Skip to content

chore(deps): [WPB-9777] bump com.slack.lint.compose:compose-lint-checks from 1.4.3 to 1.5.0#4951

Open
dependabot[bot] wants to merge 4 commits into
developfrom
dependabot/gradle/com.slack.lint.compose-compose-lint-checks-1.5.0
Open

chore(deps): [WPB-9777] bump com.slack.lint.compose:compose-lint-checks from 1.4.3 to 1.5.0#4951
dependabot[bot] wants to merge 4 commits into
developfrom
dependabot/gradle/com.slack.lint.compose-compose-lint-checks-1.5.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 9, 2026

Copy link
Copy Markdown
Contributor

Bumps com.slack.lint.compose:compose-lint-checks from 1.4.3 to 1.5.0.

Release notes

Sourced from com.slack.lint.compose:compose-lint-checks's releases.

1.5.0

  • Behavior change: The stability checks (ComposeUnstableReceiver, ComposeMutableParameters, ComposeUnstableCollections) are now disabled by default as they are significantly less important in the era of Compose strong skipping. Re-enable them via the new stability-checks option in lint.xml. See https://slackhq.github.io/compose-lints/rules/#stability.
  • New: Add ComposeItemKeyHashCode to flag hashCode() used in Lazy*/Pager item keys. Item keys must be unique, but hashCodes are not. See https://slackhq.github.io/compose-lints/rules/#dont-use-hashcode-as-a-key.
  • New: Add ComposeRedundantComposable to flag functions/properties annotated @Composable that don't use the composition (no @Composable calls or property reads), so the annotation can be removed. See https://slackhq.github.io/compose-lints/rules/#remove-unnecessary-composable-annotations.
  • Enhancement: Improve ModifierReused data flow analysis. This addresses several past issues with modifier parameter use in composables.
  • Enhancement: ComposeViewModelForwarding is now smarter: it detects ViewModels forwarded inside nested blocks (e.g. Row { Composable(viewModel) }), follows reassignments (e.g. val vm = viewModel; Other(vm)) via data-flow analysis instead of name matching, and no longer flags capitalized non-composable calls (such as event handlers) that happen to take a ViewModel.
  • Fix: Fix ComposeUnstableReceiver false positives on Kotlin value class receivers and on composable members of value class types. Value classes are now treated as stable when their underlying property type is stable, including for compiled cross-module classes (via a metadata-aware evaluator).
  • Fix: Fix the stability-checks option being intermittently ignored: each stability check now registers its own option instance, since a single instance shared across issues had its (lint-internal) issue back-reference overwritten depending on class-load order, causing the configured value to resolve against the wrong issue.
  • Removed: Remove the ComposeRememberMissing rule in favor of Compose's own UnrememberedMutableState lint, which ships with the Compose runtime, is enabled by default, and covers more state builders without the false positives our rule had. See #490.
  • Build against lint 32.2.1.
  • Target Kotlin 2.2 (matches lint 32.*).

Special thanks to @​aasitnikov for contributing to this release!

What's Changed

New Contributors

Full Changelog: slackhq/compose-lints@1.4.3...1.5.0

Changelog

Sourced from com.slack.lint.compose:compose-lint-checks's changelog.

1.5.0

2026-05-26

  • Behavior change: The stability checks (ComposeUnstableReceiver, ComposeMutableParameters, ComposeUnstableCollections) are now disabled by default as they are significantly less important in the era of Compose strong skipping. Re-enable them via the new stability-checks option in lint.xml. See https://slackhq.github.io/compose-lints/rules/#stability.
  • New: Add ComposeItemKeyHashCode to flag hashCode() used in Lazy*/Pager item keys. Item keys must be unique, but hashCodes are not. See https://slackhq.github.io/compose-lints/rules/#dont-use-hashcode-as-a-key.
  • New: Add ComposeRedundantComposable to flag functions/properties annotated @Composable that don't use the composition (no @Composable calls or property reads), so the annotation can be removed. See https://slackhq.github.io/compose-lints/rules/#remove-unnecessary-composable-annotations.
  • Enhancement: Improve ModifierReused data flow analysis. This addresses several past issues with modifier parameter use in composables.
  • Enhancement: ComposeViewModelForwarding is now smarter: it detects ViewModels forwarded inside nested blocks (e.g. Row { Composable(viewModel) }), follows reassignments (e.g. val vm = viewModel; Other(vm)) via data-flow analysis instead of name matching, and no longer flags capitalized non-composable calls (such as event handlers) that happen to take a ViewModel.
  • Fix: Fix ComposeUnstableReceiver false positives on Kotlin value class receivers and on composable members of value class types. Value classes are now treated as stable when their underlying property type is stable, including for compiled cross-module classes (via a metadata-aware evaluator).
  • Fix: Fix the stability-checks option being intermittently ignored: each stability check now registers its own option instance, since a single instance shared across issues had its (lint-internal) issue back-reference overwritten depending on class-load order, causing the configured value to resolve against the wrong issue.
  • Removed: Remove the ComposeRememberMissing rule in favor of Compose's own UnrememberedMutableState lint, which ships with the Compose runtime, is enabled by default, and covers more state builders without the false positives our rule had. See #490.
  • Build against lint 32.2.1.
  • Target Kotlin 2.2 (matches lint 32.*).

Special thanks to @​aasitnikov for contributing to this release!

Commits
  • e3ef9b6 Prepare for release 1.5.0.
  • 691360d Add redundant composable detection (#543)
  • b52ba56 Fix nested viewmodel call forwarding (#544)
  • d8be2cb Remove RememberMissingDetector (#539)
  • d8f7440 Add detector for using hashCode() in keys (#542)
  • 1c664c5 Add more modifier tests (#540)
  • 58dd24e Fix value class stability detection + disable stability detection by default ...
  • 35e9473 Update dependency com.facebook:ktfmt to v0.62 (#500)
  • 44de4c3 Update renovatebot/github-action action to v46 (#538)
  • 4427194 Modifier reused - use code flow analysis (#454)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): [WPB-9777] bump com.slack.lint.compose:compose-lint-checks
2fe1b08 
Bumps [com.slack.lint.compose:compose-lint-checks](https://github.com/slackhq/compose-lints) from 1.4.3 to 1.5.0.
- [Release notes](https://github.com/slackhq/compose-lints/releases)
- [Changelog](https://github.com/slackhq/compose-lints/blob/main/CHANGELOG.md)
- [Commits](slackhq/compose-lints@1.4.3...1.5.0)

---
updated-dependencies:
- dependency-name: com.slack.lint.compose:compose-lint-checks
  dependency-version: 1.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jun 9, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 9, 2026 22:07
@dependabot dependabot Bot requested review from emmaoke-w, ohassine, saleniuk, typfel and yamilmedina and removed request for a team June 9, 2026 22:07
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jun 9, 2026
@ohassine ohassine enabled auto-merge June 10, 2026 15:10
@codecov

codecov Bot commented Jun 10, 2026
edited
Loading

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 48.84%. Comparing base (a104530) to head (fb5be24).
⚠️ Report is 1 commits behind head on develop.

Additional details and impacted files 
@@           Coverage Diff            @@
##           develop    #4951   +/-   ##
========================================
  Coverage    48.84%   48.84%           
========================================
  Files          643      643           
  Lines        23012    23012           
  Branches      3519     3519           
========================================
  Hits         11240    11240           
  Misses       10727    10727           
  Partials      1045     1045

Continue to review full report in Codecov by Harness.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a104530...fb5be24. Read the comment docs.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@sonarqubecloud

sonarqubecloud Bot commented Jun 12, 2026

Copy link
Copy Markdown

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@dependabot @github

dependabot Bot commented on behalf of github Jun 16, 2026

Copy link
Copy Markdown
Contributor Author

A newer version of com.slack.lint.compose:compose-lint-checks exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MohamadJaara MohamadJaara MohamadJaara approved these changes

@saleniuk saleniuk saleniuk approved these changes

@typfel typfel Awaiting requested review from typfel typfel is a code owner automatically assigned from wireapp/android

@yamilmedina yamilmedina Awaiting requested review from yamilmedina yamilmedina is a code owner automatically assigned from wireapp/android

@ohassine ohassine Awaiting requested review from ohassine ohassine is a code owner automatically assigned from wireapp/android

@emmaoke-w emmaoke-w Awaiting requested review from emmaoke-w emmaoke-w is a code owner automatically assigned from wireapp/android

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code size/XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@MohamadJaara @saleniuk @ohassine @yamilmedina