deps(deps): bump google-auth from 2.43.0 to 2.46.0

[dependabot]

Bumps google-auth from 2.43.0 to 2.46.0.

Release notes

Sourced from google-auth's releases.

google-auth 2.46.0

2.46.0 (2026-01-05)

Features

• Recognize workload certificate config in has_default_client_cert_source for mTLS for Agentic Identities (#1907) (0b9107d5)

Bug Fixes

• Fix test coverage for mtls_helper (#1886) (02e71631)

• use .read() instead of .content.read() in aiohttp transport (#1899) (12f4470f)

• add types to default and verify_token and Request init based on comments in the source code. (#1588) (59a5f588)

• fix the document of secure_authorized_session (#1536) (5d001470)

• raise RefreshError for missing token in impersonated credentials (#1897) (94d04e09)

• remove setup.cfg configuration for creating universal wheels (#1693) (c767531c)

Documentation

• update urllib3 docstrings for v2 compatibility (#1903) (3f1aeea2)

google-auth 2.45.0

2.45.0 (2025-12-15)

Features

• Adding Agent Identity bound token support and handling certificate mismatches with retries (#1890) (b32c934e)

google-auth 2.44.0

2.44.0 (2025-12-12)

Features

• MDS connections use mTLS (#1856) (0387bb95)

• support Python 3.14 (#1822) (0f7097e7)

• add ecdsa p-384 support (#1872) (39c381a5)

• Add shlex to correctly parse executable commands with spaces (#1855) (cf6fc3cc)

• Implement token revocation in STS client and add revoke() metho… (#1849) (d5638986)

Bug Fixes

• Add temporary patch to workload cert logic to accomodate Cloud Run mis-configuration (#1880) (78de7907)

... (truncated)

Changelog

Sourced from google-auth's changelog.

2.46.0 (2026-01-05)

Documentation

• update urllib3 docstrings for v2 compatibility (#1903) (3f1aeea2d1014ea1d244a4c3470e52d74d55404b)

Features

• Recognize workload certificate config in has_default_client_cert_source for mTLS for Agentic Identities (#1907) (0b9107d573123e358c347ffa067637f992af61b4)

Bug Fixes

• add types to default and verify_token and Request init based on comments in the source code. (#1588) (59a5f588f7793b59d923a4185c8c07738da618f7)
• fix the document of secure_authorized_session (#1536) (5d0014707fc359782df5ccfcaa75fd372fe9dce3)
• remove setup.cfg configuration for creating universal wheels (#1693) (c767531ce05a89002d109f595187aff1fcaacfb7)
• use .read() instead of .content.read() in aiohttp transport (#1899) (12f4470f808809e8abf1141f98d88ab720c3899b)
• raise RefreshError for missing token in impersonated credentials (#1897) (94d04e090fdfc61926dd32bc1d65f8820b9cede5)
• Fix test coverage for mtls_helper (#1886) (02e71631fe275d93825c2e957e830773e75133f7)

2.45.0 (2025-12-15)

Features

• Adding Agent Identity bound token support and handling certificate mismatches with retries (#1890) (b32c934e6b0d09b94c467cd432a0a635e8b05f5c)

2.44.0 (2025-12-13)

Features

• support Python 3.14 (#1822) (0f7097e78f247665b6ef0287d482033f7be2ed6d)
• add ecdsa p-384 support (#1872) (39c381a5f6881b590025f36d333d12eff8dc60fc)
• MDS connections use mTLS (#1856) (0387bb95713653d47e846cad3a010eb55ef2db4c)
• Implement token revocation in STS client and add revoke() metho… (#1849) (d5638986ca03ee95bfffa9ad821124ed7e903e63)
• Add shlex to correctly parse executable commands with spaces (#1855) (cf6fc3cced78bc1362a7fe596c32ebc9ce03c26b)

Bug Fixes

• Use public refresh method for source credentials in ImpersonatedCredentials (#1884) (e0c3296f471747258f6d98d2d9bfde636358ecde)
• Add temporary patch to workload cert logic to accomodate Cloud Run mis-configuration (#1880) (78de7907b8bdb7b5510e3c6fa8a3f3721e2436d7)
• Delegate workload cert and key default lookup to helper function (#1877) (b0993c7edaba505d0fb0628af28760c43034c959)

Commits

• 2cbc2a2 chore: librarian release pull request: 20260105T122553Z (#1913)
• 5b7b5d8 chore: librarian update image pull request: 20260105T112538Z (#1912)
• 7dbf05a chore: rename _refresh_token to _perform_refresh_token (#1900)
• 855a45a chore(deps): update all dependencies (#1894)
• 77c8bc4 tests: make the TLS tests skip when pyopenssl isn't available (#1873)
• 0b9107d feat: Recognize workload certificate config in has_default_client_cert_source...
• 59a5f58 fix: add types to default and verify_token and Request init based on comm...
• e2135fb chore: remove use of old external "mock" module (#1786)
• 15f45a2 Docs: corrected spelling (#1661)
• 00f9a4f chore: improve metadata service error handling (#1902)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #100.