A library that simplifies error handling for Functional Programming in Java

Overview

Faux Pas: Error handling in Functional Programming

Spilled coffee

Stability: Sustained Build Status Coverage Status Code Quality Javadoc Release Maven Central License

Faux pas noun, /fəʊ pɑː/: blunder; misstep, false step

Faux Pas is a library that simplifies error handling for Functional Programming in Java. It fixes the issue that none of the functional interfaces in the Java Runtime by default is allowed to throw checked exceptions.

  • Technology stack: Java 8+, functional interfaces
  • Status: 0.x, originally ported from Riptide, used in production

Example

interface Client {
    User read(final String name) throws IOException;
}

Function<String, User> readUser = throwingFunction(client::read);
readUser.apply("Bob"); // may throw IOException directly

Features

  • Checked exceptions for functional interfaces
  • Compatible with the JDK types

Dependencies

  • Java 8 or higher
  • Lombok (no runtime dependency)

Installation

Add the following dependency to your project:

<dependency>
    <groupId>org.zalando</groupId>
    <artifactId>faux-pas</artifactId>
    <version>${faux-pas.version}</version>
</dependency>

Usage

Throwing functional interfaces

Faux Pas has a variant of every major functional interface from the Java core:

The followings statements apply to each of them:

  • extends the official interface, i.e. they are 100% compatible
  • sneakily throws the original exception

Creation

The way the Java runtime implemented functional interfaces always requires additional type information, either by using a cast or a local variable:

// compiler error
client::read.apply(name);

// too verbose
((ThrowingFunction<String, User, IOException>) client::read).apply(name);

// local variable may not always be desired
ThrowingFunction<String, User, IOException> readUser = client::read;
readUser.apply(name);

As a workaround there is a static factory method for every interface type inFauxPas. All of them are called throwingRunnable, throwingSupplier and so forth. It allows for concise one-line statements:

List<User> users = names.stream()
    .map(throwingFunction(client::read))
    .collect(toList());

Try-with-resources alternative

Traditional try-with-resources statements are compiled into byte code that includes unreachable parts and unfortunately JaCoCo has no support for filtering yet. That's why we came up with an alternative implementation. The official example for the try-with-resources statement looks like this:

try (BufferedReader br =
               new BufferedReader(new FileReader(path))) {
    return br.readLine();
}

Compared to ours:

return tryWith(new BufferedReader(new FileReader(path)), br -> 
    br.readLine()
);

CompletableFuture.exceptionally(Function)

CompletableFuture.exceptionally(..) is a very powerful but often overlooked tool. It allows to inject partial exception handling into a CompletableFuture:

future.exceptionally(e -> {
    Throwable t = e instanceof CompletionException ? e.getCause() : e;

    if (t instanceof NoRouteToHostException) {
        return fallbackValueFor(e);
    }

    throw e instanceof CompletionException ? e : new CompletionException(t);
})

Unfortunately it has a contract that makes it harder to use than it needs to:

In order to use the operation correctly one needs to follow these rules:

  1. Unwrap given throwable if it's an instance of CompletionException.
  2. Wrap checked exceptions in a CompletionException before throwing.

FauxPas.partially(..) relives some of the pain by changing the interface and contract a bit to make it more usable. The following example is functionally equivalent to the one from above:

future.exceptionally(partially(e -> {
    if (e instanceof NoRouteToHostException) {
        return fallbackValueFor(e);
    }

    throw e;
}))
  1. Takes a ThrowingFunction<Throwable, T, Throwable>, i.e. it allows clients to
    • directly re-throw the throwable argument
    • throw any exception during exception handling as-is
  2. Will automatically unwrap a CompletionException before passing it to the given function. I.e. the supplied function will never have to deal with CompletionException directly. Except for the rare occasion that the CompletionException has no cause, in which case it will be passed to the given function.
  3. Will automatically wrap any thrown Exception inside a CompletionException, if needed.

The last example is actually so common, that there is an overloaded version of partially that caters for this use particular case:

future.exceptionally(partially(NoRouteToHostException.class, this::fallbackValueFor))

CompletableFuture.whenComplete(BiConsumer)

future.whenComplete(failedWith(TimeoutException.class, e -> {
    request.cancel();
}))

Other missing pieces in CompletableFuture's API are exceptionallyCompose and handleCompose. Both can be seen as a combination of exceptionally + compose and handle + compose respectively. They basically allow to supply another CompletableFuture rather than concrete values directly. This is allows for asynchronous fallbacks:

exceptionallyCompose(users.find(name), e -> archive.find(name))

Getting Help

If you have questions, concerns, bug reports, etc., please file an issue in this repository's Issue Tracker.

Getting Involved/Contributing

To contribute, simply make a pull request and add a brief description (1-2 sentences) of your addition or change. For more details, check the contribution guidelines.

Alternatives

Comments
  • Unifies SECURITY.md to point to the Zalando security form

    Unifies SECURITY.md to point to the Zalando security form

    Unifies SECURITY.md to point to the Zalando security form.

    Description

    Motivation and Context

    The majority of projects links to the security form. We still have some repositories that point to e-mail boxes.

    Types of changes

    • [ ] Bug fix (non-breaking change which fixes an issue)
    • [ ] New feature (non-breaking change which adds functionality)
    • [ ] Breaking change (fix or feature that would cause existing functionality to change)

    Checklist:

    • [ ] My change requires a change to the documentation.
    • [x] I have updated the documentation accordingly.
    • [ ] I have added tests to cover my changes.
    opened by bocytko 7
  • nested throwingFunction() doesn't work on AdoptOpenJDK

    nested throwingFunction() doesn't work on AdoptOpenJDK

    This is likely a bug in the OpenJDK, but I wanted to report it first here to see if you could give me a more definitive direction to investigate further, as well as indicate a workaround.

    I'm using org.zalando.faux-pas.0.8.0 with OpenJDK 11 on Windows 10:

    openjdk 11.0.5 2019-10-15 OpenJDK Runtime Environment AdoptOpenJDK (build 11.0.5+10) OpenJDK 64-Bit Server VM AdoptOpenJDK (build 11.0.5+10, mixed mode)

    I have a section of code that looks like this. Note that it has nested FauxPas throwingFunction(), although I don't know if the nesting has anything to do with it.

    //look for a per-page navigation definition file in the form `.filename.ext.navigation.*`
    final Optional<Stream<NavigationItem>> pageNavigationDefinition = pageFilename.flatMap(throwingFunction(filename -> {
      final Set<String> navigationFilenames = SUPPORTED_NAVIGATION_FILE_EXTENSIONS.stream()
          .map(ext -> addExtension(DOTFILE_PREFIX + filename + navigationBaseName, ext)).collect(toCollection(LinkedHashSet::new));
      return findAncestorFileByName(sourceDirectory, navigationFilenames, Files::isRegularFile, sourceDirectory)
          .map(throwingFunction(file -> loadNavigationFile(context, contextArtifact, file)));
    }));
    

    That compiles just fine on Eclipse 2019-12 (4.14.0). But on AdoptOpenJDK I get this:

    unreported exception java.io.IOException; must be caught or declared to be thrown

    This error refers to the following line from the code above, because loadNavigationFile() throws an IOException.

    .map(throwingFunction(file -> loadNavigationFile(context, contextArtifact, file)));
    

    This same problem occurs in another location, inside a throwingFunction() that is wrapped in a throwingSupplier().

    Should this code be allowed? Which is correct here: the Eclipse compiler or the OpenJDK compiler?

    And do you know of a workaround, apart from splitting the code sections out and making the stream logic harder to read?

    Bug More information needed 
    opened by garretwilson 5
  • Consider adding support for more functional interface types

    Consider adding support for more functional interface types

    List of candidates from java.util.function

    • [x] BinaryOperator
    • [x] BooleanSupplier
    • [x] DoubleBinaryOperator
    • [x] DoubleConsumer
    • [x] DoubleFunction
    • [x] DoublePredicate
    • [x] DoubleSupplier
    • [x] DoubleToIntFunction
    • [x] DoubleToLongFunction
    • [x] DoubleUnaryOperator
    • [x] IntBinaryOperator
    • [x] IntConsumer
    • [x] IntFunction
    • [x] IntPredicate
    • [x] IntSupplier
    • [x] IntToDoubleFunction
    • [x] IntToLongFunction
    • [x] IntUnaryOperator
    • [x] LongBinaryOperator
    • [x] LongConsumer
    • [x] LongFunction
    • [x] LongPredicate
    • [x] LongSupplier
    • [x] LongToDoubleFunction
    • [x] LongToIntFunction
    • [x] LongUnaryOperator
    • [x] ObjDoubleConsumer
    • [x] ObjIntConsumer
    • [x] ObjLongConsumer
    • [x] ToDoubleBiFunction
    • [x] ToDoubleFunction
    • [x] ToIntBiFunction
    • [x] ToIntFunction
    • [x] ToLongBiFunction
    • [x] ToLongFunction
    • [x] UnaryOperator
    opened by whiskeysierra 5
  • This project seems to be heavily-inspired by throwing-function and doesn't comply with the license

    This project seems to be heavily-inspired by throwing-function and doesn't comply with the license

    This project seems to be heavily-inspired by throwing-function and doesn't comply with the original license.

    throwing-function was released/published in February 2016, half a year before the first release of faux-pas

    Description

    faux-pas:

    image

    throwing-function:

    image

    This project seems to be heavily-inspired by throwing-function and doesn't comply with the license

    Expected Behavior

    The faux-pas project should be compliant with the license and not be a faux pas.

    Actual Behavior

    The faux-pas project is not compliant with the license and is a faux pas.

    Possible Fix

    I can think of at least two solutions:

    • delete the project
    • do all the necessary steps to be compliant with https://github.com/pivovarit/throwing-function/blob/master/LICENSE
    opened by pivovarit 4
  • Bump junit-jupiter-engine from 5.3.0 to 5.3.1

    Bump junit-jupiter-engine from 5.3.0 to 5.3.1

    Bumps junit-jupiter-engine from 5.3.0 to 5.3.1.

    Release notes

    Sourced from junit-jupiter-engine's releases.

    JUnit 5.3.1 = Platform 1.3.1 + Jupiter 5.3.1 + Vintage 5.3.1

    See Release Notes.

    Commits
    • 14e895b Release 5.3.1
    • b635897 Document OpenTest4J fix in release notes
    • 379d7af Upgrade to opentest4j 1.1.1
    • f05bb52 Improve documentation of custom implementations for parameterized tests
    • 2529ceb Reintroduce 5.2.0 Release Notes summary
    • 3882680 Set tentative release date for 5.3.1
    • 66ef6ef Remove variants of assertThrows accepting ThrowingSupplier
    • edc48c3 Fix snapshot dependencies in platform-tooling-support-tests
    • 2b26b6b Bump opentest4j dependency to snapshot
    • 1b4725f Suppress warning
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)

    Finally, you can contact us by mentioning @dependabot.

    dependencies 
    opened by dependabot-preview[bot] 4
  •  Is it possible to have a 0.9.0 version ? apiguardian-api : 1.0.0 -. 1.1.0

    Is it possible to have a 0.9.0 version ? apiguardian-api : 1.0.0 -. 1.1.0

    There are some conflict with apiguardian-api in some projects. Indeed the 0.8.0 version contains apiguardian-api 1.0.0 and the project problem-spring-web use that version and brings apiguardian-api 1.1.0 so the versions are not consistent with the one in the 0.8.0 of faux-pas (1.0.0).

    opened by mikrethor 3
  • Bump junit-platform.version from 1.3.0 to 1.3.1

    Bump junit-platform.version from 1.3.0 to 1.3.1

    Bumps junit-platform.version from 1.3.0 to 1.3.1.

    Updates junit-platform-launcher from 1.3.0 to 1.3.1

    Commits

    Updates junit-platform-surefire-provider from 1.3.0 to 1.3.1

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)

    Finally, you can contact us by mentioning @dependabot.

    dependencies 
    opened by dependabot-preview[bot] 3
  • Added stability marker

    Added stability marker

    Description

    Motivation and Context

    Types of changes

    • [ ] Bug fix (non-breaking change which fixes an issue)
    • [ ] New feature (non-breaking change which adds functionality)
    • [ ] Breaking change (fix or feature that would cause existing functionality to change)

    Checklist:

    • [x] My change requires a change to the documentation.
    • [x] I have updated the documentation accordingly.
    • [ ] I have added tests to cover my changes.
    opened by whiskeysierra 3
  • Bump junit-jupiter-engine from 5.8.1 to 5.8.2

    Bump junit-jupiter-engine from 5.8.1 to 5.8.2

    Bumps junit-jupiter-engine from 5.8.1 to 5.8.2.

    Release notes

    Sourced from junit-jupiter-engine's releases.

    JUnit 5.8.2 = Platform 1.8.2 + Jupiter 5.8.2 + Vintage 5.8.2

    See Release Notes.

    Commits
    • f58cd41 Release 5.8.2
    • 893617c Fix Javadoc of DEFAULT_DISCOVERY_LISTENER_CONFIGURATION_PROPERTY_NAME
    • 3d75f99 Use Gradle because to document junit-platform-launcher dependency
    • 4ef6e70 Support CSV headers in display names in parameterized tests
    • 69aed70 Polish Overview section of User Guide
    • 4181b9c Make quote character in @​CsvFileSource configurable
    • e27058e Stop publishing to scans.gradle.com for PR builds
    • d455b98 Always update snapshots
    • 938ab00 Increase tool timeout to reduce flakiness
    • cd257bd Use longer timeouts to stabilize flaky tests
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 2
  • Bump mockito-core from 3.3.3 to 3.4.4

    Bump mockito-core from 3.3.3 to 3.4.4

    Bumps mockito-core from 3.3.3 to 3.4.4.

    Release notes

    Sourced from mockito-core's releases.

    v3.4.4

    Release notes were automatically generated by Shipkit

    3.4.4

    v3.4.3

    Release notes were automatically generated by Shipkit

    3.4.3

    v3.4.2

    Release notes were automatically generated by Shipkit

    3.4.2

    v3.4.1

    Release notes were automatically generated by Shipkit

    3.4.1

    v3.4.0

    Release notes were automatically generated by Shipkit

    3.4.0

    Commits
    • 4019d86 3.4.4 release (previous 3.4.3) + release notes updated by CI build 4637
    • 6b09281 [ci maven-central-release] Merge pull request #1974 from mockito/improve-erro...
    • 12ba593 Fixes #1855 and #939: improve error message when the inline mock maker cannot...
    • cbabc53 3.4.3 release (previous 3.4.2) + release notes updated by CI build 4625
    • 4ebf513 Fix invalid Javadoc syntax (#1978)
    • 6635dee 3.4.2 release (previous 3.4.1) + release notes updated by CI build 4597
    • be220bb [ci maven-central-release] Merge pull request #1968 from mockito/runner-fix
    • 9123d1e Fixed #1967: Correctly handle mocks with limited life-cycle in listeners.
    • b0aa379 3.4.1 release (previous 3.4.0) + release notes updated by CI build 4593
    • eda22b7 Update byte buddy to 1.10.13 (#1973)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Pull request limits (per update run and/or open at any time)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)
    dependencies 
    opened by dependabot-preview[bot] 2
  • Bump junit-platform.version from 1.3.1 to 1.3.2

    Bump junit-platform.version from 1.3.1 to 1.3.2

    Bumps junit-platform.version from 1.3.1 to 1.3.2.

    Updates junit-platform-launcher from 1.3.1 to 1.3.2

    Commits

    Updates junit-platform-surefire-provider from 1.3.1 to 1.3.2

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
    • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
    • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
    • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
    • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

    Additionally, you can set the following in your Dependabot dashboard:

    • Update frequency (including time of day and day of week)
    • Automerge options (never/patch/minor, and dev/runtime dependencies)
    • Pull request limits (per update run and/or open at any time)
    • Out-of-range updates (receive only lockfile updates, if desired)
    • Security updates (receive only security updates, if desired)

    Finally, you can contact us by mentioning @dependabot.

    dependencies 
    opened by dependabot-preview[bot] 2
  • Bump dependency-check-maven from 7.1.0 to 7.4.3

    Bump dependency-check-maven from 7.1.0 to 7.4.3

    Bumps dependency-check-maven from 7.1.0 to 7.4.3.

    Release notes

    Sourced from dependency-check-maven's releases.

    Version 7.4.3

    Fixed

    • Fixed NPE when analyzing version ranges in NPM (#5158 & #5190)
    • Resolved several FP (#5191)

    See the full listing of changes.

    Version 7.4.2

    Fixed

    • Fixes maven 3.1 compatibility issue (#5152)
    • Fixed issue with invalid node_module paths in some scans (#5135)
    • Fixed missing option to disable the Poetry Analyzer in the CLI (#5160)
    • Fixed missing option to configure the OSS Index URL in the CLI (#5180)
    • Fixed NPE when analyzing version ranges in NPM (#5158)
    • Fixed issue with non-proxy host in the gradle plugin (dependency-check/dependency-check-gradle#298)
    • Resolved several FP

    See the full listing of changes.

    Version 7.4.1

    Fixed

    • Fixed bug when setting the proxy port in gradle (#5123)
    • Fixed issue with invalid node_module paths in some scans (#5127)
    • Resolved several FP

    See the full listing of changes.

    Version 7.4.0

    Added

    • Add support for npm package lock v2 and v3 (#5078)
    • Added experimental support for Python Poetry (#5025)
    • Added a vanilla HTML report for use in Jenkins (#5053)

    Changed

    • Renamed RELEASE_NOTES.md to CHANGELOG.md to be more conventional
    • Optimized checksum calculation to improve performance (#5112)
    • Added support for scanning .NET assemblies when only the dotnet runtime is installed (#5087)
    • Bumped several dependencies

    Fixed

    • Fixed bug when setting the proxy port (#5076)
    • Resolved several FP and FN

    See the full listing of changes.

    ... (truncated)

    Changelog

    Sourced from dependency-check-maven's changelog.

    Version 7.4.3 (2022-12-29)

    Fixed

    • Fixed NPE when analyzing version ranges in NPM (#5158 & #5190)
    • Resolved several FP (#5191)

    See the full listing of changes.

    Version 7.4.2 (2022-12-28)

    Fixed

    • Fixes maven 3.1 compatibility issue (#5152)
    • Fixed issue with invalid node_module paths in some scans (#5135)
    • Fixed missing option to disable the Poetry Analyzer in the CLI (#5160)
    • Fixed missing option to configure the OSS Index URL in the CLI (#5180)
    • Fixed NPE when analyzing version ranges in NPM (#5158)
    • Fixed issue with non-proxy host in the gradle plugin (dependency-check/dependency-check-gradle#298)
    • Resolved several FP

    See the full listing of changes.

    Version 7.4.1 (2022-12-09)

    Fixed

    • Fixed bug when setting the proxy port in gradle (#5123)
    • Fixed issue with invalid node_module paths in some scans (#5127)
    • Resolved several FP

    See the full listing of changes.

    Version 7.4.0 (2022-12-04)

    Added

    • Add support for npm package lock v2 and v3 (#5078)
    • Added experimental support for Python Poetry (#5025)
    • Added a vanilla HTML report for use in Jenkins (#5053)

    Changed

    • Renamed RELEASE_NOTES.md to CHANGELOG.md to be more conventional
    • Optimized checksum calculation to improve performance (#5112)
    • Added support for scanning .NET assemblies when only the dotnet runtime is installed (#5087)
    • Bumped several dependencies

    Fixed

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump mockito.version from 4.5.1 to 4.11.0

    Bump mockito.version from 4.5.1 to 4.11.0

    Bumps mockito.version from 4.5.1 to 4.11.0. Updates mockito-core from 4.5.1 to 4.11.0

    Release notes

    Sourced from mockito-core's releases.

    v4.11.0

    Changelog generated by Shipkit Changelog Gradle Plugin

    4.11.0

    v4.10.0

    Changelog generated by Shipkit Changelog Gradle Plugin

    4.10.0

    v4.9.0

    Changelog generated by Shipkit Changelog Gradle Plugin

    4.9.0

    v4.8.1

    Changelog generated by Shipkit Changelog Gradle Plugin

    4.8.1

    ... (truncated)

    Commits

    Updates mockito-junit-jupiter from 4.5.1 to 4.11.0

    Release notes

    Sourced from mockito-junit-jupiter's releases.

    v4.11.0

    Changelog generated by Shipkit Changelog Gradle Plugin

    4.11.0

    v4.10.0

    Changelog generated by Shipkit Changelog Gradle Plugin

    4.10.0

    v4.9.0

    Changelog generated by Shipkit Changelog Gradle Plugin

    4.9.0

    v4.8.1

    Changelog generated by Shipkit Changelog Gradle Plugin

    4.8.1

    ... (truncated)

    Commits

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump versions-maven-plugin from 2.10.0 to 2.14.2

    Bump versions-maven-plugin from 2.10.0 to 2.14.2

    Bumps versions-maven-plugin from 2.10.0 to 2.14.2.

    Release notes

    Sourced from versions-maven-plugin's releases.

    2.14.2

    Changes

    🚀 New features and improvements

    🐛 Bug Fixes

    📦 Dependency updates

    👻 Maintenance

    2.14.1

    Changes

    🐛 Bug Fixes

    2.14.0

    Changes

    🚀 New features and improvements

    ... (truncated)

    Commits
    • 374ddab [maven-release-plugin] prepare release 2.14.2
    • 2b9bdb7 Bump wagon-provider-api from 3.5.2 to 3.5.3
    • 67c1800 Resolves #872: Make allowSnapshots an explicit argument in lookupDependencyUp...
    • 2fe2c3d Manage transitive dependencies version for security updates
    • 1130350 Upgrade com.fasterxml.woodstox:woodstox-core to 6.4.0
    • 8f2fd07 Project dependencies maintenance - move versions to dependencyManagement
    • 2bed457 Add a simple cache for ComparableVersions
    • 2d7a157 Bump actions/stale from 6 to 7
    • 4546a4e Fixes #866: Require maven 3.2.5
    • 5ee419d Bump mockito-inline from 4.9.0 to 4.10.0
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump slf4j.version from 1.7.36 to 2.0.6

    Bump slf4j.version from 1.7.36 to 2.0.6

    Bumps slf4j.version from 1.7.36 to 2.0.6. Updates slf4j-api from 1.7.36 to 2.0.6

    Commits
    • 5ff6f2c prepare for release 2.0.6
    • 2f4aa75 fix SLF4J-575
    • 363f0a5 remove unused parts
    • 171679b SLF4J-574: Add full OSGi headers, especially "uses" clauses
    • 921b5b3 fix FUNDING file
    • e02244c fix FUNDING file
    • 441d458 fix FUNDING file
    • f5e741b add FUNDING file
    • 2e71327 remove unused log4j dependency in the version definition section of pom.xml
    • 3ff2a30 start work on 2.0.6-SNAPSHOT
    • Additional commits viewable in compare view

    Updates slf4j-nop from 1.7.36 to 2.0.6

    Commits
    • 5ff6f2c prepare for release 2.0.6
    • 2f4aa75 fix SLF4J-575
    • 363f0a5 remove unused parts
    • 171679b SLF4J-574: Add full OSGi headers, especially "uses" clauses
    • 921b5b3 fix FUNDING file
    • e02244c fix FUNDING file
    • 441d458 fix FUNDING file
    • f5e741b add FUNDING file
    • 2e71327 remove unused log4j dependency in the version definition section of pom.xml
    • 3ff2a30 start work on 2.0.6-SNAPSHOT
    • Additional commits viewable in compare view

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump junit-jupiter-engine from 5.8.2 to 5.9.1

    Bump junit-jupiter-engine from 5.8.2 to 5.9.1

    Bumps junit-jupiter-engine from 5.8.2 to 5.9.1.

    Release notes

    Sourced from junit-jupiter-engine's releases.

    JUnit 5.9.1 = Platform 1.9.1 + Jupiter 5.9.1 + Vintage 5.9.1

    See Release Notes.

    JUnit 5.9.0 = Platform 1.9.0 + Jupiter 5.9.0 + Vintage 5.9.0

    See Release Notes.

    JUnit 5.9.0-RC1 = Platform 1.9.0-RC1 + Jupiter 5.9.0-RC1 + Vintage 5.9.0-RC1

    See Release Notes.

    JUnit 5.9.0-M1 = Platform 1.9.0-M1 + Jupiter 5.9.0-M1 + Vintage 5.9.0-M1

    See Release Notes.

    Commits
    • 732a540 Release 5.9.1
    • 88bf48d Prepare release notes for 5.9.1
    • d75e34d Update scope for 5.9.1
    • 9823f73 Link to all 5.9 milestone pages
    • 76719bb Increase timeout for GraalVM test
    • 2a80984 Install GraalVM for main CI build on Linux
    • 79f47f5 Refactor OpenTestReportGeneratingListener to work in native images
    • 7229385 Add failing integration test for execution on GraalVM native image
    • 343170f Fix running tests in documentation from IntelliJ IDEA
    • 352d06b Attempt to stabilize test on Windows
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
  • Bump maven-javadoc-plugin from 3.4.0 to 3.4.1

    Bump maven-javadoc-plugin from 3.4.0 to 3.4.1

    Bumps maven-javadoc-plugin from 3.4.0 to 3.4.1.

    Release notes

    Sourced from maven-javadoc-plugin's releases.

    3.4.1

    📦 Dependency updates

    Commits
    • a5db96e [maven-release-plugin] prepare release maven-javadoc-plugin-3.4.1
    • a10f0b1 [MJAVADOC-723] Upgrade Maven Reporting API to 3.1.1/Complete with Maven Repor...
    • c19dba2 Skip Java 9-14 in reproducible test
    • 26d84b2 Add notimestamp for reproducible builds test
    • 92ce668 Ignore Maven Core updates
    • bacc078 Add Integration Test for reproducible builds
    • 497f80f [MJAVADOC-719] - Update Maven Archiver to 3.6.0
    • 34b501d Bump assertj-core from 3.21.0 to 3.23.1
    • b928970 Bump spring-webmvc in /src/it/projects/MJAVADOC-434_fixcompile
    • 4306c92 Bump mockito-core from 4.1.0 to 4.4.0
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    dependencies 
    opened by dependabot[bot] 0
Releases(0.9.0)
Owner
Zalando SE
The org page for Zalando, Europe's leading online fashion platform. Visit opensource.zalando.com for project stats.
Zalando SE
SneakyThrow is a Java library to ignore checked exceptions

SneakyThrow SneakyThrow is a Java library to ignore checked exceptions. You can integrate it using maven: <dependency> <groupId>com.rainerhahnekamp<

Rainer Hahnekamp 73 Nov 8, 2022
Java 1-15 Parser and Abstract Syntax Tree for Java, including preview features to Java 13

JavaParser This project contains a set of libraries implementing a Java 1.0 - Java 14 Parser with advanced analysis functionalities. This includes pre

JavaParser 4.5k Jan 5, 2023
Dynamic Code Evolution VM for Java 7/8

NEWS: Dcevm-11 on Trava OpenJDK There is a new distribution channel for DCEVM-11 binaries on - TravaOpenjdk! DCEVM This project is a fork of original

null 1.6k Dec 28, 2022
Java unlimited redefinition of classes at runtime.

Hotswap Agent This is an overview page, please visit hotswapagent.org for more information. Overview Java unlimited runtime class and resource redefin

null 1.9k Dec 30, 2022
simple tail call optimization and stack safety for Java

com.github.kag0.tail simple tail call optimization for Java enables infinitely deep tail recursive calls without throwing a StackOverflowError no tran

Nathaniel Fischer 18 Dec 7, 2022
Project on End to End CI/CD pipeline for java based application using Git,Github,Jenkins,Maven,Sonarqube,Nexus,Slack,Docker and Kuberenets with ECR as private docker registry and Zero Downtime Deployment

Project on End to End CI/CD pipeline for java based application using Git,Github,Jenkins,Maven,Sonarqube,Nexus,Slack,Docker and Kuberenets with ECR as private docker registry and Zero Downtime Deployment.

NITHIN JOHN GEORGE 10 Nov 22, 2022
A library that simplifies error handling for Functional Programming in Java

Faux Pas: Error handling in Functional Programming Faux pas noun, /fəʊ pɑː/: blunder; misstep, false step Faux Pas is a library that simplifies error

Zalando SE 114 Dec 5, 2022
Juerr is a Java port of the uerr crate, it provides stunning visual error handling.

Juerr Juerr is a Java port of the uerr crate, it provides stunning visual error handling. Showcase Using the code below, we can display a simple error

IkeVoodoo 3 Jul 17, 2022
Simple springboot API for addressBook. Supports all REST controllers and have custom error handling for every specific case, also supports redis caching.

AddressBook-SpringBoot-API Simple Springboot API for addressBook with redis cache. Supports all REST controllers and have custom error handling for ev

Shirish Saxena 1 Jan 21, 2022
Resilience4j is a fault tolerance library designed for Java8 and functional programming

Fault tolerance library designed for functional programming Table of Contents 1. Introduction 2. Documentation 3. Overview 4. Resilience patterns 5. S

Resilience4j 8.5k Jan 2, 2023
A lightweight messaging library that simplifies the development and usage of RabbitMQ with the AMQP protocol.

kryo-messaging This library contains a simple MessagingService which simplifies the setup and work with RabbitMQ and the AMQP protocol. Usage Gradle r

Kryonite Labs 3 Jan 10, 2022
Event bus for Android and Java that simplifies communication between Activities, Fragments, Threads, Services, etc. Less code, better quality.

EventBus EventBus is a publish/subscribe event bus for Android and Java. EventBus... simplifies the communication between components decouples event s

Markus Junginger 24.2k Jan 3, 2023
Functional Reactive Programming (FRP) for JavaFX

ReduxFX Functional Reactive Programming (FRP) for JavaFX ReduxFX in 1 minute ReduxFX is a set of libraries that enable you to use functional reactive

Michael Heinrichs 108 Oct 16, 2022
Functional programming course

Functional-Programming-101-Java functional programming course with Mohamed Hammad https://www.youtube.com/playlist?list=PLpbZuj8hP-I6F-Zj1Ay8nQ1rMnmF

Ibrahim 14 Nov 9, 2022
A Java library for designing good error messages

JDoctor, a Java library for good error messages Designing good error messages is hard. In Java, most often, developers just rely on throwing exception

Cédric Champeau 125 Oct 24, 2022
A distributed data integration framework that simplifies common aspects of big data integration such as data ingestion, replication, organization and lifecycle management for both streaming and batch data ecosystems.

Apache Gobblin Apache Gobblin is a highly scalable data management solution for structured and byte-oriented data in heterogeneous data ecosystems. Ca

The Apache Software Foundation 2.1k Jan 4, 2023
Simplifies the development of creating a JPA-based data access layer.

Spring Data JPA Spring Data JPA, part of the larger Spring Data family, makes it easy to easily implement JPA based repositories. This module deals wi

Spring 2.5k Jan 5, 2023
JLine is a Java library for handling console input.

JLine JLine is a Java library for handling console input. It is similar in functionality to BSD editline and GNU readline but with additional features

null 1.2k Jan 5, 2023