Skip to content

Bump the maven group with 10 updates#2831

Merged
eamonnmcmanus merged 3 commits intomainfrom
dependabot/maven/maven-5c36a1fa99
Apr 3, 2025
Merged

Bump the maven group with 10 updates#2831
eamonnmcmanus merged 3 commits intomainfrom
dependabot/maven/maven-5c36a1fa99

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 1, 2025

Bumps the maven group with 10 updates:

Package From To
com.google.errorprone:error_prone_core 2.36.0 2.37.0
org.apache.maven.plugins:maven-surefire-plugin 3.5.2 3.5.3
org.apache.maven.plugins:maven-failsafe-plugin 3.5.2 3.5.3
com.google.errorprone:error_prone_annotations 2.36.0 2.37.0
com.google.guava:guava-testlib 33.4.0-jre 33.4.6-jre
com.google.guava:guava 33.4.0-jre 33.4.6-jre
com.guardsquare:proguard-base 7.6.1 7.7.0
com.guardsquare:proguard-core 9.1.9 9.1.10
com.github.wvengen:proguard-maven-plugin 2.6.1 2.7.0
com.google.protobuf:protobuf-java 4.30.1 4.30.2

Updates com.google.errorprone:error_prone_core from 2.36.0 to 2.37.0

Release notes

Sourced from com.google.errorprone:error_prone_core's releases.

Error Prone 2.37.0

Changes:

  • The annotations that were previously in error_prone_type_annotations have been been merged into error_prone_annotations. error_prone_type_annotations is now deprecated, and will be removed in a future release.

New checks:

  • AssignmentExpression - The use of an assignment expression can be surprising and hard to read; consider factoring out the assignment to a separate statement.
  • IntFloatConversion - Detect calls to scalb that should be using the double overload instead
  • InvalidSnippet - Detects snippets which omit the : required for inline code.
  • JUnit4EmptyMethods - Detects empty JUnit4 @Before, @After, @BeforeClass, and @AfterClass methods.
  • MockIllegalThrows - Detects cases where Mockito is configured to throw checked exception types which are impossible.
  • NegativeBoolean - Prefer positive boolean names.
  • RuleNotRun - Detects TestRules not annotated with @Rule, that won't be run.
  • StringConcatToTextBlock - Replaces concatenated multiline strings with text blocks.
  • TimeInStaticInitializer - Detects accesses of the system time in static contexts.

Closed issues:

  • Propagate check flags in patch mode (#4699)
  • Fixes a crash in ComputeIfAbsentAmbiguousReference (#4736)
  • Show the field name in HidingField diagnostics (#4775)
  • Add support for jakarta annotations to some checks (#4782)
  • FloatingPointAssertionWithinEpsilonTest depends on default locale (#4815)
  • @InlineMe patching of Strings.repeat produces broken code (#4819)
  • Fix a crash in IdentifierName on unnamed (_) variables (#4847)
  • Fix a crash in ArgumentParameterSwap (#490)

Full changelog: google/error-prone@v2.36.0...v2.37.0

Commits
  • a453935 Release Error Prone 2.37.0
  • 81faa5a Update JDK versions in release.yml
  • 62086b7 Handle multiple arguments in thenThrow.
  • 7440ff1 In StringConcatToTextBlock, don't assume that string literals always have sou...
  • 04fe835 Adds type_annotations back but as a relocation to annotations
  • 1ad73c2 Handle yield in Reachability
  • b1b521f Sniff out the canonical constructor using detective work rather than a flag w...
  • 86e5c95 Optimization: Abort class scan in JUnit4TestNotRun if all suspicious method...
  • c139e7f [StatementSwitchToExpressionSwitch] for the return switch pattern, fix a bug ...
  • 296fb4e Hardcode BoxedPrimitiveEquality:ExemptStaticConstants = false.
  • Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-surefire-plugin from 3.5.2 to 3.5.3

Release notes

Sourced from org.apache.maven.plugins:maven-surefire-plugin's releases.

3.5.3

🐛 Bug Fixes

👻 Maintenance

📦 Dependency updates

Commits
  • 4434650 [maven-release-plugin] prepare release surefire-3.5.3
  • 1270950 use github directly
  • 59f3a1f release tag name backward compatible
  • dfbabe2 assertj-core must be test scope (#826)
  • e1f8119 back to 3.5.3-SNAPSHOT
  • c497559 [maven-release-plugin] prepare for next development iteration
  • 3962112 [maven-release-plugin] prepare release v3.5.3
  • 227c134 surefire shared utils version current version (#825)
  • 1d34c34 Bump org.htmlunit:htmlunit from 4.10.0 to 4.11.1
  • 906b65a Update site descriptors
  • Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-failsafe-plugin from 3.5.2 to 3.5.3

Release notes

Sourced from org.apache.maven.plugins:maven-failsafe-plugin's releases.

3.5.3

🐛 Bug Fixes

👻 Maintenance

📦 Dependency updates

Commits
  • 4434650 [maven-release-plugin] prepare release surefire-3.5.3
  • 1270950 use github directly
  • 59f3a1f release tag name backward compatible
  • dfbabe2 assertj-core must be test scope (#826)
  • e1f8119 back to 3.5.3-SNAPSHOT
  • c497559 [maven-release-plugin] prepare for next development iteration
  • 3962112 [maven-release-plugin] prepare release v3.5.3
  • 227c134 surefire shared utils version current version (#825)
  • 1d34c34 Bump org.htmlunit:htmlunit from 4.10.0 to 4.11.1
  • 906b65a Update site descriptors
  • Additional commits viewable in compare view

Updates com.google.errorprone:error_prone_annotations from 2.36.0 to 2.37.0

Release notes

Sourced from com.google.errorprone:error_prone_annotations's releases.

Error Prone 2.37.0

Changes:

  • The annotations that were previously in error_prone_type_annotations have been been merged into error_prone_annotations. error_prone_type_annotations is now deprecated, and will be removed in a future release.

New checks:

  • AssignmentExpression - The use of an assignment expression can be surprising and hard to read; consider factoring out the assignment to a separate statement.
  • IntFloatConversion - Detect calls to scalb that should be using the double overload instead
  • InvalidSnippet - Detects snippets which omit the : required for inline code.
  • JUnit4EmptyMethods - Detects empty JUnit4 @Before, @After, @BeforeClass, and @AfterClass methods.
  • MockIllegalThrows - Detects cases where Mockito is configured to throw checked exception types which are impossible.
  • NegativeBoolean - Prefer positive boolean names.
  • RuleNotRun - Detects TestRules not annotated with @Rule, that won't be run.
  • StringConcatToTextBlock - Replaces concatenated multiline strings with text blocks.
  • TimeInStaticInitializer - Detects accesses of the system time in static contexts.

Closed issues:

  • Propagate check flags in patch mode (#4699)
  • Fixes a crash in ComputeIfAbsentAmbiguousReference (#4736)
  • Show the field name in HidingField diagnostics (#4775)
  • Add support for jakarta annotations to some checks (#4782)
  • FloatingPointAssertionWithinEpsilonTest depends on default locale (#4815)
  • @InlineMe patching of Strings.repeat produces broken code (#4819)
  • Fix a crash in IdentifierName on unnamed (_) variables (#4847)
  • Fix a crash in ArgumentParameterSwap (#490)

Full changelog: google/error-prone@v2.36.0...v2.37.0

Commits
  • a453935 Release Error Prone 2.37.0
  • 81faa5a Update JDK versions in release.yml
  • 62086b7 Handle multiple arguments in thenThrow.
  • 7440ff1 In StringConcatToTextBlock, don't assume that string literals always have sou...
  • 04fe835 Adds type_annotations back but as a relocation to annotations
  • 1ad73c2 Handle yield in Reachability
  • b1b521f Sniff out the canonical constructor using detective work rather than a flag w...
  • 86e5c95 Optimization: Abort class scan in JUnit4TestNotRun if all suspicious method...
  • c139e7f [StatementSwitchToExpressionSwitch] for the return switch pattern, fix a bug ...
  • 296fb4e Hardcode BoxedPrimitiveEquality:ExemptStaticConstants = false.
  • Additional commits viewable in compare view

Updates com.google.guava:guava-testlib from 33.4.0-jre to 33.4.6-jre

Release notes

Sourced from com.google.guava:guava-testlib's releases.

33.4.6

Guava 33.4.6 fixes two problems that we introduced while modularizing Guava in 33.4.5.

Even if you're not upgrading from Guava 33.4.0 or earlier, still read the release notes for Guava 33.4.1. Those release notes contain information about Guava 33.4.5 and 33.4.6's effect on the module system.

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.4.6-jre</version>
  <!-- or, for Android: -->
  <version>33.4.6-android</version>
</dependency>

Jar files

Guava requires one runtime dependency, which you can download here:

Javadoc

JDiff

Changelog

  • Removed the extra copy of each class from the Guava jar. The extra copies were an accidental addition from the modularization work in Guava 33.4.5. (40485b93ce)
  • Fixed annotation-related warnings when using Guava in modular builds. The most common such warning is Cannot find annotation method 'value()' in type 'DoNotMock': .... (7e15ab3566)

33.4.5

Use Guava 33.4.6, not Guava 33.4.5. 33.4.5 was our first attempt to modularize Guava, but we misconfigured our build, so it:

These issues are fixed in release 33.4.6. Sorry for the trouble.

... (truncated)

Commits

Updates com.google.guava:guava from 33.4.0-jre to 33.4.6-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.4.6

Guava 33.4.6 fixes two problems that we introduced while modularizing Guava in 33.4.5.

Even if you're not upgrading from Guava 33.4.0 or earlier, still read the release notes for Guava 33.4.1. Those release notes contain information about Guava 33.4.5 and 33.4.6's effect on the module system.

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.4.6-jre</version>
  <!-- or, for Android: -->
  <version>33.4.6-android</version>
</dependency>

Jar files

Guava requires one runtime dependency, which you can download here:

Javadoc

JDiff

Changelog

  • Removed the extra copy of each class from the Guava jar. The extra copies were an accidental addition from the modularization work in Guava 33.4.5. (40485b93ce)
  • Fixed annotation-related warnings when using Guava in modular builds. The most common such warning is Cannot find annotation method 'value()' in type 'DoNotMock': .... (7e15ab3566)

33.4.5

Use Guava 33.4.6, not Guava 33.4.5. 33.4.5 was our first attempt to modularize Guava, but we misconfigured our build, so it:

These issues are fixed in release 33.4.6. Sorry for the trouble.

... (truncated)

Commits

Updates com.guardsquare:proguard-base from 7.6.1 to 7.7.0

Release notes

Sourced from com.guardsquare:proguard-base's releases.

v7.7

Java support

  • Add support for Java 24. (#458)

Bugfixes

  • Prevent IllegalArgumentException when strings longer than 65535 bytes are present in the application (#267).
  • Prevent StackOverflowException when processing a pattern match switch (#444).

Improved

  • Improve processing time in apps where a large number of linked methods are present.
Commits
  • ef6a835 Update ProGuardCORE version for Java 24 support (#470)
  • e225e56 Add link to the maven distribution and proguard release in the retrace page.
  • 4288cce Bump proguardCore version to include MethodLinker changes.
  • 3456cf3 Move source files to standard locations (#464)
  • fbcf41f Remove bad import
  • bacde1c Limit size of strings to 65535 bytes
  • 430a045 Bump version to 7.6.2
  • See full diff in compare view

Updates com.guardsquare:proguard-core from 9.1.9 to 9.1.10

Release notes

Sourced from com.guardsquare:proguard-core's releases.

9.1.10

Java support

  • Update maximum supported Java class version to 68.65535 (Java 24).

Bugfixes

  • Prevent StackOverflowError in ConstantPoolShrinker when visiting a pattern matching switch in java >= 21.
Commits
  • 1a25615 Add AccumulatedCodeInjector, allowing injection of multiple code injectors at...
  • e0999ce Add release note for #135
  • c7900bf Prevent loop in ConstantPoolShrinker when visiting pattern matching switch re...
  • bc68501 Add last block InjectionStrategy (#134)
  • a8b07d5 Update maximum supported Java version for Java 24
  • 3bb04ac Update verison to 9.1.10
  • See full diff in compare view

Updates com.github.wvengen:proguard-maven-plugin from 2.6.1 to 2.7.0

Release notes

Sourced from com.github.wvengen:proguard-maven-plugin's releases.

2.7.0

What's Changed

... (truncated)

Changelog

Sourced from com.github.wvengen:proguard-maven-plugin's changelog.

Changelog

Commits
  • de5b906 Prepare version 2.7.0
  • a283f64 Merge pull request #393 from Marcono1234/marcono1234/dependency-injar-filter
  • 16a6a37 Merge pull request #396 from wvengen/dependabot/maven/com.guardsquare-proguar...
  • ced5c4b Merge pull request #398 from Marcono1234/marcono1234/plugin-documentation-site
  • 3dd794c Bump com.guardsquare:proguard-core from 9.1.9 to 9.1.10
  • 0f48e0f Merge pull request #397 from wvengen/dependabot/maven/com.guardsquare-proguar...
  • 52e7c14 Add GitHub workflow for deploying plugin site
  • 16cd7e2 Improve Maven site generation
  • 6b0b4b3 Bump com.guardsquare:proguard-base from 7.6.1 to 7.7.0
  • 70a7215 Merge pull request #390 from wvengen/dependabot/maven/org.apache.maven.plugin...
  • Additional commits viewable in compare view

Updates com.google.protobuf:protobuf-java from 4.30.1 to 4.30.2

Commits
  • 43e1626 Updating version.json and repo version numbers to: 30.2
  • 7a4c63b Fix lite classes in the protobuf-java Maven release to be JDK8 compatible. (#...
  • 7831669 Remove dllexport attribute on variable definition. (#20833)
  • da9cadc Restore JDK8 compatibility in Bazel for libraries with dependencies from Mave...
  • 09b5078 Add protobuf_maven artifacts to protobuf_maven_dev as well so they can still ...
  • b7f06f1 Add volatile to featuresResolved (#20766)
  • b69f653 Restore generator headers in cmake install until the next breaking C++ releas...
  • f4b0a79 Restore custom protobuf maven namespaces to avoid polluting main maven namesp...
  • 2dc9f35 Fix Java concurrency issue in feature resolution for old <=3.25.x gencode usi...
  • 221b2a0 Change how we decide which empty string implementation to use. (#20708)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the maven group with 10 updates
b955009 
Bumps the maven group with 10 updates:

| Package | From | To |
| --- | --- | --- |
| [com.google.errorprone:error_prone_core](https://github.com/google/error-prone) | `2.36.0` | `2.37.0` |
| [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire) | `3.5.2` | `3.5.3` |
| [org.apache.maven.plugins:maven-failsafe-plugin](https://github.com/apache/maven-surefire) | `3.5.2` | `3.5.3` |
| [com.google.errorprone:error_prone_annotations](https://github.com/google/error-prone) | `2.36.0` | `2.37.0` |
| [com.google.guava:guava-testlib](https://github.com/google/guava) | `33.4.0-jre` | `33.4.6-jre` |
| [com.google.guava:guava](https://github.com/google/guava) | `33.4.0-jre` | `33.4.6-jre` |
| [com.guardsquare:proguard-base](https://github.com/Guardsquare/proguard) | `7.6.1` | `7.7.0` |
| [com.guardsquare:proguard-core](https://github.com/Guardsquare/proguard-core) | `9.1.9` | `9.1.10` |
| [com.github.wvengen:proguard-maven-plugin](https://github.com/wvengen/proguard-maven-plugin) | `2.6.1` | `2.7.0` |
| [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf) | `4.30.1` | `4.30.2` |


Updates `com.google.errorprone:error_prone_core` from 2.36.0 to 2.37.0
- [Release notes](https://github.com/google/error-prone/releases)
- [Commits](google/error-prone@v2.36.0...v2.37.0)

Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.5.2 to 3.5.3
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](apache/maven-surefire@surefire-3.5.2...surefire-3.5.3)

Updates `org.apache.maven.plugins:maven-failsafe-plugin` from 3.5.2 to 3.5.3
- [Release notes](https://github.com/apache/maven-surefire/releases)
- [Commits](apache/maven-surefire@surefire-3.5.2...surefire-3.5.3)

Updates `com.google.errorprone:error_prone_annotations` from 2.36.0 to 2.37.0
- [Release notes](https://github.com/google/error-prone/releases)
- [Commits](google/error-prone@v2.36.0...v2.37.0)

Updates `com.google.guava:guava-testlib` from 33.4.0-jre to 33.4.6-jre
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

Updates `com.google.guava:guava` from 33.4.0-jre to 33.4.6-jre
- [Release notes](https://github.com/google/guava/releases)
- [Commits](https://github.com/google/guava/commits)

Updates `com.guardsquare:proguard-base` from 7.6.1 to 7.7.0
- [Release notes](https://github.com/Guardsquare/proguard/releases)
- [Commits](Guardsquare/proguard@v7.6.1...v7.7)

Updates `com.guardsquare:proguard-core` from 9.1.9 to 9.1.10
- [Release notes](https://github.com/Guardsquare/proguard-core/releases)
- [Commits](Guardsquare/proguard-core@v9.1.9...v9.1.10)

Updates `com.github.wvengen:proguard-maven-plugin` from 2.6.1 to 2.7.0
- [Release notes](https://github.com/wvengen/proguard-maven-plugin/releases)
- [Changelog](https://github.com/wvengen/proguard-maven-plugin/blob/master/CHANGELOG.md)
- [Commits](wvengen/proguard-maven-plugin@2.6.1...2.7.0)

Updates `com.google.protobuf:protobuf-java` from 4.30.1 to 4.30.2
- [Release notes](https://github.com/protocolbuffers/protobuf/releases)
- [Changelog](https://github.com/protocolbuffers/protobuf/blob/main/protobuf_release.bzl)
- [Commits](protocolbuffers/protobuf@v4.30.1...v4.30.2)

---
updated-dependencies:
- dependency-name: com.google.errorprone:error_prone_core
  dependency-version: 2.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven
- dependency-name: org.apache.maven.plugins:maven-surefire-plugin
  dependency-version: 3.5.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven
- dependency-name: org.apache.maven.plugins:maven-failsafe-plugin
  dependency-version: 3.5.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven
- dependency-name: com.google.errorprone:error_prone_annotations
  dependency-version: 2.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven
- dependency-name: com.google.guava:guava-testlib
  dependency-version: 33.4.6-jre
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven
- dependency-name: com.google.guava:guava
  dependency-version: 33.4.6-jre
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven
- dependency-name: com.guardsquare:proguard-base
  dependency-version: 7.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven
- dependency-name: com.guardsquare:proguard-core
  dependency-version: 9.1.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven
- dependency-name: com.github.wvengen:proguard-maven-plugin
  dependency-version: 2.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: maven
- dependency-name: com.google.protobuf:protobuf-java
  dependency-version: 4.30.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: maven
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Apr 1, 2025
Marcono1234
Marcono1234 reviewed Apr 3, 2025
View reviewed changes
Comment thread test-shrinker/pom.xml
<groupId>com.github.wvengen</groupId>
<artifactId>proguard-maven-plugin</artifactId>
<version>2.6.1</version>
<version>2.7.0</version>
Copy link
Copy Markdown
Contributor

@Marcono1234 Marcono1234 Apr 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can probably now remove the Note: ... https://github.com/wvengen/proguard-maven-plugin/issues/388 comment a few lines below, because that has been resolved in version 2.7.0.

Copy link
Copy Markdown
Member

@eamonnmcmanus eamonnmcmanus Apr 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Would you mind sending a separate PR for that after this one has been merged?

Copy link
Copy Markdown
Contributor

@Marcono1234 Marcono1234 Apr 3, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, here it is: #2835

@eamonnmcmanus eamonnmcmanus merged commit 9afd6f8 into main Apr 3, 2025
11 checks passed
@eamonnmcmanus eamonnmcmanus deleted the dependabot/maven/maven-5c36a1fa99 branch April 3, 2025 18:18
@Marcono1234 Marcono1234 mentioned this pull request Apr 3, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@eamonnmcmanus eamonnmcmanus eamonnmcmanus approved these changes

+1 more reviewer

@Marcono1234 Marcono1234 Marcono1234 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@eamonnmcmanus @Marcono1234