Bump org.apache.commons:commons-compress from 1.21 to 1.26.0 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#307) @dependabot
Bump apache/maven-gh-actions-shared from 3 to 4 (#308) @dependabot
Bump org.xerial.snappy:snappy-java from 1.1.10.1 to 1.1.10.4 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#292) @dependabot
Bump org.apache.commons:commons-compress from 1.21 to 1.26.0 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#307) @dependabot
Bump org.assertj:assertj-core from 3.25.1 to 3.25.3 (#304) @dependabot
Bump org.junit:junit-bom from 5.10.1 to 5.10.2 (#303) @dependabot
Bump org.xerial.snappy:snappy-java from 1.1.10.1 to 1.1.10.4 in /maven-enforcer-plugin/src/it/projects/dependency-convergence_transitive_provided/module1 (#292) @dependabot
Oxford comma, fill to file, and tighten language (#290) @elharo
net: Changed InetAddress-String conversion methods to preserve the IPv6 scope ID if present. The scope ID can be necessary for IPv6-capable devices with multiple network interfaces. However, preserving it can also lead to problems for callers that rely on the returned values not to include the scope ID:
Callers might compensate for the old behavior of the methods by appending the scope ID to a returned string themselves. If so, you can update your code to stop doing so at the same time as you upgrade Guava. Of, if your code might run against multiple versions of Guava, you can check whether Guava has included a scope ID before you add one yourself.
Callers might pass the returned string to another system that does not understand scope IDs. If so, you can strip the scope ID off, whether by truncating the string form at a % character (leaving behind any trailing ] character in the case of forUriString) or by replacing the returned InetAddress with a new instance constructed by calling InetAddress.getByAddress(addr).
java.net.InetAddress validates any provided scope ID against the interfaces available on the machine. As a result, methods in InetAddresses may now fail if the scope ID fails validation.
Notable cases in which this may happen include:
if the code runs in an Android app without networking permission
if code passes InetAddress instances or strings across devices
If this is not the behavior that you want, then you can strip off the scope ID from the input string before passing it to Guava, as discussed above. (3f61870ac6)
33.2.0
Android users: Please test recent Guava versions
If you know of Guava Android users who have not yet upgraded to at least release 33.0.0, please encourage them to upgrade, preferably to today's release, 33.2.0. These releases have begun adding Java 8+ APIs to guava-android. While we don't anticipate problems, we do anticipate that any unexpected problems could force a disruptive rollback. To minimize any disruption, we'd like to catch any such problems early.
Add support for dynamic dispatch in ExecutorInvocationUnit. This makes it possible to execute methods based on statically observed types of objects, not only based on the type of the used variables.
API changes
Remove ExecutorMatcher and change the Executor interface so that it declares supported methods by MethodSignature wildcards instead.
Add @Nullable annotations to MethodSignature.
Kotlin support
Update Kotlin dependency to 2.0.0 final release version.
Bugfixes
Prevent potential NullPointerException when Kotlin property metadata isVar flag does not correctly indicate the presence of a setter.
Add a parameter to be able to skip build native for pom type modules, leave it as false per default for backward compat by @olamy in graalvm/native-build-tools#593
net: Changed InetAddress-String conversion methods to preserve the IPv6 scope ID if present. The scope ID can be necessary for IPv6-capable devices with multiple network interfaces. However, preserving it can also lead to problems for callers that rely on the returned values not to include the scope ID:
Callers might compensate for the old behavior of the methods by appending the scope ID to a returned string themselves. If so, you can update your code to stop doing so at the same time as you upgrade Guava. Of, if your code might run against multiple versions of Guava, you can check whether Guava has included a scope ID before you add one yourself.
Callers might pass the returned string to another system that does not understand scope IDs. If so, you can strip the scope ID off, whether by truncating the string form at a % character (leaving behind any trailing ] character in the case of forUriString) or by replacing the returned InetAddress with a new instance constructed by calling InetAddress.getByAddress(addr).
java.net.InetAddress validates any provided scope ID against the interfaces available on the machine. As a result, methods in InetAddresses may now fail if the scope ID fails validation.
Notable cases in which this may happen include:
if the code runs in an Android app without networking permission
if code passes InetAddress instances or strings across devices
If this is not the behavior that you want, then you can strip off the scope ID from the input string before passing it to Guava, as discussed above. (3f61870ac6)
33.2.0
Android users: Please test recent Guava versions
If you know of Guava Android users who have not yet upgraded to at least release 33.0.0, please encourage them to upgrade, preferably to today's release, 33.2.0. These releases have begun adding Java 8+ APIs to guava-android. While we don't anticipate problems, we do anticipate that any unexpected problems could force a disruptive rollback. To minimize any disruption, we'd like to catch any such problems early.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the maven group with 14 updates:
2.27.0
2.28.0
3.4.1
3.5.0
3.6.3
3.7.0
0.21.1
0.21.2
2.27.0
2.28.0
33.1.0-jre
33.2.1-jre
7.4.2
7.5.0
9.1.3
9.1.4
0.10.1
0.10.2
3.5.3
3.6.0
3.2.0
3.3.0
2.17.0
2.17.1
4.26.1
4.27.0
33.1.0-jre
33.2.1-jre
Updates
com.google.errorprone:error_prone_core
from 2.27.0 to 2.28.0Release notes
Sourced from com.google.errorprone:error_prone_core's releases.
Commits
c71fd4e
Release Error Prone 2.28.032997f7
Bugfix assignment switch analysis in StatementSwitchToExpressionSwitch: if an...2dde254
Update references to javadoc APIs after the introduction of Markdown doc comm...5fef6e0
Yet another JUnitIncompatibleType crash fix.c2df1b6
Refactor comment handling in tokenization to use a new ErrorProneComment clas...3fff610
Update hamcrest to v2.26f265dd
Add a disabled regression test for an UnusedVariable bug5eded87
Add an Error Prone check that reimplements javac sunapi warnings9e0fbf7
Prepare for a change to the return type ofJCCompilationUnit#getImports
in ...13be411
Handlenull != CONST_CASE
in YodaConditionUpdates
org.apache.maven.plugins:maven-enforcer-plugin
from 3.4.1 to 3.5.0Release notes
Sourced from org.apache.maven.plugins:maven-enforcer-plugin's releases.
Commits
21b31b5
[maven-release-plugin] prepare release enforcer-3.5.0e6cd6e9
Remove unused dependency (#316)29d1c0d
[MENFORCER-497] Require Maven 3.6.3+80e6626
[MENFORCER-503] Pass context to ProfileActivator - fix NPE in Maven 3.9.75c7d0bc
[MENFORCER-494] Allow banning dynamic versions in whole tree (#294)e687c46
[MENFORCER-501] Bump commons-io:commons-io from 2.16.0 to 2.16.1 (#311)6665083
[MENFORCER-501] Bump commons-codec:commons-codec from 1.16.1 to 1.17.0 (#312)3eb6343
Bump project version to 3.5.0-SNAPSHOT1cf5c5f
[MENFORCER-504] Bump org.apache.maven:maven-parent from 41 to 42 (#314)a24b557
Manage ignore artifacts for dependabot in PRUpdates
org.apache.maven.plugins:maven-javadoc-plugin
from 3.6.3 to 3.7.0Commits
2c28b8d
[maven-release-plugin] prepare release maven-javadoc-plugin-3.7.05530d68
[MJAVADOC-793] java.lang.NullPointerException: Cannot invoke "String.length()...08cf68e
Revert "Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2"6446822
Bump org.apache.maven.shared:maven-invoker from 3.2.0 to 3.3.049c93ad
Bump org.assertj:assertj-core from 3.25.3 to 3.26.04e72048
[MJAVADOC-795] Upgrade to Parent 42 and Maven 3.6.3b55dd96
Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.277ad410
Bump org.apache.commons:commons-text from 1.11.0 to 1.12.0c21568a
Bump commons-io:commons-io from 2.16.0 to 2.16.1ded56a9
Exclude JDK 8 - temurin, adopt-openj9 on macosUpdates
com.github.siom79.japicmp:japicmp-maven-plugin
from 0.21.1 to 0.21.2Commits
1d75ed7
[maven-release-plugin] prepare release japicmp-base-0.21.2317f263
Merge pull request #397 from Billlynch/master7a23595
remove formatting noiseac02dc8
refactor8a10b71
fix: check changes in return types68727ed
[maven-release-plugin] prepare for next development iterationUpdates
com.google.errorprone:error_prone_annotations
from 2.27.0 to 2.28.0Release notes
Sourced from com.google.errorprone:error_prone_annotations's releases.
Commits
c71fd4e
Release Error Prone 2.28.032997f7
Bugfix assignment switch analysis in StatementSwitchToExpressionSwitch: if an...2dde254
Update references to javadoc APIs after the introduction of Markdown doc comm...5fef6e0
Yet another JUnitIncompatibleType crash fix.c2df1b6
Refactor comment handling in tokenization to use a new ErrorProneComment clas...3fff610
Update hamcrest to v2.26f265dd
Add a disabled regression test for an UnusedVariable bug5eded87
Add an Error Prone check that reimplements javac sunapi warnings9e0fbf7
Prepare for a change to the return type ofJCCompilationUnit#getImports
in ...13be411
Handlenull != CONST_CASE
in YodaConditionUpdates
com.google.guava:guava-testlib
from 33.1.0-jre to 33.2.1-jreRelease notes
Sourced from com.google.guava:guava-testlib's releases.
... (truncated)
Commits
Updates
com.guardsquare:proguard-base
from 7.4.2 to 7.5.0Release notes
Sourced from com.guardsquare:proguard-base's releases.
Commits
af475c6
Update usage.md (#407)8d7ddf8
Update foojay resolver pluginf5f2f06
Add .kotlin from Kotlin 2.0.0 in .gitignore (#406)aa43b9d
Update versions for 7.5 (#404)0d9ceb7
fix lint violations in ConfigurationParserTest1d28c11
Synchronize keep flags on getter/setter/backing field for kotlin propertiesb85b2cb
Bump version to 7.5.0-beta01 and add release note0c95982
integrate kotlin 2 support38de2e4
Update releasenotes.md76b2921
Update ProGuardCORE version (#398)Updates
com.guardsquare:proguard-core
from 9.1.3 to 9.1.4Release notes
Sourced from com.guardsquare:proguard-core's releases.
Commits
bd3ba7f
Update releasenotes.md2202ae3
Update Kotlin dependency to final 2.0 version56ca6bb
Support dynamic dispatch in Executors95688bc
Use ProGuardCore exceptions1d70f6d
Stop tests from cluttering/tmp
with temporary files43a3b96
Change MaxStackSizeComputer logger.error to ProguardCoreException3332750
Update releasenotes.md2eb09b8
Use a null check instead of isVar to check if property has a getterebb9de4
Audit uses of the error level logs8965861
Refactor ClassInitializer to use InvalidReferenceVisitorsUpdates
org.graalvm.buildtools:native-maven-plugin
from 0.10.1 to 0.10.2Release notes
Sourced from org.graalvm.buildtools:native-maven-plugin's releases.
Commits
de7f1df
Bump repo version to 0.10.2c47f2dc
Merge pull request #594 from graalvm/dnestoro/UpdateMetadataVersion892da4f
Update Reachability Metadata repository version9f8dbd0
Add a parameter to be able to skip build native for pom type modules, leave i...d4b5ce3
fix class path directroy analyzer (#590)08d4a02
Merge pull request #589 from n0tl3ss/stale-filesca05132
code review fixesca35e20
trigger build5ffff01
write-args-file task should delete old stale args file before generating a ne...6db59ba
Merge pull request #580 from dnestoro/dnestoro/SetProperDefaultMetadataCopyDirUpdates
org.apache.maven.plugins:maven-shade-plugin
from 3.5.3 to 3.6.0Commits
9a572e2
[maven-release-plugin] prepare release maven-shade-plugin-3.6.0ade2e35
[MSHADE-428] Prevent null value in array of transformers (#229)b573b8c
[MSHADE-478] Extra JARs feature (#228)199ffae
Drop the cruft (#225)912a81d
Bump maven-gh-actions-shared to v480e4420
[maven-release-plugin] prepare for next development iterationUpdates
org.codehaus.mojo:exec-maven-plugin
from 3.2.0 to 3.3.0Release notes
Sourced from org.codehaus.mojo:exec-maven-plugin's releases.
Commits
366da2f
[maven-release-plugin] prepare release 3.3.0416c83a
Bump org.codehaus.mojo:mojo-parent from 80 to 82 (#429)8d3327f
Bump org.codehaus.plexus:plexus-utils from 4.0.0 to 4.0.1662ab09
Bump asm.version from 9.6 to 9.7ec97f4d
Add "provided" classpathScope (runtime+provided)d18ed80
Bump apache/maven-gh-actions-shared from 3 to 4f19bde1
[maven-release-plugin] prepare for next development iterationUpdates
com.fasterxml.jackson.core:jackson-databind
from 2.17.0 to 2.17.1Commits
Updates
com.google.protobuf:protobuf-java
from 4.26.1 to 4.27.0Commits
Updates
com.google.guava:guava
from 33.1.0-jre to 33.2.1-jreRelease notes
Sourced from com.google.guava:guava's releases.
... (truncated)
Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show