Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Chore(deps): Bump spotbugs.version from 4.7.3 to 4.8.1 #1758

Closed
wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 28, 2023

Bumps spotbugs.version from 4.7.3 to 4.8.1.
Updates com.github.spotbugs:spotbugs from 4.7.3 to 4.8.1

Release notes

Sourced from com.github.spotbugs:spotbugs's releases.

SpotBugs 4.8.1

CHANGELOG

Fixed

  • Fixed schema location for findbugsfilter.xsd ([#1416])
  • Fixed missing null checks ([#2629])
  • Disabled DontReusePublicIdentifiers due to the high false positives rate ([#2627])
  • Removed signature of methods using UTF-8 in DefaultEncodingDetector ([#2634])
  • Fix exception escapes when calling functions of JUnit Assert or Assertions ([#2640])
  • Fixed an error in the SARIF export when a bug annotation is missing ([#2632])
  • Fixed false positive RV_EXCEPTION_NOT_THROWN when asserting to exception throws ([#2628])
  • Fix false positive CT_CONSTRUCTOR_THROW when supertype has final finalize ([#2665])
  • Lowered the priority of PA_PUBLIC_MUTABLE_OBJECT_ATTRIBUTE bug ([#2652])
  • Eclipse: fixed startup overhead (on computing classpath) for PDE projects ([#2671])

Build

  • Fix deprecated GHA on '::set-output' by using GITHUB_OUTPUT ([#2651])

CHECKSUM

file checksum (sha256)
spotbugs-4.8.1-javadoc.jar f8ef08283a500d3f250f87f5b01fac2ed19acc11bc78657fd277ca7d27c9c211
spotbugs-4.8.1-sources.jar 29fef7bebfe1597f8477e21cf139ac6f1ef01afabce8bb3e6ae258a3d6c3de8f
spotbugs-4.8.1.tgz b8e8f755c3e629885616d898e1a857162273253559f9e0e329983c671c02cd4e
spotbugs-4.8.1.zip 5cb639cf1ce79dc58ba07ee459a6da8bd665e06e10cfb66a79c685601326c111
spotbugs-annotations-4.8.1-javadoc.jar 56be7c8808111619cf87f4385368b8c0d30e4a01bcea4add878780608a6e932a
spotbugs-annotations-4.8.1-sources.jar b5d0110b70b9c44915f2c3375d1b700acb6d409152baf70030787d17a684469b
spotbugs-annotations.jar 06eba41a81aaccb011c3f75afa019e509cda7f1eb7a4e057bb860c60845f915e
spotbugs-ant-4.8.1-javadoc.jar 3862ce0fe8a201562cb32ddfbff3d78745950aeb0d0ea8c849bf55d1aa9b71de
spotbugs-ant-4.8.1-sources.jar 9f1431331363f45ceb9b91c0e5246eab574fbff81c56eff0e385f572d346de61
spotbugs-ant.jar a798346790437cdc18217379fa54a7e6b044ba2070891ebe01faee28af79af6c
spotbugs.jar e49adbc51addf00264042d82075db98a10ad2af9348f7275de6bc075b7245a95
test-harness-4.8.1-javadoc.jar 6f2d3a6c452c972e2890161ee1ff84437bba0877bcd302041df73e9d02217d7b
test-harness-4.8.1-sources.jar 633ae795c1889fa59f1faad8ea8f1f5b39155029f4f75b51557085097570feb6
test-harness-4.8.1.jar 23f414f9988a3d44dded88ad2d827e95699dc6bb8d6e06a2b0920db2cac442b9
test-harness-core-4.8.1-javadoc.jar af4e056c212f1039e9f756067fce7125f24160f2e70918fa710e6e3cd9993e92
test-harness-core-4.8.1-sources.jar f5db3e4ebf3f90c9bbf4815824c9d94f93fb740c9610b6f70a64bf7896a4e082
test-harness-core-4.8.1.jar 5bd0e9b18f0ec45c27ee3ec882cb6db86ed42a6b884f091468496de3281dc242
test-harness-jupiter-4.8.1-javadoc.jar 1d84b2c269263a7eb0641d021e99da9a6da2bfac05430b341a38a4b0530e57a9
test-harness-jupiter-4.8.1-sources.jar 0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.8.1.jar d2ed802cc81dca3cf8c393fda7f77f02b01c0c1a8ffce7ec57da53aff27a1485

SpotBugs 4.8.0

CHANGELOG

Changed

  • Bump up Apache Commons BCEL to the version 6.6.1 (#2223)
  • Bump up slf4j-api to 2.0.3 (#2220)
  • Bump up gson to 2.10 (#2235)
  • Allowed for large command line through writing arguments to file (UnionResults/UnionBugs2)
  • Use com.github.stephenc.jcip for jcip-annotations fixing #887

... (truncated)

Changelog

Sourced from com.github.spotbugs:spotbugs's changelog.

4.8.1 - 2023-11-06

Fixed

  • Fixed schema location for findbugsfilter.xsd (#1416)
  • Fixed missing null checks (#2629)
  • Disabled DontReusePublicIdentifiers due to the high false positives rate (#2627)
  • Removed signature of methods using UTF-8 in DefaultEncodingDetector (#2634)
  • Fix exception escapes when calling functions of JUnit Assert or Assertions (#2640)
  • Fixed an error in the SARIF export when a bug annotation is missing (#2632)
  • Fixed false positive RV_EXCEPTION_NOT_THROWN when asserting to exception throws (#2628)
  • Fix false positive CT_CONSTRUCTOR_THROW when supertype has final finalize (#2665)
  • Lowered the priority of PA_PUBLIC_MUTABLE_OBJECT_ATTRIBUTE bug (#2652)
  • Eclipse: fixed startup overhead (on computing classpath) for PDE projects (#2671)

Build

  • Fix deprecated GHA on '::set-output' by using GITHUB_OUTPUT (#2651)

4.8.0 - 2023-10-11

Changed

  • Bump up Apache Commons BCEL to the version 6.6.1 (#2223)
  • Bump up slf4j-api to 2.0.3 (#2220)
  • Bump up gson to 2.10 (#2235)
  • Allowed for large command line through writing arguments to file (UnionResults/UnionBugs2)
  • Use com.github.stephenc.jcip for jcip-annotations fixing (#887)

Fixed

  • Fixed missing classes not in report if using IErrorLogger.reportMissingClass(ClassDescriptor) (#219)
  • Stop exposing junit-bom to consumers (#2255)
  • Fixed AbstractBugReporter emits wrong non-sensical debug output during filtering (#184)
  • Added support for jakarta namespace (#2289)
  • Report a low priority bug for an unread field in reflective classes (#2325)
  • Fixed "Unhandled event loop exception" opening Bug Filter Configuration dialog in Eclipse (#2327)
  • Fixed detector RandomOnceSubDetector to not report when doubles, ints, or longs are called on a new Random or SecureRandom (#2370)
  • Fixed detector TestASM throwing error during analysis, because it doesn't note that it reports bugs.
  • Eclipse annotation classpath initializer is hard-coded to jsr305 version 3.0.1, fix to 3.0.2 per #2470
  • Fixed annotation on generic or array incorrectly considered for the nullability of a method parameter or return type (#2502)
  • Added support for CONSTANT_Dynamic in constant class pool (#2506)
  • Recognise enums and records as immutable (#2356)
  • Added detections of reliance on default encoding in java.nio.file.Files (#2114)
  • Fixed a regression in the Value Number Analysis (#2465)
  • Fix XML Output incorrectly escaped in Eclipse Bug Info view (#2520)
  • Updated the MS_EXPOSE_REP description to mention mutable objects, not just arrays (#1669)
  • Described Configuration option frc.suspicious for bug RC_REF_COMPARISON in bug description (#2297)
  • Fixed FindHEMismatch not reporting HE_SIGNATURE_DECLARES_HASHING_OF_UNHASHABLE_CLASS for some classes (#2402)
  • Added execute file permission to files in the distribution zip (#2540)
  • Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when part of a Mockito.verify() call check (#872)
  • Do not report SIC_INNER_SHOULD_BE_STATIC for classes annotated with JUnit Nested (#560)
  • Detect created, but not-thrown exceptions, which are created by not the constructor (#2547)
  • Fixed eclipse plugin Effort.values pass to effortViewer as required cast to varargs (#2579)

... (truncated)

Commits
  • a93f606 release v4.8.1
  • 2f8d6ac fix(deps): update junit5 monorepo to v5.10.1 (#2678)
  • fc46873 fix(deps): update dependency org.mockito:mockito-core to v5.7.0 (#2675)
  • 2541a96 Add more bundles for PDE classpath resolving (#2673)
  • 65c8c37 Simplify PDE classpath resolving (#2671)
  • 2ea7c1d fix(deps): update dependency org.checkerframework:checker-qual to v3.40.0 (#2...
  • 17bb20b Lower the priority of PA_PUBLIC_MUTABLE_OBJECT_ATTRIBUTE (#2669)
  • 0ed9c56 fix(deps): update dependency org.apache.commons:commons-text to v1.11.0 (#2668)
  • 674a7d0 Fix CT_CONSTRUCTOR_THROW FP when Supertype has final finalize (#2666)
  • a834b53 fix(deps): update log4j to v2.21.1 (#2663)
  • Additional commits viewable in compare view

Updates com.github.spotbugs:spotbugs-annotations from 4.7.3 to 4.8.1

Release notes

Sourced from com.github.spotbugs:spotbugs-annotations's releases.

SpotBugs 4.8.1

CHANGELOG

Fixed

  • Fixed schema location for findbugsfilter.xsd ([#1416])
  • Fixed missing null checks ([#2629])
  • Disabled DontReusePublicIdentifiers due to the high false positives rate ([#2627])
  • Removed signature of methods using UTF-8 in DefaultEncodingDetector ([#2634])
  • Fix exception escapes when calling functions of JUnit Assert or Assertions ([#2640])
  • Fixed an error in the SARIF export when a bug annotation is missing ([#2632])
  • Fixed false positive RV_EXCEPTION_NOT_THROWN when asserting to exception throws ([#2628])
  • Fix false positive CT_CONSTRUCTOR_THROW when supertype has final finalize ([#2665])
  • Lowered the priority of PA_PUBLIC_MUTABLE_OBJECT_ATTRIBUTE bug ([#2652])
  • Eclipse: fixed startup overhead (on computing classpath) for PDE projects ([#2671])

Build

  • Fix deprecated GHA on '::set-output' by using GITHUB_OUTPUT ([#2651])

CHECKSUM

file checksum (sha256)
spotbugs-4.8.1-javadoc.jar f8ef08283a500d3f250f87f5b01fac2ed19acc11bc78657fd277ca7d27c9c211
spotbugs-4.8.1-sources.jar 29fef7bebfe1597f8477e21cf139ac6f1ef01afabce8bb3e6ae258a3d6c3de8f
spotbugs-4.8.1.tgz b8e8f755c3e629885616d898e1a857162273253559f9e0e329983c671c02cd4e
spotbugs-4.8.1.zip 5cb639cf1ce79dc58ba07ee459a6da8bd665e06e10cfb66a79c685601326c111
spotbugs-annotations-4.8.1-javadoc.jar 56be7c8808111619cf87f4385368b8c0d30e4a01bcea4add878780608a6e932a
spotbugs-annotations-4.8.1-sources.jar b5d0110b70b9c44915f2c3375d1b700acb6d409152baf70030787d17a684469b
spotbugs-annotations.jar 06eba41a81aaccb011c3f75afa019e509cda7f1eb7a4e057bb860c60845f915e
spotbugs-ant-4.8.1-javadoc.jar 3862ce0fe8a201562cb32ddfbff3d78745950aeb0d0ea8c849bf55d1aa9b71de
spotbugs-ant-4.8.1-sources.jar 9f1431331363f45ceb9b91c0e5246eab574fbff81c56eff0e385f572d346de61
spotbugs-ant.jar a798346790437cdc18217379fa54a7e6b044ba2070891ebe01faee28af79af6c
spotbugs.jar e49adbc51addf00264042d82075db98a10ad2af9348f7275de6bc075b7245a95
test-harness-4.8.1-javadoc.jar 6f2d3a6c452c972e2890161ee1ff84437bba0877bcd302041df73e9d02217d7b
test-harness-4.8.1-sources.jar 633ae795c1889fa59f1faad8ea8f1f5b39155029f4f75b51557085097570feb6
test-harness-4.8.1.jar 23f414f9988a3d44dded88ad2d827e95699dc6bb8d6e06a2b0920db2cac442b9
test-harness-core-4.8.1-javadoc.jar af4e056c212f1039e9f756067fce7125f24160f2e70918fa710e6e3cd9993e92
test-harness-core-4.8.1-sources.jar f5db3e4ebf3f90c9bbf4815824c9d94f93fb740c9610b6f70a64bf7896a4e082
test-harness-core-4.8.1.jar 5bd0e9b18f0ec45c27ee3ec882cb6db86ed42a6b884f091468496de3281dc242
test-harness-jupiter-4.8.1-javadoc.jar 1d84b2c269263a7eb0641d021e99da9a6da2bfac05430b341a38a4b0530e57a9
test-harness-jupiter-4.8.1-sources.jar 0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.8.1.jar d2ed802cc81dca3cf8c393fda7f77f02b01c0c1a8ffce7ec57da53aff27a1485

SpotBugs 4.8.0

CHANGELOG

Changed

  • Bump up Apache Commons BCEL to the version 6.6.1 (#2223)
  • Bump up slf4j-api to 2.0.3 (#2220)
  • Bump up gson to 2.10 (#2235)
  • Allowed for large command line through writing arguments to file (UnionResults/UnionBugs2)
  • Use com.github.stephenc.jcip for jcip-annotations fixing #887

... (truncated)

Changelog

Sourced from com.github.spotbugs:spotbugs-annotations's changelog.

4.8.1 - 2023-11-06

Fixed

  • Fixed schema location for findbugsfilter.xsd (#1416)
  • Fixed missing null checks (#2629)
  • Disabled DontReusePublicIdentifiers due to the high false positives rate (#2627)
  • Removed signature of methods using UTF-8 in DefaultEncodingDetector (#2634)
  • Fix exception escapes when calling functions of JUnit Assert or Assertions (#2640)
  • Fixed an error in the SARIF export when a bug annotation is missing (#2632)
  • Fixed false positive RV_EXCEPTION_NOT_THROWN when asserting to exception throws (#2628)
  • Fix false positive CT_CONSTRUCTOR_THROW when supertype has final finalize (#2665)
  • Lowered the priority of PA_PUBLIC_MUTABLE_OBJECT_ATTRIBUTE bug (#2652)
  • Eclipse: fixed startup overhead (on computing classpath) for PDE projects (#2671)

Build

  • Fix deprecated GHA on '::set-output' by using GITHUB_OUTPUT (#2651)

4.8.0 - 2023-10-11

Changed

  • Bump up Apache Commons BCEL to the version 6.6.1 (#2223)
  • Bump up slf4j-api to 2.0.3 (#2220)
  • Bump up gson to 2.10 (#2235)
  • Allowed for large command line through writing arguments to file (UnionResults/UnionBugs2)
  • Use com.github.stephenc.jcip for jcip-annotations fixing (#887)

Fixed

  • Fixed missing classes not in report if using IErrorLogger.reportMissingClass(ClassDescriptor) (#219)
  • Stop exposing junit-bom to consumers (#2255)
  • Fixed AbstractBugReporter emits wrong non-sensical debug output during filtering (#184)
  • Added support for jakarta namespace (#2289)
  • Report a low priority bug for an unread field in reflective classes (#2325)
  • Fixed "Unhandled event loop exception" opening Bug Filter Configuration dialog in Eclipse (#2327)
  • Fixed detector RandomOnceSubDetector to not report when doubles, ints, or longs are called on a new Random or SecureRandom (#2370)
  • Fixed detector TestASM throwing error during analysis, because it doesn't note that it reports bugs.
  • Eclipse annotation classpath initializer is hard-coded to jsr305 version 3.0.1, fix to 3.0.2 per #2470
  • Fixed annotation on generic or array incorrectly considered for the nullability of a method parameter or return type (#2502)
  • Added support for CONSTANT_Dynamic in constant class pool (#2506)
  • Recognise enums and records as immutable (#2356)
  • Added detections of reliance on default encoding in java.nio.file.Files (#2114)
  • Fixed a regression in the Value Number Analysis (#2465)
  • Fix XML Output incorrectly escaped in Eclipse Bug Info view (#2520)
  • Updated the MS_EXPOSE_REP description to mention mutable objects, not just arrays (#1669)
  • Described Configuration option frc.suspicious for bug RC_REF_COMPARISON in bug description (#2297)
  • Fixed FindHEMismatch not reporting HE_SIGNATURE_DECLARES_HASHING_OF_UNHASHABLE_CLASS for some classes (#2402)
  • Added execute file permission to files in the distribution zip (#2540)
  • Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when part of a Mockito.verify() call check (#872)
  • Do not report SIC_INNER_SHOULD_BE_STATIC for classes annotated with JUnit Nested (#560)
  • Detect created, but not-thrown exceptions, which are created by not the constructor (#2547)
  • Fixed eclipse plugin Effort.values pass to effortViewer as required cast to varargs (#2579)

... (truncated)

Commits
  • a93f606 release v4.8.1
  • 2f8d6ac fix(deps): update junit5 monorepo to v5.10.1 (#2678)
  • fc46873 fix(deps): update dependency org.mockito:mockito-core to v5.7.0 (#2675)
  • 2541a96 Add more bundles for PDE classpath resolving (#2673)
  • 65c8c37 Simplify PDE classpath resolving (#2671)
  • 2ea7c1d fix(deps): update dependency org.checkerframework:checker-qual to v3.40.0 (#2...
  • 17bb20b Lower the priority of PA_PUBLIC_MUTABLE_OBJECT_ATTRIBUTE (#2669)
  • 0ed9c56 fix(deps): update dependency org.apache.commons:commons-text to v1.11.0 (#2668)
  • 674a7d0 Fix CT_CONSTRUCTOR_THROW FP when Supertype has final finalize (#2666)
  • a834b53 fix(deps): update log4j to v2.21.1 (#2663)
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps `spotbugs.version` from 4.7.3 to 4.8.1.

Updates `com.github.spotbugs:spotbugs` from 4.7.3 to 4.8.1
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](spotbugs/spotbugs@4.7.3...4.8.1)

Updates `com.github.spotbugs:spotbugs-annotations` from 4.7.3 to 4.8.1
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](spotbugs/spotbugs@4.7.3...4.8.1)

---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: com.github.spotbugs:spotbugs-annotations
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Nov 28, 2023
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 1, 2023

Superseded by #1765.

@dependabot dependabot bot closed this Dec 1, 2023
@dependabot dependabot bot deleted the dependabot/maven/spotbugs.version-4.8.1 branch December 1, 2023 02:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants