From 5782e8d111bc1980d4f2c494e8659b6ba73b3a38 Mon Sep 17 00:00:00 2001
From: Scala Steward <scala_steward@virtuslab.com>
Date: Fri, 29 Nov 2024 15:14:23 +0000
Subject: [PATCH] Update protobuf-java to 4.29.0

Signed-off-by: Scala Steward <scala_steward@virtuslab.com>
---
 project/Dependencies.scala | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/project/Dependencies.scala b/project/Dependencies.scala
index ce9edd05..68be809c 100644
--- a/project/Dependencies.scala
+++ b/project/Dependencies.scala
@@ -35,7 +35,7 @@ object Dependencies {
   lazy val jacksonDatabind =
     "com.fasterxml.jackson.core" % "jackson-databind" % "2.15.2"
   // XXX Version bundled with Spark is vulnerable to CVE-2022-3171
-  lazy val protobuf = "com.google.protobuf" % "protobuf-java" % "3.25.5"
+  lazy val protobuf = "com.google.protobuf" % "protobuf-java" % "4.29.0"
   // XXX Bundled version is vulnerable to CVE-2023-34455
   lazy val snappyJava = "org.xerial.snappy" % "snappy-java" % "1.1.10.7"
 }