Update all non-major dependencies (branch_9x)#4586
Conversation
|
The bulk renovate PR bumped several dependencies whose new releases dropped Java 11 support, breaking the branch_9x build (which targets Java 11): - com.palantir.consistent-versions 2.37.0 -> 2.32.0 (2.37.0 needs Java 17) - org.carrot2:carrot2-core 4.8.6 -> 4.5.1 (4.8.6 needs Java 21) - org.apache.hadoop 3.5.0 -> 3.4.1 (3.5.0 needs Java 17) - dev.langchain4j 0.36.2 -> 0.35.0 (0.36.2 needs Java 17) - com.google.errorprone 2.50.0 -> 2.31.0 (build hard-pins 2.31.0 for JDK11) Pin these in the branch_9x renovate.json overlay so they are not re-proposed. Keep org.owasp.dependencycheck 12.2.2 and adapt owasp-dependency-check.gradle to pass suppressionFile as a String (the newer plugin rejects a File). Regenerated versions.lock and licenses accordingly.
CI fix: several bumps in this PR dropped Java 11 supportThe I reproduced locally with Temurin 11 and confirmed each by inspecting the class-file versions in the resolved jars:
What I pushed
Verification
Net effect: the safe upgrades (jersey, swagger, jackson, spotbugs-annotations, owasp, …) are retained; only the four that can't run on Java 11 are held back. Note: the push updated the PR branch, so CI will re-run on this new commit. |
This PR contains the following updates:
4.5.1→4.8.63.4.1→3.5.03.4.1→3.5.03.4.1→3.5.03.4.1→3.5.03.4.1→3.5.00.35.0→0.36.22.32.0→2.37.02.31.0→2.50.012.1.3→12.2.2suppressionFilenow takes aString, not aFile)4.8.6→4.10.2Release Notes
langchain4j/langchain4j (dev.langchain4j:langchain4j-open-ai)
v0.36.2Compare Source
What's Changed
v0.36.1Compare Source
Fixes
What's Changed
Full Changelog: langchain4j/langchain4j@0.36.0...0.36.1
v0.36.0Compare Source
Core Features/Updates
@DeprecatedcandidatesforRemoval = trueby @langchain4j in #2028langchain4j-coreby @kpavlov in #1987TokenStream: added tool execution callback by @sakoojiang in #1818TextClassifier: option to returnscoreand support label types beyondenumby @Martin7-1 in #1800EmbeddingStoreIngestor: tracking token usage by @pguedes17 in #1907ReRankingContentAggregator: addedmaxResultsconfiguration by @omarmahamid in #2043New Integrations
Notable Updates
MilvusServiceClientby @omarmahamid in #2042Other Changes
EmbeddingStoreWithFilteringITby @Martin7-1 in #1925langchain4j-vearchget rid of lombok by @Martin7-1 in #1809New Contributors
Full Changelog: langchain4j/langchain4j@0.35.0...0.36.0
google/error-prone (com.google.errorprone:error_prone_annotations)
v2.50.0: Error Prone 2.50.0New checks:
BoxingComparator: Detect implicitly-boxing Comparator.comparing key extractorsExposedPrivateType: Discourage references to private member classes from non-private APIsJUnitMethodInvoked: Discourage directly invoking JUnit test methodsListRemoveAmbiguous: Detect ambiguous calls toList.remove(int|Integer)PreferTestParameter: suggests using@TestParameterinstead of@TestParametersfor exhaustive boolean and enum parameters on single-element parameterized testsRecordComponentAccessorAnnotationConflict: Detect conflicts between record components and explicit accessor methodsRecordComponentOverride: Discourage@Overrideon record component declarations that don't overrideanything
ThrowableEqualsHashCode: Discourage overridingThrowable.equals()andhashCode()Closed issues: #5553, #5649, #5778
Full changelog: google/error-prone@v2.49.0...v2.50.0
v2.49.0: Error Prone 2.49.0This release includes several changes to
MatcherAPIs, and removed some deprecated or problematic APIs:MethodMatchers.withSignatureAPI, which relies on fragiletoStringbehaviour. Alternatives for matching on method signatures with varargs and type parameters were added ina98a1c5.variableType(Matcher)API.Matchers.variableType(Matcher)usesVariableTree#getTypeto match variable types, which own't work for lambda parameters with inferred types after JDK-8268850. The recommended replacement isvariableType(TypePredicate).enclosingPackagereturn an optional. Module elements are not enclosed by a package, checks usingenclosingPackageshouldn't assume an enclosing package exists when processing arbitrary elements.FieldMatchersAPI, similar toMethodMatchers(1dd9c3a).New checks:
AssertThrowsBlockToExpression: Discourage unnecessary block lambdas inassertThrows.AssertThrowsMinimizer: Suggest minimizing the amount of logic inassertThrows.MemorySegmentReferenceEquality: Discourage using reference equality forMemorySegments.PreferThrowsTag: Recommends using@throwsinstead of the legacy@exceptionjavadoc tag.RecordAccessorInCompactConstructor: detect record accessors inside the compact canonical ctors, which read uninitialized fields.Closed issues: #2283, #3503, #5210, #5289, #5548, #5548, #5554, #5609, #5614, #5656
Full changelog: google/error-prone@v2.48.0...v2.49.0
v2.48.0: Error Prone 2.48.0Changes:
@-files) (8e84edf)New checks:
AvoidValueSetterUnnecessarySemicolonClosed issues: #5529, #5537, #5522, #5521
Full changelog: google/error-prone@v2.47.0...v2.48.0
v2.47.0: Error Prone 2.47.0New checks:
InterruptedInCatchBlock: Detect accidental calls toThread.interrupted()inside ofcatch(InterruptedException e)blocks.RefactorSwitch: Refactorings to simplify arrow switchesUnnamedVariable: Rename unused variables to_Closed issues: #1811, #4168, #5459, #5460
Full changelog: google/error-prone@v2.46.0...v2.47.0
v2.46.0: Error Prone 2.46.0Changes:
-XDaddTypeAnnotationsToSymbol=trueis now required for Error Prone invocations on JDK 21, to enable the javac fix for JDK-8225377: type annotations are not visible to javac plugins across compilation boundaries. See #5426 for details.valueattribute from@IncompatibleModifiersand@RequiredModifiers(#2122)EndPosTable,DiagnosticPosition) (5440bb4,06c2905,f3915ec)New checks:
DuplicateAssertion: detect duplicated assertion lines where the argument toassertThatis pureIfChainToSwitch: suggest converting chains of if-statements into arrow switchesScannerUseDelimiter: discourageScanner.useDelimiter("\\A")AddNullMarkedToClass: refactoring to add@NullMarkedannotation to top level classesFull changelog: google/error-prone@v2.45.0...v2.46.0
v2.45.0: Error Prone 2.45.0Changes:
New checks:
AssertSameIncompatible: Detect calls toassertSameand similar assertions, where the calls are guaranteed to either succeed or fail.FormatStringShouldUsePlaceholders: Suggests using a format string instead of string concatenation operations on format methodsClosed issues: #5335
Full changelog: google/error-prone@v2.44.0...v2.45.0
v2.44.0: Error Prone 2.44.0Changes
LabelledBreakTargetis now an errorClosed issues: #5218, #5278
Full changelog: google/error-prone@v2.43.0...v2.44.0
v2.43.0: Error Prone 2.43.0The minimum supported JDK version to run Error Prone is now JDK 21 (#4867).
Changes:
-XepPatchChecksnow skips disabled checks (#4943)AndroidJdkLibsCheckerhas been removed, the recommended replacement for Android code is Android Lint's NewApi checkNew checks:
NullNeedsCastForVarargs: Detect calls that incorrectly passes anullarray instead of anullelement.RedundantNullCheck: detect checks on expressions that are non-null.Closed issues: #4943, #5102, #5107, #5121, #5158, #5217, #5239
Full changelog: google/error-prone@v2.42.0...v2.43.0
v2.42.0: Error Prone 2.42.0New checks:
ExplicitArrayForVarargs: discourage unnecessary explicit construction of an array to provide varargs.FloggerPerWithoutRateLimit: discourage Flogger'sperUniquewithout rate limitingStringJoin: BanString.join(CharSequence)andString.join(CharSequence, CharSequence)ThreadBuilderNameWithPlaceholder: Do not allow placeholders inThread.Builder.name(String)orname(String, int).Changes:
ASTHelpers.asFlagSethas changed. The previous type wasEnumSet<Flags.Flag>, whereFlags.Flagis an enum in the javac classFlags. A recent JDK change has replaced that enum with a new top-level enum calledFlagsEnum. It is not possible to changeASTHelpers.asFlagSetin a way that would be type-safe and compatible with the enums from JDKs both before and after the change. Instead, the method now returnsImmutableSet<String>, where the strings come from thetoString()of the enum constants. That means they are"native","abstract", etc.IO.print[ln]()inSystemOut.Full changelog: google/error-prone@v2.41.0...v2.42.0
v2.41.0: Error Prone 2.41.0New checks:
publicorprotectedmodifiers, but are effectively privateChanges:
Full changelog: google/error-prone@v2.40.0...v2.41.0
v2.40.0: Error Prone 2.40.0Changes:
Full changelog: google/error-prone@v2.39.0...v2.40.0
v2.39.0: Error Prone 2.39.0Changes:
Checks:
BooleanLiteral: PrefertruetoBoolean.TRUEExpensiveLenientFormatString: Renamed fromPreconditionsExpensiveString, detects unnecessary calls toString.formatin the arguments of lenient formatting methods.UnnecessaryQualifier: Detects@Qualifieror@BindingAnnotationannotations that have no effect, and can be removedIssues: #4996, #5045
Full changelog: google/error-prone@v2.38.0...v2.39.0
v2.38.0: Error Prone 2.38.0New checks:
AddNullMarkedToPackageInfo: adds@org.jspecify.annotations.NullMarkedannotation to package-info filesIntLiteralCast: Suggests a literal of the desired type instead of casting an int literal to a long, float, or doubleMisleadingEmptyVarargs: Discourages calling varargs methods that expect at least one argument with no arguments, like Mockito'sthenThrowPreconditionsExpensiveString: Discourages expensive string formatting in GuavaPreconditionschecksSelfSet: Detects mistakes likeproto.setFoo(proto.getFoo())UnnecessaryCopy: detect unnecessary copies of proto Lists and Maps.Closed issues: #4924, #4897, #4995
Full changelog: google/error-prone@v2.37.0...v2.38.0
v2.37.0: Error Prone 2.37.0Changes:
error_prone_type_annotationshave been been merged intoerror_prone_annotations.error_prone_type_annotationsis now deprecated, and will be removed in a future release.New checks:
AssignmentExpression- The use of an assignment expression can be surprising and hard to read; consider factoring out the assignment to a separate statement.IntFloatConversion- Detect calls toscalbthat should be using the double overload insteadInvalidSnippet- Detects snippets which omit the:required for inline code.JUnit4EmptyMethods- Detects empty JUnit4@Before,@After,@BeforeClass, and@AfterClassmethods.MockIllegalThrows- Detects cases where Mockito is configured to throw checked exception types which are impossible.NegativeBoolean- Prefer positive boolean names.RuleNotRun- DetectsTestRules not annotated with@Rule, that won't be run.StringConcatToTextBlock- Replaces concatenated multiline strings with text blocks.TimeInStaticInitializer- Detects accesses of the system time in static contexts.Closed issues:
@InlineMepatching ofStrings.repeatproduces broken code (#4819)_) variables (#4847)Full changelog: google/error-prone@v2.36.0...v2.37.0
v2.36.0: Error Prone 2.36.0Changes:
ErrorProneScannerfor AST nodes introduced after Java 11 (e5fd194)d67bc15)--should-stop=ifError=FLOWis set when using the-Xpluginintegration (e71db1f)New checks:
DuplicateBranches: Discourage conditional expressions and if statements where both branches are the sameRedundantControlFlow: Reports redundantcontinuestatements.Closed issues: #4633, #4646
Full changelog: google/error-prone@v2.35.1...v2.36.0
v2.35.1: Error Prone 2.35.1Error Prone's dependency on protobuf has been downgraded to 3.25.5 for this release.
Version 3.25.5 of protobuf still fixes CVE-2024-7254. This release is provided for users who aren't ready to update to 4.x, see also #4584 and #4634. Future versions of Error Prone will upgrade back to protobuf 4.x.
Full changelog: google/error-prone@v2.35.0...v2.35.1
v2.35.0: Error Prone 2.35.0Changes:
\sbefore the trailing delimiter inMisleadingEscapedSpaceTimeUnitMismatchimprovements: handle binary trees, consider trees likefooSeconds * 1000to have units of millisNew checks:
JavaDurationGetSecondsToToSeconds: Preferduration.toSeconds()overduration.getSeconds()Full changelog: google/error-prone@v2.34.0...v2.35.0
v2.34.0: Error Prone 2.34.0Changes:
--should-stop=ifError=FLOWis now required when running Error Prone (#4595)MemberNamecheck was renamed toIdentifierNameNew checks:
FutureTransformAsync: The usage of transformAsync is not necessary when all the return values of the transformation function are immediate futures.MisformattedTestData: Reformats Java source code inside Error Prone test cases.MisleadingEscapedSpace: Using\sanywhere except at the end of a line in a text block is potentially misleading.ThrowIfUncheckedKnownUnchecked:throwIfUnchecked(knownUnchecked)is equivalent tothrow knownUnchecked.Closed issues: #4595, #4598, #4620
Full changelog: google/error-prone@v2.33.0...v2.34.0
v2.33.0: Error Prone 2.33.0Similar to release 2.32.0, the minimum supported JDK version to run Error Prone is JDK 17 (#3803). Using Error Prone to compile code that is deployed to earlier versions is still fully supported, but will require using JDK 17 or newer for compilation and setting
--releaseor-source/-target/-bootclasspath.Changes:
New checks:
ArrayRecordComponent: Record components should not be arrays.Full changelog: google/error-prone@v2.32.0...v2.33.0
v2.32.0: Error Prone 2.32.0The minimum support JDK version to run Error Prone is now JDK 17 (#3803).
Using Error Prone to compile code that is deployed to earlier versions is still fully supported, but will requires using JDK 17 or newer for compilation and setting
--releaseor-source/-target/-bootclasspath.Full changelog: google/error-prone@v2.31.0...v2.32.0
spotbugs/spotbugs (com.github.spotbugs:spotbugs-annotations)
v4.10.2Compare Source
Build
v4.10.1Compare Source
Build
v4.9.8Compare Source
Fixed
v4.9.7Compare Source
Fixed
FindNakedNotifyto handle the case when the lock is loaded from a field (#3634)Changed
Deprecated
edu.umd.cs.findbugs.io.IO.close(InputStream)method. (#3756)Build
v4.9.6Compare Source
Fixed
jakarta.servlet.http.HttpServletRequestmethod calls (#3711)v4.9.5Compare Source
Fixed
Configuration
📅 Schedule: (UTC)
* * * * *)🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Renovate Bot