Update google.errorprone to v2.41.0

[solrbot]

This PR contains the following updates:

Package	Type	Update	Change
com.google.errorprone:error_prone_core (source)	dependencies	minor	2.31.0 -> 2.41.0
com.google.errorprone:error_prone_annotations (source)	dependencies	minor	2.31.0 -> 2.41.0

---

Release Notes

google/error-prone (com.google.errorprone:error_prone_core)

v2.41.0: Error Prone 2.41.0

New checks:

• EffectivelyPrivate: Detect declarations that have public or protected modifiers, but are effectively private

Changes:

• Skip BooleanLiteral findings if the target type is boxed (#​5134)

Full changelog: google/error-prone@v2.40.0...v2.41.0

v2.40.0: Error Prone 2.40.0

Changes:

• Bug fixes and improvements
• Releases (including snapshots) have migrated from OSSRH to the Central Publisher Portal

Full changelog: google/error-prone@v2.39.0...v2.40.0

v2.39.0: Error Prone 2.39.0

Changes:

• Temporarily downgrade to Guava 33.4.0 (#​5108)

Checks:

• BooleanLiteral: Prefer true to Boolean.TRUE
• ExpensiveLenientFormatString: Renamed from PreconditionsExpensiveString, detects unnecessary calls to String.format in the arguments of lenient formatting methods.
• UnnecessaryQualifier: Detects @Qualifier or @BindingAnnotation annotations that have no effect, and can be removed

Issues: #​4996, #​5045

Full changelog: google/error-prone@v2.38.0...v2.39.0

v2.38.0: Error Prone 2.38.0

New checks:

• AddNullMarkedToPackageInfo: adds @org.jspecify.annotations.NullMarked annotation to package-info files
• IntLiteralCast: Suggests a literal of the desired type instead of casting an int literal to a long, float, or double
• MisleadingEmptyVarargs: Discourages calling varargs methods that expect at least one argument with no arguments, like Mockito's thenThrow
• PreconditionsExpensiveString: Discourages expensive string formatting in Guava Preconditions checks
• SelfSet: Detects mistakes like proto.setFoo(proto.getFoo())
• UnnecessaryCopy: detect unnecessary copies of proto Lists and Maps.

Closed issues: #​4924, #​4897, #​4995

Full changelog: google/error-prone@v2.37.0...v2.38.0

v2.37.0: Error Prone 2.37.0

Changes:

• The annotations that were previously in error_prone_type_annotations have been been merged into error_prone_annotations. error_prone_type_annotations is now deprecated, and will be removed in a future release.

New checks:

• AssignmentExpression - The use of an assignment expression can be surprising and hard to read; consider factoring out the assignment to a separate statement.
• IntFloatConversion - Detect calls to scalb that should be using the double overload instead
• InvalidSnippet - Detects snippets which omit the : required for inline code.
• JUnit4EmptyMethods - Detects empty JUnit4 @Before, @After, @BeforeClass, and @AfterClass methods.
• MockIllegalThrows - Detects cases where Mockito is configured to throw checked exception types which are impossible.
• NegativeBoolean - Prefer positive boolean names.
• RuleNotRun - Detects TestRules not annotated with @Rule, that won't be run.
• StringConcatToTextBlock - Replaces concatenated multiline strings with text blocks.
• TimeInStaticInitializer - Detects accesses of the system time in static contexts.

Closed issues:

• Propagate check flags in patch mode (#​4699)
• Fixes a crash in ComputeIfAbsentAmbiguousReference (#​4736)
• Show the field name in HidingField diagnostics (#​4775)
• Add support for jakarta annotations to some checks (#​4782)
• FloatingPointAssertionWithinEpsilonTest depends on default locale (#​4815)
• @InlineMe patching of Strings.repeat produces broken code (#​4819)
• Fix a crash in IdentifierName on unnamed (_) variables (#​4847)
• Fix a crash in ArgumentParameterSwap (#​490)

Full changelog: google/error-prone@v2.36.0...v2.37.0

v2.36.0: Error Prone 2.36.0

Changes:

• Add new matcher interfaces to ErrorProneScanner for AST nodes introduced after Java 11 (e5fd194)
• Fix compatibility with latest JDK 24 EA builds (d67bc15)
• Check that --should-stop=ifError=FLOW is set when using the -Xplugin integration (e71db1f)

New checks:

• DuplicateBranches: Discourage conditional expressions and if statements where both branches are the same
• RedundantControlFlow: Reports redundant continue statements.

Closed issues: #​4633, #​4646

Full changelog: google/error-prone@v2.35.1...v2.36.0

v2.35.1: Error Prone 2.35.1

Error Prone's dependency on protobuf has been downgraded to 3.25.5 for this release.

Version 3.25.5 of protobuf still fixes CVE-2024-7254. This release is provided for users who aren't ready to update to 4.x, see also #​4584 and #​4634. Future versions of Error Prone will upgrade back to protobuf 4.x.

Full changelog: google/error-prone@v2.35.0...v2.35.1

v2.35.0: Error Prone 2.35.0

Changes:

• Fix handling of \s before the trailing delimiter in MisleadingEscapedSpace
• TimeUnitMismatch improvements: handle binary trees, consider trees like fooSeconds * 1000 to have units of millis

New checks:

• JavaDurationGetSecondsToToSeconds: Prefer duration.toSeconds() over duration.getSeconds()

Full changelog: google/error-prone@v2.34.0...v2.35.0

v2.34.0: Error Prone 2.34.0

Changes:

• Passing the javac flag --should-stop=ifError=FLOW is now required when running Error Prone (#​4595)
• The MemberName check was renamed to IdentifierName

New checks:

• FutureTransformAsync: The usage of transformAsync is not necessary when all the return values of the transformation function are immediate futures.
• MisformattedTestData: Reformats Java source code inside Error Prone test cases.
• MisleadingEscapedSpace: Using \s anywhere except at the end of a line in a text block is potentially misleading.
• ThrowIfUncheckedKnownUnchecked: throwIfUnchecked(knownUnchecked) is equivalent to throw knownUnchecked.

Closed issues: #​4595, #​4598, #​4620

Full changelog: google/error-prone@v2.33.0...v2.34.0

v2.33.0: Error Prone 2.33.0

Similar to release 2.32.0, the minimum supported JDK version to run Error Prone is JDK 17 (#​3803). Using Error Prone to compile code that is deployed to earlier versions is still fully supported, but will require using JDK 17 or newer for compilation and setting --release or -source/-target/-bootclasspath.

Changes:

• Update protobuf version for CVE-2024-7254

New checks:

• ArrayRecordComponent: Record components should not be arrays.

Full changelog: google/error-prone@v2.32.0...v2.33.0

v2.32.0: Error Prone 2.32.0

The minimum support JDK version to run Error Prone is now JDK 17 (#​3803).

Using Error Prone to compile code that is deployed to earlier versions is still fully supported, but will requires using JDK 17 or newer for compilation and setting --release or -source/-target/-bootclasspath.

Full changelog: google/error-prone@v2.31.0...v2.32.0

---

Configuration

📅 Schedule: Branch creation - Every minute ( * * * * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot

[solrbot]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

[janhoy]

Please see updated bug patterns in the diff. Consult https://github.com/google/error-prone/releases for the new ones. I used AI to diff our current config with the full list at https://errorprone.info/bugpatterns. I believe it is fairly up to date now.

[janhoy]

Some of the failures stem from PatternMatchingInstanceof behaving stricter with this version.

How do we want to treat the new failures, do we want to disable most of the new rules and then do followup PRs enabling one at a time, including its fixes?

We now have fails for [AlmostJavadoc], [RedundantControlFlow], [IntLiteralCast], [DuplicateBranches] and some others.

[malliaridis]

Looks good to me. 👍

How do we want to treat the new failures, do we want to disable most of the new rules and then do followup PRs enabling one at a time, including its fixes?

Yes, that was our previous approach too. Useful rules that required some refactoring were addressed in separate PRs.

I believe the formatting (tidy) is subject to be fixed, right? And the rule that fails can also be addressed in separate PR (ideally disabling it here?).

[malliaridis]

I have also not found these new rules in the changes, are they left out on purpose?

2.38

• AddNullMarkedToPackageInfo
• PreconditionsExpensiveString

2.37

• NegativeBoolean

2.36

• JavaDurationGetSecondsToToSeconds

2.34

• MisformattedTestData

[janhoy]

Thanks for the review. I commented out rules, did tidy and write-locks