TL;DR

Protocol Buffers v35 introduces a new naming style enforcement feature (Edition 2026) to prevent field name collisions, improving proto definition reliability.

Breaking

• Bazel 7 Support Dropped: Builds will no longer work with Bazel version 7.

New

• Naming Style Enforcement: The new Edition 2026 feature enforces consistent field naming, reducing potential conflicts.
• Improved Kotlin/Native Support: Scalar types are now fully qualified in generated Kotlin/Native code.

Fixes Worth Knowing

• Relative Path Issue: The protoc CLI now fails when attempting to write files using relative output paths.
• C++ Reflection: Improved error reporting and sanity checks within C++ reflection APIs.
• Type URL Support: The C++ text-format parser now supports a wider range of characters in type URLs.

Before You Upgrade

• If using Bazel, upgrade to version 8 or 9.
• Review your proto definitions for potential naming conflicts in anticipation of Edition 2026 enforcement.

TL;DR

Protocol Buffers now fully supports Bazel 9 (a build system), improving integration for users employing that tool.

Fixes Worth Knowing

A bug in older GCC compilers (software development tool) was resolved, preventing issues when handling certain data structures. A potential overflow issue in the UPB extension registry was also fixed, improving stability.

TL;DR

This release improves compatibility with recent versions of NumPy (scientific computing library) and PHP, and extends code generation support to older protobuf versions.

Fixes Worth Knowing

• Fixed a parsing issue in the Java implementation when dealing with very large numbers in JSON format.
• Python protobufs are now compatible with NumPy 2.3rc1.
• PHP tests are now running faster due to an upgrade to the setup-php tool.
• Code generation is now compatible with protobuf versions as old as 3.20.0.

TL;DR

Protocol Buffers now supports Bazel 9, improving compatibility for users employing this build system (build tool).

Fixes Worth Knowing

The Java JsonFormat parser now handles large exponents correctly, preventing parsing errors with very large numbers.

TL;DR

Protocol Buffers now prevents excessively deep recursion in the PHP implementation, improving stability when processing complex messages.

Fixes Worth Knowing

• PHP: Prevents crashes due to unbounded recursion when parsing deeply nested messages.
• PHP: Corrects an issue where excessively large numbers in JSON parsing could cause errors (JSON format - data interchange standard).
• PHP: Addresses PHP 8.5 compatibility issues.
• PHP: Validates input length to prevent errors.

TL;DR

Protocol Buffers now uses the toolchain protoc by default, improving consistency and reliability when building with Bazel (build system).

Breaking

• Bazel Build System: Several fixes and changes were made to Bazel rules related to upb_c_proto_library and upb_proto_reflection_library, potentially impacting custom Bazel configurations.
• Bazel Directory: The third_party/upb/upb/bazel directory has been removed, requiring adjustments to any builds directly referencing it.

New

• Starlark Support: Protobuf flags are now available in Starlark (Bazel’s configuration language), enabling more flexible and maintainable build configurations.

Fixes Worth Knowing

• C++ UTF-8: Fixed UTF-8 validation issues with string extensions in C++.
• C++ Compatibility: Improved wire compatibility between TestAllTypes and TestAllExtensions for better testing.

Before You Upgrade

• Bazel Users: Review your Bazel configurations for any direct references to the removed third_party/upb/upb/bazel directory and update accordingly.

TL;DR

Protocol Buffers now prevents potential crashes in Python when parsing deeply nested JSON data (JSON format) and restores compatibility with older protobuf compilers.

Breaking

None.

New

None.

Fixes Worth Knowing

• Python: Resolved a crash when parsing complex JSON structures with json_format.ParseDict.
• Python: Expanded code generation support to include compilers as old as version 3.20.0.
• Python: Fixed compatibility issues with NumPy 2.3rc1 (scientific computing library).

Before You Upgrade

None.

TL;DR

Protocol Buffers are preparing for a future release that will remove arena-allocated object constructors, impacting C++ code using these features directly.

Breaking

• Arena-enabled constructors in arena.h are deprecated (C++ memory management technique).
• RepeatedField(Arena*) and Map(Arena*) constructors will become private in a future release (C++ arena allocation).

New

None

Fixes Worth Knowing

• Large Java enums are now correctly handled with the lite runtime (optimized protobuf runtime).

Before You Upgrade

Review your C++ code for direct use of arena-enabled constructors and prepare to migrate to alternative allocation strategies.

TL;DR

The latest Protobuf release restores Java ABI compatibility, resolving issues with extension methods after a previous breaking change.

Breaking

• Java Extension Methods: ABI compatibility for extension methods is restored after being broken in the 4.x release. (Application Binary Interface - ensures code compatibility)

New

• Plugin Dependencies: Protobuf plugins now receive all necessary option dependencies, simplifying plugin development. (Protobuf plugins - tools extending Protobuf functionality)
• Generator Interface: Plugin and built-in generators are unified using a request/response interface for improved consistency.

Fixes Worth Knowing

• Java Optional Dependencies: Corrected handling of optional dependencies within the Java code generator.
• PHP Composer: Removed an incorrect "provide" entry from the PHP composer.json file.

Before You Upgrade

If you experienced issues with Java extension methods after upgrading to Protobuf 4.x, test thoroughly after this upgrade to ensure compatibility.

TL;DR

Protocol Buffers now supports newer language editions (up to 2024) across Java, C#, Python, PHP, and Ruby, improving compatibility with modern development environments.

Breaking

• Compatibility restored with older Java runtimes impacted by CVE-2022-3171 (security vulnerability).

New

• Support for --incompatible_config_setting_private_default_visibility (Bazel build setting) added to Python and Ruby, enabling stricter visibility controls.

Fixes Worth Knowing

• Rust codegen no longer checks for a specific UPB version (underlying library), resolving potential build issues.

Before You Upgrade

• If using Bazel, review your build configurations to understand the impact of the new visibility setting.

TL;DR

Protocol Buffers now supports customizing feature set defaults (compiler flags) more flexibly, improving control over generated code.

New

• Feature Set Defaults: You can now inject default values for language-specific features during code generation, offering finer-grained control over Protobuf behavior.

Fixes Worth Knowing

• Python Typing: Python generated interface files (.pyi) now correctly import the datetime module for Duration and Timestamp fields.
• Python Recursion: Added limits to recursion depth in the pure Python implementation to prevent crashes with deeply nested messages.

Before You Upgrade

No specific action is needed for this upgrade.

TL;DR

The protoc compiler (protocol buffer compiler) now supports specifying import paths directly, simplifying project configuration.

New

• protoc now accepts an import option, allowing you to define where to find protocol buffer definitions.

Fixes Worth Knowing

• A regression in the PHP C-Extension has been automatically rolled back, restoring previous functionality.

Before You Upgrade

No action is needed for this upgrade.

TL;DR

This release of Protocol Buffers restores generator headers for C++, C#, Objective-C, Python, and Ruby, resolving build issues after a recent change.

Breaking

• C++: Removal of dllexport attribute may affect custom build configurations. (Affects dynamic library builds)

New

• Java: Maven artifacts are now correctly namespaced, improving dependency management. (Build tool - Maven)
• Java: Resolved a concurrency issue in feature resolution for older gencode. (Affects multi-threaded applications)

Fixes Worth Knowing

• Java: Lite classes are now compatible with JDK8. (Java Development Kit)
• Bazel: Restored JDK8 compatibility for libraries with Maven dependencies. (Build system - Bazel)

Before You Upgrade

• If you rely on custom build configurations in C++, verify your dynamic library builds after upgrading.

TL;DR

This release updates the underlying Abseil dependencies and modifies the UPB library (used by Python, PHP, and Ruby extensions), potentially impacting map iteration behavior.

Breaking

• UPB Map Iteration: The _upb_map_next function signature has changed and the _nextmutable Map iterator API has been removed. This affects Python, PHP, and Ruby extensions using UPB.

New

[None]

Fixes Worth Knowing

• C++: Fixed a bug handling implicit-presence string fields.
• C++: Improved compatibility with older GCC versions.

Before You Upgrade

• If you use Python, PHP, or Ruby extensions with Protocol Buffers, review your code that iterates over maps to ensure compatibility with the new UPB API.

TL;DR

Protocol Buffers now handles empty strings in numeric fields correctly when parsing JSON, resolving inconsistencies across multiple language implementations.

Breaking

• Deprecation warnings removed for Timestamp/Duration operations (Java) - these operations may be removed in the future.
• py_proto_library is now deprecated (Python) - migrate to alternative build systems.

New

• Go support updated to include proto editions language features.
• Extension numbers added to SourceCodeInfo and FileDescriptorSet for improved tooling (multiple languages).

Fixes Worth Knowing

• Corrected JSON parsing for empty strings in numeric fields (PHP, Ruby, Python/PHP/Ruby C-Extensions).
• Fixed a bug where assigning an empty Struct failed (Python).

Before You Upgrade

• If using py_proto_library in Python, plan a migration to a supported build system.

TL;DR

Protocol Buffers now correctly handles packed reflection across C++, Java, and Python, resolving a bug introduced in the 2023 edition.

Breaking

None.

New

None.

Fixes Worth Knowing

• A warning about minor version mismatches has been suppressed in Java and Python.
• Kotlin manifest files are now populated, improving IDE (Integrated Development Environment) support.

Before You Upgrade

No action is needed.

TL;DR

Protocol Buffers now includes a recursion check during Java parsing, preventing potential denial-of-service attacks from maliciously crafted protobuf messages.

Fixes Worth Knowing

Java parsing now prevents excessive recursion when handling unknown fields, improving stability and security.

Before You Upgrade

No action is needed to upgrade.

TL;DR

Protocol Buffers now includes binary compatibility shims (code adjustments) for Java, allowing continued use of older generated code with newer protobuf versions.

Breaking

• FieldDescriptor::cpp_string_type() is the new way to inspect field types in C++; direct ctype inspection will be removed in a future release.
• Objective-C: GPBUnknownFieldSet and related APIs are deprecated.

New

• Java: Binary compatibility shims restore compatibility with older generated code.
• Objective-C: Added API to add fields to collections of unknown fields.

Fixes Worth Knowing

• Objective-C: Fixed issues with copying GPBUnknownField and GPBUnknownFields.
• Objective-C: Prevents crashes by raising exceptions for nil messages.

Before You Upgrade

• Objective-C developers should plan to migrate away from GPBUnknownFieldSet and related APIs.

TL;DR

Protocol Buffers v27 introduces breaking changes for Java users, specifically around extension naming and Maven builds, requiring code updates and migration away from building from source with Maven.

Breaking

• Java extension names now escape to java_ potentially breaking existing gencode references. (Code generation)
• Maven builds from source are deprecated and will be removed in a future release. (Build system)

New

• Improved Java generator organization with separate packages and targets. (Code structure)

Fixes Worth Knowing

• C++ validation checks for implicit presence are now correct. (Data validation)
• Resolved Bazel cache issues impacting build performance. (Build tool)

Before You Upgrade

• Update your Java code to handle the new java_ extension naming scheme.
• Migrate away from building Protocol Buffers from source using Maven.

TL;DR

Protocol Buffers now correctly handles REQUIRED fields in legacy proto definitions, resolving potential compatibility issues when using older protobuf configurations.

Breaking

• REQUIRED fields now function as expected with the LEGACY_REQUIRED feature enabled. (Older protobuf versions may have ignored this setting.)

New

• Support for editions language features (experimental protobuf features) is now included for Java and C++. (Allows access to newer protobuf capabilities.)

Fixes Worth Knowing

• Resolved an issue preventing protobuf from building correctly on Android platforms. (Affects developers targeting Android.)
• Corrected a validation issue in Java feature handling. (Improves reliability of Java protobuf usage.)

Before You Upgrade

• If you rely on LEGACY_REQUIRED fields, test your application thoroughly to ensure compatibility with the updated behavior.

TL;DR

This release introduces breaking changes to the Ruby implementation of Protocol Buffers (a data serialization format), specifically regarding internal caching mechanisms.

Breaking

• Ruby ObjectCache moved: The ObjectCache has been moved into an internal module, requiring code adjustments if you directly accessed it.
• Ruby memsize functions: New memsize functions for native types may impact existing Ruby code relying on specific memory behavior.

New

[None]

Fixes Worth Knowing

• CMake improvements: Several fixes improve the robustness of CMake builds, particularly around escaping special characters.

Before You Upgrade

• Ruby users: Review your code for direct usage of the ObjectCache and adjust accordingly.

TL;DR

Protocol Buffers gains support for "editions," enabling more controlled evolution of proto definitions and allowing for backward compatibility while introducing new features.

Breaking

• PHP: Requires PHP 8.0 or higher.
• Bazel: Dropped support for Bazel 5.

New

• Editions: Introduces a new system for managing proto definition evolution, allowing for feature sets and controlled compatibility. This impacts C++, Java, and Objective-C code generation.
• Ruby: Added a new FFI (Foreign Function Interface) implementation.

Fixes Worth Knowing

• Java: Fixed potential NullPointerException in map builders and improved Timestamp parsing.
• Python: Resolved issues with object comparisons and memory leaks in the C extension.
• Ruby: Fixed object cache lookups on 32-bit platforms.

Before You Upgrade

• If using PHP, ensure your environment is running PHP 8.0 or higher.
• If using Bazel, upgrade to a version newer than 5.

TL;DR

This release improves compatibility for Python users working with Cython (a Python extension language) and reverts a previous code generation change in Java that caused issues.

Breaking

• C++ code now depends on Abseil’s layout library, requiring you to link against it. (a collection of foundational C++ libraries)

Fixes Worth Knowing

• Python code generation is now compatible with Cython, resolving issues for users utilizing this tool.
• A recent Java code generation change was reverted, restoring previous functionality.

Before You Upgrade

• If you are using the C++ protobuf library, ensure your project links against the Abseil layout library.

TL;DR

This release drops support for Bazel 5, potentially requiring build configuration updates for users of that build system (build automation tool).

Breaking

• Bazel 5 support removed. (Requires updating build scripts)

Fixes Worth Knowing

• C++ compilation issues resolved. (Addresses problems with large codebases)

Before You Upgrade

• If using Bazel, ensure you are on a version newer than 5.

TL;DR

The Protobuf compiler now includes dllexport_decl for generated default instances, improving compatibility when building dynamic libraries (shared code).

New

No new user-facing features.

Fixes Worth Knowing

Java dependencies were updated to Guava 32.0.1, resolving potential dependency conflicts.

Before You Upgrade

No specific action is needed for this upgrade.

TL;DR

Protocol Buffers now includes fixes for Windows and MSVC compatibility, ensuring smoother builds and fewer warnings across different environments.

Breaking

None.

New

None.

Fixes Worth Knowing

• Resolved build warnings on Windows (compilation environment).
• Fixed an issue in Python where file copying could fail in some projects.
• Improved symbol exporting from the libprotoc library (core Protobuf tool).

Before You Upgrade

No specific action is needed. These updates primarily address compatibility and stability.

TL;DR

Protocol Buffers improves compatibility with older compilers and linkers, resolving issues experienced with Clang 6 and i386 architectures.

Breaking

• No breaking changes were introduced; previously announced breaking changes have been reverted to deprecation warnings.

New

• No new features were introduced in these releases.

Fixes Worth Knowing

• Python: Corrected an issue preventing proper file copying in some build environments (build systems).
• C++: Resolved linker issues with Clang 6 (C++ compiler).

Before You Upgrade

• No specific action is needed for this upgrade.

TL;DR

Protocol Buffers now supports the retention attribute (metadata about fields) in C++, Java, and Ruby, improving code generation and data handling.

Breaking

• The const overload of RepeatedPtrField::GetArena is deprecated. (Memory management class)

New

• Ruby oneof fields now generate hazzers (accessors) for members, simplifying access to oneof values.
• UPB (underlying library for several languages) now supports extensions with deterministic serialization, ensuring consistent data representation.

Fixes Worth Knowing

• Fixed issues with parsing map entries containing closed enum values (enumerated types).
• Improved parsing performance for 32 and 64-bit varints (variable-length integers).

Before You Upgrade

• If you rely on the const overload of RepeatedPtrField::GetArena, update your code to use the non-const version.

TL;DR

Python protobuf users will experience improved compatibility and reliability with fixes for enum ranges, extension fields, and data serialization (data interchange format).

Breaking

• Extension fields no longer require a synthetic oneof field (internal grouping).

New

• Python package now includes a license file (software permissions).

Fixes Worth Knowing

• Resolved an issue causing incorrect enum range handling.
• Fixed a bug that caused data loss during serialization and deserialization (data interchange).

Before You Upgrade

No specific action is needed.

TL;DR

Java users should upgrade to address a security vulnerability and benefit from significant performance improvements in parsing and merging Protocol Buffer (data serialization format) messages.

Breaking

• No breaking changes.

New

• No new features.

Fixes Worth Knowing

• Java: Resolved a security advisory (GHSA-h4h5-3hr4-j3g2).
• Java: Improved parsing performance by merging directly from the wire format, reducing allocations and copies.
• Java: Fixed an issue in the TextFormat parser (human-readable format) for recurring sub-messages.

Before You Upgrade

• Java users should review the security advisory details at https://github.com/protocolbuffers/protobuf/security/advisories/GHSA-h4h5-3hr4-j3g2.

TL;DR

Protocol Buffers now provides more informative errors when generated code is outdated, improving the developer experience when working with protobuf definitions.

Fixes Worth Knowing

Python code generation now includes more helpful error messages when generated code is out of date. Additionally, reference leaks in Python have been resolved, and a crash in PHP has been fixed.

Before You Upgrade

Ensure your build tools are up-to-date, especially if you are building on Windows or targeting the x64-mingw-ucrt platform (Windows cross-compilation).

TL;DR

PHP developers using Protocol Buffers can now successfully build the packaged PHP extension, resolving a recent build failure.

Breaking

• None

New

• None

Fixes Worth Knowing

• PHP extension builds now succeed.

Before You Upgrade

• If you previously encountered errors building the PHP extension with version 3.20.0, upgrade to this release.

TL;DR

Protocol Buffers now offers deterministic serialization in C++, enabling consistent message grouping for applications like MapReduce, though it's not cross-language or build-stable.

Breaking

• Objective-C map support methods were renamed to avoid conflicts with system KVO (Key-Value Observing) features.
• Java Lite support is removed from the core protocol compiler; use a plugin instead.

New

• C++: Added deterministic serialization for consistent byte representation of equal messages.
• Multiple Languages: Added options to ignore unknown fields when parsing JSON, improving flexibility.

Fixes Worth Knowing

• C++: Resolved a memory leak when releasing messages allocated on an arena.
• Python: Corrected the order of fields in JSON Any messages.
• JavaScript: Maps now function with a proper map API.

Before You Upgrade

• Objective-C users: Update code referencing map support methods to reflect the new naming scheme.

TL;DR

Protocol Buffers now offers a new “import public” feature, simplifying proto file organization and migration by controlling which imported definitions are re-exported to dependent files.

Breaking

• Java compatibility now extends to JDK 1.5; code relying on JDK 1.6-specific features will need updating.
• The default behavior for enum aliases will change in a future release; projects using aliases should explicitly set allow_alias to true in their .proto files.

New

• “import public” allows controlled re-export of imported proto definitions.
• Java now includes a faster Parser for direct message parsing (~25% faster than using a Builder).
• Python gains dynamic message creation via DescriptorDatabase and MessageFactory (similar to C++ counterparts).

Fixes Worth Knowing

• Java now correctly serializes messages with a defined serialVersionUID (serialization).
• Java now allows “Object” as a valid message name.
• Python preserves unknown fields after parsing.

Before You Upgrade

• If your Java code relies on JDK 1.6 features, update it to be compatible