search

opensearch-project / security

🔐 Secure your cluster with TLS, numerous authentication backends, data masking, audit logging as well as role-based access control on indices, documents, and fields
https://opensearch.org/docs/latest/security-plugin/index/
Apache License 2.0
180 stars 264 forks source link

Bump org.checkerframework:checker-qual from 3.43.0 to 3.44.0 #4419

Closed dependabot[bot] closed 3 weeks ago

dependabot[bot] commented 3 weeks ago

Bumps org.checkerframework:checker-qual from 3.43.0 to 3.44.0.

Release notes

Sourced from org.checkerframework:checker-qual's releases.

Checker Framework 3.44.0

Version 3.44.0 (June 3, 2024)

Implementation details:

Removed methods:

  • AbstractAnalysis.readFromStore(): use Map.get()

Renamed methods:

  • CFAbstractStore.methodValues() => methodCallExpressions()
  • AbstractCFGVisualizer.format() => escapeString()

Renamed fields:

  • AnalysisResult.stores => inputs

Deprecated methods:

  • AbstractAnalysis.getContainingMethod() => getEnclosingMethod()
  • AbstractAnalysis.getContainingClass() => getEnclosingMethod()
  • ControlFlowGraph.getContainingMethod() => getEnclosingMethod()
  • ControlFlowGraph.getContainingClass() => getEnclosingClass()
  • JavaExpression.isUnassignableByOtherCode() => isAssignableByOtherCode()
  • JavaExpression.isUnmodifiableByOtherCode() => isModifiableByOtherCode()

BaseTypeVisitor#visitMethod(MethodTree, Void) is now final. Subclasses should override BaseTypeVisitor#processMethodTree(MethodTree).

Closed issues:

#802, #2676, #2780, #2926, #3378, #3612, #3764, #4007, #4964, #5070, #5176, #5237, #5541, #6046, #6382, #6388, #6566, #6568, #6570, #6576, #6577, #6631, #6635, #6636, #6644.

Changelog

Sourced from org.checkerframework:checker-qual's changelog.

Version 3.44.0 (June 3, 2024)

Implementation details:

Removed methods:

  • AbstractAnalysis.readFromStore(): use Map.get()

Renamed methods:

  • CFAbstractStore.methodValues() => methodCallExpressions()
  • AbstractCFGVisualizer.format() => escapeString()

Renamed fields:

  • AnalysisResult.stores => inputs

Deprecated methods:

  • AbstractAnalysis.getContainingMethod() => getEnclosingMethod()
  • AbstractAnalysis.getContainingClass() => getEnclosingMethod()
  • ControlFlowGraph.getContainingMethod() => getEnclosingMethod()
  • ControlFlowGraph.getContainingClass() => getEnclosingClass()
  • JavaExpression.isUnassignableByOtherCode() => isAssignableByOtherCode()
  • JavaExpression.isUnmodifiableByOtherCode() => isModifiableByOtherCode()

BaseTypeVisitor#visitMethod(MethodTree, Void) is now final. Subclasses should override BaseTypeVisitor#processMethodTree(MethodTree).

Closed issues:

#802, #2676, #2780, #2926, #3378, #3612, #3764, #4007, #4964, #5070, #5176, #5237, #5541, #6046, #6382, #6388, #6566, #6568, #6570, #6576, #6577, #6631, #6635, #6636, #6644.

Commits
  • 9ae1463 new release 3.44.0
  • a4a4232 Prep for release.
  • cac43aa Use instantiation of inference variable. (#6638)
  • 463c4eb Don't use -XDrawDiagnostics in testing framework (#6647)
  • b188046 Don't use -XDrawDiagnostics in jtreg tests when it is not necessary (#6646)
  • c85eb69 Preprocess unicode escapes when parsing using JavaParser (#6632)
  • 959822a Update versions.autoValue to v1.11.0 (#6640)
  • 869577b Update versions.errorprone to v2.28.0 (#6643)
  • 8a25d99 Update dependency gradle to v8.8 (#6639)
  • 9657f9f Update dependency com.amazonaws:aws-java-sdk-bom to v1.12.734
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
opensearch-trigger-bot[bot] commented 3 weeks ago

The backport to 2.x failed:

The process '/usr/bin/git' failed with exit code 128

To backport manually, run these commands in your terminal:

# Navigate to the root of your repository
cd $(git rev-parse --show-toplevel)
# Fetch latest updates from GitHub
git fetch
# Create a new working tree
git worktree add ../.worktrees/security/backport-2.x 2.x
# Navigate to the new working tree
pushd ../.worktrees/security/backport-2.x
# Create a new branch
git switch --create backport/backport-4419-to-2.x
# Cherry-pick the merged commit of this pull request and resolve the conflicts
git cherry-pick -x --mainline 1 fbcc1f9bf640a8aa198d87ce3ff27a447d76d4db
# Push it to GitHub
git push --set-upstream origin backport/backport-4419-to-2.x
# Go back to the original working tree
popd
# Delete the working tree
git worktree remove ../.worktrees/security/backport-2.x

Then, create a pull request where the base branch is 2.x and the compare/head branch is backport/backport-4419-to-2.x.