Bump com.uber.nullaway:nullaway from 0.12.9 to 0.12.10

[dependabot]

Bumps com.uber.nullaway:nullaway from 0.12.9 to 0.12.10.

Release notes

Sourced from com.uber.nullaway:nullaway's releases.

NullAway 0.12.10

This release contains significant improvements to inference support for generic method calls in JSpecify mode (#1075). We expect that many more valid calls will pass NullAway, but that some new bugs may have been introduced. Please report any issues that you see. There is also a new flag, -XepOpt:NullAway:WarnOnGenericInferenceFailure to make NullAway report a warning when inference fails, to help identify any issues.

• Improved inference for generic method calls (#1244)
• Suppress CastToNonNull warnings for @NullUnmarked method calls by @​raccoonback (#1258)
• JSpecify: Fix crash when overriding with raw types (#1265)
• Better handle calls to super constructors and superclass methods in JSpecify mode (#1248)
• issue-1250 pattern matching for instanceof in switch case by @​dhruv-agr (#1259)
• Account for annotations in extends / implements when computing view as supertype (#1266)
• Bug fix with type substitutions after inference (#1277)
• JSpecify: Improve error messages for type incompatibility at pseudo-assignments (#1279)
• Support java.util.Objects.toString() by @​gulikoza (#1283)
• Record when generic method inference fails (#1280)
• issue 1275 - report unboxing warning for for-each loop by @​dhruv-agr (#1281)
• Abstract iterating over invocation arguments (#1284)
• Invoke generic method inference in more places (#1286)
• Maintenance
  • Build Spring with snapshot build as a CI job (#1251)
  • Add more instance fields to GenericsChecks (#1256)
  • remove unneeded checkNotCall call (#1257)
  • Fail build on JDK 21 versions before 21.0.8 (#1261)
  • Clarify JDK version to use for best JSpecify support (#1269)
  • Simplified set of CI jobs (#1271)
  • Build: upgrade to Gradle 9 + AGP 8.7.2 (#1270)
  • Compile with JDK 24 (#1276)
  • Don't use deprecated buildDir by @​mernst (#1278)

Changelog

Sourced from com.uber.nullaway:nullaway's changelog.

Version 0.12.10

This release contains significant improvements to inference support for generic method calls in JSpecify mode (#1075). We expect that many more valid calls will pass NullAway, but that some new bugs may have been introduced. Please report any issues that you see. There is also a new flag, -XepOpt:NullAway:WarnOnGenericInferenceFailure to make NullAway report a warning when inference fails, to help identify any issues.

• Improved inference for generic method calls (#1244)
• Suppress CastToNonNull warnings for @NullUnmarked method calls by @​raccoonback (#1258)
• JSpecify: Fix crash when overriding with raw types (#1265)
• Better handle calls to super constructors and superclass methods in JSpecify mode (#1248)
• issue-1250 pattern matching for instanceof in switch case by @​dhruv-agr (#1259)
• Account for annotations in extends / implements when computing view as supertype (#1266)
• Bug fix with type substitutions after inference (#1277)
• JSpecify: Improve error messages for type incompatibility at pseudo-assignments (#1279)
• Support java.util.Objects.toString() by @​gulikoza (#1283)
• Record when generic method inference fails (#1280)
• issue 1275 - report unboxing warning for for-each loop by @​dhruv-agr (#1281)
• Abstract iterating over invocation arguments (#1284)
• Invoke generic method inference in more places (#1286)
• Maintenance
  • Build Spring with snapshot build as a CI job (#1251)
  • Add more instance fields to GenericsChecks (#1256)
  • remove unneeded checkNotCall call (#1257)
  • Fail build on JDK 21 versions before 21.0.8 (#1261)
  • Clarify JDK version to use for best JSpecify support (#1269)
  • Simplified set of CI jobs (#1271)
  • Build: upgrade to Gradle 9 + AGP 8.7.2 (#1270)
  • Compile with JDK 24 (#1276)
  • Don't use deprecated buildDir by @​mernst (#1278)

Commits

• 13580d5 Prepare for release 0.12.10.
• f8c214b Update changelog for release 0.12.10 (#1292)
• 2e578d6 Invoke generic method inference in more places (#1286)
• c187bf5 Abstract iterating over invocation arguments (#1284)
• dd0da6d issue 1275 - report unboxing warning for for-each loop (#1281)
• 533986c Record when generic method inference fails (#1280)
• cb72c5a Support java.util.Objects.toString() (#1283)
• 8f40500 JSpecify: Improve error messages for type incompatibility at pseudo-assignmen...
• 9272d8b Bug fix with type substitutions after inference (#1277)
• 66e9f57 Don't use deprecated buildDir (#1278)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[uhafner]

@dependabot rebase

[dependabot]

Looks like this PR is already up-to-date with main! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[uhafner]

@dependabot recreate

[github-actions]

☀️   Quality Monitor

Tests

     Unit Tests: 100% successful (86 passed, 2 skipped)
   ⛔   Architecture Tests: 100% successful (17 passed, 2 skipped)

Code Coverage

   〰️   Line Coverage: 92% (61 missed lines)
   ➰   Branch Coverage: 90% (21 missed branches)

Mutation Coverage

     Mutation Coverage: 80% (80 survived mutations)
   💪   Test Strength: 85% (59 survived mutations in tested code)

Style

     CheckStyle: No warnings
     PMD: No warnings
   ⚠️   Java Compiler: No warnings

Bugs

     SpotBugs: No bugs
   🐛   Error Prone: No bugs

API Problems

   🚫   Revapi: No warnings

Vulnerabilities

   🛡️   OWASP Dependency Check: No vulnerabilities

Software Metrics

   🌀   Cyclomatic Complexity: 377 (total)
   💭   Cognitive Complexity: 174 (total)
   ➿   N-Path Complexity: 341 (total)
   📏   Lines of Code: 4282 (total)
   📝   Non Commenting Source Statements: 1261 (total)
   🔗   Class Cohesion: 71.43% (maximum)
   ⚖️   Weight of Class: 100.00% (maximum)

🚦 Quality Gates

Overall Status: ✅ SUCCESS

✅ Passed Gates

• ✅ Tests Success Rate: 100.00 >= 100.00
• ✅ Line Coverage: 92.00 >= 80.00
• ✅ Branch Coverage: 90.00 >= 80.00
• ✅ Potential Bugs: 0.00 <= 0.00
• ✅ Style Violations: 0.00 <= 0.00

---

Created by Quality Monitor v3.2.0 (#a3f5b8b). More details are shown in the GitHub Checks Result.