chore: untangling auth library parent and imported BOM

[suztomo]

Maven Central does not allow uploading a set of artifacts having different group IDs.

• The shared dependencies BOM (which uses gapic-generator-java-bom) should not import the auth BOM.
• The google-auth-library-java/pom.xml should not use POM file of com.google.cloud.

[gemini-code-assist]

Code Review

This pull request updates the project's parent POM configuration to use google-cloud-shared-config instead of the previous parent, updates various dependency versions, and refines the dependencyManagement section. Feedback was provided regarding the hardcoded version of mockito-core, the potential build failure for mockito-junit-jupiter due to the parent change, and the ambiguity of the <!-- Do not import --> comment in the POM file.

[gemini-code-assist]

The version for mockito-core is hardcoded here. It is recommended to use a property for consistency with other dependencies in this file. Additionally, the subsequent dependency mockito-junit-jupiter (starting at line 149) is missing a version; since the parent has changed from google-cloud-jar-parent to google-cloud-shared-config, it is likely no longer managed and will cause a build failure if a version is not explicitly provided.

[gemini-code-assist]

The comment <!-- Do not import --> is ambiguous and potentially misleading, as it is immediately followed by several dependencies with <scope>import</scope>. If the intention is to discourage importing this root POM as a BOM, it should be clarified or moved to a more appropriate location. If it is a leftover from a previous iteration, it should be removed.

[blakeli0]

Anything that requires this update?

[suztomo]

Guava depends on this newer version and upper-bound check was failing.