Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump spotbugs-annotations from RELEASE to 4.4.0 #106

Merged
merged 1 commit into from
Sep 1, 2021
Merged

Bump spotbugs-annotations from RELEASE to 4.4.0 #106

merged 1 commit into from
Sep 1, 2021

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 31, 2021

Bumps spotbugs-annotations from RELEASE to 4.4.0.

Release notes

Sourced from spotbugs-annotations's releases.

SpotBugs 4.4.0

CHANGELOG

CHECKSUM

file checksum (sha256)
spotbugs-4.4.0-javadoc.jar c25c0a3056ccf1ce9ae4c182ab73f6c9626d9031a30bf48857941d6c56ba3cc7
spotbugs-4.4.0-sources.jar 7b9b931b258f1db321fc5fb2e00946594dea976ad51a79a7f3ae48cac17d6c6e
spotbugs-4.4.0.tgz 126b952cf248c92fbb7ba07462a71b3400bd1726fed96e179d8a50edd3e40745
spotbugs-4.4.0.zip f5f8b9aba1f3c87a508fbcb6045dcdc748e1ca4ce16803d6676417c9d82fb862
spotbugs-annotations-4.4.0-javadoc.jar 33a7ccc8917b9c5d2a6b133dceb5b212c0079986232a876471df4d7eb843bc8a
spotbugs-annotations-4.4.0-sources.jar b338136e3e82d585348cde58a8fe3a678e16f51a35c31c1463e05fefef557aad
spotbugs-annotations.jar 383fe580c90e1fea94a3387a8245e096beb792efdca7e04a0bbb4a8cbb81dea2
spotbugs-ant-4.4.0-javadoc.jar da10c9d3273d4367d8c940eec20e2799eba9ae54b920c506478236c241b75a55
spotbugs-ant-4.4.0-sources.jar c74dec42c0ed0dd1ae02a7410d8e0f0dbbee23e8e7da4a21910863677fcdbc8e
spotbugs-ant.jar 9233e48d37882ae4e7a42e9f42ef4c63d6f802cf8f3b03ba575bee26e5032367
spotbugs.jar eb02e80126a4cdfb997fe90a1a2c6ff128b114cc7daab77ed3a773bef3adc2ca
test-harness-4.4.0-javadoc.jar 4aee854334bb0dbcfd4697443abc0594a96c8c7db12e9e5408839fad4bf75162
test-harness-4.4.0-sources.jar 2c1f5ef929453f3b682c7eb7c1e22db3082b5f74c5a5be439be5dc31dd7a31aa
test-harness-4.4.0.jar 55d3a590b81ffec48293a76c45c0695914b405bf9f02bfb930e3ab99b5867d4f
test-harness-core-4.4.0-javadoc.jar 76c8694c8051dbc3f5e989448f3746f6da5374e24db22a022b5c2ffe73336f01
test-harness-core-4.4.0-sources.jar f320f5eb4069e9686b760b2a6a0760989753225f9e9ce1226e3258ec64795d8a
test-harness-core-4.4.0.jar cbec03867e077079d011e85f9932fb230fae3d909f741cffaa4c8097e91fdf40
test-harness-jupiter-4.4.0-javadoc.jar 7792b72f6e8467508bcc143f9511a341f2b11ae0d10d726b54bf38cc98c37158
test-harness-jupiter-4.4.0-sources.jar 210353a57016e26b1a654d936a15f039613fa1ac532d485c1b1d03902f6c6315
test-harness-jupiter-4.4.0.jar 17e8d78d1868f86e63f3e5e3d878e86f3d7fb1b8cf1a8d5f893333c982bfd3e2

SpotBugs 4.3.0

CHANGELOG

CHECKSUM

file checksum (sha256)
spotbugs-4.3.0-javadoc.jar 58eeba2dcdcfd6f73c5203a5745ab1a120ded4df484a6d70124a1dcc0573b37f
spotbugs-4.3.0-sources.jar ab8847620bd47be9f20cad53462bce1ae49e5495a75796f9ba8d547a703f346e
spotbugs-4.3.0.tgz bf9687476cebe0876d9a27679af97705a79b3f0f5629519ca6ec086741b6d884
spotbugs-4.3.0.zip a1c59df789b14a423f24127501db1bd6b0ae642f079f7212ff61343cd387d7f0
spotbugs-annotations-4.3.0-javadoc.jar a49426fbd559394d176c7bc81c8b601b496768048ce29e6f36e05dfcc42f6c19
spotbugs-annotations-4.3.0-sources.jar b338136e3e82d585348cde58a8fe3a678e16f51a35c31c1463e05fefef557aad
spotbugs-annotations.jar ae576422c3a090adc372a4542214a38e195f62ada906184e773a8916d83ec386
spotbugs-ant-4.3.0-javadoc.jar 150875811f177a99c60e8e7afdc5c5d3e58393f84de2662bc32d0409254688a0
spotbugs-ant-4.3.0-sources.jar c74dec42c0ed0dd1ae02a7410d8e0f0dbbee23e8e7da4a21910863677fcdbc8e
spotbugs-ant.jar 9233e48d37882ae4e7a42e9f42ef4c63d6f802cf8f3b03ba575bee26e5032367
spotbugs.jar c619ef5233ff1115e5b4ceeacd4bed4070a7e5bd95d9c3172b7376cd0cbb1c72
test-harness-4.3.0-javadoc.jar 463ab8a236314d537f3ff78d229ed5a11a56143db18f1e1c87b64c8d93d1eac4
test-harness-4.3.0-sources.jar 2c1f5ef929453f3b682c7eb7c1e22db3082b5f74c5a5be439be5dc31dd7a31aa
test-harness-4.3.0.jar 55d3a590b81ffec48293a76c45c0695914b405bf9f02bfb930e3ab99b5867d4f
test-harness-core-4.3.0-javadoc.jar b817f0ca2af5fd603ffdf4d95e5071961a2cb2552bbb9403cf1f5390ca0a37c9

... (truncated)

Changelog

Sourced from spotbugs-annotations's changelog.

4.4.0 - 2021-08-12

Fixed

  • Fixed False positives for RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE (#600 and #1338)
  • Inconsistent bug description on EQ_COMPARING_CLASS_NAMES (#1523)
  • Add a declaration of charset encoding in generated reports (#1623)
  • Fixed regression in Bug Info view for Eclipse 2021-03+ (#1477)

Added

  • New detector FindBadEndOfStreamCheck for new bug type EOS_BAD_END_OF_STREAM_CHECK. This bug is reported whenever the return value of java.io.FileInputStream.read() or java.io.FileReader.read() is first converted to byte/int and only thereafter checked against -1. (See SEI CERT rule FIO08-J)

4.3.0 - 2021-07-01

Fixed

  • MS_EXPOSE_REP and EI_EXPOSE_REP are now reported for code returning a reference to a mutable object indirectly (e.g. via a local variable)

Changed

  • Bump ObjectWeb ASM from 9.1 to 9.2 supporting JDK 18 (#1591)
  • Bump Saxon-HE from 10.3 to 10.5 (#1513)
  • Bump gson from 2.8.6 to 2.8.7 (#1556)
  • Function mutableSignature() improved and factored out from the MutableStaticFields detector

Added

  • New bugs MS_EXPOSE_BUF, EI_EXPOSE_BUF, EI_EXPOSE_STATIC_BUF2 and EI_EXPOSE_BUF2 by the FindReturnRef detector to detect cases where buffers or their backing arrays are exposed (see SEI CERT rule FIO05-J)
  • MS_EXPOSE_REP, EI_EXPOSE_REP, EI_EXPOSE_STATIC_REP2 and EI_EXPOSE_REP2 now report for shallowly copied arrays (using clone()) of mutable objects

4.2.3 - 2021-04-12

Fixed

  • Inconsistency in the description of DLS_DEAD_LOCAL_INCREMENT_IN_RETURN, VO_VOLATILE_INCREMENT and QF_QUESTIONABLE_FOR_LOOP (#1470)
  • Should issue warning for SecureRandom object created and used only once (#1464)
  • False positive OBL_UNSATIFIED_OBLIGATION with try with resources (#79)
  • SA_LOCAL_SELF_COMPUTATION bug (#1472)
  • False positive EQ_UNUSUAL with record classes (#1367)

4.2.2 - 2021-03-03

Fixed

  • UWF_NULL_FIELD doesn't report line number (#1368)
  • UnsupportedOperationException in BugRanker.trimToMaxRank (#1161)

Changed

  • Bump ASM from 9.0 to 9.1 supporting JDK17
  • Bump commons-lang from 3.11 to 3.12.0
  • Replace org.json:json:20201115 with com.google.code.gson:gson:2.8.6

4.2.1 - 2021-02-04

Fixed

  • Invalid HTML in the description of LI_LAZY_INIT_UPDATE_STATIC bug pattern (#1383)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump spotbugs-annotations from RELEASE to 4.4.0
a414ed1 
Bumps [spotbugs-annotations](https://github.com/spotbugs/spotbugs) from RELEASE to 4.4.0.
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/spotbugs/spotbugs/commits/4.4.0)

---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs-annotations
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Aug 31, 2021
@lfuelling lfuelling merged commit 5a8f165 into main Sep 1, 2021
@dependabot dependabot bot deleted the dependabot/maven/com.github.spotbugs-spotbugs-annotations-4.4.0 branch September 1, 2021 09:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@lfuelling