…apis#12783)

java-logging has been migrated to google-cloud-java but java-pubsub is
still in a separate repo. Updating the CI to reflect it.

…2784)

sdk-platform-java already has [its own
ci](https://github.com/googleapis/google-cloud-java/blob/main/.github/workflows/sdk-platform-java-ci.yaml).
There is no need to run units in a separate CI.

🤖 I have created a release *beep* *boop*
---


<details><summary>1.85.0</summary>

##
[1.85.0](googleapis/google-cloud-java@v1.84.0...v1.85.0)
(2026-04-14)


### Features

* [appoptimize] new module for appoptimize
([googleapis#12768](googleapis#12768))
([050187d](googleapis@050187d))
* [chronicle] Add DataTableService to Chronicle v1 Client Libraries
([fc62b1e](googleapis@fc62b1e))
* [databasecenter] Add support for BigQuery datasets and
([fc62b1e](googleapis@fc62b1e))
* [dataplex] Allow Data Documentation DataScans to support BigQuery
([fc62b1e](googleapis@fc62b1e))
* [dataproc] Add `Engine` field to support LightningEngine in
([fc62b1e](googleapis@fc62b1e))
* [discoveryengine] add AUTO condition to SearchAsYouTypeSpec in
([fc62b1e](googleapis@fc62b1e))
* [infra-manager] adding DeploymentGroups, you can now manage
([fc62b1e](googleapis@fc62b1e))
* [kms] add a variable to SingleTenantHsmInstanceCreate to control
([fc62b1e](googleapis@fc62b1e))
* [kms] support external-μ in the Digest
([fc62b1e](googleapis@fc62b1e))
* [shopping-merchant-products] a new field `base64_encoded_name` is
([fc62b1e](googleapis@fc62b1e))
* [vectorsearch] Added CMEK support
([fc62b1e](googleapis@fc62b1e))


### Bug Fixes

* **auth:** Address ClientSideCredentialAccessBoundary RefreshTask race
condition
([googleapis#12681](googleapis#12681))
([30088d2](googleapis@30088d2))
* **bqjdbc:** lazily instantiate Statement in BigQueryDatabaseMetaData
([googleapis#12752](googleapis#12752))
([72e5508](googleapis@72e5508))
* **deps:** update the Java code generator (gapic-generator-java) to
([fc62b1e](googleapis@fc62b1e))
* **gdch:** support EC private keys
([googleapis#1896](googleapis#1896))
([bf926fb](googleapis@bf926fb))
* update appoptimize version to 0.0.1 to match released repo
([googleapis#12782](googleapis#12782))
([80dfac6](googleapis@80dfac6))


### Documentation

* [network-management] Update comment for the `region` field in
([fc62b1e](googleapis@fc62b1e))
* [shopping-merchant-inventories] A comment for field `name` in
([fc62b1e](googleapis@fc62b1e))
</details>

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

…oogleapis#12785)

Some "upstream" modules have a bit more impact and we want to test the
impact of the changes across the modules inside the monorepo.

Changes in auth, gax, or shared-deps can trigger downstream unit tests

…ryConnection (googleapis#12778)

This PR contains the following updates:

| Package | Change |
[Age](https://docs.renovatebot.com/merge-confidence/) |
[Confidence](https://docs.renovatebot.com/merge-confidence/) |
|---|---|---|---|
|
[com.google.auth:google-auth-library-bom](https://redirect.github.com/googleapis/java-shared-config)
| `1.43.0` → `1.46.0` |
![age](https://developer.mend.io/api/mc/badges/age/maven/com.google.auth:google-auth-library-bom/1.46.0?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/com.google.auth:google-auth-library-bom/1.43.0/1.46.0?slim=true)
|
|
[com.google.errorprone:error_prone_annotations](https://errorprone.info)
([source](https://redirect.github.com/google/error-prone)) | `2.48.0` →
`2.49.0` |
![age](https://developer.mend.io/api/mc/badges/age/maven/com.google.errorprone:error_prone_annotations/2.49.0?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/com.google.errorprone:error_prone_annotations/2.48.0/2.49.0?slim=true)
|
|
[io.opentelemetry:opentelemetry-bom](https://redirect.github.com/open-telemetry/opentelemetry-java)
| `1.60.1` → `1.61.0` |
![age](https://developer.mend.io/api/mc/badges/age/maven/io.opentelemetry:opentelemetry-bom/1.61.0?slim=true)
|
![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/io.opentelemetry:opentelemetry-bom/1.60.1/1.61.0?slim=true)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the [Dependency
Dashboard](..googleapis/issues/7649) for more information.

---

### Release Notes

<details>
<summary>google/error-prone
(com.google.errorprone:error_prone_annotations)</summary>

###
[`v2.49.0`](https://redirect.github.com/google/error-prone/releases/tag/v2.49.0):
Error Prone 2.49.0

[Compare
Source](https://redirect.github.com/google/error-prone/compare/v2.48.0...v2.49.0)

This release includes several changes to `Matcher` APIs, and removed
some deprecated or problematic APIs:

- Remove deprecated `MethodMatchers.withSignature` API, which relies on
fragile `toString` behaviour. Alternatives for matching on method
signatures with varargs and type parameters were added in
[`a98a1c5`](https://redirect.github.com/google/error-prone/commit/a98a1c55d92d343ae2c142485e8888cd46aa78b3).
- Removed `variableType(Matcher)` API. `Matchers.variableType(Matcher)`
uses `VariableTree#getType` to match variable types, which own't work
for lambda parameters with inferred types after
[JDK-8268850](https://bugs.openjdk.org/browse/JDK-8268850). The
recommended replacement is `variableType(TypePredicate)`.
- Make `enclosingPackage` return an optional. Module elements are not
enclosed by a package, checks using `enclosingPackage` shouldn't assume
an enclosing package exists when processing arbitrary elements.
- New `FieldMatchers` API, similar to `MethodMatchers`
([`1dd9c3a`](https://redirect.github.com/google/error-prone/commit/1dd9c3a6bd76fca8104be6ae1c1004655d6a1745)).

New checks:

-
[`AssertThrowsBlockToExpression`](https://errorprone.info/bugpattern/AssertThrowsBlockToExpression):
Discourage unnecessary block lambdas in `assertThrows`.
-
[`AssertThrowsMinimizer`](https://errorprone.info/bugpattern/AssertThrowsMinimizer):
Suggest minimizing the amount of logic in `assertThrows`.
-
[`MemorySegmentReferenceEquality`](https://errorprone.info/bugpattern/MemorySegmentReferenceEquality):
Discourage using reference equality for `MemorySegments`.
-
[`PreferThrowsTag`](https://errorprone.info/bugpattern/PreferThrowsTag):
Recommends using `@throws` instead of the legacy `@exception` javadoc
tag.
-
[`RecordAccessorInCompactConstructor`](https://errorprone.info/bugpattern/RecordAccessorInCompactConstructor):
detect record accessors inside the compact canonical ctors, which read
uninitialized fields.

Closed issues:
[#&googleapis#8203;2283](https://redirect.github.com/google/error-prone/issues/2283),
[#&googleapis#8203;3503](https://redirect.github.com/google/error-prone/issues/3503),
[#&googleapis#8203;5210](https://redirect.github.com/google/error-prone/issues/5210),
[#&googleapis#8203;5289](https://redirect.github.com/google/error-prone/issues/5289),
[#&googleapis#8203;5548](https://redirect.github.com/google/error-prone/issues/5548),
[#&googleapis#8203;5548](https://redirect.github.com/google/error-prone/issues/5548),
[#&googleapis#8203;5554](https://redirect.github.com/google/error-prone/issues/5554),
[#&googleapis#8203;5609](https://redirect.github.com/google/error-prone/issues/5609),
[#&googleapis#8203;5614](https://redirect.github.com/google/error-prone/issues/5614),
[#&googleapis#8203;5656](https://redirect.github.com/google/error-prone/issues/5656)

Full changelog:
<google/error-prone@v2.48.0...v2.49.0>

</details>

<details>
<summary>open-telemetry/opentelemetry-java
(io.opentelemetry:opentelemetry-bom)</summary>

###
[`v1.61.0`](https://redirect.github.com/open-telemetry/opentelemetry-java/blob/HEAD/CHANGELOG.md#Version-1610-2026-04-10)

[Compare
Source](https://redirect.github.com/open-telemetry/opentelemetry-java/compare/v1.60.1...v1.61.0)

##### API

- Stabilize `isEnabled()` on `Tracer`, `Logger`, and metric instruments

([#&googleapis#8203;8200](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8200))

##### Incubating

- **BREAKING** Update `EnvironmentGetter` and `EnvironmentSetter` key
normalization to reflect spec
  changes

([#&googleapis#8203;8233](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8233))

##### SDK

##### Traces

- Retain propagated context when generating random trace IDs

([#&googleapis#8203;8263](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8263))
- Add rate-limited warning log when `BatchSpanProcessor` drops spans

([#&googleapis#8203;8167](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8167))

##### Metrics

- Track series start time per aggregator rather than at
`SdkMeterProvider` creation time

([#&googleapis#8203;8180](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8180))
- Capture context class loader during async callback registration

([#&googleapis#8203;8091](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8091))
- Make include/exclude work correctly with empty (but non-null) lists

([#&googleapis#8203;8185](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8185))

##### Logs

- Fix condition for recording successful log processing metrics

([#&googleapis#8203;8226](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8226))

##### Exporters

- OTLP: add configurable bounds to response body reading

([#&googleapis#8203;8224](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8224),
[#&googleapis#8203;8277](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8277))
- OTLP: only throw invalid response exception when gRPC response size <
5 bytes

([#&googleapis#8203;8194](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8194))
- OTLP: remove duplicate FINEST-level error logging in gRPC exporter

([#&googleapis#8203;8216](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8216))
- OTLP Profiles: clean up profile signal exporters for consistency

([#&googleapis#8203;8172](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8172))

##### Extensions

- **BREAKING** Autoconfigure: remove deprecated `ComponentLoader` class
(use
  `io.opentelemetry.common.ComponentLoader` instead)

([#&googleapis#8203;8243](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8243))
- Declarative config: fix `DeclarativeConfigProperties` javadoc to not
throw exceptions

([#&googleapis#8203;8079](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8079))
- Declarative config: resource attribute filtering should include
attributes by default

([#&googleapis#8203;8177](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8177))
- Declarative config: enforce IncludedExcludeModel .included and
.excluded are not empty

([#&googleapis#8203;8266](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8266))
- Autoconfigure: restructure SDK incubator to not depend on
autoconfigure internals

([#&googleapis#8203;8242](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8242))

##### Project tooling

- Disable Gradle build cache on releases to mitigate supply chain risk

([#&googleapis#8203;8254](https://redirect.github.com/open-telemetry/opentelemetry-java/pull/8254))

</details>

---

### Configuration

📅 **Schedule**: (UTC)

- Branch creation
  - At any time (no schedule defined)
- Automerge
  - At any time (no schedule defined)

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/googleapis/google-cloud-java).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4xMDIuMTEiLCJ1cGRhdGVkSW5WZXIiOiI0My4xMTAuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOltdfQ==-->

…apis#12794)

…pis#12793)

For now, try to skip the GAPIC unit tests if there are handwritten
changes only in the handwritten repos.

In the future, we may want to see if we even want to run all the GAPIC
unit tests (can we just use showcase tests?)

…the Emulator (googleapis#12721)

## Problem Statement

When using the `java-datastore` SDK with `GrpcTransportOptions` and
connecting to a local Datastore Emulator (e.g., via the
`DATASTORE_EMULATOR_HOST` environment variable), the client consistently
throws an `UNAUTHENTICATED: Request is missing required authentication
credential` error.

### The Root Cause

In `GrpcDatastoreRpc.java`, the SDK constructor detects the emulator
correctly and creates an unauthenticated, plaintext gRPC channel
specifically tailored for local development via
`getClientContextForEmulator(datastoreOptions)`.

However, right after generating this specialized context, the SDK uses a
builder (`DatastoreStubSettings.newBuilder`) that **unconditionally
overwrites** the transport channel provider with a default
production-oriented channel provider in order to set channel pooling
limits.

Because the emulator's custom local channel gets overwritten by this
production channel configuration, the SDK ultimately discards the
emulator settings and attempts to connect securely to the actual
production endpoint (`datastore.googleapis.com`), but without any
credentials (since it knows it's an emulator). Production immediately
rejects the call.

## The Fix

The fix converts the monolithic `DatastoreStubSettings` builder chain
into a sequential one, and conditionally applies the custom channel
pooling provider only if the environment is **not** an emulator:

```java
      DatastoreStubSettings.Builder datastoreStubSettingsBuilder =
          DatastoreStubSettings.newBuilder(clientContext)
              .applyToAllUnaryMethods(retrySettingSetter(datastoreOptions));

      if (!isEmulator(datastoreOptions)) {
        datastoreStubSettingsBuilder.setTransportChannelProvider(
           // ... Production connection pool settings
        );
      }
```

## Why this is a safe fix without side effects

1. **Zero Impact on Production Traffic:** The fix relies exclusively on
the existing, battle-tested `isEmulator()` method. If the SDK is pointed
at production, `!isEmulator` returns true, and the code path executes
the exact same transport channel override as before. Production
throughput, connection pooling, and auth behavior remain 100% untouched.

2. **Restores Original Intent:** For emulator traffic, the channel
provider override is gracefully skipped. This allows the custom,
unauthenticated local gRPC channel created specifically for the emulator
in `getClientContextForEmulator()` to survive and be used by the
`GrpcDatastoreStub`.

3. **Architecturally Safe:** It introduces no new dependencies, requires
no new variables or complex state management, and makes no changes to
the public API surface. It simply resolves an unintentional clobbering
of configuration variables at object instantiation time.

googleapis#12769)

b/467063732

---------

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

🤖 I have created a release *beep* *boop*
---


<details><summary>1.86.0-SNAPSHOT</summary>

### Updating meta-information for bleeding-edge SNAPSHOT release.
</details>

---
This PR was generated with [Release
Please](https://github.com/googleapis/release-please). See
[documentation](https://github.com/googleapis/release-please#release-please).

Reverts googleapis#12799

googleapis#12789)

This pull request is generated with proto changes between
[googleapis/googleapis@e182cf5](googleapis/googleapis@e182cf5)
(exclusive) and
[googleapis/googleapis@62e4ecb](googleapis/googleapis@62e4ecb)
(inclusive).

BEGIN_COMMIT_OVERRIDE
BEGIN_NESTED_COMMIT
fix(deps): update the Java code generator (gapic-generator-java) to
2.70.0
END_NESTED_COMMIT
BEGIN_NESTED_COMMIT
feat: [aiplatform] Model Registry CopyModel BYOSA

PiperOrigin-RevId: 899215526

Source Link:
[googleapis/googleapis@62e4ecb](googleapis/googleapis@62e4ecb)
END_NESTED_COMMIT
BEGIN_NESTED_COMMIT
feat: [aiplatform] new field CopyModelRequest.custome_service_account
for Model Registry CopyModel BYOSA

PiperOrigin-RevId: 899197055

Source Link:
[googleapis/googleapis@5f39e35](googleapis/googleapis@5f39e35)
END_NESTED_COMMIT
BEGIN_NESTED_COMMIT
feat: [bigqueryreservation] add principal field to BigQuery Reservation
Assignment
docs: [bigqueryreservation] update the scaling mode documentation to
correct an example math error

PiperOrigin-RevId: 899158032

Source Link:
[googleapis/googleapis@a5bd611](googleapis/googleapis@a5bd611)
END_NESTED_COMMIT
BEGIN_NESTED_COMMIT
feat: [vectorsearch] Added CMEK support
feat: [vectorsearch] Added UpdateIndex support
docs: [vectorsearch] Updated documentation for listing locations
docs: [vectorsearch] Updated documentation for Collection.data_schema

PiperOrigin-RevId: 898990233

Source Link:
[googleapis/googleapis@38ed7d6](googleapis/googleapis@38ed7d6)
END_NESTED_COMMIT
END_COMMIT_OVERRIDE

https://github.com/googleapis/google-cloud-java/actions/runs/24420694631/job/71341735455?pr=12801

Adding a skill from the existing [sdk-platform-java GEMINI.md
file](https://github.com/googleapis/google-cloud-java/blob/main/sdk-platform-java/GEMINI.md).
Try to break the Java development specific portions out so that it can
be used by the rest of the modules in the monorepo.

---------

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

Fixes
https://github.com/googleapis/google-cloud-java/pull/12801/checks?check_run_id=71341727672

`failed to solve with frontend dockerfile.v0: failed to read dockerfile:
error from sender: resolve : lstat .cloudbuild: no such file or
directory`

---------

Co-authored-by: cloud-java-bot <cloud-java-bot@google.com>

This pull request resolves an API compatibility issue in the
`sdk-platform-java` standalone Bazel build by updating the dependency
pointers for `google-auth-library`.

## Problem
Bazel integration tests for `sdk-platform-java` were failing due to a
mismatch between local source code usage and external dependency
signatures:

```
external/com_google_api_gax_java/gax/src/main/java/com/google/api/gax/rpc/ClientContext.java:357: error: incompatible types: String cannot be converted to URI
    return ((GdchCredentials) credentials).createWithGdchAudience(audienceString);
                                                                  ^
```

This occurred because `gax-java` locally relies on
`createWithGdchAudience(String)`, which was introduced in newer versions
of `google-auth-library`, but the inner Bazel `dependencies.properties`
file was still downloading `1.42.1`.

## Solution
- Updated `google-auth-library-oauth2-http` and
`google-auth-library-credentials` versions from `1.42.1` to `1.46.0`
inside `sdk-platform-java/gax-java/dependencies.properties`.
- Added a temporary CI trigger to ensure standalone validation jobs are
correctly integrated into the main pipeline feedback cycle.

Towards googleapis#12724

Renamed the workflow and removed the path filter which doesn't apply to
release events.

---------

Co-authored-by: cloud-java-bot <cloud-java-bot@google.com>

Fixes googleapis#12704

---------

Co-authored-by: cloud-java-bot <cloud-java-bot@google.com>

…gleapis#12798)

Remove unnecessary `&template=0` from generation_config.yaml and
.repo-metadata.json. This is in attempt to remove non-ASCII characters
to minimize generation diff for librarian migration.

Fix googleapis/librarian#5371

Fixes googleapis#12774

---------

Co-authored-by: cloud-java-bot <cloud-java-bot@google.com>

gapic-libraries-bom was [released with
1.85.1](googleapis#12805) due
to partial release of vector search. However, versions.txt was not
updated accordingly and caused unrelated PRs to downgrade it.

Manually downgrade it to 1.85.0 to avoid affecting other PRs.

For selective releasing in the future, we should either not release
gapic-libraries-bom or change versions.txt and release
`google-cloud-pom-parent` as well.

---------

Co-authored-by: cloud-java-bot <cloud-java-bot@google.com>

…apis#12755)

Adds a mock server test that uses key-aware routing. This test is not
testing much interesting, but serves as a base for future tests that can
run against a mock server to test for example replica selection.

---------

Co-authored-by: rahul2393 <rahulyadavsep92@gmail.com>
Co-authored-by: cloud-java-bot <cloud-java-bot@google.com>

…#12809)

Use a StringBuilder instead of String.format(..) to generate the header
value of a RequestId. This significantly reduces the CPU time needed.
Generating the header value for 10mio RequestIds using the new/old
implementation take:

- Old: 2750ms
- New: 203ms

---------

Co-authored-by: cloud-java-bot <cloud-java-bot@google.com>

)

Replace non-ASCII characters in api_description. 
replaced: U+2019 to U+0027 ('), U+2014 to U+002D (-)

Fix googleapis/librarian#5371

---------

Co-authored-by: cloud-java-bot <cloud-java-bot@google.com>

…#12826)

For googleapis#12824. The
use of the Maven Central mirror is the causes of the failures:

`Error: Non-resolvable parent POM for
com.google.cloud:google-cloud-bigtable-parent:2.77.1: The following
artifacts could not be resolved:
com.google.cloud:sdk-platform-java-config:pom:3.59.0 (absent):
com.google.cloud:sdk-platform-java-config:pom:3.59.0 was not found in
https://maven-central.storage-download.googleapis.com/maven2/ during a
previous attempt. This failure was cached in the local repository and
resolution is not reattempted until the update interval of
google-maven-central has elapsed or updates are forced and
'parent.relativePath' points at no local POM @ line 14, column 13 ->
[Help 2]`

b/31927595#comment86 for the cause.

…on (googleapis#12831)

This PR updates the templates and tests in sdk-platform-java to reflect
its new location in the google-cloud-java monorepo. It also switches the
unmanaged dependency check to track gapic-libraries-bom.

b/503444342

Fixes googleapis#12828

test: disable getNOPLogger test

…2835)

Fixes: googleapis#12821.

Adds 'google-auth-library-java/cab-token-generator' to the
`always_install_deps_list` in `.kokoro/common.sh`.

After the monorepo migration, release PRs failed the
`gapic-generator-java-bom` check because they couldn't resolve the new
auth library version from Maven Central before it was published.

This fix ensures the artifact is installed to the local Maven repository
during the CI's install phase, satisfying the canary validation without
requiring a full repository build.

Fixes googleapis#12843

…tures (googleapis#12853)

After the monorepo migration, the shared versions.txt at the root caused
Release Please to mutate test fixtures named pom.xml, breaking the
postprocessor unit test.

- Added -golden suffix to version markers in test resources to isolate
them from Release Please scanning.

Fixes googleapis#12841

The build-java8-except-gapic-generator-java job was missing a step to
install dependencies, which caused it to fail when resolving unpublished
artifacts from the monorepo. This commit adds the step to install all
modules using Java 17 before running the tests.

Fixes googleapis#12842

…oogleapis#12855)

The hermetic build script relied on the sdk-platform-java release
version to set the GitHub Action version. Now it's in the monorepo and
cannot rely on the version. Instead, let's use the shared dependencies
BOM version in the Git tag.

This change will resolve the latest failure in "chore: Update generation
configuration" pull requests
googleapis/java-bigtable#2894:

```
Getting action download info
Error: Unable to resolve action `googleapis/google-cloud-java@v2.71.0`, unable to find version `v2.71.0`
```

where 2.71.0 is the version of the latest gapic-generator-java artifact.
We don't have this tag in the google-cloud-java repository.

…ting (googleapis#12845)

## Summary

This PR improves Java Spanner's location-aware bypass routing when
routed replicas are overloaded or unavailable, and extends score-based
replica selection

  The client now:

  - avoids recently overloaded routed endpoints using shared cooldowns
  - records RESOURCE_EXHAUSTED / UNAVAILABLE as EWMA error penalties
- uses EWMA-based selection for both preferLeader=false and strong
preferLeader=true read/query routing when
    operation_uid is available

It also keeps the location-aware read path lock-free via immutable group
snapshots.

  ## What changed

- Added shared channel-level cooldown tracking for routed endpoints that
return RESOURCE_EXHAUSTED / UNAVAILABLE, while still keeping
request-scoped exclusions for same-logical-request retries.
- Updated bypass retry behavior so eligible reads/queries can reroute to
another replica instead of immediately
    returning to the same failed endpoint.
- Recorded RESOURCE_EXHAUSTED / UNAVAILABLE as EWMA error penalties for
routed replicas, so unhealthy endpoints are deprioritized even after the
immediate retry/cooldown window.
- Extended score-based routing to strong preferLeader=true read/query
traffic when operation_uid is present, using leader preference as a bias
instead of a hard override.
- Kept preferLeader=true behavior unchanged for paths without
operation_uid such as mutation/commit routing.
- Refactored KeyRangeCache group state to immutable snapshots and
removed per-group synchronization from the routing hot path.

The workflow files start using dorny/paths-filter@v4.0.1
(fbd0ab8f3e69293af611ebaee6363fc25e6d187d).
This will address `An action could not be found at the URI
'https://api.github.com/repos/dorny/paths-filter/tarball/d1c1ffe0248fe513906c8e24db8ea791d46f8590'`
error.

In general, it's a good practice to fix GitHub Actions to a specific Git
SHA.

This changes the version from v3 to v4.0.1.
https://github.com/dorny/paths-filter/releases/tag/v4.0.0 does not
mention any breaking changes.

…oogleapis#12850)

Fixes googleapis#12840

googleapis#12815)

b/467064827

This PR updates the renovate config check workflow template to use npx
instead of global installation, avoiding issues with missing modules.
Renovate.json template is also updated to use the
google-cloud-shared-dependencies Git tag in the google-cloud-java
repository.

Until this template change is propagated to the split repositories, the
repositories with hermetic build automation reverts the change.

b/504692883