Bump the java-production-dependencies group with 6 updates

[dependabot]

Bumps the java-production-dependencies group with 6 updates:

Package	From	To
com.google.dagger:dagger	2.44.2	2.48.1
com.google.dagger:dagger-compiler	2.44.2	2.48.1
com.google.guava:guava	32.0.0-jre	32.1.3-jre
com.github.ben-manes.caffeine:caffeine	3.1.4	3.1.8
org.slf4j:slf4j-api	2.0.3	2.0.9
org.slf4j:slf4j-simple	2.0.3	2.0.9

Updates com.google.dagger:dagger from 2.44.2 to 2.48.1

Release notes

Sourced from com.google.dagger:dagger's releases.

Dagger 2.48.1

Bug Fixes

Fixes #4063, #4054: [KSP]: Fixes some incremental processing issues with KSP (c8a568956) Fixes #4046: [KSP] Fixes "Unexpected element" in XProcessing library (androidx/androidx@bdc1bb0) Fixes #4059: [KSP] Align behavior of generic inline types in KSP with KAPT in XProcessing library (androidx/androidx@b0fa9cf) Fixes #3980: Fixes Lint crash with AGP 8.1.0. (e651294c2) Fixes #4055: Fixes issue with using generic types in Dagger's ClassKey (9852b4237)

Dagger 2.48

Dagger/Hilt KSP support

Dagger 2.48 includes the alpha release of the Dagger and Hilt KSP processors.

Instructions for using the Dagger/Hilt KSP processors can be found at https://dagger.dev/dev-guide/ksp.

In order to use Dagger’s KSP processor you will need to:

• Follow the basic setup to migrate Dagger’s processors from kapt to ksp (see https://dagger.dev/dev-guide/ksp#setup).
• Migrate any Dagger SPI plugins to the new Dagger SPI plugins API (with KSP support) (see https://dagger.dev/dev-guide/ksp#new-dagger-spi-plugin-with-ksp-support).
• Ensure that there are no kapt processors that generate classes that need to interact with Dagger (see https://dagger.dev/dev-guide/ksp#interaction-with-javackapt-processors).

If you depend on androidx.hilt:hilt-common or androidx.hilt:hilt-work they will need to be updated to at least 1.1.0-alpha01.

Also note that Dagger’s KSP processors are still in the alpha stage. So far we’ve focused mainly on trying to ensure correctness rather than optimize performance. Please apply due diligence when enabling ksp and report any bugs or performance issues at https://github.com/google/dagger/issues. The current list of known issues can be found here.

There are also a few potentially breaking changes included with this release. These changes were made to better support Dagger usage with Kotlin sources, and make the migration from KAPT to KSP more seamless. We don’t expect these changes to affect most users. Please see below for more details.

Breaking changes

The dagger.ignoreProvisionKeyWildcards is now enabled by default

This may break apps that are providing the same binding with different wildcards, e.g. Foo<Bar> and Foo<? extends Bar>.

Fix: See https://dagger.dev/dev-guide/compiler-options#ignore-provision-key-wildcards for suggestions on how to fix this. If fixing is not an immediate option, you can still disable the flag with dagger.ignoreProvisionKeyWildcards=DISABLED.

@Binds assignability check

Unlike KAPT, KSP takes nullability into account when checking if a type is assignable to another type. This changes the behavior of Dagger’s @Binds usage validation such that a type that was assignable in KAPT may no longer be assignable in KSP. For example:

// Incorrect: this compiles successfully in KAPT but the compilation fails in KSP
@Binds fun bind(impl: FooImpl<Bar?>): Foo<Bar>

Fix: To fix this breakage, users should update the parameter or return type in the method such that they are actually assignable when taking nullability into account. For example:

// Correct: this compiles successfully in KAPT and KSP
</tr></table> 

... (truncated)

Commits

• 2d9ba60 2.48.1 release
• 378535e Refactor ResolvedBindings and LegacyBindingGraph to include the ComponentPath.
• fd907cb Allow sharding for Dagger compiler tests.
• 558cc51 Fix Dagger's incremental processing for KSP.
• 5cc209c [Refactor]: This CL refactors a few things in ComponentDescriptor.
• e8f5f2b Drop latest XProcessing jars into Dagger.
• 7412301 Internal changes
• 76bde06 Rollback of "[Refactor] Remove duplicated logic in BindingGraphFactory"
• e651294 Fix Lint crash with AGP 8.1.0. See google/dagger#4023...
• 47953aa [Refactor] Remove duplicated logic in BindingGraphFactory.
• Additional commits viewable in compare view

Updates com.google.dagger:dagger-compiler from 2.44.2 to 2.48.1

Release notes

Sourced from com.google.dagger:dagger-compiler's releases.

Dagger 2.48.1

Bug Fixes

Fixes #4063, #4054: [KSP]: Fixes some incremental processing issues with KSP (c8a568956) Fixes #4046: [KSP] Fixes "Unexpected element" in XProcessing library (androidx/androidx@bdc1bb0) Fixes #4059: [KSP] Align behavior of generic inline types in KSP with KAPT in XProcessing library (androidx/androidx@b0fa9cf) Fixes #3980: Fixes Lint crash with AGP 8.1.0. (e651294c2) Fixes #4055: Fixes issue with using generic types in Dagger's ClassKey (9852b4237)

Dagger 2.48

Dagger/Hilt KSP support

Dagger 2.48 includes the alpha release of the Dagger and Hilt KSP processors.

Instructions for using the Dagger/Hilt KSP processors can be found at https://dagger.dev/dev-guide/ksp.

In order to use Dagger’s KSP processor you will need to:

• Follow the basic setup to migrate Dagger’s processors from kapt to ksp (see https://dagger.dev/dev-guide/ksp#setup).
• Migrate any Dagger SPI plugins to the new Dagger SPI plugins API (with KSP support) (see https://dagger.dev/dev-guide/ksp#new-dagger-spi-plugin-with-ksp-support).
• Ensure that there are no kapt processors that generate classes that need to interact with Dagger (see https://dagger.dev/dev-guide/ksp#interaction-with-javackapt-processors).

If you depend on androidx.hilt:hilt-common or androidx.hilt:hilt-work they will need to be updated to at least 1.1.0-alpha01.

Also note that Dagger’s KSP processors are still in the alpha stage. So far we’ve focused mainly on trying to ensure correctness rather than optimize performance. Please apply due diligence when enabling ksp and report any bugs or performance issues at https://github.com/google/dagger/issues. The current list of known issues can be found here.

There are also a few potentially breaking changes included with this release. These changes were made to better support Dagger usage with Kotlin sources, and make the migration from KAPT to KSP more seamless. We don’t expect these changes to affect most users. Please see below for more details.

Breaking changes

The dagger.ignoreProvisionKeyWildcards is now enabled by default

This may break apps that are providing the same binding with different wildcards, e.g. Foo<Bar> and Foo<? extends Bar>.

Fix: See https://dagger.dev/dev-guide/compiler-options#ignore-provision-key-wildcards for suggestions on how to fix this. If fixing is not an immediate option, you can still disable the flag with dagger.ignoreProvisionKeyWildcards=DISABLED.

@Binds assignability check

Unlike KAPT, KSP takes nullability into account when checking if a type is assignable to another type. This changes the behavior of Dagger’s @Binds usage validation such that a type that was assignable in KAPT may no longer be assignable in KSP. For example:

// Incorrect: this compiles successfully in KAPT but the compilation fails in KSP
@Binds fun bind(impl: FooImpl<Bar?>): Foo<Bar>

Fix: To fix this breakage, users should update the parameter or return type in the method such that they are actually assignable when taking nullability into account. For example:

// Correct: this compiles successfully in KAPT and KSP
</tr></table> 

... (truncated)

Commits

• 2d9ba60 2.48.1 release
• 378535e Refactor ResolvedBindings and LegacyBindingGraph to include the ComponentPath.
• fd907cb Allow sharding for Dagger compiler tests.
• 558cc51 Fix Dagger's incremental processing for KSP.
• 5cc209c [Refactor]: This CL refactors a few things in ComponentDescriptor.
• e8f5f2b Drop latest XProcessing jars into Dagger.
• 7412301 Internal changes
• 76bde06 Rollback of "[Refactor] Remove duplicated logic in BindingGraphFactory"
• e651294 Fix Lint crash with AGP 8.1.0. See google/dagger#4023...
• 47953aa [Refactor] Remove duplicated logic in BindingGraphFactory.
• Additional commits viewable in compare view

Updates com.google.guava:guava from 32.0.0-jre to 32.1.3-jre

Release notes

Sourced from com.google.guava:guava's releases.

32.1.3

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>32.1.3-jre</version>
  <!-- or, for Android: -->
  <version>32.1.3-android</version>
</dependency>

Jar files

• 32.1.3-jre.jar
• 32.1.3-android.jar

Guava requires one runtime dependency, which you can download here:

• failureaccess-1.0.1.jar

Javadoc

• 32.1.3-jre
• 32.1.3-android

JDiff

• 32.1.3-jre vs. 32.1.2-jre
• 32.1.3-android vs. 32.1.2-android
• 32.1.3-android vs. 32.1.3-jre

Changelog

• Changed Gradle Metadata to include dependency versions directly. This may address "Could not find some-dependency" errors that some users have reported (which might be a result of users' excluding guava-parent). (c6d35cf1a5)
• collect: Changed Multisets.unmodifiableMultiset(set).removeIf(predicate) to throw an exception always, even if nothing matches predicate. (61dbccfda3)
• graph: Fixed the behavior of Graph/ValueGraph views for a node when that node is removed from the graph. (950799691c)
• io: Fixed Files.createTempDir and FileBackedOutputStream under Windows services, a rare use case. (The fix actually covers only Java 9+ because Java 8 would require an additional approach. Let us know if you need support under Java 8.) (f87f68cd3e)
• net: Made MediaType.parse allow and skip over whitespace around the / and = separator tokens in addition to the ; separator, for which it was already being allowed. (2786f83291)
• util.concurrent: Tweaked Futures.getChecked constructor-selection behavior: The method continues to prefer to call constructors with a String parameter, but now it breaks ties based on whether the constructor has a Throwable parameter. Beyond that, the choice of constructor remains undefined. (For this and other reasons, we discourage the use of getChecked.) (59cfb2267a)

32.1.2

Maven

<dependency>
  <groupId>com.google.guava</groupId>
  <artifactId>guava</artifactId>
  <version>32.1.2-jre</version>
</tr></table> 

... (truncated)

Commits

• See full diff in compare view

Updates com.github.ben-manes.caffeine:caffeine from 3.1.4 to 3.1.8

Release notes

Sourced from com.github.ben-manes.caffeine:caffeine's releases.

3.1.8

• Added a workaround for a possible JDK concurrency bug with method handles (#1111)

3.1.7

Cache

• Improved builder construction time (#905)

JCache

• Fixed deadlock when a cache listener writes to another cache (#1065)
• Added jakarta.inject support, dropping javax.inject (#1009)

3.1.6

• Fixed the log message when a key's equality has changed and corrupted the underlying map (#900, SLF4J-529)
• Added Implementation-Version and other MANIFEST.MF attributes (#889)

3.1.5

Cache

• Fixed clear() removing a key more than once due to a write-back removal listener (#872)

JCache

• Added support for loading the configuration from the cache manager's uri (#877)

Commits

• b0723da minor build plugin upgrades
• 82cf9a3 Fix issue #1111 by not creating methodType on each invocation (to work around...
• b1462dd simplify and document the coalescing bulkloader example (fixes #7)
• f3a9345 document the write-behind-rxjava example
• 2c7b878 Improve hibernate example and add resilience example using failsafe
• c2befe9 Bump EnricoMi/publish-unit-test-result-action from 2.8.0 to 2.9.0 (#1109)
• 30b3813 upgrade error prone and hibernate
• 6f0f14e Bump com.uber.nullaway:nullaway from 0.10.11 to 0.10.12 (#1108)
• 17677fa Bump org.checkerframework:checker-qual from 3.36.0 to 3.37.0 (#1107)
• 67b36d6 Bump crate-ci/typos from 1.16.1 to 1.16.2 (#1105)
• Additional commits viewable in compare view

Updates org.slf4j:slf4j-api from 2.0.3 to 2.0.9

Updates org.slf4j:slf4j-simple from 2.0.3 to 2.0.9

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[infeo]

@dependabot squash and merge