nbaars / paseto4j

Paseto implementation for Java
https://nbaars.github.io/paseto4j/
MIT License
62 stars 14 forks source link

build:(deps): Bump com.google.errorprone:error_prone_core from 2.23.0 to 2.34.0 #179

Closed dependabot[bot] closed 4 weeks ago

dependabot[bot] commented 1 month ago

Bumps com.google.errorprone:error_prone_core from 2.23.0 to 2.34.0.

Release notes

Sourced from com.google.errorprone:error_prone_core's releases.

Error Prone 2.34.0

Changes:

  • Passing the javac flag --should-stop=ifError=FLOW is now required when running Error Prone (#4595)
  • The MemberName check was renamed to IdentifierName

New checks:

Closed issues: #4595, #4598, #4620

Full changelog: https://github.com/google/error-prone/compare/v2.33.0...v2.34.0

Error Prone 2.33.0

Similar to release 2.32.0, the minimum supported JDK version to run Error Prone is JDK 17 (#3803). Using Error Prone to compile code that is deployed to earlier versions is still fully supported, but will require using JDK 17 or newer for compilation and setting --release or -source/-target/-bootclasspath.

Changes:

  • Update protobuf version for CVE-2024-7254

New checks:

Full changelog: https://github.com/google/error-prone/compare/v2.32.0...v2.33.0

Error Prone 2.32.0

The minimum support JDK version to run Error Prone is now JDK 17 (#3803).

Using Error Prone to compile code that is deployed to earlier versions is still fully supported, but will requires using JDK 17 or newer for compilation and setting --release or -source/-target/-bootclasspath.

Full changelog: https://github.com/google/error-prone/compare/v2.31.0...v2.32.0

Error Prone 2.31.0

This is the last planned minor release of Error Prone that will support running on JDK 11, see #3803. Using Error Prone to compile code that is deployed to earlier versions will continue to be fully supported, but will require using JDK 17 or newer for compilation and setting --release or -source/-target/-bootclasspath.

Changes:

New checks:

  • AutoValueBoxedValues: AutoValue instances should not usually contain boxed types that are not Nullable. We recommend removing the unnecessary boxing.

... (truncated)

Commits
  • bb113af Release Error Prone 2.34.0
  • 82a2168 Recognize that Runtime.halt and exit never return.
  • 1d04094 A couple of fixes in MoreAnnotations
  • 6203a0e Remove references to -XDshouldStopPolicyIfError now that `--should-stop=ifE...
  • 40bb976 Tweak ThrowIfUncheckedKnownChecked implementation to match `ThrowIfUnchecke...
  • 6380cc2 Warn about throwIfUnchecked(unchecked), which could be just throw unchecked.
  • 7a73690 Fix or suppress CheckReturnValue errors
  • ca50d5c Update --should-stop=ifError=FLOW flags
  • c897d8f Open-source more of check_api/src/test/java/com/google/errorprone/util
  • 4f630fc Rename MemberName to SymbolName, given it's handling classes too now.
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 4 weeks ago

Superseded by #184.