* Fix `OperatorPrecedence` warn in `JsonWriter#close`
* Fix `ReferenceEquality` warn in `LinkedTreeMap#replaceInParent`
* Fix `UnnecessaryParentheses` warn in `LinkedTreeMap#replaceInParent`
* Fix `ReferenceEquality` warn in `LinkedTreeMap#hasNext`
* Fix `ReferenceEquality` warn in `LinkedTreeMap#nextNode`
* Adds `error_prone_annotations` to the `pom.xml` of `gson`
* Fix `InlineMeSuggester` warns in `JsonParser`
* Fix `UnnecessaryParentheses` warns in `ConstructorConstructor#newDefaultImplementationConstructor`
* Fix `ThreadLocalUsage` warn in `Gson`
* Fix `JdkObsolete` warn in `GsonBuilder`
* Fix `ReferenceEquality` warn in `LazilyParsedNumber#equals`
* Fix `OperatorPrecedence` warn in `TreeTypeAdapter#create`
* Fix `OperatorPrecedence` warn in `ArrayTypeAdapter`
* Fix `UnnecessaryParentheses` warn in `TypeAdapters`
* Adds `-XepExcludedPaths` flag to ErrorProne plugin to exclude tests and proto path
* Fix `ClassNewInstance` warn in `InterceptorAdapter`
* Fix `ThreadLocalUsage` warn in `GraphAdapterBuilder`
* Fix `JdkObsolete` warn in `GraphAdapterBuilder`
* Revert "Adds `error_prone_annotations` to the `pom.xml` of `gson`"
This reverts commit 14af14dfa23b46a54f4855a70ccf2b0a2cdc3e3f.
* Revert "Fix `InlineMeSuggester` warns in `JsonParser`"
This reverts commit 095bfd517e06510e4cc9cc6b1aac58ad9bf3038a.
* Adds `@SuppressWarnings("ThreadLocalUsage")`
* Fix `OperatorPrecedence` in `JsonWriter`
* Revert "Fix `ReferenceEquality` warn in `LinkedTreeMap#nextNode`"
This reverts commit 387746c7f7e3d0943c8f80501f5d9c3710f4862e.
* Adds `@SuppressWarnings("ReferenceEquality")`
* Adds `guava-testlib` to the gson `pom.xml`
* `@SuppressWarnings("TruthSelfEquals")` removed to use `EqualsTester()`
* Add CodeQL GitHub code scanning workflow
* Only compile main sources for code scanning
* Move test .proto files to test sources
`annotations.proto` also seems to be only relevant for tests because the test
explicitly registers them as extensions. By default the Proto adapter does not
consider them.
* Address some code scanning findings
* Fix some more findings
Adversaries might be able to forge data which can be abused for DoS attacks.
These classes are already writing a replacement JDK object during serialization
for a long time, so this change should not cause any issues.
The most interesting optimization is to replace ArrayDeque with a manual linked list that reuses the nodes 'parent' field. These optimizations save about 20%.
Compared to LinkedTreeMap, this is slower for small (size=5) maps: 124% slower to get() and 33% slower to create and populate. It's a win for large (size=500) maps: 46% faster to get() but 8% slower to create and populate. And it's a big win for very large (size=50,000) maps: 81% faster to get() and 46% faster to create and populate.
http://microbenchmarks.appspot.com/run/limpbizkit@gmail.com/com.google.common.collect.MapBenchmark
I'm going to follow this up with some simple optimizations: caching local fields and simplifying access. That should narrow the performance gap.
Not yet adopted in our code.
Known critical bugs:
- throws ClassCastException when get() is called with a non-comparable key
- throws NullPointerException on get(null)