deps: bump com.google.errorprone:error_prone_core from 2.31.0 to 2.35.1

[dependabot]

Bumps com.google.errorprone:error_prone_core from 2.31.0 to 2.35.1.

Release notes

Sourced from com.google.errorprone:error_prone_core's releases.

Error Prone 2.35.1

Error Prone's dependency on protobuf has been downgraded to 3.25.5 for this release.

Version 3.25.5 of protobuf still fixes CVE-2024-7254. This release is provided for users who aren't ready to update to 4.x, see also #4584 and #4634. Future versions of Error Prone will upgrade back to protobuf 4.x.

Full changelog: google/error-prone@v2.35.0...v2.35.1

Error Prone 2.35.0

Changes:

• Fix handling of \s before the trailing delimiter in MisleadingEscapedSpace
• TimeUnitMismatch improvements: handle binary trees, consider trees like fooSeconds * 1000 to have units of millis

New checks:

• JavaDurationGetSecondsToToSeconds: Prefer duration.toSeconds() over duration.getSeconds()

Full changelog: google/error-prone@v2.34.0...v2.35.0

Error Prone 2.34.0

Changes:

• Passing the javac flag --should-stop=ifError=FLOW is now required when running Error Prone (#4595)
• The MemberName check was renamed to IdentifierName

New checks:

• FutureTransformAsync: The usage of transformAsync is not necessary when all the return values of the transformation function are immediate futures.
• MisformattedTestData: Reformats Java source code inside Error Prone test cases.
• MisleadingEscapedSpace: Using \s anywhere except at the end of a line in a text block is potentially misleading.
• ThrowIfUncheckedKnownUnchecked: throwIfUnchecked(knownUnchecked) is equivalent to throw knownUnchecked.

Closed issues: #4595, #4598, #4620

Full changelog: google/error-prone@v2.33.0...v2.34.0

Error Prone 2.33.0

Similar to release 2.32.0, the minimum supported JDK version to run Error Prone is JDK 17 (#3803). Using Error Prone to compile code that is deployed to earlier versions is still fully supported, but will require using JDK 17 or newer for compilation and setting --release or -source/-target/-bootclasspath.

Changes:

• Update protobuf version for CVE-2024-7254

New checks:

• ArrayRecordComponent: Record components should not be arrays.

Full changelog: google/error-prone@v2.32.0...v2.33.0

... (truncated)

Commits

• 0e06cc2 Release Error Prone 2.35.1
• db6c890 Downgrade protobuf version to 3.25.5
• ed6b121 Add a repro test for broken behavior inlining the parameter value into the fu...
• a931fa3 Remove DoNotUseRuleChain from JavaCodeClarity.
• ec2983b compileUnsafe -> compile for compile-time-constant expressions.
• 2ce9632 Strip the quotation marks from the source code when reconstructing the literal.
• 99a0d9d TimeUnitMismatch: handle BinaryTrees.
• 60c5f76 TimeUnitMismatch: consider trees like fooSeconds * 1000 to have units of `m...
• 427b51d GetSeconds to ToSeconds error prone
• 82a2168 Recognize that Runtime.halt and exit never return.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)