codecov[bot]
commented
6 months ago Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 77.04%. Comparing base (
386a800) to head (c704879).
Additional details and impacted files
```diff @@ Coverage Diff @@ ## main #849 +/- ## ========================================= Coverage 77.04% 77.04% Complexity 250 250 ========================================= Files 59 59 Lines 1895 1895 Branches 265 265 ========================================= Hits 1460 1460 Misses 314 314 Partials 121 121 ``` | [Flag](https://app.codecov.io/gh/Fraunhofer-AISEC/codyze/pull/849/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Fraunhofer-AISEC) | Coverage Δ | | |---|---|---| | [unittests](https://app.codecov.io/gh/Fraunhofer-AISEC/codyze/pull/849/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Fraunhofer-AISEC) | `77.04% <ø> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Fraunhofer-AISEC#carryforward-flags-in-the-pull-request-comment) to find out more.:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
This PR contains the following updates:
4.8.2->4.8.4Release Notes
spotbugs/spotbugs (com.github.spotbugs:spotbugs)
### [`v4.8.4`](https://togithub.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#484---2024-04-07) [Compare Source](https://togithub.com/spotbugs/spotbugs/compare/4.8.3...4.8.4) ##### Fixed - Fix FP in SE_PREVENT_EXT_OBJ_OVERWRITE when the if statement checking for null value, checking multiple variables or the method exiting in the if branch with an exception. ([#2750](https://togithub.com/spotbugs/spotbugs/issues/2750)) - Fix possible null value in taxonomies of SARIF output ([#2744](https://togithub.com/spotbugs/spotbugs/issues/2744)) - Fix `executionSuccessful` flag in SARIF report being set to false when bugs were found ([#2116](https://togithub.com/spotbugs/spotbugs/issues/2116)) - Move information contained in the SARIF property `exitSignalName` to `exitCodeDescription` ([#2739](https://togithub.com/spotbugs/spotbugs/issues/2739)) - Do not report SE_NO_SERIALVERSIONID or other serialization issues for records ([#2793](https://togithub.com/spotbugs/spotbugs/issues/2793)) - Added support for CONSTANT_Dynamic ([#2759](https://togithub.com/spotbugs/spotbugs/issues/2759)) - Ignore generic variable types when looking for BC_UNCONFIRMED_CAST_OF_RETURN_VALUE ([#1219](https://togithub.com/spotbugs/spotbugs/issues/1219)) - Do not report BC_UNCONFIRMED_CAST for Java 21's type switches ([#2813](https://togithub.com/spotbugs/spotbugs/pull/2813)) - Remove AppleExtension library (note: menus slightly changed) ([#2823](https://togithub.com/spotbugs/spotbugs/pull/2823)) - Fix false positive NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE even if Objects.requireNonNull is used. ([#651](https://togithub.com/spotbugs/spotbugs/issues/651), [#456](https://togithub.com/spotbugs/spotbugs/issues/456)) - Fixed error preventing SpotBugs from reporting FE_FLOATING_POINT_EQUALITY ([#2843](https://togithub.com/spotbugs/spotbugs/pull/2843)) - Fixed NP_LOAD_OF_KNOWN_NULL_VALUE and RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE false positives in try-with-resources generated finally blocks ([#2844](https://togithub.com/spotbugs/spotbugs/pull/2844)) - Do not report DLS_DEAD_LOCAL_STORE for Java 21's type switches ([#2828](https://togithub.com/spotbugs/spotbugs/pull/2828)) - Update UnreadFields detector to ignore warnings for fields with certain annotations ([#574](https://togithub.com/spotbugs/spotbugs/issues/574)) - Do not report UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for fields initialized in method annotated with [@PostConstruct](https://togithub.com/PostConstruct), [@BeforeEach](https://togithub.com/BeforeEach), etc. ([#2872](https://togithub.com/spotbugs/spotbugs/pull/2872) [#2870](https://togithub.com/spotbugs/spotbugs/issues/2870) [#453](https://togithub.com/spotbugs/spotbugs/issues/453)) - Do not report DLS_DEAD_LOCAL_STORE for Hibernate bytecode enhancements ([#2865](https://togithub.com/spotbugs/spotbugs/pull/2865)) - Fixed NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE false positives due to source code formatting ([#2874](https://togithub.com/spotbugs/spotbugs/pull/2874)) - Added more nullability annotations in TypeQualifierResolver ([#2558](https://togithub.com/spotbugs/spotbugs/issues/2558) [#2694](https://togithub.com/spotbugs/spotbugs/pull/2694)) - Improved the bug description for VA_FORMAT_STRING_USES_NEWLINE when using text blocks, check the usage of String.formatted() ([#2881](https://togithub.com/spotbugs/spotbugs/pull/2881)) - Fixed crash in ValueRangeAnalysisFactory when looking for redundant conditions used in assertions [#2887](https://togithub.com/spotbugs/spotbugs/pull/2887)) - Revert again commons-text from 1.11.0 to 1.10.0 to resolve a version conflict ([#2686](https://togithub.com/spotbugs/spotbugs/issues/2686)) - Fixed false positive MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR when referencing but not calling an overridable method [#2837](https://togithub.com/spotbugs/spotbugs/pull/2837)) - Update the filter XSD namespace and location for the upcoming 4.8.4 release [#2909](https://togithub.com/spotbugs/spotbugs/issues/2909)) ##### Added - New detector `MultipleInstantiationsOfSingletons` and introduced new bug types: - `SING_SINGLETON_HAS_NONPRIVATE_CONSTRUCTOR` is reported in case of a non-private constructor, - `SING_SINGLETON_IMPLEMENTS_CLONEABLE` is reported in case of a class directly implementing the `Cloneable` interface, - `SING_SINGLETON_INDIRECTLY_IMPLEMENTS_CLONEABLE` is reported when a class indirectly implements the `Cloneable` interface, - `SING_SINGLETON_IMPLEMENTS_CLONE_METHOD` is reported when a class does not implement the `Cloneable` interface, but has a `clone()` method, - `SING_SINGLETON_IMPLEMENTS_SERIALIZABLE` is reported when a class directly or indirectly implements the `Serializable` interface and - `SING_SINGLETON_GETTER_NOT_SYNCHRONIZED` is reported when the instance-getter method of the singleton class is not synchronized. (See [SEI CERT MSC07-J](https://wiki.sei.cmu.edu/confluence/display/java/MSC07-J.+Prevent+multiple+instantiations+of+singleton+objects)) - Extend `FindOverridableMethodCall` detector with new bug type: `MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT`. It's reported when an overridable method is called from `readObject()`, according to SEI CERT rule [SER09-J. Do not invoke overridable methods from the readObject() method](https://wiki.sei.cmu.edu/confluence/display/java/SER09-J.+Do+not+invoke+overridable+methods+from+the+readObject%28%29+method). ##### Changed - Minor cleanup in connection with slashed and dotted names ([#2805](https://togithub.com/spotbugs/spotbugs/pull/2805)) ##### Build - Fix sonar coverage for project ([#2796](https://togithub.com/spotbugs/spotbugs/issues/2796)) - Upgraded the build to compile bug samples using Java 21 language features ([#2813](https://togithub.com/spotbugs/spotbugs/pull/2813)) - Add 'configurations.checkstyle resolution starategy' to control bug in gradle on exclusions not being excluded properly as seen in checkstyle usage. See [https://github.com/checkstyle/checkstyle/issues/14211](https://togithub.com/checkstyle/checkstyle/issues/14211) for more information. ([#2798](https://togithub.com/spotbugs/spotbugs/issues/2798)) - Allow our builds to work with jdk 11 with drop back on Eclipse to 4.24 and spring to 5.3.31. ([#2604](https://togithub.com/spotbugs/spotbugs/pull/2604/)) ### [`v4.8.3`](https://togithub.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#483---2023-12-12) [Compare Source](https://togithub.com/spotbugs/spotbugs/compare/4.8.2...4.8.3) ##### Fixed - Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits for checked exceptions ([#2710](https://togithub.com/spotbugs/spotbugs/issues/2710)) - Applied changes for bcel 6.8.0 with adjustments to constant pool ([#2756](https://togithub.com/spotbugs/spotbugs/pull/2756)) - More information bcel changes can be found on ([#2757](https://togithub.com/spotbugs/spotbugs/pull/2757)) - Fix FN in CT_CONSTRUCTOR_THROW when the return value of the called method is not void or primitive type. - Fix FP in CT_CONSTRUCTOR_THROW when exception throwing lambda is created, but not called in constructor ([#2695](https://togithub.com/spotbugs/spotbugs/issues/2695)) ##### Changed - Improved Matcher checks for empty strings ([#2755](https://togithub.com/spotbugs/spotbugs/pull/2755)) - Allow 'onlyAnalyze' option to specify negative matches, such that this facility can be used to prevent a subset of classes to be excluded from analysis ([#2754](https://togithub.com/spotbugs/spotbugs/pull/2754)) - Strictly require logback 1.2.13 due to CVE-2023-6481 and CVE-23-6378 ([#2760](https://togithub.com/spotbugs/spotbugs/pull/2760)) - Prefer log4j2 at 2.22.0 and logback at 1.4.14 ([#2760](https://togithub.com/spotbugs/spotbugs/pull/2760))Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.