Bump the maven group with 8 updates

[dependabot]

Bumps the maven group with 8 updates:

Package	From	To
com.google.errorprone:error_prone_core	2.31.0	2.33.0
org.apache.maven.plugins:maven-gpg-plugin	3.2.5	3.2.7
com.google.errorprone:error_prone_annotations	2.31.0	2.33.0
com.google.guava:guava-testlib	33.3.0-jre	33.3.1-jre
com.google.guava:guava	33.2.1-jre	33.3.1-jre
org.junit.jupiter:junit-jupiter	5.11.0	5.11.1
org.graalvm.buildtools:native-maven-plugin	0.10.2	0.10.3
com.fasterxml.jackson.core:jackson-databind	2.17.2	2.18.0

Updates com.google.errorprone:error_prone_core from 2.31.0 to 2.33.0

Release notes

Sourced from com.google.errorprone:error_prone_core's releases.

Error Prone 2.33.0

Similar to release 2.32.0, the minimum support JDK version to run Error Prone is JDK 17 (#3803). Using Error Prone to compile code that is deployed to earlier versions is still fully supported, but will requires using JDK 17 or newer for compilation and setting --release or -source/-target/-bootclasspath.

Changes:

• Update protobuf version for CVE-2024-7254

New checks:

• ArrayRecordComponent: Record components should not be arrays.

Full changelog: google/error-prone@v2.32.0...v2.33.0

Error Prone 2.32.0

The minimum support JDK version to run Error Prone is now JDK 17 (#3803).

Using Error Prone to compile code that is deployed to earlier versions is still fully supported, but will requires using JDK 17 or newer for compilation and setting --release or -source/-target/-bootclasspath.

Full changelog: google/error-prone@v2.31.0...v2.32.0

Commits

• 7a67f20 Release Error Prone 2.33.0
• f1f7955 Remove out of place .. Previously, the error message was:
• c885150 Add a regression test for b/369862572
• 2b78c1f Avoid a possible IndexOutOfBoundsException in MemberName.
• 47dd2a8 Suggest Splitter.on(Pattern.compile(...)) instead of Splitter.onPattern
• 50d0983 Add some missing testdata/ prefixes.
• f82fb66 Fix typos
• fb1a05b Update protobuf version
• be99217 Extend MissingOverride to require @​Override on "an explicitly declared access...
• 2c04ada Support toSeconds in DurationToLongTimeUnit
• Additional commits viewable in compare view

Updates org.apache.maven.plugins:maven-gpg-plugin from 3.2.5 to 3.2.7

Release notes

Sourced from org.apache.maven.plugins:maven-gpg-plugin's releases.

3.2.7

Fixes a lingering issue affecting whole 3.2.x lineage, that resulted in "bad passphrase" on Windows OS with GPG signer (see MGPG-136 for details).

What's Changed

• [MGPG-136] Windows passphrase corruption by @​cstamas in apache/maven-gpg-plugin#120
• Bump com.kohlschutter.junixsocket:junixsocket-core from 2.10.0 to 2.10.1 by @​dependabot in apache/maven-gpg-plugin#121
• Bump commons-io:commons-io from 2.16.1 to 2.17.0 by @​dependabot in apache/maven-gpg-plugin#119

Full Changelog: apache/maven-gpg-plugin@maven-gpg-plugin-3.2.6...maven-gpg-plugin-3.2.7

3.2.6

Release Notes - Maven GPG Plugin - Version 3.2.6

---

What's Changed

• [MGPG-135] Support Overriding / Enhance the signer in AbstractGpgMojo by @​laeubi in apache/maven-gpg-plugin#112
• Bump org.apache.maven.plugins:maven-invoker-plugin from 3.7.0 to 3.8.0 by @​dependabot in apache/maven-gpg-plugin#114
• [MGPG-140] Update Maven to 3.9.9 by @​cstamas in apache/maven-gpg-plugin#116
• [MGPG-138] Drop direct use of plexus-cipher and secdispatcher by @​cstamas in apache/maven-gpg-plugin#115
• [MGPG-141] Remove use of deprecated classes by @​cstamas in apache/maven-gpg-plugin#117
• Add FAQ for "no pinentry" issue by @​cstamas in apache/maven-gpg-plugin#118

New Contributors

• @​laeubi made their first contribution in apache/maven-gpg-plugin#112

... (truncated)

Commits

• 43af21c [maven-release-plugin] prepare release maven-gpg-plugin-3.2.7
• 8c5a8d2 [MGPG-144] Bump commons-io:commons-io from 2.16.1 to 2.17.0 (#119)
• cb5422f [MGPG-143] Bump com.kohlschutter.junixsocket:junixsocket-core from 2.10.0 to ...
• 6b2a27f [MGPG-136] Windows passphrase corruption (#120)
• 31e87e0 [maven-release-plugin] prepare for next development iteration
• 1c9a14c [maven-release-plugin] prepare release maven-gpg-plugin-3.2.6
• bbe6156 Add FAQ for "no pinentry" issue (#118)
• 5b94273 [MGPG-141] Remove use of deprecated classes (#117)
• afdfd28 [MGPG-138] Drop direct use of plexus-cipher and secdispatcher (#115)
• 7516e7c [MGPG-140] Update Maven to 3.9.9 (#116)
• Additional commits viewable in compare view

Updates com.google.errorprone:error_prone_annotations from 2.31.0 to 2.33.0

Release notes

Sourced from com.google.errorprone:error_prone_annotations's releases.

Error Prone 2.33.0

Similar to release 2.32.0, the minimum support JDK version to run Error Prone is JDK 17 (#3803). Using Error Prone to compile code that is deployed to earlier versions is still fully supported, but will requires using JDK 17 or newer for compilation and setting --release or -source/-target/-bootclasspath.

Changes:

• Update protobuf version for CVE-2024-7254

New checks:

• ArrayRecordComponent: Record components should not be arrays.

Full changelog: google/error-prone@v2.32.0...v2.33.0

Error Prone 2.32.0

The minimum support JDK version to run Error Prone is now JDK 17 (#3803).

Using Error Prone to compile code that is deployed to earlier versions is still fully supported, but will requires using JDK 17 or newer for compilation and setting --release or -source/-target/-bootclasspath.

Full changelog: google/error-prone@v2.31.0...v2.32.0

Commits

• 7a67f20 Release Error Prone 2.33.0
• f1f7955 Remove out of place .. Previously, the error message was:
• c885150 Add a regression test for b/369862572
• 2b78c1f Avoid a possible IndexOutOfBoundsException in MemberName.
• 47dd2a8 Suggest Splitter.on(Pattern.compile(...)) instead of Splitter.onPattern
• 50d0983 Add some missing testdata/ prefixes.
• f82fb66 Fix typos
• fb1a05b Update protobuf version
• be99217 Extend MissingOverride to require @​Override on "an explicitly declared access...
• 2c04ada Support toSeconds in DurationToLongTimeUnit
• Additional commits viewable in compare view

Updates com.google.guava:guava-testlib from 33.3.0-jre to 33.3.1-jre

Release notes

Sourced from com.google.guava:guava-testlib's releases.

33.3.1

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.3.1-jre</version>
  <!-- or, for Android: -->
  <version>33.3.1-android</version>
</dependency>

Jar files

• 33.3.1-jre.jar
• 33.3.1-android.jar

Guava requires one runtime dependency, which you can download here:

• failureaccess-1.0.1.jar

Javadoc

• 33.3.1-jre
• 33.3.1-android

JDiff

• 33.3.1-jre vs. 33.3.0-jre
• 33.3.1-android vs. 33.3.0-android
• 33.3.1-android vs. 33.3.1-jre

Changelog

• Added j2objc-annotations to the Gradle runtime classpath to stop producing an Android Gradle Plugin error. (a3b51888c2)

Commits

• See full diff in compare view

Updates com.google.guava:guava from 33.2.1-jre to 33.3.1-jre

Release notes

Sourced from com.google.guava:guava's releases.

33.3.1

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.3.1-jre</version>
  <!-- or, for Android: -->
  <version>33.3.1-android</version>
</dependency>

Jar files

• 33.3.1-jre.jar
• 33.3.1-android.jar

Guava requires one runtime dependency, which you can download here:

• failureaccess-1.0.1.jar

Javadoc

• 33.3.1-jre
• 33.3.1-android

JDiff

• 33.3.1-jre vs. 33.3.0-jre
• 33.3.1-android vs. 33.3.0-android
• 33.3.1-android vs. 33.3.1-jre

Changelog

• Added j2objc-annotations to the Gradle runtime classpath to stop producing an Android Gradle Plugin error. (a3b51888c2)

33.3.0

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>33.3.0-jre</version>
  <!-- or, for Android: -->
  <version>33.3.0-android</version>
</dependency>

... (truncated)

Commits

• See full diff in compare view

Updates org.junit.jupiter:junit-jupiter from 5.11.0 to 5.11.1

Release notes

Sourced from org.junit.jupiter:junit-jupiter's releases.

JUnit 5.11.1 = Platform 1.11.1 + Jupiter 5.11.1 + Vintage 5.11.1

See Release Notes.

Full Changelog: junit-team/junit5@r5.11.0...r5.11.1

Commits

• e4b2c0c Release 5.11.1
• c37b179 Finalize 5.11.1 release notes
• a7b1c49 Include 5.10.4 release notes
• 3646b7d Document benefits of messageSupplier in Assertions (#3938)
• 6b9f15d Delete unnecessary (and potentially misleading) comment in User Guide
• 98dafd3 Reduce flakiness
• 6529d8d Allow for work stealing when only holding read locks (#4012)
• 0d25a5a Fix YAML syntax
• 28dd375 Fix step label
• 348ef61 Switch to Temurin for JDK 23 (#4005)
• Additional commits viewable in compare view

Updates org.graalvm.buildtools:native-maven-plugin from 0.10.2 to 0.10.3

Release notes

Sourced from org.graalvm.buildtools:native-maven-plugin's releases.

0.10.3

What's Changed

• Add exponential backoff when downloading the metadata repository by @​melix in graalvm/native-build-tools#597
• Refactor Initialization of Configuration File Merger by @​dnestoro in graalvm/native-build-tools#586
• Adjust native-build tools to reachability-metadata.json by @​vjovanov in graalvm/native-build-tools#614
• Fixes the issue that nativeTest cannot be executed using Junit 5.11.0-M2 by @​linghengqian in graalvm/native-build-tools#603
• Fix broken link for quick build mode by @​dnestoro in graalvm/native-build-tools#618
• Bump metadata repository version to 0.3.9 by @​dnestoro in graalvm/native-build-tools#617
• Fix error message when the JDK is not a GraalVM by @​eregon in graalvm/native-build-tools#616
• Fix args parsing on Windows by @​houcine7 in graalvm/native-build-tools#609

New Contributors

• @​eregon made their first contribution in graalvm/native-build-tools#616
• @​houcine7 made their first contribution in graalvm/native-build-tools#609

Full Changelog: graalvm/native-build-tools@0.10.2...0.10.3

Commits

• fff2f2a Bump repository version and update samples
• 8536ecd Merge pull request #609 from houcine7/fix-path-whitespaces-args
• cdfcfa2 Unit test code
• 2798688 Cleanup tests
• 8fcddbf Merge branch 'master' into fix-path-whitespaces-args
• 2c8c2a7 Merge pull request #616 from graalvm/fix-jdk-graalvm-error-message
• 81fe799 Fix error message when the JDK is not a GraalVM
• f5df203 Merge pull request #617 from graalvm/dnestoro/BumpMetadataVersionTo0.3.9
• 3a0e44d Merge branch 'master' into dnestoro/BumpMetadataVersionTo0.3.9
• 14f58ff Merge pull request #618 from graalvm/dnestoro/FixQuickBuildDeadLink
• Additional commits viewable in compare view

Updates com.fasterxml.jackson.core:jackson-databind from 2.17.2 to 2.18.0

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[eamonnmcmanus]

I think the latest Error Prone requires a JDK more recent than JDK 11. We'll need to use profiles to stop trying to run it with the JDK 11 build, or just stop building with JDK 11.

[eamonnmcmanus]

#2751 should fix the Error Prone problem.

[eamonnmcmanus]

@dependabot rebase

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.