Update third_party guava to 25.1.
There is a security vulnerability in versions below 24.1.1
com_google_guava_failureaccess_java and
com_google_j2objc_j2objc_annotations_java are changed to compile as
they need to have supports_android = true for third_party/guava and
android_webview_apk, and they can't have testonly = true set because
of android_deps/guava uses them in build, so will need a security
review.
Probably won't need a license review as source is from maven
android_x with apache 2.0 license and per:
https://chromium.googlesource.com/chromium/src/+/master/third_party/android_deps/README.md
"This is not necessary if you are only upgrading existing package
s or adding packages from the same source and license (e.g. gms)"
Bug: 1067869
Change-Id: Idc7b53caa4685c4047b50ca22056f631c5749aea
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2138162
Reviewed-by: Yaron Friedman <[email protected]>
Reviewed-by: Andrew Grieve <[email protected]>
Commit-Queue: benjamin joyce <[email protected]>
Cr-Commit-Position: refs/heads/master@{#768068}
diff --git a/DEPS b/DEPS
index 7c5b8f3..bae57fa 100644
--- a/DEPS
+++ b/DEPS
@@ -963,7 +963,7 @@
'packages': [
{
'package': 'chromium/third_party/guava',
- 'version': 'a6fba501f3a0de88b9be1daa2052632de5b96a46',
+ 'version': 'y8Zx7cKTiOunLhOrfC4hOt5kDQrLJ_Rq7ISDmXkPdYsC',
},
],
'condition': 'checkout_android',
