Bump build.buf:protovalidate from 0.2.1 to 0.5.0

[dependabot]

Bumps build.buf:protovalidate from 0.2.1 to 0.5.0.

Release notes

Sourced from build.buf:protovalidate's releases.

v0.5.0

Breaking Change: The build.buf.protovalidate.ValidationResult.getViolations() method no longer returns a list of protobuf build.buf.validate.Violations messages, but a list of a new wrapper class, build.buf.protovalidate.Violation. In most cases, changing the import for Violation and calling the toProto() method of the violation is all that needs to be done:

     // Note that the import should also change from `build.buf.validate.Violation`
     // to `build.buf.protovalidate.Violation`.
     for (Violation violation : validator.validate(msg).getViolations()) {
-        System.out.println(violation.getConstraintId());
+        System.out.println(violation.toProto().getConstraintId());
     }

ValidationResult also has a toProto() method that returns the protobuf build.buf.validate.Violations message equivalent. This can be used to get a list of protobuf build.buf.validate.Violation messages, using the getViolationsList() getter of said message, as before.

+    List<build.buf.validate.Violation> violations = validator.validate(msg).getViolations();
-    List<build.buf.validate.Violation> violations = validator.validate(msg).toProto().getViolationsList();

---

The new build.buf.protovalidate.Violation class provides additional getters for in-memory information about the violation which cannot be serialized to the wire:

• getFieldValue(): Returns the value of the field failing validation, if there is a field corresponding to the violation.
• getRuleValue(): Returns the value of the rule failing validation, if there is a rule corresponding to the violation.

Take, for example, the following protobuf message schema:

message User {
    string email = 1 [(buf.validate.field).string.email = true];
}

If you try to validate the message User.newBuilder().setEmail("invalid").build(), getFieldValue().getValue() will return "invalid" and getRuleValue().getValue() will return true.

Some violations do not correspond directly to a field, such as a message constraint failure; in these cases, the return value of getFieldValue() will be null.

What's Changed

• Bump org.junit:junit-bom from 5.11.1 to 5.11.2 by @​dependabot in bufbuild/protovalidate-java#194
• Bump com.google.errorprone:error_prone_core from 2.32.0 to 2.33.0 by @​dependabot in bufbuild/protovalidate-java#193
• Update to gradle 8.10.2 by @​pkwarren in bufbuild/protovalidate-java#195
• Regenerate code with protoc 28.2 by @​pkwarren in bufbuild/protovalidate-java#196
• Bump net.ltgt.errorprone from 4.0.1 to 4.1.0 by @​dependabot in bufbuild/protovalidate-java#199
• Bump build.buf:buf from 1.44.0 to 1.45.0 by @​dependabot in bufbuild/protovalidate-java#197
• Bump com.uber.nullaway:nullaway from 0.11.3 to 0.12.0 by @​dependabot in bufbuild/protovalidate-java#201
• Bump maven-publish from 0.29.0 to 0.30.0 by @​dependabot in bufbuild/protovalidate-java#198
• Bump com.google.errorprone:error_prone_core from 2.33.0 to 2.34.0 by @​dependabot in bufbuild/protovalidate-java#200
• Bump org.junit:junit-bom from 5.11.2 to 5.11.3 by @​dependabot in bufbuild/protovalidate-java#203
• Bump com.google.errorprone:error_prone_core from 2.34.0 to 2.35.1 by @​dependabot in bufbuild/protovalidate-java#204
• Bump com.google.protobuf:protobuf-java from 4.28.2 to 4.28.3 by @​dependabot in bufbuild/protovalidate-java#205

... (truncated)

Commits

• df11bf2 Add field and rule value to violations (#215)
• fabdc93 Implement structured field and rule paths for violations (#213)
• 54ba1f7 Strict conformance fixes (#212)
• ac7ebb0 Bump com.google.errorprone:error_prone_core from 2.35.1 to 2.36.0 (#211)
• 460804a Fixes for complex predefined field types (#210)
• 06e14b6 Bump build.buf:buf from 1.46.0 to 1.47.2 (#209)
• eb7d7b9 Bump com.uber.nullaway:nullaway from 0.12.0 to 0.12.1 (#208)
• ab14865 Bump build.buf:buf from 1.45.0 to 1.46.0 (#207)
• d18b2cf Bump com.google.protobuf:protobuf-java from 4.28.2 to 4.28.3 (#205)
• 8bb6417 Bump com.google.errorprone:error_prone_core from 2.34.0 to 2.35.1 (#204)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #41.