[pull] master from google:master #121

pull · 2023-03-15T01:01:21Z

See Commits and Changes for more details.

Can you help keep this open source service alive? 💖 Please sponsor : )

RELNOTES=Null-mark Truth PiperOrigin-RevId: 516515683

This reduces confusion with `java.lang.Record`. RELNOTES=n/a PiperOrigin-RevId: 516531543

Adds the [community-maintained Bazel JUnit 5 test runner](https://github.com/bazel-contrib/rules_jvm#java_junit5_test) to the list of test framework packages to collapse or strip from stack traces. Fixes #1085 COPYBARA_INTEGRATE_REVIEW=#1085 from fmeum:patch-1 4ad5659 PiperOrigin-RevId: 516547070

RELNOTES=n/a PiperOrigin-RevId: 516628548

(Compare similar work for Guava in cl/399190627.) This fixes the temporary open-source GWT breakage from cl/509884555. Tested: > I compared the resulting GWT jar and source and Javadoc jars (`source:jar javadoc:jar`) at this CL and at a recent CL. The only differences (aside from the change to nullness annotations and the move of many files to `super`, as discussed in a comment in `pom.xml`) appear to be: > - The new GWT jar contains `Expect` and `ClassSubject`. That happened because I took this opportunity to clean up some stale exclusions: Those classes are safe to include in the GWT jar because they are annotated with `@GwtIncompatible` (and thus they are ignored by GWT, anyway). > - The new GWT and source jars contain the generated `AutoValue_*.java` classes... unless that's somehow an artifact or some other recent change to Truth? It should be harmless: It may be _helpful_ for people who want to browse the source jars (and maybe helpful or maybe unhelpful for people who are trying to compile them), and it is harmless for GWT because the generated classes are annotated with `@GwtIncompatible` (which we did because we had a similar issue internally, IIRC). > > I had also done with testing with Guava's GWT tests against a locally deployed snapshot release of Truth, but I concluded that that doesn't prove a whole lot, since "run Guava's GWT tests" currently means only "run some unclear amount of GWT compilation." Notably, removing the `@GwtIncompatible` annotation from `ClassSubject` didn't break anything, nor did _adding_ `@GwtIncompatible` to `Subject`.... RELNOTES=n/a PiperOrigin-RevId: 516908923

…, including by using lambdas more now that Truth generates Java 8 bytecode. We still avoid using actual Java 8 APIs, like `Comparators.comparing`, since those aren't universally available under Android. (Exception: We do use a Java 8 API in ProtoTruth (well, in its tests), which already doesn't run under Android.) There is much more that could be done, so I tried to limit myself mostly to changes that tools would make automatically for me. RELNOTES=n/a PiperOrigin-RevId: 517496125

This includes enabling errors for `unchecked` and `rawtypes` warnings in our internal build. RELNOTES=n/a PiperOrigin-RevId: 518580371

This includes enabling errors for `unchecked` and `rawtypes` warnings in our internal build. PiperOrigin-RevId: 518650538

This resolves some [`AssertionFailureIgnored`](https://errorprone.info/bugpattern/AssertionFailureIgnored) findings, and it provides the usual [additional testing that comes with `ExpectFailure`](https://truth.dev/ExpectFailure). PiperOrigin-RevId: 518857380

…at and API. RELNOTES=n/a PiperOrigin-RevId: 518892319

- Don't let users declare `class FooSubject extends ComparableSubject<Foo>` if `Foo` is a raw type. (But, as [the tests show](https://github.com/google/truth/blob/f1f0a9aad6e8fb4f5d68ad2e5850a2c5ca2478fa/core/src/test/java/com/google/common/truth/ComparableSubjectTest.java#L221), you can still write `Truth.assertThat(foo).isLessThan(...)` and similar for a raw type `Foo`.) - Don't let users pass a null value to `isGreaterThan` and similar. `null` is forbidden by the contract of `compareTo`, but some implementation may have tried to support it anyway. Anyone who wants to test `compareTo` should be using `ComparatorTester`, anyway, not `isGreaterThan` and friends. (Compare [our policy on using `isEqualTo` (rather than `EqualsTester`) for testing `equals`](#268).) RELNOTES=n/a PiperOrigin-RevId: 518896343

…ctual)` instead of `assertThat(T actual)`. This might be a little silly to wory about, but I think it makes much clearer what the method is for when you're looking at a list of `assertThat` methods. Compare the Javadoc for `Truth.assertThat`, which this CL is changing, to the Javadoc for `StandardSubjectBuilder.that`, which has been using `ComparableT` for years (for exactly this reason): - https://truth.dev/Truth - https://truth.dev/StandardSubjectBuilder (Aside: All the appearances of fully qualified "java.lang.Boolean" and so forth are a shame....) RELNOTES=n/a PiperOrigin-RevId: 519240042

…ed-dependencies) (and sometimes update) GitHub actions versions. Compare google/guava#5984 RELNOTES=n/a PiperOrigin-RevId: 519822561

This includes enabling errors for `unchecked` and `rawtypes` warnings in our internal build. PiperOrigin-RevId: 519827824

Bumps [checker-qual](https://github.com/typetools/checker-framework) from 3.32.0 to 3.33.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/typetools/checker-framework/releases">checker-qual's releases</a>.</em></p> <blockquote> <h2>Checker Framework 3.33.0</h2> <h2>Version 3.33.0 (April 3, 2023)</h2> <p><strong>User-visible changes:</strong></p> <p>The new command-line argument <code>-AwarnRedundantAnnotations</code> warns about redundant annotations. With this flag, a warning is issued if an explicitly written annotation on a type is the same as the default annotation. This feature does not warn about all redundant annotations, only some.</p> <p>The Value Checker is cognizant of signedness annotations. This eliminates some false positive warnings.</p> <p><strong>Implementation details:</strong></p> <p>The Checker Framework no longer builds under JDK 8. However, you can still run the Checker Framework under JDK 8.</p> <p><strong>Closed issues:</strong></p> <p><a href="https://redirect.github.com/typetools/checker-framework/issues/3785">#3785</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5436">#5436</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5708">#5708</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5717">#5717</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5720">#5720</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5721">#5721</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5727">#5727</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5732">#5732</a>.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md">checker-qual's changelog</a>.</em></p> <blockquote> <h2>Version 3.33.0 (April 3, 2023)</h2> <p><strong>User-visible changes:</strong></p> <p>The new command-line argument <code>-AwarnRedundantAnnotations</code> warns about redundant annotations. With this flag, a warning is issued if an explicitly written annotation on a type is the same as the default annotation. This feature does not warn about all redundant annotations, only some.</p> <p>The Value Checker is cognizant of signedness annotations. This eliminates some false positive warnings.</p> <p><strong>Implementation details:</strong></p> <p>The Checker Framework no longer builds under JDK 8. However, you can still run the Checker Framework under JDK 8.</p> <p><strong>Closed issues:</strong></p> <p><a href="https://redirect.github.com/typetools/checker-framework/issues/3785">#3785</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5436">#5436</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5708">#5708</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5717">#5717</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5720">#5720</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5721">#5721</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5727">#5727</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5732">#5732</a>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/typetools/checker-framework/commit/0ed62fc21e930b611ce3100b21e4817cc432846f"><code>0ed62fc</code></a> new release 3.33.0</li> <li><a href="https://github.com/typetools/checker-framework/commit/db8eae9a04cbc7cacc76ac0e82243eab1f3bf013"><code>db8eae9</code></a> Update to Stubparser to version 3.25.2. (<a href="https://redirect.github.com/typetools/checker-framework/issues/5740">#5740</a>)</li> <li><a href="https://github.com/typetools/checker-framework/commit/a4e2e41146dff4b8ae1dd4b4156316f20a19eec6"><code>a4e2e41</code></a> Prep for release.</li> <li><a href="https://github.com/typetools/checker-framework/commit/4998fe2eea2919d8f8c357b3e02df7103a39385e"><code>4998fe2</code></a> Note about Error Prone javac dependency (<a href="https://redirect.github.com/typetools/checker-framework/issues/5744">#5744</a>)</li> <li><a href="https://github.com/typetools/checker-framework/commit/d4ff506f4b77bb2c031812909ee273767c4d6a17"><code>d4ff506</code></a> Erase types in <code>super()</code> signature when the super type is raw</li> <li><a href="https://github.com/typetools/checker-framework/commit/315cb03820c079a12e9cd1bbfec028030e327264"><code>315cb03</code></a> Revert update of the shadow plugin</li> <li><a href="https://github.com/typetools/checker-framework/commit/30a968e29b552228d78219b9e317d2fabffb07da"><code>30a968e</code></a> Test case for <a href="https://redirect.github.com/typetools/checker-framework/issues/5739">typetools/checker-framework#5739</a></li> <li><a href="https://github.com/typetools/checker-framework/commit/342041ff94ee3dcc92b2ededcd45dbc4027ea520"><code>342041f</code></a> Methods that return "void" cannot be pure, so -AsuggestPurity should not sugg...</li> <li><a href="https://github.com/typetools/checker-framework/commit/77f148934161318bb987c433611fe1228c023d02"><code>77f1489</code></a> Give full path to test files (<a href="https://redirect.github.com/typetools/checker-framework/issues/5735">#5735</a>)</li> <li><a href="https://github.com/typetools/checker-framework/commit/86121890826509d60709fd99999db5e3299f20ca"><code>8612189</code></a> RLC should treat calls to methods with <a href="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/Owning"><code>@Owning</code></a> parameters as if they call the...</li> <li>Additional commits viewable in <a href="https://github.com/typetools/checker-framework/compare/checker-framework-3.32.0...checker-framework-3.33.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.checkerframework:checker-qual&package-manager=maven&previous-version=3.32.0&new-version=3.33.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1102 COPYBARA_INTEGRATE_REVIEW=#1102 from google:dependabot/maven/org.checkerframework-checker-qual-3.33.0 add0af2 PiperOrigin-RevId: 521752450

Bumps asm from 9.4 to 9.5. [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.ow2.asm:asm&package-manager=maven&previous-version=9.4&new-version=9.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1097 COPYBARA_INTEGRATE_REVIEW=#1097 from google:dependabot/maven/org.ow2.asm-asm-9.5 a347873 PiperOrigin-RevId: 522114152

(followup to cl/518896343, motivated by helping J2KT) RELNOTES=n/a PiperOrigin-RevId: 522114674

RELNOTES=n/a PiperOrigin-RevId: 522338171

Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.0 to 3.5.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v3.5.1</h2> <h2>What's Changed</h2> <ul> <li>Improve checkout performance on Windows runners by upgrading <code>@actions/github</code> dependency by <a href="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/BrettDong"><code>@BrettDong</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1246">actions/checkout#1246</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="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/BrettDong"><code>@BrettDong</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1246">actions/checkout#1246</a></li> <li><a href="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/fhammerl"><code>@fhammerl</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1284">actions/checkout#1284</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v3.5.0...v3.5.1">https://github.com/actions/checkout/compare/v3.5.0...v3.5.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v3.5.1</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix slow checkout on Windows</a></li> </ul> <h2>v3.5.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add new public key for known_hosts</a></li> </ul> <h2>v3.4.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade codeql actions to v2</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade dependencies</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade <code>@actions/io</code></a></li> </ul> <h2>v3.3.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1045">Implement branch list using callbacks from exec function</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1050">Add in explicit reference to private checkout options</a></li> <li>[Fix comment typos (that got added in <a href="https://redirect.github.com/actions/checkout/issues/770">#770</a>)](<a href="https://redirect.github.com/actions/checkout/pull/1057">actions/checkout#1057</a>)</li> </ul> <h2>v3.2.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/942">Add GitHub Action to perform release</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/967">Fix status badge</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1002">Replace datadog/squid with ubuntu/squid Docker image</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/964">Wrap pipeline commands for submoduleForeach in quotes</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1029">Update <code>@actions/io</code> to 1.1.2</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1039">Upgrading version to 3.2.0</a></li> </ul> <h2>v3.1.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/939">Use <code>@actions/core</code> <code>saveState</code> and <code>getState</code></a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/922">Add <code>github-server-url</code> input</a></li> </ul> <h2>v3.0.2</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/770">Add input <code>set-safe-directory</code></a></li> </ul> <h2>v3.0.1</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/762">Fixed an issue where checkout failed to run in container jobs due to the new git setting <code>safe.directory</code></a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/744">Bumped various npm package versions</a></li> </ul> <h2>v3.0.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/689">Update to node 16</a></li> </ul> <h2>v2.3.1</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/284">Fix default branch resolution for .wiki and when using SSH</a></li> </ul> <h2>v2.3.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/278">Fallback to the default branch</a></li> </ul> <h2>v2.2.0</h2>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/83b7061638ee4956cf7545a6f7efe594e5ad0247"><code>83b7061</code></a> Release v3.5.1 (<a href="https://redirect.github.com/actions/checkout/issues/1284">#1284</a>)</li> <li><a href="https://github.com/actions/checkout/commit/40a16ebeed7da831425b665e600750cb36b38d06"><code>40a16eb</code></a> Improve checkout performance on Windows runners by upgrading <code>@actions/github</code> ...</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/8f4b7f84864484a7bf31766abe9204da3cbe65b3...83b7061638ee4956cf7545a6f7efe594e5ad0247">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3.5.0&new-version=3.5.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1108 COPYBARA_INTEGRATE_REVIEW=#1108 from google:dependabot/github_actions/actions/checkout-3.5.1 1210e3f PiperOrigin-RevId: 523989230

Bumps [protobuf-java](https://github.com/protocolbuffers/protobuf) from 3.22.2 to 3.22.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/protocolbuffers/protobuf/commit/482156c0f96dd670b9f1ba4f946e66edeb04535f"><code>482156c</code></a> Updating version.json and repo version numbers to: 22.3</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/69776b0b0e217cc34f06c137c26ba7e2652e9f8b"><code>69776b0</code></a> Merge pull request <a href="https://redirect.github.com/protocolbuffers/protobuf/issues/12457">#12457</a> from deannagarcia/updateDep</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/553422572d6b1b0708f17d7fdb280957f9ff5e1d"><code>5534225</code></a> Update UPB dep</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/21b4fd581f236c38bd2f00f667b1fade0da266f3"><code>21b4fd5</code></a> Merge pull request <a href="https://redirect.github.com/protocolbuffers/protobuf/issues/12453">#12453</a> from protocolbuffers/deannagarcia-patch-5</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/f51da1fe664ad4e76a0238b7ddbf78bb72fb0d8b"><code>f51da1f</code></a> Fix .gitmodules to use the correct absl branch</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/5ddb1fc609d2416e8575c9e7435c608222c2edb2"><code>5ddb1fc</code></a> Remove ODR violation from WKT codegen (<a href="https://redirect.github.com/protocolbuffers/protobuf/issues/12406">#12406</a>) (<a href="https://redirect.github.com/protocolbuffers/protobuf/issues/12419">#12419</a>)</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/f1c7820c9bd0e31f8b7d091092851441ad2716b6"><code>f1c7820</code></a> Suppress -Wunused-parameter warning for GCC and clang. (<a href="https://redirect.github.com/protocolbuffers/protobuf/issues/12355">#12355</a>)</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/58ecf38aa521ba812a0c1a0ae9f108dd311c739c"><code>58ecf38</code></a> Merge pull request <a href="https://redirect.github.com/protocolbuffers/protobuf/issues/12303">#12303</a> from protocolbuffers/deannagarcia-patch-4</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/cb009b29fad4ec5080e9d6e92f1e40758f87f861"><code>cb009b2</code></a> Merge pull request <a href="https://redirect.github.com/protocolbuffers/protobuf/issues/12301">#12301</a> from mkruskal-google/cmake-fix</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/6e624e4f6bfd1a4508314ce6905fd554015cfc72"><code>6e624e4</code></a> Add codespell exceptions</li> <li>Additional commits viewable in <a href="https://github.com/protocolbuffers/protobuf/compare/v3.22.2...v3.22.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.google.protobuf:protobuf-java&package-manager=maven&previous-version=3.22.2&new-version=3.22.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1109 COPYBARA_INTEGRATE_REVIEW=#1109 from google:dependabot/maven/com.google.protobuf-protobuf-java-3.22.3 365f579 PiperOrigin-RevId: 523989402

Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.1 to 3.5.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v3.5.2</h2> <h2>What's Changed</h2> <ul> <li>Fix: Use correct API url / endpoint in GHES by <a href="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/fhammerl"><code>@fhammerl</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1289">actions/checkout#1289</a> based on <a href="https://redirect.github.com/actions/checkout/issues/1286">#1286</a> by <a href="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/1newsr"><code>@1newsr</code></a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v3.5.1...v3.5.2">https://github.com/actions/checkout/compare/v3.5.1...v3.5.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v3.5.2</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix api endpoint for GHES</a></li> </ul> <h2>v3.5.1</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix slow checkout on Windows</a></li> </ul> <h2>v3.5.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add new public key for known_hosts</a></li> </ul> <h2>v3.4.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade codeql actions to v2</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade dependencies</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade <code>@actions/io</code></a></li> </ul> <h2>v3.3.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1045">Implement branch list using callbacks from exec function</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1050">Add in explicit reference to private checkout options</a></li> <li>[Fix comment typos (that got added in <a href="https://redirect.github.com/actions/checkout/issues/770">#770</a>)](<a href="https://redirect.github.com/actions/checkout/pull/1057">actions/checkout#1057</a>)</li> </ul> <h2>v3.2.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/942">Add GitHub Action to perform release</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/967">Fix status badge</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1002">Replace datadog/squid with ubuntu/squid Docker image</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/964">Wrap pipeline commands for submoduleForeach in quotes</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1029">Update <code>@actions/io</code> to 1.1.2</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1039">Upgrading version to 3.2.0</a></li> </ul> <h2>v3.1.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/939">Use <code>@actions/core</code> <code>saveState</code> and <code>getState</code></a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/922">Add <code>github-server-url</code> input</a></li> </ul> <h2>v3.0.2</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/770">Add input <code>set-safe-directory</code></a></li> </ul> <h2>v3.0.1</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/762">Fixed an issue where checkout failed to run in container jobs due to the new git setting <code>safe.directory</code></a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/744">Bumped various npm package versions</a></li> </ul> <h2>v3.0.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/689">Update to node 16</a></li> </ul> <h2>v2.3.1</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/284">Fix default branch resolution for .wiki and when using SSH</a></li> </ul> <h2>v2.3.0</h2>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/8e5e7e5ab8b370d6c329ec480221332ada57f0ab"><code>8e5e7e5</code></a> Release v3.5.2 (<a href="https://redirect.github.com/actions/checkout/issues/1291">#1291</a>)</li> <li><a href="https://github.com/actions/checkout/commit/eb35239ec22e9029a5be28f8c41e67452f615f0f"><code>eb35239</code></a> Fix: convert baseUrl to serverApiUrl 'formatted' (<a href="https://redirect.github.com/actions/checkout/issues/1289">#1289</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/83b7061638ee4956cf7545a6f7efe594e5ad0247...8e5e7e5ab8b370d6c329ec480221332ada57f0ab">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3.5.1&new-version=3.5.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1110 COPYBARA_INTEGRATE_REVIEW=#1110 from google:dependabot/github_actions/actions/checkout-3.5.2 b4f2913 PiperOrigin-RevId: 524276758

Bumps [maven-project-info-reports-plugin](https://github.com/apache/maven-project-info-reports-plugin) from 3.4.2 to 3.4.3. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/116c9451d2ffe3f9fad9e483dd32ddb79539a830"><code>116c945</code></a> [maven-release-plugin] prepare release maven-project-info-reports-plugin-3.4.3</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/7413f532d5e245bed28014ccbddf4dfdc8c5c9c8"><code>7413f53</code></a> [MPIR-433] Bump bcel from 6.5.0 to 6.6.0 (<a href="https://redirect.github.com/apache/maven-project-info-reports-plugin/issues/44">#44</a>)</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/bb4debdee32bee56bbca50058850617138a87589"><code>bb4debd</code></a> [MPIR-432] upgrade to parent POM 39 (<a href="https://redirect.github.com/apache/maven-project-info-reports-plugin/issues/46">#46</a>)</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/5757c0d48414d8a7c58cb790352738f65560ef35"><code>5757c0d</code></a> [MPIR-429] disable plugin processing when building projects</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/d6a6c9c52bbb6cfc3c1300273bbab771090178fe"><code>d6a6c9c</code></a> Fix jenkins URL</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/f2b6f7cb1b54649d56ed1eceb7cffed5a14c069f"><code>f2b6f7c</code></a> [maven-release-plugin] prepare for next development iteration</li> <li>See full diff in <a href="https://github.com/apache/maven-project-info-reports-plugin/compare/maven-project-info-reports-plugin-3.4.2...maven-project-info-reports-plugin-3.4.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-project-info-reports-plugin&package-manager=maven&previous-version=3.4.2&new-version=3.4.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1111 COPYBARA_INTEGRATE_REVIEW=#1111 from google:dependabot/maven/org.apache.maven.plugins-maven-project-info-reports-plugin-3.4.3 9ca27af PiperOrigin-RevId: 525150550

RELNOTES=n/a PiperOrigin-RevId: 527978251

@nonnull

Bumps [checker-qual](https://github.com/typetools/checker-framework) from 3.33.0 to 3.34.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/typetools/checker-framework/releases">checker-qual's releases</a>.</em></p> <blockquote> <h2>Checker Framework 3.34.0</h2> <h2>Version 3.34.0 (May 2, 2023)</h2> <p><strong>User-visible changes:</strong></p> <p>The Checker Framework runs under JDK 20 -- that is, it runs on a version 20 JVM.</p> <p>Explicit lambda parameters are defaulted the same as method parameters. For example, in <code>(String s) -> {...}</code> the type of <code>s</code> is <code>@nonnull String</code>.</p> <p><strong>Implementation details:</strong></p> <p>Renamings in <code>AnnotatedTypeFactory</code>:</p> <ul> <li><code>prepareCompilationUnitForWriting()</code> => <code>wpiPrepareCompilationUnitForWriting()</code></li> <li><code>prepareClassForWriting()</code> => <code>wpiPrepareClassForWriting()</code></li> <li><code>prepareMethodForWriting()</code> => <code>wpiPrepareMethodForWriting()</code> and changed its signature by adding two formal parameters</li> </ul> <p><strong>Closed issues:</strong> <a href="https://redirect.github.com/typetools/checker-framework/issues/803">#803</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5739">#5739</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5749">#5749</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5767">#5767</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5781">#5781</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5787">#5787</a>.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md">checker-qual's changelog</a>.</em></p> <blockquote> <h2>Version 3.34.0 (May 2, 2023)</h2> <p><strong>User-visible changes:</strong></p> <p>The Checker Framework runs under JDK 20 -- that is, it runs on a version 20 JVM.</p> <p>Explicit lambda parameters are defaulted the same as method parameters. For example, in <code>(String s) -> {...}</code> the type of <code>s</code> is <code>@nonnull String</code>.</p> <p><strong>Implementation details:</strong></p> <p>Renamings in <code>AnnotatedTypeFactory</code>:</p> <ul> <li><code>prepareCompilationUnitForWriting()</code> => <code>wpiPrepareCompilationUnitForWriting()</code></li> <li><code>prepareClassForWriting()</code> => <code>wpiPrepareClassForWriting()</code></li> <li><code>prepareMethodForWriting()</code> => <code>wpiPrepareMethodForWriting()</code> and changed its signature by adding two formal parameters</li> </ul> <p><strong>Closed issues:</strong> <a href="https://redirect.github.com/typetools/checker-framework/issues/803">#803</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5739">#5739</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5749">#5749</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5767">#5767</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5781">#5781</a>, <a href="https://redirect.github.com/typetools/checker-framework/issues/5787">#5787</a>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/typetools/checker-framework/commit/57959be01e466347748f6df06597ffbc7aaa1df9"><code>57959be</code></a> new release 3.34.0</li> <li><a href="https://github.com/typetools/checker-framework/commit/fd5713bcdbaf9329e979c0419306a06da1672f31"><code>fd5713b</code></a> Changed release date.</li> <li><a href="https://github.com/typetools/checker-framework/commit/ea0fca0ae6d539131750cd9bb850856ff1be3e39"><code>ea0fca0</code></a> Define <code>toStringVerbose()</code> (<a href="https://redirect.github.com/typetools/checker-framework/issues/5830">#5830</a>)</li> <li><a href="https://github.com/typetools/checker-framework/commit/afdd30af5c8698e8e708c243caef3178ee71baae"><code>afdd30a</code></a> Avoid ConcurrentModificationException (<a href="https://redirect.github.com/typetools/checker-framework/issues/5828">#5828</a>)</li> <li><a href="https://github.com/typetools/checker-framework/commit/a868d08a8706babf5eee8dcd82db2ccf14b9cebb"><code>a868d08</code></a> Fix link.</li> <li><a href="https://github.com/typetools/checker-framework/commit/b9d46b90b2b084509ccf41fc1634009c4a6f61ec"><code>b9d46b9</code></a> Revert updating shadown plugin.</li> <li><a href="https://github.com/typetools/checker-framework/commit/3d9b76564fd84273b2a9d392078b2bb908df4cd5"><code>3d9b765</code></a> Prep for release.</li> <li><a href="https://github.com/typetools/checker-framework/commit/58cea05940a081565065e88cd7bb956e6e869035"><code>58cea05</code></a> Documentation improvements (<a href="https://redirect.github.com/typetools/checker-framework/issues/5822">#5822</a>)</li> <li><a href="https://github.com/typetools/checker-framework/commit/9c9238af1d407d61e9b833aee8c9a5e350be002f"><code>9c9238a</code></a> Improve efficiency of <code>getPreconditionAnnotations()</code> and `getPostconditionAnn...</li> <li><a href="https://github.com/typetools/checker-framework/commit/5218e203eb61eb930a7ad46ede483a40a9dca819"><code>5218e20</code></a> Documentation for <code>checkMemberReferenceReceivers()</code> (<a href="https://redirect.github.com/typetools/checker-framework/issues/5819">#5819</a>)</li> <li>Additional commits viewable in <a href="https://github.com/typetools/checker-framework/compare/checker-framework-3.33.0...checker-framework-3.34.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.checkerframework:checker-qual&package-manager=maven&previous-version=3.33.0&new-version=3.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1113 COPYBARA_INTEGRATE_REVIEW=#1113 from google:dependabot/maven/org.checkerframework-checker-qual-3.34.0 900be58 PiperOrigin-RevId: 529089084

Bumps [protobuf-java](https://github.com/protocolbuffers/protobuf) from 3.22.3 to 3.22.4. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/protocolbuffers/protobuf/commit/40e1daca18708c21c7edf07c489a688355bd297b"><code>40e1dac</code></a> Updating version.json and repo version numbers to: 22.4</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/1cd98b9a6cfb67eb9e9cbbd226a0cdd5647e2c4a"><code>1cd98b9</code></a> Merge pull request <a href="https://redirect.github.com/protocolbuffers/protobuf/issues/12648">#12648</a> from deannagarcia/22.x</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/4683ec756c97e73c99219faade016cff68025cb9"><code>4683ec7</code></a> Update UPB dep</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/585583316e42a255202d8d567692a6c46d077a57"><code>5855833</code></a> Merge pull request <a href="https://redirect.github.com/protocolbuffers/protobuf/issues/12633">#12633</a> from deannagarcia/22.x</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/2399885f33479f1e8c92fe789107569388432ae6"><code>2399885</code></a> Fix merge</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/8c4152a7f3f4d72d790458de220568e9c4e65f5c"><code>8c4152a</code></a> Update abseil dependency and reorder dependencies to ensure we use the versio...</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/177411a88cc20f0663af5911e0575aaa4c2f820c"><code>177411a</code></a> Merge pull request <a href="https://redirect.github.com/protocolbuffers/protobuf/issues/12634">#12634</a> from acozzette/cherrypick-musttail-22</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/5381f405067b28920c7a8dd37b892ce55c654e29"><code>5381f40</code></a> Turn off <code>clang::musttail</code> on i386</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/8b81deb3b50d268fdbf2979bc0f7c906e128f38f"><code>8b81deb</code></a> Fix bug in _internal_copy_files where the rule would fail in downstream repos...</li> <li><a href="https://github.com/protocolbuffers/protobuf/commit/91d1bcbe40402269d240d0d90c128b65be6a80fa"><code>91d1bcb</code></a> Merge pull request <a href="https://redirect.github.com/protocolbuffers/protobuf/issues/12622">#12622</a> from deannagarcia/22.x</li> <li>Additional commits viewable in <a href="https://github.com/protocolbuffers/protobuf/compare/v3.22.3...v3.22.4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.google.protobuf:protobuf-java&package-manager=maven&previous-version=3.22.3&new-version=3.22.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1114 COPYBARA_INTEGRATE_REVIEW=#1114 from google:dependabot/maven/com.google.protobuf-protobuf-java-3.22.4 51ef831 PiperOrigin-RevId: 529704986

Bumps [maven-surefire-plugin](https://github.com/apache/maven-surefire) from 3.0.0 to 3.1.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/maven-surefire/commit/36f2eff46bfe5146da179100143ad7e854721e69"><code>36f2eff</code></a> [maven-release-plugin] prepare release surefire-3.1.0</li> <li><a href="https://github.com/apache/maven-surefire/commit/f48db530e096dd786567d8e43c3d8bd04cba7ce1"><code>f48db53</code></a> Mark class files in resources as binary</li> <li><a href="https://github.com/apache/maven-surefire/commit/eed0065d7a2cdd1424830792f3f5dfda86fb0963"><code>eed0065</code></a> Fix invalid .gitattributes</li> <li><a href="https://github.com/apache/maven-surefire/commit/3966e2f73b4bf0fdd65936fab0e45717958c54d9"><code>3966e2f</code></a> [SUREFIRE-2162] Document upcoming mojo and file names change</li> <li><a href="https://github.com/apache/maven-surefire/commit/c7af2768ba226d4fd9247d150f8bbb34bf64107d"><code>c7af276</code></a> [SUREFIRE-2140] Cannot release Surefire on Windows</li> <li><a href="https://github.com/apache/maven-surefire/commit/6718f14fd1031def148834c6bef71b61759021af"><code>6718f14</code></a> [SUREFIRE-2160] Replace LocalizedProperties with (Custom)I18N approach from MPIR</li> <li><a href="https://github.com/apache/maven-surefire/commit/33d30c6e018c92447006765c90cb43153ef5385c"><code>33d30c6</code></a> [SUREFIRE-2153] Replace SurefireReportGenerator with a new SurefireReportRend...</li> <li><a href="https://github.com/apache/maven-surefire/commit/da48b3a3a0832f5e3ec90f7a5010b88e22c6d77f"><code>da48b3a</code></a> configure notifications</li> <li><a href="https://github.com/apache/maven-surefire/commit/fdbbb5c1062e3fee8cbe3373bf4aa6b51d9f2821"><code>fdbbb5c</code></a> (doc) ignore reformat</li> <li><a href="https://github.com/apache/maven-surefire/commit/15c4014a04aa003909538d2777dced083b4323c3"><code>15c4014</code></a> [maven-release-plugin] prepare for next development iteration</li> <li>See full diff in <a href="https://github.com/apache/maven-surefire/compare/surefire-3.0.0...surefire-3.1.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-surefire-plugin&package-manager=maven&previous-version=3.0.0&new-version=3.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1115 COPYBARA_INTEGRATE_REVIEW=#1115 from google:dependabot/maven/org.apache.maven.plugins-maven-surefire-plugin-3.1.0 7e771d1 PiperOrigin-RevId: 530287178

Bumps [com.google.errorprone:error_prone_annotations](https://github.com/google/error-prone) from 2.27.0 to 2.27.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google/error-prone/releases">com.google.errorprone:error_prone_annotations's releases</a>.</em></p> <blockquote> <h2>Error Prone 2.27.1</h2> <p>This release contains all of the changes in <a href="https://github.com/google/error-prone/releases/tag/v2.27.0">2.27.0</a>, plus a bug fix to <a href="https://errorprone.info/bugpattern/ClassInitializationDeadlock"><code>ClassInitializationDeadlock</code></a> (<a href="https://redirect.github.com/google/error-prone/issues/4378">google/error-prone#4378</a>)</p> <p>Full Changelog: <a href="https://github.com/google/error-prone/compare/v2.27.0...v2.27.1">https://github.com/google/error-prone/compare/v2.27.0...v2.27.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google/error-prone/commit/464bb93d292123c750fe107984dcefc6f0905f00"><code>464bb93</code></a> Release Error Prone 2.27.1</li> <li><a href="https://github.com/google/error-prone/commit/bc3309a7dbe95d006ee190fb36f2d654779858d4"><code>bc3309a</code></a> Flag comparisons of <code>SomeEnum.valueOf(...)</code> to <code>null</code>.</li> <li><a href="https://github.com/google/error-prone/commit/6a8f4936b20e0a432d73930dac5f78517103af2f"><code>6a8f493</code></a> Don't scan into nested enums in ClassInitializationDeadlock</li> <li><a href="https://github.com/google/error-prone/commit/c8df502ab7cc8ce16b1a2e53533e7c247eba4a85"><code>c8df502</code></a> Make the logic of detecting at least one allowed usage more explicit.</li> <li>See full diff in <a href="https://github.com/google/error-prone/compare/v2.27.0...v2.27.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.google.errorprone:error_prone_annotations&package-manager=maven&previous-version=2.27.0&new-version=2.27.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1287 COPYBARA_INTEGRATE_REVIEW=#1287 from google:dependabot/maven/com.google.errorprone-error_prone_annotations-2.27.1 baa0c91 PiperOrigin-RevId: 630683660

RELNOTES=n/a PiperOrigin-RevId: 631123947

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.1.5</h2> <h2>What's Changed</h2> <ul> <li>Update NPM dependencies by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.4...v4.1.5">https://github.com/actions/checkout/compare/v4.1.4...v4.1.5</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/44c2b7a8a4ea60a981eaca3cf939b5f4305c123b"><code>44c2b7a</code></a> README: Suggest <code>user.email</code> to be `41898282+github-actions[bot]<a href="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/users"><code>@users</code></a>.norepl...</li> <li><a href="https://github.com/actions/checkout/commit/8459bc0c7e3759cdf591f513d9f141a95fef0a8f"><code>8459bc0</code></a> Bump actions/upload-artifact from 2 to 4 (<a href="https://redirect.github.com/actions/checkout/issues/1695">#1695</a>)</li> <li><a href="https://github.com/actions/checkout/commit/3f603f6d5e9f40714f97b2f017aa0df2a443192a"><code>3f603f6</code></a> Bump actions/setup-node from 1 to 4 (<a href="https://redirect.github.com/actions/checkout/issues/1696">#1696</a>)</li> <li><a href="https://github.com/actions/checkout/commit/fd084cde189b7b76ec305d52e27be545a0172823"><code>fd084cd</code></a> Bump github/codeql-action from 2 to 3 (<a href="https://redirect.github.com/actions/checkout/issues/1694">#1694</a>)</li> <li><a href="https://github.com/actions/checkout/commit/9c1e94e0ad997d618b6113a2171b055037589028"><code>9c1e94e</code></a> Update NPM dependencies (<a href="https://redirect.github.com/actions/checkout/issues/1703">#1703</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/0ad4b8fadaa221de15dcec353f45205ec38ea70b...44c2b7a8a4ea60a981eaca3cf939b5f4305c123b">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.4&new-version=4.1.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1291 COPYBARA_INTEGRATE_REVIEW=#1291 from google:dependabot/github_actions/actions/checkout-4.1.5 b89cb34 PiperOrigin-RevId: 631384562

#1292 RELNOTES=n/a PiperOrigin-RevId: 633264611

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.5 to 4.1.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.1.6</h2> <h2>What's Changed</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> <li>Update for 4.1.6 release by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1733">actions/checkout#1733</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.5...v4.1.6">https://github.com/actions/checkout/compare/v4.1.5...v4.1.6</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="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/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <ul> <li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="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/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li> <li>Add SSH user parameter by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li> <li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="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/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li> </ul> <h2>v4.1.2</h2> <ul> <li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="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/dscho"><code>@dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li> </ul> <h2>v4.1.1</h2> <ul> <li>Correct link to GitHub Docs by <a href="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/peterbe"><code>@peterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li> <li>Link to release page from what's new section by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li> </ul> <h2>v4.1.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li> </ul> <h2>v4.0.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li> </ul> <h2>v3.6.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark test scripts with Bash'isms to be run via Bash</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/579">Add option to fetch tags even if fetch-depth > 0</a></li> </ul> <h2>v3.5.3</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1196">Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix typos found by codespell</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add support for sparse checkouts</a></li> </ul> <h2>v3.5.2</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix api endpoint for GHES</a></li> </ul> <h2>v3.5.1</h2>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/a5ac7e51b41094c92402da3b24376905380afc29"><code>a5ac7e5</code></a> Update for 4.1.6 release (<a href="https://redirect.github.com/actions/checkout/issues/1733">#1733</a>)</li> <li><a href="https://github.com/actions/checkout/commit/24ed1a352802348c9e4e8d13de9177fb95b537ba"><code>24ed1a3</code></a> Check platform for extension (<a href="https://redirect.github.com/actions/checkout/issues/1732">#1732</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/44c2b7a8a4ea60a981eaca3cf939b5f4305c123b...a5ac7e51b41094c92402da3b24376905380afc29">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.5&new-version=4.1.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1294 COPYBARA_INTEGRATE_REVIEW=#1294 from google:dependabot/github_actions/actions/checkout-4.1.6 d82d6c9 PiperOrigin-RevId: 634777591

Bumps [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf) from 4.26.1 to 4.27.0. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/protocolbuffers/protobuf/commits">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.google.protobuf:protobuf-java&package-manager=maven&previous-version=4.26.1&new-version=4.27.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1296 COPYBARA_INTEGRATE_REVIEW=#1296 from google:dependabot/maven/com.google.protobuf-protobuf-java-4.27.0 20fa1fc PiperOrigin-RevId: 636911101

…e later. I could have done this as part of cl/609415936 and cl/604677493, but I'd missed that `AssertionError(String, Throwable)` was [added in API Level 19](https://developer.android.com/reference/java/lang/AssertionError#AssertionError(java.lang.String,%20java.lang.Throwable)). (The code in `Platform` in cl/609415936 still needs to use `initCause` because it uses `ComparisonFailure`, which does not expose a `Throwable`-accepting constructor.) RELNOTES=n/a PiperOrigin-RevId: 638335715

RELNOTES=n/a PiperOrigin-RevId: 639114032

Bumps `auto-value.version` from 1.10.4 to 1.11.0. Updates `com.google.auto.value:auto-value-annotations` from 1.10.4 to 1.11.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google/auto/releases">com.google.auto.value:auto-value-annotations's releases</a>.</em></p> <blockquote> <h2>AutoValue 1.11.0</h2> <h2>What's Changed</h2> <ul> <li>AutoValue (including AutoBuilder) no longer bundles the Kotlin metadata API. This may require adding an explicit dependency on <code>org.jetbrains.kotlinx:kotlinx-metadata-jvm:0.9.0</code> or <code>org.jetbrains.kotlin:kotlin-metadata-jvm:2.0.0</code> to client code that uses AutoBuilder to build Kotlin classes. The metadata API has changed from <code>kotlinx.metadata</code> to <code>kotlin.metadata</code>, but AutoBuilder uses reflection to function with either. (260b61ec7)</li> <li>Support for generating Java 7 code has been removed from AutoValue, AutoAnnotation, and AutoBuilder. You must be on at least Java 8, or an Android version with desugaring that allows it to pass for Java 8. 1.10.4 is the last AutoValue version with support for Java 7. (b9142b7cd)</li> <li>AutoBuilder now reports an error if it encounters a <code>@nullable</code> primitive parameter. Primitive types cannot be <code>null</code>, and should not be annotated for nullness. (7cbdeb43b)</li> <li>Annotations on type parameters, like <code>abstract @nullable T foo()</code>, are now better propagated to fields and constructor parameters. (92d881ed9)</li> <li>The generated <code>toBuilder()</code> method now says <code>new AutoValue_Foo.Builder(this)</code> rather than just <code>new Builder(this)</code>, to do the right thing if an extension generates its own subclass of <code>Builder</code>. (324470ba2)</li> <li>The "copy constructor" in a generated <code>Builder</code> is no longer private. (6730615c9)</li> <li>Added support for extending AutoValue.Builder with abstract methods. (7d4b020dd)</li> <li>The annotation processors now support all kinds of resource URLs when loading template resources. This change only affects the case where the AutoValue (etc) processors are being invoked in an unusual environment, for example from a GraalVM app. It does not affect code that is merely being compiled for such an environment. (80b0ada75)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google/auto/compare/auto-value-1.10.4...auto-value-1.11.0">https://github.com/google/auto/compare/auto-value-1.10.4...auto-value-1.11.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google/auto/commit/5e02d6494b03076e7274005507f2be5653e216a0"><code>5e02d64</code></a> Set version number for auto-value-parent to 1.11.0.</li> <li><a href="https://github.com/google/auto/commit/80b0ada7543515d9b8f923a42b42f750eccaf92b"><code>80b0ada</code></a> Support all kinds of resource URLs when loading template resources.</li> <li><a href="https://github.com/google/auto/commit/260b61ec7bac0bcbc0b6af571bf80b8ee45119bd"><code>260b61e</code></a> Use reflection to avoid referencing the Kotlin metadata API directly.</li> <li><a href="https://github.com/google/auto/commit/76be89a76ba534d56d148e627bec17a68e2f3f83"><code>76be89a</code></a> Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.1 to 3.7.0 in /fa...</li> <li><a href="https://github.com/google/auto/commit/c11484e2d7368d9bcc80abd6dd00bfcde39ac533"><code>c11484e</code></a> Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.1 to 3.7.0 in /value</li> <li><a href="https://github.com/google/auto/commit/b21d69db178a779278d3ae77750c59615aed68c4"><code>b21d69d</code></a> Bump kotlin.version from 1.9.24 to 2.0.0 in /value</li> <li><a href="https://github.com/google/auto/commit/e55e60a969e270274c0a4a0f2062d484585eee8c"><code>e55e60a</code></a> Update AutoValue to reflect recent Kotlin Metadata API changes.</li> <li><a href="https://github.com/google/auto/commit/29f739bd59b3b2851115f9ef203bf28cce949940"><code>29f739b</code></a> Bump actions/checkout from 4.1.5 to 4.1.6</li> <li><a href="https://github.com/google/auto/commit/199a72753c786960670a45d069d136e80a71f6b7"><code>199a727</code></a> Bump kotlin.version from 1.9.23 to 1.9.24 in /value</li> <li><a href="https://github.com/google/auto/commit/f2b22e340671f78ffc214b09f30d1ee43c847714"><code>f2b22e3</code></a> Bump actions/checkout from 4.1.4 to 4.1.5</li> <li>Additional commits viewable in <a href="https://github.com/google/auto/compare/auto-value-1.10.4...auto-value-1.11.0">compare view</a></li> </ul> </details> <br /> Updates `com.google.auto.value:auto-value` from 1.10.4 to 1.11.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google/auto/releases">com.google.auto.value:auto-value's releases</a>.</em></p> <blockquote> <h2>AutoValue 1.11.0</h2> <h2>What's Changed</h2> <ul> <li>AutoValue (including AutoBuilder) no longer bundles the Kotlin metadata API. This may require adding an explicit dependency on <code>org.jetbrains.kotlinx:kotlinx-metadata-jvm:0.9.0</code> or <code>org.jetbrains.kotlin:kotlin-metadata-jvm:2.0.0</code> to client code that uses AutoBuilder to build Kotlin classes. The metadata API has changed from <code>kotlinx.metadata</code> to <code>kotlin.metadata</code>, but AutoBuilder uses reflection to function with either. (260b61ec7)</li> <li>Support for generating Java 7 code has been removed from AutoValue, AutoAnnotation, and AutoBuilder. You must be on at least Java 8, or an Android version with desugaring that allows it to pass for Java 8. 1.10.4 is the last AutoValue version with support for Java 7. (b9142b7cd)</li> <li>AutoBuilder now reports an error if it encounters a <code>@nullable</code> primitive parameter. Primitive types cannot be <code>null</code>, and should not be annotated for nullness. (7cbdeb43b)</li> <li>Annotations on type parameters, like <code>abstract @nullable T foo()</code>, are now better propagated to fields and constructor parameters. (92d881ed9)</li> <li>The generated <code>toBuilder()</code> method now says <code>new AutoValue_Foo.Builder(this)</code> rather than just <code>new Builder(this)</code>, to do the right thing if an extension generates its own subclass of <code>Builder</code>. (324470ba2)</li> <li>The "copy constructor" in a generated <code>Builder</code> is no longer private. (6730615c9)</li> <li>Added support for extending AutoValue.Builder with abstract methods. (7d4b020dd)</li> <li>The annotation processors now support all kinds of resource URLs when loading template resources. This change only affects the case where the AutoValue (etc) processors are being invoked in an unusual environment, for example from a GraalVM app. It does not affect code that is merely being compiled for such an environment. (80b0ada75)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/google/auto/compare/auto-value-1.10.4...auto-value-1.11.0">https://github.com/google/auto/compare/auto-value-1.10.4...auto-value-1.11.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google/auto/commit/5e02d6494b03076e7274005507f2be5653e216a0"><code>5e02d64</code></a> Set version number for auto-value-parent to 1.11.0.</li> <li><a href="https://github.com/google/auto/commit/80b0ada7543515d9b8f923a42b42f750eccaf92b"><code>80b0ada</code></a> Support all kinds of resource URLs when loading template resources.</li> <li><a href="https://github.com/google/auto/commit/260b61ec7bac0bcbc0b6af571bf80b8ee45119bd"><code>260b61e</code></a> Use reflection to avoid referencing the Kotlin metadata API directly.</li> <li><a href="https://github.com/google/auto/commit/76be89a76ba534d56d148e627bec17a68e2f3f83"><code>76be89a</code></a> Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.1 to 3.7.0 in /fa...</li> <li><a href="https://github.com/google/auto/commit/c11484e2d7368d9bcc80abd6dd00bfcde39ac533"><code>c11484e</code></a> Bump org.apache.maven.plugins:maven-invoker-plugin from 3.6.1 to 3.7.0 in /value</li> <li><a href="https://github.com/google/auto/commit/b21d69db178a779278d3ae77750c59615aed68c4"><code>b21d69d</code></a> Bump kotlin.version from 1.9.24 to 2.0.0 in /value</li> <li><a href="https://github.com/google/auto/commit/e55e60a969e270274c0a4a0f2062d484585eee8c"><code>e55e60a</code></a> Update AutoValue to reflect recent Kotlin Metadata API changes.</li> <li><a href="https://github.com/google/auto/commit/29f739bd59b3b2851115f9ef203bf28cce949940"><code>29f739b</code></a> Bump actions/checkout from 4.1.5 to 4.1.6</li> <li><a href="https://github.com/google/auto/commit/199a72753c786960670a45d069d136e80a71f6b7"><code>199a727</code></a> Bump kotlin.version from 1.9.23 to 1.9.24 in /value</li> <li><a href="https://github.com/google/auto/commit/f2b22e340671f78ffc214b09f30d1ee43c847714"><code>f2b22e3</code></a> Bump actions/checkout from 4.1.4 to 4.1.5</li> <li>Additional commits viewable in <a href="https://github.com/google/auto/compare/auto-value-1.10.4...auto-value-1.11.0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1302 COPYBARA_INTEGRATE_REVIEW=#1302 from google:dependabot/maven/auto-value.version-1.11.0 b6a0762 PiperOrigin-RevId: 639746674

Bumps [org.apache.maven.plugins:maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 3.6.3 to 3.7.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/maven-javadoc-plugin/commit/2c28b8d90ede19c28ae7b94d07ad0fbb6c23b720"><code>2c28b8d</code></a> [maven-release-plugin] prepare release maven-javadoc-plugin-3.7.0</li> <li><a href="https://github.com/apache/maven-javadoc-plugin/commit/5530d6801179f388db07a2f1f42e4dc9d06bf447"><code>5530d68</code></a> [MJAVADOC-793] java.lang.NullPointerException: Cannot invoke "String.length()...</li> <li><a href="https://github.com/apache/maven-javadoc-plugin/commit/08cf68e7d3e0a6ac2e1cae4a1336878e4f19dd2b"><code>08cf68e</code></a> Revert "Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2"</li> <li><a href="https://github.com/apache/maven-javadoc-plugin/commit/64468220d5d27d3d219c51baf55cdadfcb4fdd48"><code>6446822</code></a> Bump org.apache.maven.shared:maven-invoker from 3.2.0 to 3.3.0</li> <li><a href="https://github.com/apache/maven-javadoc-plugin/commit/49c93adfc132f648dbdc8fe64a7043ec45ba0022"><code>49c93ad</code></a> Bump org.assertj:assertj-core from 3.25.3 to 3.26.0</li> <li><a href="https://github.com/apache/maven-javadoc-plugin/commit/4e720486ab401acfabc616b85a153126960b1370"><code>4e72048</code></a> [MJAVADOC-795] Upgrade to Parent 42 and Maven 3.6.3</li> <li><a href="https://github.com/apache/maven-javadoc-plugin/commit/b55dd967254813dcb51d19bb3c3667bc951590b4"><code>b55dd96</code></a> Bump org.codehaus.plexus:plexus-archiver from 4.9.1 to 4.9.2</li> <li><a href="https://github.com/apache/maven-javadoc-plugin/commit/77ad41087057ae507d1d0e4c834205322227b0db"><code>77ad410</code></a> Bump org.apache.commons:commons-text from 1.11.0 to 1.12.0</li> <li><a href="https://github.com/apache/maven-javadoc-plugin/commit/c21568ad451a622ed6ecefeb9f77d82a1a84bd2a"><code>c21568a</code></a> Bump commons-io:commons-io from 2.16.0 to 2.16.1</li> <li><a href="https://github.com/apache/maven-javadoc-plugin/commit/ded56a90d22dfb53ec99c03fdaf735fb62e1afd7"><code>ded56a9</code></a> Exclude JDK 8 - temurin, adopt-openj9 on macos</li> <li>Additional commits viewable in <a href="https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.6.3...maven-javadoc-plugin-3.7.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-javadoc-plugin&package-manager=maven&previous-version=3.6.3&new-version=3.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1300 COPYBARA_INTEGRATE_REVIEW=#1300 from google:dependabot/maven/org.apache.maven.plugins-maven-javadoc-plugin-3.7.0 98f1f75 PiperOrigin-RevId: 639747704

Bumps [com.google.errorprone:error_prone_annotations](https://github.com/google/error-prone) from 2.27.1 to 2.28.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google/error-prone/releases">com.google.errorprone:error_prone_annotations's releases</a>.</em></p> <blockquote> <h2>Error Prone 2.28.0</h2> <p>Error Prone nows supports the latest JDK 23 EA builds (<a href="https://redirect.github.com/google/error-prone/issues/4412">#4412</a>, <a href="https://redirect.github.com/google/error-prone/issues/4415">#4415</a>).</p> <p>Closed issues:</p> <ul> <li>Improved errors for invalid check severities (<a href="https://redirect.github.com/google/error-prone/issues/4306">#4306</a>).</li> <li>Fix a crash with nested <code>instanceof</code> patterns (<a href="https://redirect.github.com/google/error-prone/issues/4349">#4349</a>).</li> <li>Fix a crash in JUnitIncompatibleType (<a href="https://redirect.github.com/google/error-prone/issues/4377">#4377</a>).</li> <li>In ObjectEqualsForPrimitives, don't suggest replacing <code>equal</code> with <code>==</code> for floating-point values (<a href="https://redirect.github.com/google/error-prone/issues/4392">#4392</a>).</li> </ul> <p>New checks:</p> <ul> <li><a href="https://errorprone.info/bugpattern/DeeplyNested"><code>DeeplyNested</code></a> discourages very deeply nested code that can cause StackOverflowErrors during compilation.</li> <li><a href="https://errorprone.info/bugpattern/GuiceNestedCombine"><code>GuiceNestedCombine</code></a> discourages nesting of <code>Modules.combine()</code>, which is unnecessary.</li> <li><a href="https://errorprone.info/bugpattern/PatternMatchingInstanceof"><code>PatternMatchingInstanceof</code></a> migrates code to use <a href="https://openjdk.org/jeps/394">pattern matching for <code>instanceof</code></a></li> <li><a href="https://errorprone.info/bugpattern/SunApi"><code>SunApi</code></a> discourages use of internal proprietary JDK APIs which may be removed from future releases.</li> </ul> <p>Full Changelog: <a href="https://github.com/google/error-prone/compare/v2.27.1...v2.28.0">https://github.com/google/error-prone/compare/v2.27.1...v2.28.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/google/error-prone/commit/c71fd4ef6aea290a74fa641de498cb351fd325e3"><code>c71fd4e</code></a> Release Error Prone 2.28.0</li> <li><a href="https://github.com/google/error-prone/commit/32997f77a4bfc79c10c1ddcbfb52b03a046d2e41"><code>32997f7</code></a> Bugfix assignment switch analysis in StatementSwitchToExpressionSwitch: if an...</li> <li><a href="https://github.com/google/error-prone/commit/2dde25434696cc2f87e76b64bf60d8875da36a09"><code>2dde254</code></a> Update references to javadoc APIs after the introduction of Markdown doc comm...</li> <li><a href="https://github.com/google/error-prone/commit/5fef6e0ab3414a21c3274059ec2df5579bf76dd7"><code>5fef6e0</code></a> Yet another JUnitIncompatibleType crash fix.</li> <li><a href="https://github.com/google/error-prone/commit/c2df1b6546ddf3d778a8ab7781a6b45560b1ff9e"><code>c2df1b6</code></a> Refactor comment handling in tokenization to use a new ErrorProneComment clas...</li> <li><a href="https://github.com/google/error-prone/commit/3fff6105290f69b72641de4ea8cefc7d76996f74"><code>3fff610</code></a> Update hamcrest to v2.2</li> <li><a href="https://github.com/google/error-prone/commit/6f265ddb8bcbe225b90f83d1d276b3fc65aee09b"><code>6f265dd</code></a> Add a disabled regression test for an UnusedVariable bug</li> <li><a href="https://github.com/google/error-prone/commit/5eded877e844326b3e00a8e0dd4c225ab8f03617"><code>5eded87</code></a> Add an Error Prone check that reimplements javac sunapi warnings</li> <li><a href="https://github.com/google/error-prone/commit/9e0fbf705dc98faf2a8ac88cbdb1facc0ba18696"><code>9e0fbf7</code></a> Prepare for a change to the return type of <code>JCCompilationUnit#getImports</code> in ...</li> <li><a href="https://github.com/google/error-prone/commit/13be411511ab367bf44c1a100085925255a3751e"><code>13be411</code></a> Handle <code>null != CONST_CASE</code> in YodaCondition</li> <li>Additional commits viewable in <a href="https://github.com/google/error-prone/compare/v2.27.1...v2.28.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.google.errorprone:error_prone_annotations&package-manager=maven&previous-version=2.27.1&new-version=2.28.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Fixes #1301 COPYBARA_INTEGRATE_REVIEW=#1301 from google:dependabot/maven/com.google.errorprone-error_prone_annotations-2.28.0 ebf5af2 PiperOrigin-RevId: 640185574

…ge conflicts. Also change the interval from daily to weekly so there's only one update commit per triage rotation. See https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#configuration-options-for-the-dependabotyml-file for documentation on the configuration options. RELNOTES=n/a PiperOrigin-RevId: 640191662

…ependencies group across 1 directory Bumps the dependencies group with 1 update in the / directory: [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf). Updates `com.google.protobuf:protobuf-java` from 4.27.0 to 4.27.1 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/protocolbuffers/protobuf/commits">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.google.protobuf:protobuf-java&package-manager=maven&previous-version=4.27.0&new-version=4.27.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Fixes #1307 COPYBARA_INTEGRATE_REVIEW=#1307 from google:dependabot/maven/dependencies-2ee2aed336 7dabe26 PiperOrigin-RevId: 641897630

RELNOTES=n/a PiperOrigin-RevId: 642955274

Bumps the dependencies group with 2 updates: [org.apache.maven.plugins:maven-project-info-reports-plugin](https://github.com/apache/maven-project-info-reports-plugin) and [org.apache.maven.plugins:maven-surefire-plugin](https://github.com/apache/maven-surefire). Updates `org.apache.maven.plugins:maven-project-info-reports-plugin` from 3.5.0 to 3.6.0 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/f4d3a12764f9bea07b6c8dcfe2a74f9544f51de3"><code>f4d3a12</code></a> [maven-release-plugin] prepare release maven-project-info-reports-plugin-3.6.0</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/34ca65bc0fae866814b59c9bfaaaae1795bbec80"><code>34ca65b</code></a> [MPIR-461] Upgrade plugins and components (in ITs)</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/a44cc8ab44dda25c08d658666e0b2dadf826f93d"><code>a44cc8a</code></a> [MPIR-455] dependencies goal: add support for multi-release JARs</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/be2e4ed4a7f6f53a53457896989307b8b4bc7089"><code>be2e4ed</code></a> [MPIR-451] Rename "Dependency Information" to "Maven Coordinates"</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/dc1710d595de4467be743d4c55a020eef1bc22e3"><code>dc1710d</code></a> [MPIR-460] Dependency Information for maven-plugin</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/2ca83d0d883f2a2400ccc5128d4a8339982a9785"><code>2ca83d0</code></a> [MPIR-459] Refresh download page</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/3ed99acda62c6f314fe64e6a5df1d49a4903c92e"><code>3ed99ac</code></a> [MPIR-457] Upgrade to Parent 42 and Maven 3.6.3</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/be2e5f910fe11ca224665d04258f94ea2799ed7a"><code>be2e5f9</code></a> Bump maven-gh-actions-shared to v4</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/70e41363aa1521523a04091337d5ce5e0c039897"><code>70e4136</code></a> Add .factorypath to .gitignore</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/33db4bdc1b750c1a9c9e4a61ba61e7a082bd1d74"><code>33db4bd</code></a> [maven-release-plugin] prepare for next development iteration</li> <li>See full diff in <a href="https://github.com/apache/maven-project-info-reports-plugin/compare/maven-project-info-reports-plugin-3.5.0...maven-project-info-reports-plugin-3.6.0">compare view</a></li> </ul> </details> <br /> Updates `org.apache.maven.plugins:maven-surefire-plugin` from 3.2.5 to 3.3.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/apache/maven-surefire/releases">org.apache.maven.plugins:maven-surefire-plugin's releases</a>.</em></p> <blockquote> <h2>3.3.0</h2> <p><a href="https://issues.apache.org/jira/secure/ReleaseNote.jspa?projectId=12317927&version=12354462">Release Notes - Maven Surefire - Version 3.3.0</a></p>      <h2>What's Changed</h2> <ul> <li>Bump org.htmlunit:htmlunit from 3.9.0 to 3.10.0 by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/apache/maven-surefire/pull/717">apache/maven-surefire#717</a></li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/maven-surefire/commit/d0b96a409a9c3311afc61756ffded445d731a2bd"><code>d0b96a4</code></a> [maven-release-plugin] prepare release surefire-3.3.0</li> <li><a href="https://github.com/apache/maven-surefire/commit/71796af4dbe4461d8cfa5d45179657afcd9e1f22"><code>71796af</code></a> Bump org.codehaus.plexus:plexus-component-annotations</li> <li><a href="https://github.com/apache/maven-surefire/commit/afb2d4e502f5afc54407134c9bc4b3ba7ef1ac07"><code>afb2d4e</code></a> Bump org.codehaus.plexus:plexus-interpolation from 1.25 to 1.27</li> <li><a href="https://github.com/apache/maven-surefire/commit/e6287ddbda7bf89ba370759af6164cbf925eebd1"><code>e6287dd</code></a> [SUREFIRE-2232] [REGRESSION] StatelessXmlReporter fails to process failed res...</li> <li><a href="https://github.com/apache/maven-surefire/commit/57b78376127df95849d495531e066981f80867fb"><code>57b7837</code></a> Bump org.htmlunit:htmlunit from 3.11.0 to 4.2.0</li> <li><a href="https://github.com/apache/maven-surefire/commit/fd440c4959b9f71881a9f8f22e07c517e6eb3b14"><code>fd440c4</code></a> Bump org.xmlunit:xmlunit-core from 2.9.1 to 2.10.0</li> <li><a href="https://github.com/apache/maven-surefire/commit/5c34c43cb7b5f74211f757e310a749ae06525673"><code>5c34c43</code></a> Bump org.assertj:assertj-core from 3.25.3 to 3.26.0</li> <li><a href="https://github.com/apache/maven-surefire/commit/680fb00b4e3574a3fdba34e89749fb55ce081e70"><code>680fb00</code></a> Bump org.apache.commons:commons-compress from 1.26.1 to 1.26.2</li> <li><a href="https://github.com/apache/maven-surefire/commit/cad09319311326520e09b36cc95c06116901ec5e"><code>cad0931</code></a> [SUREFIRE-2248] Make "type" attribute on failures and errors in (surefire|fai...</li> <li><a href="https://github.com/apache/maven-surefire/commit/a88d786d7d9350b15dae47d8603e22748d8cdee1"><code>a88d786</code></a> [SUREFIRE-2047] Upgrade to maven-common-artifact-filters 3.4.0</li> <li>Additional commits viewable in <a href="https://github.com/apache/maven-surefire/compare/surefire-3.2.5...surefire-3.3.0">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Fixes #1310 COPYBARA_INTEGRATE_REVIEW=#1310 from google:dependabot/maven/dependencies-5bdee527ed 4b1f390 PiperOrigin-RevId: 643990265

RELNOTES=n/a PiperOrigin-RevId: 644012345

Bumps the github-actions group with 1 update: [actions/checkout](https://github.com/actions/checkout). Updates `actions/checkout` from 4.1.6 to 4.1.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.1.7</h2> <h2>What's Changed</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="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/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="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/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="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/orhantoy"><code>@orhantoy</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.6...v4.1.7">https://github.com/actions/checkout/compare/v4.1.6...v4.1.7</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="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/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="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/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="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/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="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/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <ul> <li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="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/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li> <li>Add SSH user parameter by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li> <li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="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/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li> </ul> <h2>v4.1.2</h2> <ul> <li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="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/dscho"><code>@dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li> </ul> <h2>v4.1.1</h2> <ul> <li>Correct link to GitHub Docs by <a href="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/peterbe"><code>@peterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li> <li>Link to release page from what's new section by <a href="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/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li> </ul> <h2>v4.1.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li> </ul> <h2>v4.0.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li> </ul> <h2>v3.6.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark test scripts with Bash'isms to be run via Bash</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/579">Add option to fetch tags even if fetch-depth > 0</a></li> </ul> <h2>v3.5.3</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1196">Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix typos found by codespell</a></li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/692973e3d937129bcbf40652eb9f2f61becf3332"><code>692973e</code></a> Prepare 4.1.7 release (<a href="https://redirect.github.com/actions/checkout/issues/1775">#1775</a>)</li> <li><a href="https://github.com/actions/checkout/commit/6ccd57f4c5d15bdc2fef309bd9fb6cc9db2ef1c6"><code>6ccd57f</code></a> Pin actions/checkout's own workflows to a known, good, stable version. (<a href="https://redirect.github.com/actions/checkout/issues/1776">#1776</a>)</li> <li><a href="https://github.com/actions/checkout/commit/b17fe1e4d59a9d1d95a7aead5e6fcd13e50939a5"><code>b17fe1e</code></a> Handle hidden refs (<a href="https://redirect.github.com/actions/checkout/issues/1774">#1774</a>)</li> <li><a href="https://github.com/actions/checkout/commit/b80ff79f1755d06ba70441c368a6fe801f5f3a62"><code>b80ff79</code></a> Bump actions/checkout from 3 to 4 (<a href="https://redirect.github.com/actions/checkout/issues/1697">#1697</a>)</li> <li><a href="https://github.com/actions/checkout/commit/b1ec3021b8fa02164da82ca1557d017d83b0e179"><code>b1ec302</code></a> Bump the minor-npm-dependencies group across 1 directory with 4 updates (<a href="https://redirect.github.com/actions/checkout/issues/1739">#1739</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/a5ac7e51b41094c92402da3b24376905380afc29...692973e3d937129bcbf40652eb9f2f61becf3332">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.6&new-version=4.1.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Fixes #1309 COPYBARA_INTEGRATE_REVIEW=#1309 from google:dependabot/github_actions/github-actions-0bd1363a87 5362f17 PiperOrigin-RevId: 645389375

… the dependencies group Bumps the dependencies group with 1 update: [org.apache.maven.plugins:maven-jar-plugin](https://github.com/apache/maven-jar-plugin). Updates `org.apache.maven.plugins:maven-jar-plugin` from 3.4.1 to 3.4.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/apache/maven-jar-plugin/releases">org.apache.maven.plugins:maven-jar-plugin's releases</a>.</em></p> <blockquote> <h2>3.4.2</h2>  <h2>🐛 Bug Fixes</h2> <ul> <li><a href="https://issues.apache.org/jira/browse/MJAR-310">[MJAR-310]</a> - fixed toolchain version detection when toolchain paths contain white spaces (<a href="https://redirect.github.com/apache/maven-jar-plugin/pull/86">#86</a>) <a href="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/jansohn"><code>@jansohn</code></a></li> </ul> <h2>👻 Maintenance</h2> <ul> <li>Build with Maven 4 (<a href="https://redirect.github.com/apache/maven-jar-plugin/pull/88">#88</a>) <a href="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/slawekjaranowski"><code>@slawekjaranowski</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/maven-jar-plugin/commit/95007e86d205703d898aa0fb5d24ae3df0c25789"><code>95007e8</code></a> [maven-release-plugin] prepare release maven-jar-plugin-3.4.2</li> <li><a href="https://github.com/apache/maven-jar-plugin/commit/99584ce9cff9d87d73c12df81d40a982d75845ff"><code>99584ce</code></a> Build with Maven 4</li> <li><a href="https://github.com/apache/maven-jar-plugin/commit/e9c98a4dd95b79088fe5264d3e5dbba1342ddb80"><code>e9c98a4</code></a> [MJAR-310] fixed toolchain version detection when toolchain paths contain whi...</li> <li><a href="https://github.com/apache/maven-jar-plugin/commit/a5554bb21e9528b3f3dfa5b97473f2af99045e73"><code>a5554bb</code></a> [maven-release-plugin] prepare for next development iteration</li> <li>See full diff in <a href="https://github.com/apache/maven-jar-plugin/compare/maven-jar-plugin-3.4.1...maven-jar-plugin-3.4.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=org.apache.maven.plugins:maven-jar-plugin&package-manager=maven&previous-version=3.4.1&new-version=3.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Fixes #1312 COPYBARA_INTEGRATE_REVIEW=#1312 from google:dependabot/maven/dependencies-c7d7b53540 d8cb62c PiperOrigin-RevId: 646143014

We've been using these internally for over a year. With JSpecify 1.0 not far off and wider adoption to gradually follow, now seems like the time to expand our public usage of the annotations. We've already been using them in a few projects, but Truth may become the mostly widely used project that users actually link against to use them. At the same time, it's a library that's used only in testing code, so the stakes remain relatively low. Most users will see no effect from this change, since most users don't use nullness checking and since we already used some nullness annotations in our public release. The main effect users are likely to see is if they pass nullable values for parameters that are now recognized as non-nullable. Under Kotlin, the effect should normally be a warning, not an error, at least until [Kotlin 2.1 or so](https://youtrack.jetbrains.com/issue/KT-55586/Handle-nullability-from-jspecify-annotations-properly#focus=Comments-27-8368666.0-0). Please still [report any problems](https://github.com/google/truth/issues/new). (progress toward JSpecify adoption in our projects in general, including google/guava#2960) RELNOTES=Added more nullness information to our APIs (in the form of [JSpecify](https://jspecify.dev/) annotations). This could lead to additional warnings (or even errors) for users of Kotlin and other nullness checkers. Please [report any problems](https://github.com/google/truth/issues/new). PiperOrigin-RevId: 647012817

…t/value types. RELNOTES=n/a PiperOrigin-RevId: 647300691

Fixes #1022 COPYBARA_INTEGRATE_REVIEW=#1022 from hpa16:fix-docs b3619e9 PiperOrigin-RevId: 647376732

…fails but containsMatch(x) would have passed. Fixes #791 Fixes #830 RELNOTES=Improved the failure message for `matches` to conditionally suggest using `containsMatch`. COPYBARA_INTEGRATE_REVIEW=#830 from junyan59:stringMatches cc02dca PiperOrigin-RevId: 647435705

org.gwtproject already has a 2.11.0 release available, which I'm not upgrading to in this CL. I'll leave that to Dependabot (and future semi-automated Guava version bumps). See google/auto#1342 (comment) RELNOTES=n/a PiperOrigin-RevId: 647700630

Bumps the dependencies group with 2 updates: [com.google.protobuf:protobuf-java](https://github.com/protocolbuffers/protobuf) and [org.apache.maven.plugins:maven-project-info-reports-plugin](https://github.com/apache/maven-project-info-reports-plugin). Updates `com.google.protobuf:protobuf-java` from 4.27.1 to 4.27.2 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/protocolbuffers/protobuf/commits">compare view</a></li> </ul> </details> <br /> Updates `org.apache.maven.plugins:maven-project-info-reports-plugin` from 3.6.0 to 3.6.1 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/21d36534d87088aafe1743a402b3f49fbaecd293"><code>21d3653</code></a> [maven-release-plugin] prepare release maven-project-info-reports-plugin-3.6.1</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/b707915bb7cb5adc2c0dcb66560b9aa6470ceaa2"><code>b707915</code></a> [MPIR-462] IT for MRJAR issue with dependencies goal</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/3fd654a98c709e9051d5dc8d6fd250db43b79467"><code>3fd654a</code></a> [MPIR-463] Remove workaround to count the number of root content entries in J...</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/790b646e57e2362ddba9b9e0d91e180c282a272e"><code>790b646</code></a> [MPIR-464] Upgrade to Maven Shared JAR 3.1.1</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/740536dd756f108859426c17312533fae0bd8df4"><code>740536d</code></a> Lift restriction on mojo renames</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/3e8276fdf17de3261c21db7e862281a7b4f11651"><code>3e8276f</code></a> Make spotless happy</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/9ba89c9f3b6e4a60d02c439840da80ff11e836dd"><code>9ba89c9</code></a> Fix SCM tag</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/870d7bf55f8818b82ab6e1756f65e531bfc56f30"><code>870d7bf</code></a> Improve variable name (2)</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/b08af0c292d9beb4a9a53b3acd94a5753eb54d1c"><code>b08af0c</code></a> Improve variable name</li> <li><a href="https://github.com/apache/maven-project-info-reports-plugin/commit/1231c79919bf37b42d48a0d693b3feee156ecbdb"><code>1231c79</code></a> [maven-release-plugin] prepare for next development iteration</li> <li>See full diff in <a href="https://github.com/apache/maven-project-info-reports-plugin/compare/maven-project-info-reports-plugin-3.6.0...maven-project-info-reports-plugin-3.6.1">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Fixes #1316 COPYBARA_INTEGRATE_REVIEW=#1316 from google:dependabot/maven/dependencies-f63bd35751 291ada8 PiperOrigin-RevId: 648361211

Also, remove its `jspecify` dep. (But leave behind its Truth dep so that anyone who depends only on `truth-java8-extension` for `Truth`+`Truth8` still gets them.) I could probably further simplify in the pom's build config, but there's no compelling need. RELNOTES=n/a PiperOrigin-RevId: 650668773

…ects) for nullness. And move the `@NullMarked` annotation from individual classes up to the package. Motivation: - The annotating is about potentially making things nicer for callers (or any future J2KT use?). - Moving `@NullMarked` to the package is about saving Truth users from [a warning when running Error Prone with `--release 8`](#1320): When `@NullMarked` appears on a _class_, Error Prone processes the entire `NullMarked` class in order to check whether `NullMarked` is `@Inherited`. This leads to `warning: unknown enum constant ElementType.MODULE` because `NullMarked` has `@Target(MODULE, ...)` but `MODULE` isn't available until Java 9. We'll also be fixing this on the Error Prone side, but we might as well work around it on the Truth side, too—and annotate the rest of Truth while we're at it. (In principle, I should now add `@NullUnmarked` to all of Truth's test classes, since they haven't been annotated. But doing so would have little to no effect in practice unless maybe IntelliJ recognizes `@NullUnmarked` (probably not now?) or we improve our nullness offerings in Error Prone. I'm planning to not bother, but let me know if I'm being overly lazy.) Note that this CL applies `@Nullable` to some assertion methods' parameters even though those assertions would always fail if the callers passed `null`. This follows a principle that we'd applied (albeit incompletely) in cl/516515683, which showed that such changes avoided producing build errors in existing, working code. The principle is the same as that discussed for `EqualsTester` in cl/578260904. Fixes #1320 RELNOTES=Annotated the rest of the main package for nullness, and moved the `@NullMarked` annotation from individual classes up to the package to avoid [a warning under `--release 8`](#1320). PiperOrigin-RevId: 651891918

stefanhaustein and others added 4 commits March 14, 2023 07:12

Null-mark Truth.

2151add

RELNOTES=Null-mark Truth PiperOrigin-RevId: 516515683

Rename Record test class (and sample classes in docs) to MyRecord.

1e0f80c

This reduces confusion with `java.lang.Record`. RELNOTES=n/a PiperOrigin-RevId: 516531543

Remove unnecessary final keywords.

4eda6b8

RELNOTES=n/a PiperOrigin-RevId: 516628548

pull bot added the ⤵️ pull label Mar 15, 2023

cpovirk and others added 25 commits March 15, 2023 13:11

More assorted cleanups and suppressions.

d176860

This includes enabling errors for `unchecked` and `rawtypes` warnings in our internal build. RELNOTES=n/a PiperOrigin-RevId: 518580371

More assorted cleanups and suppressions.

92fe462

This includes enabling errors for `unchecked` and `rawtypes` warnings in our internal build. PiperOrigin-RevId: 518650538

Migrate the remaining TableSubject failure messages to the new form…

9f8879f

…at and API. RELNOTES=n/a PiperOrigin-RevId: 518892319

[Pin](https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinn…

ce44a4b

…ed-dependencies) (and sometimes update) GitHub actions versions. Compare google/guava#5984 RELNOTES=n/a PiperOrigin-RevId: 519822561

More assorted cleanups and suppressions.

3745f24

This includes enabling errors for `unchecked` and `rawtypes` warnings in our internal build. PiperOrigin-RevId: 519827824

Eliminate the rawtypes and unchecked warnings from a method.

d69223f

(followup to cl/518896343, motivated by helping J2KT) RELNOTES=n/a PiperOrigin-RevId: 522114674

Internal Build Change

2161325

RELNOTES=n/a PiperOrigin-RevId: 522338171

Internal change.

5389986

RELNOTES=n/a PiperOrigin-RevId: 527978251

dependabot bot and others added 30 commits May 4, 2024 11:48

Bump Guava to 33.2.0.

ecee724

RELNOTES=n/a PiperOrigin-RevId: 631123947

Recommend assertThrows and assertFailsWith.

75a84c2

#1292 RELNOTES=n/a PiperOrigin-RevId: 633264611

Bump Guava to 33.2.1.

e1d4e24

RELNOTES=n/a PiperOrigin-RevId: 639114032

Minor grammar correction in comment

5274586

RELNOTES=n/a PiperOrigin-RevId: 642955274

Remove @J2ktIncompatible from TruthJUnit

6380af7

RELNOTES=n/a PiperOrigin-RevId: 644012345

Annotate formattingDiffsUsing methods as supporting nullable elemen…

afda443

…t/value types. RELNOTES=n/a PiperOrigin-RevId: 647300691

Fix grammar in Javadoc comments.

af140d6

Fixes #1022 COPYBARA_INTEGRATE_REVIEW=#1022 from hpa16:fix-docs b3619e9 PiperOrigin-RevId: 647376732

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[pull] master from google:master #121

[pull] master from google:master #121

pull bot commented Mar 15, 2023 •

edited

Loading

[pull] master from google:master #121

Are you sure you want to change the base?

[pull] master from google:master #121

Conversation

pull bot commented Mar 15, 2023 • edited Loading

pull bot commented Mar 15, 2023 •

edited

Loading