Merge remote-tracking branch 'origin/main' into bump-grpcio

Author: parthea

.librarian/state.yaml

@@ -14,7 +14,7 @@
 image: us-central1-docker.pkg.dev/cloud-sdk-librarian-prod/images-prod/python-librarian-generator@sha256:234b9d1f2ddb057ed7ac6a38db0bf8163d839c65c6cf88ade52530cddebce59e
 libraries:
   - id: bigframes
-    version: 2.42.0
+    version: 2.43.0
     last_generated_commit: ""
     apis: []
     source_roots:

librarian.yaml

@@ -58,7 +58,7 @@ default:
     library_type: GAPIC_AUTO
 libraries:
   - name: bigframes
-    version: 2.42.0
+    version: 2.43.0
     skip_release: true
     python:
       library_type: INTEGRATION

packages/bigframes/CHANGELOG.md

@@ -4,6 +4,25 @@
 
 [1]: https://pypi.org/project/bigframes/#history
 
+## [2.43.0](https://github.com/googleapis/google-cloud-python/compare/bigframes-v2.42.0...bigframes-v2.43.0) (2026-06-12)
+
+
+### Documentation
+
+* add a notebook explaining bqsql magics cell chaining (#17216) ([1a0de4a7701b7fdf4c2593b1960f1194ebc49793](https://github.com/googleapis/google-cloud-python/commit/1a0de4a7701b7fdf4c2593b1960f1194ebc49793))
+
+
+### Features
+
+* add `bigframes.bigquery.bit_count` and conversion scalar function (#17433) ([7f29823fadb3cff42dbe666f8c7aa33bab3c7021](https://github.com/googleapis/google-cloud-python/commit/7f29823fadb3cff42dbe666f8c7aa33bab3c7021))
+
+
+### Bug Fixes
+
+* preserve aliases on cast columns and fix star selection in sqlglot (#17394) (#17455) ([145034a345eb3e14ea3f23dfcafa3d2409a09067](https://github.com/googleapis/google-cloud-python/commit/145034a345eb3e14ea3f23dfcafa3d2409a09067))
+* bump pyarrow from 15.0.2 to 23.0.1 in /packages/bigframes (#17386) ([f59c2b2aa61316cf04b650933036ef50f6a1f08c](https://github.com/googleapis/google-cloud-python/commit/f59c2b2aa61316cf04b650933036ef50f6a1f08c))
+* improve error message when unescaped `{` are found in SQL cells (#17346) ([3a90cc8e867c8a2d2f8060858fde9eda94f80a54](https://github.com/googleapis/google-cloud-python/commit/3a90cc8e867c8a2d2f8060858fde9eda94f80a54))
+
 ## [2.42.0](https://github.com/googleapis/google-cloud-python/compare/bigframes-v2.41.0...bigframes-v2.42.0) (2026-06-08)
 
 

packages/bigframes/bigframes/version.py

@@ -12,8 +12,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-__version__ = "2.42.0"
+__version__ = "2.43.0"
 
 # {x-release-please-start-date}
-__release_date__ = "2026-06-08"
+__release_date__ = "2026-06-12"
 # {x-release-please-end}

packages/bigframes/third_party/bigframes_vendored/version.py

@@ -12,8 +12,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-__version__ = "2.42.0"
+__version__ = "2.43.0"
 
 # {x-release-please-start-date}
-__release_date__ = "2026-06-08"
+__release_date__ = "2026-06-12"
 # {x-release-please-end}

packages/google-api-core/tests/unit/test_python_version_support.py

@@ -12,20 +12,20 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-import pytest
 import datetime
 import textwrap
 import warnings
 from collections import namedtuple
-
 from unittest.mock import patch
 
+import pytest
+
 # Code to be tested
 from google.api_core._python_version_support import (
+    PYTHON_VERSION_INFO,
+    PythonVersionStatus,
     _flatten_message,
     check_python_version,
-    PythonVersionStatus,
-    PYTHON_VERSION_INFO,
 )
 
 # Helper object for mocking sys.version_info
@@ -65,10 +65,12 @@ def _create_failure_message(
     )
 
 
-def generate_tracked_version_test_cases():
+def get_tracked_version_test_cases():
     """
-    Yields test parameters for all tracked versions and boundary conditions.
+    Returns a list of test parameters for all tracked versions and boundary conditions.
     """
+    results = []
+
     for version_tuple, version_info in PYTHON_VERSION_INFO.items():
         py_version_str = f"{version_tuple[0]}.{version_tuple[1]}"
         gapic_dep = version_info.gapic_deprecation or (
@@ -111,20 +113,23 @@ def generate_tracked_version_test_cases():
         }
 
         for name, params in test_cases.items():
-            yield pytest.param(
-                version_tuple,
-                params["date"],
-                params["expected"],
-                gapic_dep,
-                gapic_end,
-                eol_warning_starts,
-                id=f"{py_version_str}-{name}",
+            results.append(
+                pytest.param(
+                    version_tuple,
+                    params["date"],
+                    params["expected"],
+                    gapic_dep,
+                    gapic_end,
+                    eol_warning_starts,
+                    id=f"{py_version_str}-{name}",
+                )
             )
+    return results
 
 
 @pytest.mark.parametrize(
     "version_tuple, mock_date, expected_status, gapic_dep, gapic_end, eol_warning_starts",
-    generate_tracked_version_test_cases(),
+    get_tracked_version_test_cases(),
 )
 def test_all_tracked_versions_and_date_scenarios(
     version_tuple, mock_date, expected_status, gapic_dep, gapic_end, eol_warning_starts

packages/google-auth/README.rst

@@ -37,19 +37,6 @@ Supported Python Versions
 ^^^^^^^^^^^^^^^^^^^^^^^^^
 Python >= 3.10
 
-Unsupported Python Versions
-^^^^^^^^^^^^^^^^^^^^^^^^^^^
-- Python == 2.7:  The last version of this library with support for Python 2.7
-  was `google.auth == 1.34.0`.
-
-- Python 3.5:   The last version of this library with support for Python 3.5
-  was `google.auth == 1.23.0`.
-
-- Python 3.6:   The last version of this library with support for Python 3.6
-  was `google.auth == 2.22.0`.
-
-- Python 3.7:   The last version of this library with support for Python 3.7
-  was `google.auth == 2.45.0`.
 
 
 Documentation

packages/google-auth/google/auth/_regional_access_boundary_utils.py

@@ -20,39 +20,18 @@
 import functools
 import inspect
 import logging
-import os
 import threading
 from typing import NamedTuple, Optional, TYPE_CHECKING
 
 from google.auth import _helpers
-from google.auth import environment_vars
 
-if TYPE_CHECKING:
+if TYPE_CHECKING:  # pragma: NO COVER
     import google.auth.credentials
     import google.auth.transport
 
 _LOGGER = logging.getLogger(__name__)
 
 
-@functools.lru_cache()
-def is_regional_access_boundary_enabled():
-    """Checks if Regional Access Boundary is enabled via environment variable.
-
-    The environment variable is interpreted as a boolean with the following
-    (case-insensitive) rules:
-    - "true", "1" are considered true.
-    - Any other value (or unset) is considered false.
-
-    Returns:
-        bool: True if Regional Access Boundary is enabled, False otherwise.
-    """
-    value = os.environ.get(environment_vars.GOOGLE_AUTH_TRUST_BOUNDARY_ENABLED)
-    if value is None:
-        return False
-
-    return value.lower() in ("true", "1")
-
-
 # The default lifetime for a cached Regional Access Boundary.
 DEFAULT_REGIONAL_ACCESS_BOUNDARY_TTL = datetime.timedelta(hours=6)
 
@@ -455,6 +434,61 @@ def start_refresh(self, credentials, request, rab_manager):
             self._worker.start()
 
 
+def _prepare_async_lookup_callable(request):
+    """Unwraps a request callable, clones the transport, and returns the new callable.
+
+    Args:
+        request: The original request callable (e.g. functools.partial or raw Request).
+
+    Returns:
+        Tuple[Callable, Any, bool]: A tuple containing the new lookup callable, the
+            underlying request object, and a boolean indicating if it was cloned.
+    """
+    is_partial = isinstance(request, functools.partial)
+    base_callable = request.func if is_partial else request
+
+    if not hasattr(base_callable, "_clone"):
+        return request, base_callable, False
+
+    cloned_callable = base_callable._clone()
+    is_cloned = cloned_callable is not base_callable
+
+    if is_partial:
+        new_request = functools.partial(
+            cloned_callable, *request.args, **request.keywords
+        )
+    else:
+        new_request = cloned_callable
+
+    return new_request, cloned_callable, is_cloned
+
+
+async def _close_cloned_request(lookup_request, is_cloned):
+    """Safely closes the underlying cloned request transport, if applicable.
+
+    Args:
+        lookup_request (Any): The request object/transport to close.
+        is_cloned (bool): Whether the request was actually cloned.
+    """
+    if not is_cloned or not hasattr(lookup_request, "close"):
+        return
+
+    is_async = False
+    try:
+        maybe_coro = lookup_request.close()
+        if is_async := inspect.isawaitable(maybe_coro):
+            await maybe_coro
+    except Exception as e:
+        if _helpers.is_logging_enabled(_LOGGER):
+            adapter_type = " asynchronous " if is_async else " "
+            _LOGGER.warning(
+                "Failed to cleanly close cloned%srequest transport: %s",
+                adapter_type,
+                e,
+                exc_info=True,
+            )
+
+
 class _AsyncRegionalAccessBoundaryRefreshManager(object):
     """Manages a task for background refreshing of the Regional Access Boundary in async flows."""
 
@@ -491,11 +525,28 @@ def start_refresh(self, credentials, request, rab_manager):
                 # A refresh is already in progress.
                 return
 
+            try:
+                (
+                    lookup_callable,
+                    lookup_request,
+                    is_cloned,
+                ) = _prepare_async_lookup_callable(request)
+            except Exception as e:
+                if _helpers.is_logging_enabled(_LOGGER):
+                    _LOGGER.warning(
+                        "Synchronous cloning of request for Regional Access Boundary lookup failed: %s",
+                        e,
+                        exc_info=True,
+                    )
+                rab_manager.process_regional_access_boundary_info(None)
+                return
+
             async def _worker():
                 try:
-                    # credentials._lookup_regional_access_boundary should be async in the async creds class
                     regional_access_boundary_info = (
-                        await credentials._lookup_regional_access_boundary(request)
+                        await credentials._lookup_regional_access_boundary(
+                            lookup_callable
+                        )
                     )
                 except Exception as e:
                     if _helpers.is_logging_enabled(_LOGGER):
@@ -505,6 +556,8 @@ async def _worker():
                             exc_info=True,
                         )
                     regional_access_boundary_info = None
+                finally:
+                    await _close_cloned_request(lookup_request, is_cloned)
 
                 rab_manager.process_regional_access_boundary_info(
                     regional_access_boundary_info
@@ -514,7 +567,15 @@ async def _worker():
             try:
                 self._worker_task = asyncio.create_task(coro)
             except Exception:
+                # Clean up cloned request if task creation fails
                 coro.close()
+                try:
+                    asyncio.get_running_loop().create_task(
+                        _close_cloned_request(lookup_request, is_cloned)
+                    )
+                except RuntimeError:
+                    pass
+                rab_manager.process_regional_access_boundary_info(None)
                 raise
 
 

packages/google-auth/google/auth/aio/transport/__init__.py

@@ -142,3 +142,13 @@ async def close(self) -> None:
         Close the underlying session.
         """
         raise NotImplementedError("close must be implemented.")
+
+    def _clone(self) -> "Request":
+        """Creates a copy of this request adapter.
+
+        The base implementation returns `self` (an identical shared instance).
+        Transport adapters that maintain internal connection pools or stateful
+        sessions must override this method to return an independent, detached
+        adapter instance.
+        """
+        return self