chore: librarian release pull request: 20260126T121420Z

[daniel-sanche]

PR created by the Librarian CLI to initialize a release. Merging this PR will auto trigger a release.

Librarian Version: v0.8.0
Language Image: us-central1-docker.pkg.dev/cloud-sdk-librarian-prod/images-prod/python-librarian-generator@sha256:b8058df4c45e9a6e07f6b4d65b458d0d059241dd34c814f151c8bf6b89211209

google-auth: 2.49.0-dev0

2.49.0-dev0 (2026-01-26)

Bug Fixes

• remove deprecated rsa dependency (e98cf692)

[gemini-code-assist]

Summary of Changes

Hello @daniel-sanche, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request automates the release process for the google-auth library, advancing its version to 2.49.0-dev0. The core change involves refactoring the handling of the rsa library, transitioning it from a direct, mandatory dependency to an optional one that is only loaded when specific rsa.key types are used. This enhances dependency management and prepares the library for future deprecation of the rsa module.

Highlights

• Automated Release Initialization: This pull request was automatically generated by the Librarian CLI to prepare for a new release of the google-auth library.
• Version Bump: The google-auth library is being updated to version 2.49.0-dev0.
• RSA Dependency Removal: The deprecated rsa library has been removed as a direct dependency from the project's main setup.py requirements. Its import is now conditional within google/auth/crypt/rsa.py to support existing code paths, and it's moved to a testing-specific dependency.
• Conditional RSA Import: The google/auth/crypt/rsa.py module now conditionally imports the _python_rsa implementation only when rsa.key types are encountered, making the rsa library an optional dependency rather than a mandatory one.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request, created automatically by the Librarian CLI, prepares a new release 2.49.0-dev0. The primary change is the removal of the hard dependency on the deprecated rsa library, making it an optional dependency. This is achieved through lazy loading of the module when it's needed. The implementation is sound and correctly updates the dependencies in setup.py and test configurations. My review identified a couple of minor stylistic issues related to extra blank lines, which I've provided suggestions for. Overall, the changes are excellent and improve the library's dependency management.

[gemini-code-assist]

The extra blank line on line 49 is unnecessary and violates PEP 8's guidance on vertical whitespace. Removing it will make the code more compact and consistent.

Suggested change

	from google.auth.crypt import _python_rsa
	impl_lib = _python_rsa
	from google.auth.crypt import _python_rsa
	impl_lib = _python_rsa

References

1. PEP 8 (E303) advises against using too many blank lines. Extra blank lines should be used sparingly to indicate logical sections, which is not the case here. ^(link)

[gemini-code-assist]

Similar to the other change in this file, the extra blank line on line 100 is unnecessary and violates PEP 8's guidance on vertical whitespace. It should be removed for consistency.

Suggested change

	from google.auth.crypt import _python_rsa
	impl_lib = _python_rsa
	from google.auth.crypt import _python_rsa
	impl_lib = _python_rsa

References

1. PEP 8 (E303) advises against using too many blank lines. Extra blank lines should be used sparingly to indicate logical sections, which is not the case here. ^(link)

[parthea]

Adding do not merge because this is for a pre-release version that is not merged to main

[suztomo]

  | time=2026-01-27T16:32:24.176Z level=INFO msg="opening repository" dir=/workspace/google-auth-library-python
  | time=2026-01-27T16:32:24.177Z level=INFO msg="running tag command"
  | time=2026-01-27T16:32:24.177Z level=INFO msg="determining pull requests to process"
  | time=2026-01-27T16:32:24.177Z level=INFO msg="processing a single pull request" pr=https://github.com/googleapis/google-auth-library-python/pull/1949
  | time=2026-01-27T16:32:24.573Z level=INFO msg="processing pull request" pr=1949
  | time=2026-01-27T16:32:24.573Z level=INFO msg="parsing pull request body"
  | time=2026-01-27T16:32:24.573Z level=INFO msg="parsed pull request body" library=google-auth version=2.49.0
  | time=2026-01-27T16:32:24.769Z level=INFO msg="source not specified, skipping service config population"
  | time=2026-01-27T16:32:24.769Z level=ERROR msg="failed to process pull request" pr=1949 error="validating librarian state: invalid library at index 0: invalid version: \"2.49.0-dev0\""
  | time=2026-01-27T16:32:24.769Z level=INFO msg="finished processing all pull requests"

[suztomo]

I think Librarian took this pull request based on some criteria (maybe release:pending label ?) ) and it recognized the version value 2.49.0-dev0 in the state.yaml was invalid: https://github.com/googleapis/google-auth-library-python/blob/development-build-v2.49.0.dev0/.librarian/state.yaml#L4

image: us-central1-docker.pkg.dev/cloud-sdk-librarian-prod/images-prod/python-librarian-generator@sha256:b8058df4c45e9a6e07f6b4d65b458d0d059241dd34c814f151c8bf6b89211209
libraries:
  - id: google-auth
    version: 2.49.0-dev0