Bump the maven group with 11 updates

[dependabot]

Bumps the maven group with 11 updates:

Package	From	To
com.google.errorprone:error_prone_core	2.25.0	2.26.1
org.apache.maven.plugins:maven-compiler-plugin	3.12.1	3.13.0
org.apache.maven.plugins:maven-gpg-plugin	3.1.0	3.2.2
com.github.siom79.japicmp:japicmp-maven-plugin	0.18.5	0.20.0
com.google.errorprone:error_prone_annotations	2.25.0	2.26.1
com.google.guava:guava-testlib	33.0.0-jre	33.1.0-jre
org.moditect:moditect-maven-plugin	1.1.0	1.2.1.Final
com.android.tools:r8	8.2.47	8.3.37
com.fasterxml.jackson.core:jackson-databind	2.16.1	2.17.0
com.google.protobuf:protobuf-java	3.25.3	4.26.1
com.google.guava:guava	33.0.0-jre	33.1.0-jre

Updates com.google.errorprone:error_prone_core from 2.25.0 to 2.26.1

Release notes

Sourced from com.google.errorprone:error_prone_core's releases.

Error Prone 2.26.1

This release contains all of the changes in 2.26.0, plus a bug fix to the module name of the annotations artifact com.google.errorprone.annotations (google/error-prone@9d99ee7)

Starting in 2.26.x, the 'annotations' artifact now includes a module-info.java for Java Platform Module System support, thanks to @​sgammon in #4311.

---

Compatibility note:

Now that the annotations artifact explicit declares a module instead of relying on Automatic-Module-Name, JDK 17 and newer perform stricter module encapsulation checks. Modularized libraries depending on Error Prone annotations 2.26.x and newer may see errors like:

error: package com.google.errorprone.annotations is not visible
import com.google.errorprone.annotations.CheckReturnValue;
                            ^
  (package com.google.errorprone.annotations is declared in module com.google.errorprone.annotations, but module ... does not read it)

The fix is to add requires static to the module declaration of modularized libraries that depend on Error Prone annotations:

 module your.module {
...
+  requires static com.google.errorprone.annotations;
 }

---

Full Changelog: google/error-prone@v2.26.0...v2.26.1

Error Prone 2.26.0

Warning: This release contains a bug, please use 2.26.1 or newer instead.

Changes:

• The 'annotations' artifact now includes a module-info.java for Java Platform Module System support, thanks to @​sgammon in #4311.
• Disabled checks passed to -XepPatchChecks are now ignored, instead of causing a crash. Thanks to @​oxkitsune in #4028.

New checks:

• SystemConsoleNull: Null-checking System.console() is not a reliable way to detect if the console is connected to a terminal.
• EnumOrdinal: Discourage uses of Enum.ordinal()

Closed issues: #2649, #3908, #4028, #4311, #4314

Full Changelog: google/error-prone@v2.25.0...v2.26.0

Commits

• b380572 Release Error Prone 2.26.1
• 9d99ee7 fix: module name → com.google.errorprone.annotations
• ea5ef6d Add the 'compile' goal for 'compile-java9'
• 0e95364 feat: add jpms definition for annotations
• 9da2d55 Ignore disabled checks passed to -XepPatchChecks
• 3292632 Increase year range on Date usages.
• ad513d5 Recommend using var for var unused = ...; and `var thrown = assertThrows(...
• af37d35 ImpossibleNullComparison: emit empty fixes.
• 297019c Fix some mistakes in the EnumOrdinal examples
• f3dbb09 Move the EnumOrdinal.md doc to the right place (it got overwritten by automat...
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-compiler-plugin from 3.12.1 to 3.13.0

Release notes

Sourced from org.apache.maven.plugins:maven-compiler-plugin's releases.

3.13.0

🚀 New features and improvements

• [MCOMPILER-574] - Propagate cause of exception in AbstractCompilerMojo (#232) @​slawekjaranowski
• [MCOMPILER-582] - Automatic detection of release option for JDK < 9 (#228) @​slawekjaranowski
• [MCOMPILER-583] - Require Maven 3.6.3 (#229) @​slawekjaranowski
• [MCOMPILER-577] - Rename parameter "forceJavacCompilerUse" (#225) @​kwin
• [MCOMPILER-570] - Add links to javac documentation of JDK17 (#224) @​kwin
• [MCOMPILER-576] - Deprecate parameter "compilerVersion" (#223) @​kwin

📦 Dependency updates

• [MCOMPILER-575] - Bump plexusCompilerVersion from 2.14.2 to 2.15.0 (#227) @​dependabot
• Bump apache/maven-gh-actions-shared from 3 to 4 (#226) @​dependabot

📝 Documentation updates

• [MCOMPILER-548] - JDK 21 throws annotations processing warning that can not be turned off (#200) @​hgschmie

👻 Maintenance

• [MCOMPILER-584] - Refresh page - Using Non-Javac Compilers (#231) @​slawekjaranowski
• [MCOMPILER-585] - Refresh plugins versions in ITs (#230) @​slawekjaranowski
• subject verb agreement (#221) @​elharo

Commits

• a1415aa [maven-release-plugin] prepare release maven-compiler-plugin-3.13.0
• b2b9196 [MCOMPILER-574] Propagate cause of exception in AbstractCompilerMojo
• 6d2ce5a [MCOMPILER-584] Refresh page - Using Non-Javac Compilers
• eebad60 [MCOMPILER-585] Refresh plugins versions in ITs
• ceacf68 [MCOMPILER-582] Automatic detection of release option for JDK < 9
• 110293f [MCOMPILER-583] Require Maven 3.6.3
• 90131df [MCOMPILER-575] Bump plexusCompilerVersion from 2.14.2 to 2.15.0 (#227)
• 74cfc72 [MCOMPILER-548] JDK 21 throws annotations processing warning that can not be ...
• f85aa27 Bump apache/maven-gh-actions-shared from 3 to 4
• d59ef49 extract Maven 3.3.1 specific method call
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-gpg-plugin from 3.1.0 to 3.2.2

Release notes

Sourced from org.apache.maven.plugins:maven-gpg-plugin's releases.

3.2.2

JiRA link

Release Notes - Maven GPG Plugin - Version 3.2.2

---

What's Changed

• [MGPG-113] SignAndDeployFileMojo results in 401 by @​cstamas in apache/maven-gpg-plugin#82
• [MGPG-114] Allow max key size of 16KB by @​cstamas in apache/maven-gpg-plugin#83
• [MGPG-115] Show more info about key used to sign by @​cstamas in apache/maven-gpg-plugin#84

Full Changelog: apache/maven-gpg-plugin@maven-gpg-plugin-3.2.1...maven-gpg-plugin-3.2.2

3.2.1

JIRA link

Release Notes - Maven GPG Plugin - Version 3.2.1

... (truncated)

Commits

• ab97064 [maven-release-plugin] prepare release maven-gpg-plugin-3.2.2
• 2be0a00 [MGPG-115] Show more info about key used to sign (#84)
• 3631830 [MGPG-114] Allow max key size of 16KB (#83)
• 528fab9 [MGPG-113] SignAndDeployFileMojo results in 401 (#82)
• 770636b [maven-release-plugin] prepare for next development iteration
• 5b69086 [maven-release-plugin] prepare release maven-gpg-plugin-3.2.1
• 28d298c [MGPG-111] Fix dependencies (#81)
• 75d8ed5 [MGPG-112] serverId def value was unintentionally dropped (#80)
• 2a11a2d [maven-release-plugin] prepare for next development iteration
• 4b23da8 [maven-release-plugin] prepare release maven-gpg-plugin-3.2.0
• Additional commits viewable in compare view

Updates com.github.siom79.japicmp:japicmp-maven-plugin from 0.18.5 to 0.20.0

Commits

• 6273268 [maven-release-plugin] prepare release japicmp-base-0.20.0
• eb94f4b upgraded version in *.md files to 0.20.0
• b8bb82e ReleaseNotes.md
• d0d5c71 Merge pull request #389 from siom79/html-without-xml
• b0296f3 StringBuilder instead of StringBuffer
• f511970 removed html.xslt
• 230e572 JApiCmpMojo uses HtmlOutputGenerator
• 975fd4c fixed further tests
• 37e7bed fixed XmlOutputGeneratorTest
• d6c22ee finished HtmlOutputGenerator
• Additional commits viewable in compare view

Updates com.google.errorprone:error_prone_annotations from 2.25.0 to 2.26.1

Release notes

Sourced from com.google.errorprone:error_prone_annotations's releases.

Error Prone 2.26.1

This release contains all of the changes in 2.26.0, plus a bug fix to the module name of the annotations artifact com.google.errorprone.annotations (google/error-prone@9d99ee7)

Starting in 2.26.x, the 'annotations' artifact now includes a module-info.java for Java Platform Module System support, thanks to @​sgammon in #4311.

---

Compatibility note:

Now that the annotations artifact explicit declares a module instead of relying on Automatic-Module-Name, JDK 17 and newer perform stricter module encapsulation checks. Modularized libraries depending on Error Prone annotations 2.26.x and newer may see errors like:

error: package com.google.errorprone.annotations is not visible
import com.google.errorprone.annotations.CheckReturnValue;
                            ^
  (package com.google.errorprone.annotations is declared in module com.google.errorprone.annotations, but module ... does not read it)

The fix is to add requires static to the module declaration of modularized libraries that depend on Error Prone annotations:

 module your.module {
...
+  requires static com.google.errorprone.annotations;
 }

---

Full Changelog: google/error-prone@v2.26.0...v2.26.1

Error Prone 2.26.0

Warning: This release contains a bug, please use 2.26.1 or newer instead.

Changes:

• The 'annotations' artifact now includes a module-info.java for Java Platform Module System support, thanks to @​sgammon in #4311.
• Disabled checks passed to -XepPatchChecks are now ignored, instead of causing a crash. Thanks to @​oxkitsune in #4028.

New checks:

• SystemConsoleNull: Null-checking System.console() is not a reliable way to detect if the console is connected to a terminal.
• EnumOrdinal: Discourage uses of Enum.ordinal()

Closed issues: #2649, #3908, #4028, #4311, #4314

Full Changelog: google/error-prone@v2.25.0...v2.26.0

Commits

• b380572 Release Error Prone 2.26.1
• 9d99ee7 fix: module name → com.google.errorprone.annotations
• ea5ef6d Add the 'compile' goal for 'compile-java9'
• 0e95364 feat: add jpms definition for annotations
• 9da2d55 Ignore disabled checks passed to -XepPatchChecks
• 3292632 Increase year range on Date usages.
• ad513d5 Recommend using var for var unused = ...; and `var thrown = assertThrows(...
• af37d35 ImpossibleNullComparison: emit empty fixes.
• 297019c Fix some mistakes in the EnumOrdinal examples
• f3dbb09 Move the EnumOrdinal.md doc to the right place (it got overwritten by automat...
• Additional commits viewable in compare view

Updates com.google.guava:guava-testlib from 33.0.0-jre to 33.1.0-jre

Release notes

Sourced from com.google.guava:guava-testlib's releases.

33.1.0

Request for Android users

If you know of Guava Android users who have not yet upgraded to at least the previous release 33.0.0, please encourage them to do so. Starting with that version, we are experimenting with including Java 8+ APIs in guava-android. Before we commit to adding such APIs, we want as much testing as we can get: If we later expose a set of Java 8+ APIs and then discover that they break users, we won't want to remove them, as the removal would break users, too.

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.1.0-jre</version>
  <!-- or, for Android: -->
  <version>33.1.0-android</version>
</dependency>

Jar files

• 33.1.0-jre.jar
• 33.1.0-android.jar

Guava requires one runtime dependency, which you can download here:

• failureaccess-1.0.1.jar

Javadoc

• 33.1.0-jre
• 33.1.0-android

JDiff

• 33.1.0-jre vs. 33.0.0-jre
• 33.1.0-android vs. 33.0.0-android
• 33.1.0-android vs. 33.1.0-jre

Changelog

• Updated our Error Prone dependency to 2.26.1, which includes a JPMS-ready jar of annotations. If you use the Error Prone annotations in a modular build of your own code, you may need to add a requires line for them. (d48c6dfbb8, c6e91c498ced26631029d1bdfdb9154d4a217368)
• base: Added a Duration overload for Suppliers.memoizeWithExpiration. (76e46ec35b)
• base: Deprecated the remaining two overloads of Throwables.propagateIfPossible. They won't be deleted, but we recommend migrating off them. (cf86414a87)
• cache: Fixed a bug that could cause false "recursive load" reports during refresh. (0e1aebf73e)
• graph: Changed the return types of transitiveClosure() and reachableNodes() to Immutable* types. reachableNodes() already returned an immutable object (even though that was not reflected in the declared return type); transitiveClosure() used to return a mutable object. The old signatures remain available, so this change does not break binary compatibility. (09e655f6c1)
• graph: Changed the behavior of views returned by graph accessor methods that take a graph element as input: They now throw IllegalStateException when that element is removed from the graph. (8dca776341)
• hash: Optimized Checksum-based hash functions for Java 9+. (afb35a5d1b)
• testing: Exposed FakeTicker Duration methods to Android users. (f346bbb6a7)
• util.concurrent: Deprecated the constructors of UncheckedExecutionException and ExecutionError that don't accept a cause. We won't remove these constructors, but we recommend migrating off them, as users of those classes often assume that instances will contain a cause. (1bb3c4386b)
• util.concurrent: Improved the correctness of racy accesses for J2ObjC users. (d3232b71ce)

Commits

• See full diff in compare view

Updates org.moditect:moditect-maven-plugin from 1.1.0 to 1.2.1.Final

Release notes

Sourced from org.moditect:moditect-maven-plugin's releases.

1.2.1.Final

Changelog

• 8c6acb9 Releasing version 1.2.1.Final
• 774e118 #244 Use temporary working file when adding module-info
• 80c1c1d Fix indentation to 4 spaces
• 8dbf0f4 Fix missing character in licenses
• 27c1bd6 remove parent path and packaging since their value was the default one
• 24031e4 Update Hibernate validator to Jakarta EE 10 compatibility and fix the build
• cdbffd6 Update last files without right license
• 77e196e includes reviewer remark on opening all the module: changed it to an exports directive
• 7c19d07 Change in plugin configuration and order of declared modules to obtain a fonctionning jlink image
• 9bc4156 Add --ignore-missing-deps to Vertx pom to prevent modules error from optional dependencies
• 25ef0e4 Correct License text indentation
• 87b5463 Update various dependencies and plugins version to last stable non-breaking version
• 0e9c9c4 Update license
• fd47eaa update embedded maven version to 3.9.6, version before 3.9.0 had cause starnge dependecies issues while resolving module-path
• da10098 Next version 1.3.0-SNAPSHOT
• 92841ed Releasing version 1.2.0.Final

Contributors

We'd like to thank the following people for their contributions:

• Andres Almiray (@​aalmiray)
• Antoine Sabot-Durand (@​antoinesd)
• moditect-release-bot

1.2.0.Final

Changelog

• 0f9da83 Releasing version 1.2.0.Final
• 30fe752 Update project timestamp to git expression after release
• e66d794 #95 Marking Maven plug-in goals with @​threadSafe
• e096f8e Update release configuration
• a793af4 #216 create-runtime-image: Error message on missing artifact, closes #216
• 4c39711 #213 Support additional values for compress when creating a runtime image, closes #123
• 5d63f7b #222 Use ZipFile API to set timestamps, closes #222
• be7d707 #226 update to asm 9.6 for Java 22 support, closes #226
• 7733129 [CHORE] update parent
• 915bcec #223 don't use directory plugin, closes #223
• f32d851 Next version 1.2.0-SNAPSHOT
• 8fa9fbb Releasing version 1.1.0

Contributors

We'd like to thank the following people for their contributions:

• Andres Almiray (@​aalmiray)
• Benjamin Marwell (@​bmarwell)
• Gunnar Morling
• John Fallows (@​jfallows)

... (truncated)

Commits

• 8c6acb9 Releasing version 1.2.1.Final
• 774e118 #244 Use temporary working file when adding module-info
• 80c1c1d Fix indentation to 4 spaces
• 8dbf0f4 Fix missing character in licenses
• 27c1bd6 remove parent path and packaging since their value was the default one
• 24031e4 Update Hibernate validator to Jakarta EE 10 compatibility and fix the build
• cdbffd6 Update last files without right license
• 77e196e includes reviewer remark on opening all the module: changed it to an exports ...
• 7c19d07 Change in plugin configuration and order of declared modules to obtain a fonc...
• 9bc4156 Add --ignore-missing-deps to Vertx pom to prevent modules error from optional...
• Additional commits viewable in compare view

Updates com.android.tools:r8 from 8.2.47 to 8.3.37

Updates com.fasterxml.jackson.core:jackson-databind from 2.16.1 to 2.17.0

Commits

• See full diff in compare view

Updates com.google.protobuf:protobuf-java from 3.25.3 to 4.26.1

Commits

• See full diff in compare view

Updates com.google.guava:guava from 33.0.0-jre to 33.1.0-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.1.0

Request for Android users

If you know of Guava Android users who have not yet upgraded to at least the previous release 33.0.0, please encourage them to do so. Starting with that version, we are experimenting with including Java 8+ APIs in guava-android. Before we commit to adding such APIs, we want as much testing as we can get: If we later expose a set of Java 8+ APIs and then discover that they break users, we won't want to remove them, as the removal would break users, too.

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.1.0-jre</version>
  <!-- or, for Android: -->
  <version>33.1.0-android</version>
</dependency>

Jar files

• 33.1.0-jre.jar
• 33.1.0-android.jar

Guava requires one runtime dependency, which you can download here:

• failureaccess-1.0.1.jar

Javadoc

• 33.1.0-jre
• 33.1.0-android

JDiff

• 33.1.0-jre vs. 33.0.0-jre
• 33.1.0-android vs. 33.0.0-android
• 33.1.0-android vs. 33.1.0-jre

Changelog

• Updated our Error Prone dependency to 2.26.1, which includes a JPMS-ready jar of annotations. If you use the Error Prone annotations in a modular build of your own code, you may need to add a requires line for them. (d48c6dfbb8, c6e91c498ced26631029d1bdfdb9154d4a217368)
• base: Added a Duration overload for Suppliers.memoizeWithExpiration. (76e46ec35b)
• base: Deprecated the remaining two overloads of Throwables.propagateIfPossible. They won't be deleted, but we recommend migrating off them. (cf86414a87)
• cache: Fixed a bug that could cause false "recursive load" reports during refresh. (0e1aebf73e)
• graph: Changed the return types of transitiveClosure() and reachableNodes() to Immutable* types. reachableNodes() already returned an immutable object (even though that was not reflected in the declared return type); transitiveClosure() used to return a mutable object. The old signatures remain available, so this change does not break binary compatibility. (09e655f6c1)
• graph: Changed the behavior of views returned by graph accessor methods that take a graph element as input: They now throw IllegalStateException when that element is removed from the graph. (8dca776341)
• hash: Optimized Checksum-based hash functions for Java 9+. (afb35a5d1b)
• testing: Exposed FakeTicker Duration methods to Android users. (f346bbb6a7)
• util.concurrent: Deprecated the constructors of UncheckedExecutionException and ExecutionError that don't accept a cause. We won't remove these constructors, but we recommend migrating off them, as users of those classes often assume that instances will contain a cause. (1bb3c4386b)
• util.concurrent: Improved the correctness of racy accesses for J2ObjC users. (d3232b71ce)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[eamonnmcmanus]

@dependabot rebase

[eamonnmcmanus]

There's a deprecation warning that is failing because of -Werror. I will fix it shortly.

[eamonnmcmanus]

@dependabot rebase

[dependabot]

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.