dependabot[bot] opened a new pull request, #584: URL: https://github.com/apache/santuario-xml-security-java/pull/584
Bumps [com.google.errorprone:error_prone_core](https://github.com/google/error-prone) from 2.42.0 to 2.49.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google/error-prone/releases";>com.google.errorprone:error_prone_core's releases</a>.</em></p> <blockquote> <h2>Error Prone 2.49.0</h2> <p>This release includes several changes to <code>Matcher</code> APIs, and removed some deprecated or problematic APIs:</p> <ul> <li>Remove deprecated <code>MethodMatchers.withSignature</code> API, which relies on fragile <code>toString</code> behaviour. Alternatives for matching on method signatures with varargs and type parameters were added in <a href="https://github.com/google/error-prone/commit/a98a1c55d92d343ae2c142485e8888cd46aa78b3";>https://github.com/google/error-prone/commit/a98a1c55d92d343ae2c142485e8888cd46aa78b3</a>.</li> <li>Removed <code>variableType(Matcher)</code> API. <code>Matchers.variableType(Matcher)</code> uses <code>VariableTree#getType</code> to match variable types, which own't work for lambda parameters with inferred types after <a href="https://bugs.openjdk.org/browse/JDK-8268850";>JDK-8268850</a>. The recommended replacement is <code>variableType(TypePredicate)</code>.</li> <li>Make <code>enclosingPackage</code> return an optional. Module elements are not enclosed by a package, checks using <code>enclosingPackage</code> shouldn't assume an enclosing package exists when processing arbitrary elements.</li> <li>New <code>FieldMatchers</code> API, similar to <code>MethodMatchers</code> (<a href="https://github.com/google/error-prone/commit/1dd9c3a6bd76fca8104be6ae1c1004655d6a1745";>https://github.com/google/error-prone/commit/1dd9c3a6bd76fca8104be6ae1c1004655d6a1745</a>).</li> </ul> <p>New checks:</p> <ul> <li><a href="https://errorprone.info/bugpattern/AssertThrowsBlockToExpression";><code>AssertThrowsBlockToExpression</code></a>: Discourage unnecessary block lambdas in <code>assertThrows</code>.</li> <li><a href="https://errorprone.info/bugpattern/AssertThrowsMinimizer";><code>AssertThrowsMinimizer</code></a>: Suggest minimizing the amount of logic in <code>assertThrows</code>.</li> <li><a href="https://errorprone.info/bugpattern/MemorySegmentReferenceEquality";><code>MemorySegmentReferenceEquality</code></a>: Discourage using reference equality for <code>MemorySegments</code>.</li> <li><a href="https://errorprone.info/bugpattern/PreferThrowsTag";><code>PreferThrowsTag</code></a>: Recommends using <code>@throws</code> instead of the legacy <code>@exception</code> javadoc tag.</li> <li><a href="https://errorprone.info/bugpattern/RecordAccessorInCompactConstructor";><code>RecordAccessorInCompactConstructor</code></a>: detect record accessors inside the compact canonical ctors, which read uninitialized fields.</li> </ul> <p>Closed issues: <a href="https://redirect.github.com/google/error-prone/issues/2283";>#2283</a>, <a href="https://redirect.github.com/google/error-prone/issues/3503";>#3503</a>, <a href="https://redirect.github.com/google/error-prone/issues/5210";>#5210</a>, <a href="https://redirect.github.com/google/error-prone/issues/5289";>#5289</a>, <a href="https://redirect.github.com/google/error-prone/issues/5548";>#5548</a>, <a href="https://redirect.github.com/google/error-prone/issues/5548";>#5548</a>, <a href="https://redirect.github.com/google/error-prone/issues/5554";>#5554</a>, <a href="https://redirect.github.com/google/error-prone/issues/5609";>#5609</a>, <a href="https://redirect.github.com/google/error-prone/issues/5614";>#5614</a>, <a href="https://redirect.github.com/google/error-prone/issues/5656";>#5656</a></p> <p>Full changelog: <a href="https://github.com/google/error-prone/compare/v2.48.0...v2.49.0";>https://github.com/google/error-prone/compare/v2.48.0...v2.49.0</a></p> <h2>Error Prone 2.48.0</h2> <p>Changes:</p> <ul> <li>Added support for passing flags with command-line argument files (<code>@</code>-files) (<a href="https://github.com/google/error-prone/commit/8e84edf1beedc99ff2cff3c21a7adec578ad053e";>https://github.com/google/error-prone/commit/8e84edf1beedc99ff2cff3c21a7adec578ad053e</a>)</li> </ul> <p>New checks:</p> <ul> <li><a href="https://errorprone.info/bugpattern/AvoidValueSetter";><code>AvoidValueSetter</code></a></li> <li><a href="https://errorprone.info/bugpattern/UnnecessarySemicolon";><code>UnnecessarySemicolon</code></a></li> </ul> <p>Closed issues: <a href="https://redirect.github.com/google/error-prone/issues/5529";>#5529</a>, <a href="https://redirect.github.com/google/error-prone/issues/5537";>#5537</a>, <a href="https://redirect.github.com/google/error-prone/issues/5522";>#5522</a>, <a href="https://redirect.github.com/google/error-prone/issues/5521";>#5521</a></p> <p>Full changelog: <a href="https://github.com/google/error-prone/compare/v2.47.0...v2.48.0";>https://github.com/google/error-prone/compare/v2.47.0...v2.48.0</a></p> <h2>Error Prone 2.47.0</h2> <p>New checks:</p> <ul> <li><a href="https://errorprone.info/bugpattern/InterruptedInCatchBlock";><code>InterruptedInCatchBlock</code></a>: Detect accidental calls to <code>Thread.interrupted()</code> inside of <code>catch(InterruptedException e)</code> blocks.</li> <li><a href="https://errorprone.info/bugpattern/RefactorSwitch";><code>RefactorSwitch</code></a>: Refactorings to simplify arrow switches</li> <li><a href="https://errorprone.info/bugpattern/UnnamedVariable";><code>UnnamedVariable</code></a>: Rename unused variables to <code>_</code></li> </ul> <p>Closed issues: <a href="https://redirect.github.com/google/error-prone/issues/1811";>#1811</a>, <a href="https://redirect.github.com/google/error-prone/issues/4168";>#4168</a>, <a href="https://redirect.github.com/google/error-prone/issues/5459";>#5459</a>, <a href="https://redirect.github.com/google/error-prone/issues/5460";>#5460</a></p> <p>Full changelog: <a href="https://github.com/google/error-prone/compare/v2.46.0...v2.47.0";>https://github.com/google/error-prone/compare/v2.46.0...v2.47.0</a></p> <h2>Error Prone 2.46.0</h2> <p>Changes:</p> <ul> <li>The javac flag <code>-XDaddTypeAnnotationsToSymbol=true</code> is now required for Error Prone invocations on JDK 21, to enable the javac fix for <a href="https://bugs.openjdk.org/browse/JDK-8225377";>JDK-8225377: type annotations are not visible to javac plugins across compilation boundaries</a>. See <a href="https://redirect.github.com/google/error-prone/issues/5426";>google/error-prone#5426</a> for details.</li> <li>Remove deprecated <code>value</code> attribute from <code>@IncompatibleModifiers</code> and <code>@RequiredModifiers</code> (<a href="https://redirect.github.com/google/error-prone/issues/2122";>google/error-prone#2122</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google/error-prone/commit/89d75c196f2bac93d7aab17db6d2d70a2ee55941";><code>89d75c1</code></a> Release Error Prone 2.49.0</li> <li><a href="https://github.com/google/error-prone/commit/0b7b03b05d038f596e687e35fccd2cdc0356a7e2";><code>0b7b03b</code></a> Fix up some javadoc on `ModifySourceCollectionInStream.isStreamApiInvocationO...</li> <li><a href="https://github.com/google/error-prone/commit/fe5a7b1f4583db97387c46ed32ccd664d3f455f6";><code>fe5a7b1</code></a> Remove old FieldMatchers API</li> <li><a href="https://github.com/google/error-prone/commit/d54a1d1cd9b57dd49de585e21d0e315f3fb88c82";><code>d54a1d1</code></a> Fix up some <code>Finally</code> javadocs.</li> <li><a href="https://github.com/google/error-prone/commit/d93b31908fd361eb5e817a7dd18a1296f12f6414";><code>d93b319</code></a> [RefactorSwitch] bugfix comment handling</li> <li><a href="https://github.com/google/error-prone/commit/ff59782c69b9394e14b11d0b17574fe5b3dafa9c";><code>ff59782</code></a> [IfChainToSwitch] cleanup redundant conditions in ternary. No functional cha...</li> <li><a href="https://github.com/google/error-prone/commit/43b6df64ed635e1fcabaabd9c884df5753aac26b";><code>43b6df6</code></a> Generalise DuplicateAssertion to handle check* methods.</li> <li><a href="https://github.com/google/error-prone/commit/2c4346f59fdcdda7bf17839b55d2d5e416c7d1d1";><code>2c4346f</code></a> Fix a bug in <code>BooleanLiteral</code>: it currently suggests replacing `Boolean.FALSE...</li> <li><a href="https://github.com/google/error-prone/commit/559039bcc26400cd725236bdffe7fc94c4519311";><code>559039b</code></a> [IfChainToSwitch] doc-only change. fix typo in code comments.</li> <li><a href="https://github.com/google/error-prone/commit/393c61ce5b28fd5bcd1290ee831d3358d37cce16";><code>393c61c</code></a> [IfChainToSwitch] enhance code generation to emit unnamed variables, when sup...</li> <li>Additional commits viewable in <a href="https://github.com/google/error-prone/compare/v2.42.0...v2.49.0";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
