dependabot[bot] opened a new pull request, #630:
URL: https://github.com/apache/poi/pull/630
Bumps [com.google.guava:guava](https://github.com/google/guava) from
32.1.1-jre to 33.2.0-jre.
Release notes
Sourced from https://github.com/google/guava/releases";>com.google.guava:guava's
releases.
33.1.0
Request for Android users
If you know of Guava Android users who have not yet upgraded to at least
the previous release https://github.com/google/guava/releases/tag/v33.0.0";>33.0.0, please
encourage them to do so. Starting with that version, we are experimenting with
including Java 8+ APIs in guava-android. Before we commit to
adding such APIs, we want as much testing as we can get: If we later expose a
set of Java 8+ APIs and then discover that they break users, we won't want to
remove them, as the removal would break users, too.
Maven
com.google.guava
guava
33.1.0-jre
33.1.0-android
Jar files
https://repo1.maven.org/maven2/com/google/guava/guava/33.1.0-jre/guava-33.1.0-jre.jar";>33.1.0-jre.jar
https://repo1.maven.org/maven2/com/google/guava/guava/33.1.0-android/guava-33.1.0-android.jar";>33.1.0-android.jar
Guava requires https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies";>one
runtime dependency, which you can download here:
https://repo1.maven.org/maven2/com/google/guava/failureaccess/1.0.1/failureaccess-1.0.1.jar";>failureaccess-1.0.1.jar
Javadoc
http://guava.dev/releases/33.1.0-jre/api/docs/";>33.1.0-jre
http://guava.dev/releases/33.1.0-android/api/docs/";>33.1.0-android
JDiff
http://guava.dev/releases/33.1.0-jre/api/diffs/";>33.1.0-jre vs.
33.0.0-jre
http://guava.dev/releases/33.1.0-android/api/diffs/";>33.1.0-android vs.
33.0.0-android
http://guava.dev/releases/33.1.0-android/api/androiddiffs/";>33.1.0-android
vs. 33.1.0-jre
Changelog
Updated our Error Prone dependency to 2.26.1, which includes a
JPMS-ready jar of annotations. If you use the Error Prone annotations in a
modular build of your own code, you may need to https://github.com/google/error-prone/releases/tag/v2.26.1";>add a
requires line for them. (d48c6dfbb8,
c6e91c498ced26631029d1bdfdb9154d4a217368)
base: Added a Duration overload for
Suppliers.memoizeWithExpiration. (76e46ec35b)
base: Deprecated the remaining two overloads of
Throwables.propagateIfPossible. They won't be deleted, but we
recommend migrating off them. (cf86414a87)
cache: Fixed a bug that could cause https://redirect.github.com/google/guava/pull/6851#issuecomment-1931276822";>false
"recursive load" reports during refresh. (0e1aebf73e)
graph: Changed the return types of
transitiveClosure() and reachableNodes() to
Immutable* types. reachableNodes() already returned
an immutable object (even though that was not reflected in the declared return
type); transitiveClosure() used to return a mutable object. The
old signatures remain available, so this change does not break binary
compatibility. (09e655f6c1)
graph: Changed the behavior of views returned by graph
accessor methods that take a graph element as input: They now throw
IllegalStateException when that element is removed from the graph.
(8dca776341)
hash: Optimized Checksum-based hash functions
for Java 9+. (afb35a5d1b)
testing: Exposed FakeTicker
Duration methods to Android users. (f346bbb6a7)
util.concurrent: Deprecated the constructors of
UncheckedExecutionException and ExecutionError that
don't accept a cause. We won't remove these constructors, but we recommend
migrating off them, as users of those classes often assume that instances will
contain a cause. (1bb3c4386b)
util.concurrent: Improved the correctness of racy accesses
for J2ObjC users. (d3232b71ce)
... (truncated)
Commits
See full diff in https://github.com/google/guava/commits";>compare view
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that
hav
