build(deps): bump org.checkerframework:checker-qual from 3.44.0 to 3.45.0

[dependabot[bot]]

Bumps org.checkerframework:checker-qual from 3.44.0 to 3.45.0.

Release notes

Sourced from org.checkerframework:checker-qual's releases.

Checker Framework 3.45.0

Version 3.45.0 (July 1, 2024)

Implementation details:

Added a Tree argument to AnnotatedTypes.adaptParameters()

Deprecated methods:

• TreeUtils.isVarArgs() => isVarargsCall()
• TreeUtils.isVarArgMethodCall() => isVarargsCall()

Closed issues:

#152, #5575, #6630, #6641, #6648, #6676.

Changelog

Sourced from org.checkerframework:checker-qual's changelog.

Version 3.45.0 (July 1, 2024)

Implementation details:

Added a Tree argument to AnnotatedTypes.adaptParameters()

Deprecated methods:

• TreeUtils.isVarArgs() => isVarargsCall()
• TreeUtils.isVarArgMethodCall() => isVarargsCall()

Closed issues:

#152, #5575, #6630, #6641, #6648, #6676.

Commits

• 9723ea7 new release 3.45.0
• 83a8a55 Update for release.
• 8d50b59 Update dependency com.amazonaws:aws-java-sdk-bom to v1.12.753 (#6690)
• e3a0b54 Update dependency org.projectlombok:lombok to v1.18.34 (#6689)
• 71f21f1 Update to Stubparser version 3.26.1
• 6147c82 Remove references to the defunct Object Construction Checker
• 936a6d0 Fix typo
• 4b236c1 Project: replace JavaParser by javac (#6678)
• 6cc0cd3 Non-Empty Checker (#6679)
• 5c98838 Add a complete example of a resource wrapper type to the manual (#6680)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions[bot]]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 2 package(s) with unknown licenses.

See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 25a1c381c37b6c7ee5dd8538931cc1e94019903d.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

jms-broker/pom.xml

Package	Version	License	Issue Type
org.checkerframework:checker-qual	3.45.0	Null	Unknown License

service.data.impl/pom.xml

Package	Version	License	Issue Type
org.checkerframework:checker-qual	3.45.0	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
maven/org.checkerframework:checker-qual	3.45.0	:green_circle: 4.1	Details Check Score Reason Code-Review :green_circle: 7 Found 20/27 approved changesets -- score normalized to 7 Maintained :green_circle: 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Token-Permissions :warning: -1 No tokens found SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Binary-Artifacts :warning: -1 internal error: failure checking for Gradle wrapper validating Action: failure listing workflow runs: internal error: ListWorkflowRunsByFileName: GET https://api.github.com/repos/typetools/checker-framework/actions/workflows/gradle-wrapper-validation.yml-DISABLED/runs?status=success: 404 Not Found [] Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
maven/org.checkerframework:checker-qual	3.44.0	:green_circle: 4.1	Details Check Score Reason Code-Review :green_circle: 7 Found 20/27 approved changesets -- score normalized to 7 Maintained :green_circle: 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Token-Permissions :warning: -1 No tokens found SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Binary-Artifacts :warning: -1 internal error: failure checking for Gradle wrapper validating Action: failure listing workflow runs: internal error: ListWorkflowRunsByFileName: GET https://api.github.com/repos/typetools/checker-framework/actions/workflows/gradle-wrapper-validation.yml-DISABLED/runs?status=success: 404 Not Found [] Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
maven/org.checkerframework:checker-qual	3.45.0	:green_circle: 4.1	Details Check Score Reason Code-Review :green_circle: 7 Found 20/27 approved changesets -- score normalized to 7 Maintained :green_circle: 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Token-Permissions :warning: -1 No tokens found SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Binary-Artifacts :warning: -1 internal error: failure checking for Gradle wrapper validating Action: failure listing workflow runs: internal error: ListWorkflowRunsByFileName: GET https://api.github.com/repos/typetools/checker-framework/actions/workflows/gradle-wrapper-validation.yml-DISABLED/runs?status=success: 404 Not Found [] Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0
maven/org.checkerframework:checker-qual	3.44.0	:green_circle: 4.1	Details Check Score Reason Code-Review :green_circle: 7 Found 20/27 approved changesets -- score normalized to 7 Maintained :green_circle: 10 30 commit(s) and 21 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 9 license file detected Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Signed-Releases :warning: 0 Project has not signed or included provenance with any releases. Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :warning: -1 no workflows found Token-Permissions :warning: -1 No tokens found SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Security-Policy :warning: 0 security policy file not detected Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected Binary-Artifacts :warning: -1 internal error: failure checking for Gradle wrapper validating Action: failure listing workflow runs: internal error: ListWorkflowRunsByFileName: GET https://api.github.com/repos/typetools/checker-framework/actions/workflows/gradle-wrapper-validation.yml-DISABLED/runs?status=success: 404 Not Found [] Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 0 dependency not pinned by hash detected -- score normalized to 0

Scanned Manifest Files

jms-broker/pom.xml

• org.checkerframework:checker-qual@3.45.0
• org.checkerframework:checker-qual@3.44.0

service.data.impl/pom.xml

• org.checkerframework:checker-qual@3.45.0
• org.checkerframework:checker-qual@3.44.0

[sonarcloud[bot]]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud