dependabot[bot] opened a new pull request, #569: URL: https://github.com/apache/santuario-xml-security-java/pull/569
Bumps [com.google.errorprone:error_prone_core](https://github.com/google/error-prone) from 2.42.0 to 2.47.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google/error-prone/releases";>com.google.errorprone:error_prone_core's releases</a>.</em></p> <blockquote> <h2>Error Prone 2.47.0</h2> <p>New checks:</p> <ul> <li><a href="https://errorprone.info/bugpattern/InterruptedInCatchBlock";><code>InterruptedInCatchBlock</code></a>: Detect accidental calls to <code>Thread.interrupted()</code> inside of <code>catch(InterruptedException e)</code> blocks.</li> <li><a href="https://errorprone.info/bugpattern/RefactorSwitch";><code>RefactorSwitch</code></a>: Refactorings to simplify arrow switches</li> <li><a href="https://errorprone.info/bugpattern/UnnamedVariable";><code>UnnamedVariable</code></a>: Rename unused variables to <code>_</code></li> </ul> <p>Closed issues: <a href="https://redirect.github.com/google/error-prone/issues/1811";>#1811</a>, <a href="https://redirect.github.com/google/error-prone/issues/4168";>#4168</a>, <a href="https://redirect.github.com/google/error-prone/issues/5459";>#5459</a>, <a href="https://redirect.github.com/google/error-prone/issues/5460";>#5460</a></p> <p>Full changelog: <a href="https://github.com/google/error-prone/compare/v2.46.0...v2.47.0";>https://github.com/google/error-prone/compare/v2.46.0...v2.47.0</a></p> <h2>Error Prone 2.46.0</h2> <p>Changes:</p> <ul> <li>The javac flag <code>-XDaddTypeAnnotationsToSymbol=true</code> is now required for Error Prone invocations on JDK 21, to enable the javac fix for <a href="https://bugs.openjdk.org/browse/JDK-8225377";>JDK-8225377: type annotations are not visible to javac plugins across compilation boundaries</a>. See <a href="https://redirect.github.com/google/error-prone/issues/5426";>google/error-prone#5426</a> for details.</li> <li>Remove deprecated <code>value</code> attribute from <code>@IncompatibleModifiers</code> and <code>@RequiredModifiers</code> (<a href="https://redirect.github.com/google/error-prone/issues/2122";>google/error-prone#2122</a>)</li> <li>Error Prone API changes to encapsulate references to internal javac APIs for end position handling (<code>EndPosTable</code>, <code>DiagnosticPosition</code>) (<a href="https://github.com/google/error-prone/commit/5440bb4bcd9d3455a131d863b09f71cfea8a346b";>https://github.com/google/error-prone/commit/5440bb4bcd9d3455a131d863b09f71cfea8a346b</a>, <a href="https://github.com/google/error-prone/commit/06c2905e03ade5e1564b5c67d44e2e34bfe5b8e4";>https://github.com/google/error-prone/commit/06c2905e03ade5e1564b5c67d44e2e34bfe5b8e4</a>, <a href="https://github.com/google/error-prone/commit/f3915ec322fa7f190c670f6a30bd476f463d8967";>https://github.com/google/error-prone/commit/f3915ec322fa7f190c670f6a30bd476f463d8967</a>)</li> </ul> <p>New checks:</p> <ul> <li><a href="https://errorprone.info/bugpattern/DuplicateAssertion";><code>DuplicateAssertion</code></a>: detect duplicated assertion lines where the argument to <code>assertThat</code> is pure</li> <li><a href="https://errorprone.info/bugpattern/IfChainToSwitch";><code>IfChainToSwitch</code></a>: suggest converting chains of if-statements into arrow switches</li> <li><a href="https://errorprone.info/bugpattern/ScannerUseDelimiter";><code>ScannerUseDelimiter</code></a>: discourage <code>Scanner.useDelimiter("\\A")</code></li> <li><a href="https://errorprone.info/bugpattern/AddNullMarkedToClass";><code>AddNullMarkedToClass</code></a>: refactoring to add <code>@NullMarked</code> annotation to top level classes</li> </ul> <p>Full changelog: <a href="https://github.com/google/error-prone/compare/v2.45.0...v2.46.0";>https://github.com/google/error-prone/compare/v2.45.0...v2.46.0</a></p> <h2>Error Prone 2.45.0</h2> <p>Changes:</p> <ul> <li>Improved compatibility with latest JDK 26 EA builds.</li> </ul> <p>New checks:</p> <ul> <li><a href="https://errorprone.info/bugpattern/AssertSameIncompatible";><code>AssertSameIncompatible</code></a>: Detect calls to <code>assertSame</code> and similar assertions, where the calls are guaranteed to either succeed or fail.</li> <li><a href="https://errorprone.info/bugpattern/FormatStringShouldUsePlaceholders";><code>FormatStringShouldUsePlaceholders</code></a>: Suggests using a format string instead of string concatenation operations on format methods</li> </ul> <p>Closed issues: <a href="https://redirect.github.com/google/error-prone/issues/5335";>#5335</a></p> <p>Full changelog: <a href="https://github.com/google/error-prone/compare/v2.44.0...v2.45.0";>https://github.com/google/error-prone/compare/v2.44.0...v2.45.0</a></p> <h2>Error Prone 2.44.0</h2> <p>Changes</p> <ul> <li>The default severity for <a href="https://errorprone.info/bugpattern/LabelledBreakTarget";><code>LabelledBreakTarget</code></a> is now an error</li> <li>Update dependency on Guava (<a href="https://redirect.github.com/google/error-prone/issues/5108";>#5108</a>)</li> </ul> <p>Closed issues: <a href="https://redirect.github.com/google/error-prone/issues/5218";>#5218</a>, <a href="https://redirect.github.com/google/error-prone/issues/5278";>#5278</a></p> <p>Full changelog: <a href="https://github.com/google/error-prone/compare/v2.43.0...v2.44.0";>https://github.com/google/error-prone/compare/v2.43.0...v2.44.0</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google/error-prone/commit/afa2d04b51099e466863b0051fa05b48971ac757";><code>afa2d04</code></a> Release Error Prone 2.47.0</li> <li><a href="https://github.com/google/error-prone/commit/bc9618a8ac4e4a6e5e06ff9ada2f16a476262cc6";><code>bc9618a</code></a> [IfChainToSwitch] when safe mode is enabled, don't reorder cases because this...</li> <li><a href="https://github.com/google/error-prone/commit/6cbafd3741ed8eedb778a28d412f3e4dcb5c841a";><code>6cbafd3</code></a> Remove the <code>TypeCompatibility:UseCapture</code> flag.</li> <li><a href="https://github.com/google/error-prone/commit/2b5284fe185e5293e9fe36c7b3c39c9c0c35b147";><code>2b5284f</code></a> [IfChainToSwitch] Add new flag for safe mode, and emit null-handling logic wh...</li> <li><a href="https://github.com/google/error-prone/commit/7d8cdfeac946923c85a430f06ffa364e973e9e44";><code>7d8cdfe</code></a> Prepare for javac API changes to AST end positions</li> <li><a href="https://github.com/google/error-prone/commit/bd5f6ca66a1f884220ab0bb13c4d06385eddad3d";><code>bd5f6ca</code></a> PUBLIC: Add obsolete APIs from Apache's <code>IOUtils</code> to <code>JdkObsolete</code>.</li> <li><a href="https://github.com/google/error-prone/commit/19dddd8cfddcba7914145369a4a899b4ce0800ae";><code>19dddd8</code></a> PUBLIC: Flag obsolete <code>Scanner</code> constructors in <code>JdkObsolete</code>.</li> <li><a href="https://github.com/google/error-prone/commit/ab4e7bd6939b92ecb22875a644a1ec7d238ba411";><code>ab4e7bd</code></a> Improve diagnostic message for unused parameters that are reassigned.</li> <li><a href="https://github.com/google/error-prone/commit/0aaf5764243bce761e56b7b5cb1f826e1dac47a4";><code>0aaf576</code></a> Clean up VariableNameSameAsType</li> <li><a href="https://github.com/google/error-prone/commit/795015f32271b5f6313f1c97a4fcd2959d2fa572";><code>795015f</code></a> PUBLIC: add <code>Formatter</code> and <code>Properties</code> APIs that use a <code>String</code> to represen...</li> <li>Additional commits viewable in <a href="https://github.com/google/error-prone/compare/v2.42.0...v2.47.0";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
