detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 10all changesets reviewed
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 10all dependencies are pinned
CII-Best-Practices🟢 5badge detected: Passing
SAST🟢 10SAST tool is run on all commits
Fuzzing🟢 10project is fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
License🟢 10license file detected
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Signed-Releases🟢 85 out of the last 5 releases have a total of 5 signed artifacts.
Security-Policy🟢 10security policy file detected
CI-Tests🟢 1030 out of 30 merged PRs checked by a CI test -- score normalized to 10
Contributors🟢 10project has 42 contributing companies or organizations
gomod/go.opentelemetry.io/otel/trace 1.43.0 🟢 9.3
Details
CheckScoreReason
Dependency-Update-Tool🟢 10update tool detected
Maintained🟢 1030 commit(s) and 19 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 10all changesets reviewed
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Packaging⚠️ -1packaging workflow not detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies🟢 10all dependencies are pinned
CII-Best-Practices🟢 5badge detected: Passing
SAST🟢 10SAST tool is run on all commits
Fuzzing🟢 10project is fuzzed
Vulnerabilities🟢 100 existing vulnerabilities detected
License🟢 10license file detected
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Signed-Releases🟢 85 out of the last 5 releases have a total of 5 signed artifacts.
Security-Policy🟢 10security policy file detected
CI-Tests🟢 1030 out of 30 merged PRs checked by a CI test -- score normalized to 10
Contributors🟢 10project has 42 contributing companies or organizations
gomod/golang.org/x/crypto 0.49.0 UnknownUnknown
gomod/golang.org/x/net 0.52.0 UnknownUnknown
gomod/golang.org/x/oauth2 0.36.0 UnknownUnknown
gomod/golang.org/x/sync 0.20.0 UnknownUnknown
gomod/golang.org/x/sys 0.42.0 UnknownUnknown
gomod/golang.org/x/text 0.35.0 UnknownUnknown
gomod/golang.org/x/time 0.15.0 UnknownUnknown
gomod/gonum.org/v1/gonum 0.17.0 🟢 5.4
Details
CheckScoreReason
Code-Review🟢 10all changesets reviewed
Maintained🟢 32 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 3
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
Fuzzing🟢 10project is fuzzed
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
gomod/google.golang.org/api 0.276.0 🟢 7.1
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 10all changesets reviewed
Dangerous-Workflow⚠️ -1no workflows found
Token-Permissions⚠️ -1No tokens found
Security-Policy🟢 10security policy file detected
Packaging⚠️ -1packaging workflow not detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Binary-Artifacts🟢 10no binaries found in the repo
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Pinned-Dependencies⚠️ -1no dependencies found
gomod/google.golang.org/genproto 0.0.0-20260319201613-d00831a3d3e7 🟢 6.7
Details
CheckScoreReason
Packaging⚠️ -1packaging workflow not detected
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Code-Review🟢 10all changesets reviewed
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Binary-Artifacts🟢 10no binaries found in the repo
Signed-Releases⚠️ -1no releases found
Branch-Protection🟢 8branch protection is not maximal on development and all release branches
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
SAST🟢 5SAST tool is not run on all commits -- score normalized to 5
gomod/google.golang.org/genproto/googleapis/api 0.0.0-20260319201613-d00831a3d3e7 🟢 6.7
Details
CheckScoreReason
Packaging⚠️ -1packaging workflow not detected
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Code-Review🟢 10all changesets reviewed
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Binary-Artifacts🟢 10no binaries found in the repo
Signed-Releases⚠️ -1no releases found
Branch-Protection🟢 8branch protection is not maximal on development and all release branches
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
SAST🟢 5SAST tool is not run on all commits -- score normalized to 5
gomod/google.golang.org/genproto/googleapis/rpc 0.0.0-20260401024825-9d38bb4040a9 🟢 6.7
Details
CheckScoreReason
Packaging⚠️ -1packaging workflow not detected
Maintained🟢 1030 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Code-Review🟢 10all changesets reviewed
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Binary-Artifacts🟢 10no binaries found in the repo
Signed-Releases⚠️ -1no releases found
Branch-Protection🟢 8branch protection is not maximal on development and all release branches
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
SAST🟢 5SAST tool is not run on all commits -- score normalized to 5
gomod/google.golang.org/grpc 1.80.0 🟢 8.5
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10
Packaging⚠️ -1packaging workflow not detected
Code-Review🟢 10all changesets reviewed
Security-Policy🟢 9security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
License🟢 10license file detected
Fuzzing🟢 10project is fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
SAST🟢 7SAST tool detected but not run on all commits

Scanned Files

  • go.mod

@dependabot dependabot bot force-pushed the dependabot/go_modules/google.golang.org/api-0.274.0 branch from 7f4c847 to 2d86769 Compare April 7, 2026 16:37
@dependabot
Bump google.golang.org/api from 0.267.0 to 0.274.0
6574e1c 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.267.0 to 0.274.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](googleapis/google-api-go-client@v0.267.0...v0.274.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-version: 0.274.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/go_modules/google.golang.org/api-0.274.0 branch from 2d86769 to 6574e1c Compare April 15, 2026 16:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@janezpodhostnik janezpodhostnik Awaiting requested review from janezpodhostnik janezpodhostnik is a code owner

@chasefleming chasefleming Awaiting requested review from chasefleming chasefleming is a code owner

@nvdtf nvdtf Awaiting requested review from nvdtf nvdtf is a code owner

@jribbink jribbink Awaiting requested review from jribbink jribbink is a code owner

@peterargue peterargue Awaiting requested review from peterargue peterargue is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

Dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants