Bump daggerVersion from 2.44 to 2.48 in /cross-account-publish/certificate-based-stack

[dependabot]

Bumps daggerVersion from 2.44 to 2.48.
Updates com.google.dagger:dagger-compiler from 2.44 to 2.48

Release notes

Sourced from com.google.dagger:dagger-compiler's releases.

Dagger 2.48

Dagger/Hilt KSP support

Dagger 2.48 includes the alpha release of the Dagger and Hilt KSP processors.

Instructions for using the Dagger/Hilt KSP processors can be found at https://dagger.dev/dev-guide/ksp.

In order to use Dagger’s KSP processor you will need to:

• Follow the basic setup to migrate Dagger’s processors from kapt to ksp (see https://dagger.dev/dev-guide/ksp#setup).
• Migrate any Dagger SPI plugins to the new Dagger SPI plugins API (with KSP support) (see https://dagger.dev/dev-guide/ksp#new-dagger-spi-plugin-with-ksp-support).
• Ensure that there are no kapt processors that generate classes that need to interact with Dagger (see https://dagger.dev/dev-guide/ksp#interaction-with-javackapt-processors).

Also note that Dagger’s KSP processors are still in the alpha stage. So far we’ve focused mainly on trying to ensure correctness rather than optimize performance. Please apply due diligence when enabling ksp and report any bugs or performance issues at https://github.com/google/dagger/issues. The current list of known issues can be found here.

There are also a few potentially breaking changes included with this release. These changes were made to better support Dagger usage with Kotlin sources, and make the migration from KAPT to KSP more seamless. We don’t expect these changes to affect most users. Please see below for more details.

Breaking changes

The dagger.ignoreProvisionKeyWildcards is now enabled by default

This may break apps that are providing the same binding with different wildcards, e.g. Foo<Bar> and Foo<? extends Bar>.

Fix: See https://dagger.dev/dev-guide/compiler-options#ignore-provision-key-wildcards for suggestions on how to fix this. If fixing is not an immediate option, you can still disable the flag with dagger.ignoreProvisionKeyWildcards=DISABLED.

@Binds assignability check

Unlike KAPT, KSP takes nullability into account when checking if a type is assignable to another type. This changes the behavior of Dagger’s @Binds usage validation such that a type that was assignable in KAPT may no longer be assignable in KSP. For example:

// Incorrect: this compiles successfully in KAPT but the compilation fails in KSP
@Binds fun bind(impl: FooImpl<Bar?>): Foo<Bar>

Fix: To fix this breakage, users should update the parameter or return type in the method such that they are actually assignable when taking nullability into account. For example:

// Correct: this compiles successfully in KAPT and KSP
@Binds fun bind(impl: FooImpl<Bar?>): Foo<Bar?>

Top-level @Module / @Inject classes can no longer be private

Top-level @Module or @Inject classes can no longer be private. This was previously allowed purely by accident (rather than being an officially supported feature) due to the way Kotlin’s private classes are represented as package-private in KAPT’s generated java stubs.

Fix: Replace the private visibility modifier with internal or public.

@Binds and @Provides methods can no longer be extension functions

Normally when we define an @Provides/@Binds function we put the dependencies in the parameter list:

... (truncated)

Commits

• 03513e5 2.48 release
• b90b416 Don't run RootProcessingStep#postProcess if no root element was detected.
• f5d686d Ban usage of var in Component.
• 232e524 Fix github action
• 046baa4 Remove workaround for b/269172737.
• 7107431 Rename #java() to #javac() for Dagger SPI model types.
• b7d97ba Internal change
• 278e4ec Update xprocessing jar
• c53be9a UPDATE Bazel version to 6.3.2
• 8d2385f Move Dagger spi model types implementation into Dagger internal.
• Additional commits viewable in compare view

Updates com.google.dagger:dagger from 2.44 to 2.48

Release notes

Sourced from com.google.dagger:dagger's releases.

Dagger 2.48

Dagger/Hilt KSP support

Dagger 2.48 includes the alpha release of the Dagger and Hilt KSP processors.

Instructions for using the Dagger/Hilt KSP processors can be found at https://dagger.dev/dev-guide/ksp.

In order to use Dagger’s KSP processor you will need to:

• Follow the basic setup to migrate Dagger’s processors from kapt to ksp (see https://dagger.dev/dev-guide/ksp#setup).
• Migrate any Dagger SPI plugins to the new Dagger SPI plugins API (with KSP support) (see https://dagger.dev/dev-guide/ksp#new-dagger-spi-plugin-with-ksp-support).
• Ensure that there are no kapt processors that generate classes that need to interact with Dagger (see https://dagger.dev/dev-guide/ksp#interaction-with-javackapt-processors).

Also note that Dagger’s KSP processors are still in the alpha stage. So far we’ve focused mainly on trying to ensure correctness rather than optimize performance. Please apply due diligence when enabling ksp and report any bugs or performance issues at https://github.com/google/dagger/issues. The current list of known issues can be found here.

There are also a few potentially breaking changes included with this release. These changes were made to better support Dagger usage with Kotlin sources, and make the migration from KAPT to KSP more seamless. We don’t expect these changes to affect most users. Please see below for more details.

Breaking changes

The dagger.ignoreProvisionKeyWildcards is now enabled by default

This may break apps that are providing the same binding with different wildcards, e.g. Foo<Bar> and Foo<? extends Bar>.

Fix: See https://dagger.dev/dev-guide/compiler-options#ignore-provision-key-wildcards for suggestions on how to fix this. If fixing is not an immediate option, you can still disable the flag with dagger.ignoreProvisionKeyWildcards=DISABLED.

@Binds assignability check

Unlike KAPT, KSP takes nullability into account when checking if a type is assignable to another type. This changes the behavior of Dagger’s @Binds usage validation such that a type that was assignable in KAPT may no longer be assignable in KSP. For example:

// Incorrect: this compiles successfully in KAPT but the compilation fails in KSP
@Binds fun bind(impl: FooImpl<Bar?>): Foo<Bar>

Fix: To fix this breakage, users should update the parameter or return type in the method such that they are actually assignable when taking nullability into account. For example:

// Correct: this compiles successfully in KAPT and KSP
@Binds fun bind(impl: FooImpl<Bar?>): Foo<Bar?>

Top-level @Module / @Inject classes can no longer be private

Top-level @Module or @Inject classes can no longer be private. This was previously allowed purely by accident (rather than being an officially supported feature) due to the way Kotlin’s private classes are represented as package-private in KAPT’s generated java stubs.

Fix: Replace the private visibility modifier with internal or public.

@Binds and @Provides methods can no longer be extension functions

Normally when we define an @Provides/@Binds function we put the dependencies in the parameter list:

... (truncated)

Commits

• 03513e5 2.48 release
• b90b416 Don't run RootProcessingStep#postProcess if no root element was detected.
• f5d686d Ban usage of var in Component.
• 232e524 Fix github action
• 046baa4 Remove workaround for b/269172737.
• 7107431 Rename #java() to #javac() for Dagger SPI model types.
• b7d97ba Internal change
• 278e4ec Update xprocessing jar
• c53be9a UPDATE Bazel version to 6.3.2
• 8d2385f Move Dagger spi model types implementation into Dagger internal.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)