search

MauroDataMapper / mdm-core

The backend of MDM
Apache License 2.0
7 stars 3 forks source link

Update dependency com.github.spotbugs:spotbugs-annotations to v4.8.6 #462

Open renovate[bot] opened 6 months ago

renovate[bot] commented 6 months ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
com.github.spotbugs:spotbugs-annotations (source) 4.7.3 -> 4.8.6 age adoption passing confidence

Release Notes

spotbugs/spotbugs (com.github.spotbugs:spotbugs-annotations) ### [`v4.8.6`](https://redirect.github.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#486---2024-06-17) [Compare Source](https://redirect.github.com/spotbugs/spotbugs/compare/4.8.5...4.8.6) ##### Fixed - Do not report BC_UNCONFIRMED_CAST for Java 21's type switches when the switch instruction is TABLESWITCH ([#​2782](https://redirect.github.com/spotbugs/spotbugs/issues/2782)) - Do not throw exception when inspecting empty switch statements ([#​2995](https://redirect.github.com/spotbugs/spotbugs/issues/2995)) - Adjust priority since relaxed mode reports even `IGNORED_PRIORITY` ([#​2994](https://redirect.github.com/spotbugs/spotbugs/issues/2994)) - Fix duplicated log4j2 jar in distribution ([#​3001](https://redirect.github.com/spotbugs/spotbugs/issues/3001)) ### [`v4.8.5`](https://redirect.github.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#485---2024-05-03) [Compare Source](https://redirect.github.com/spotbugs/spotbugs/compare/4.8.4...4.8.5) ##### Fixed - Fix FP `SING_SINGLETON_GETTER_NOT_SYNCHRONIZED` with eager instances ([#​2932](https://redirect.github.com/spotbugs/spotbugs/issues/2932)) - Fix FPs when looking for multiple initialization of Singletons ([#​2934](https://redirect.github.com/spotbugs/spotbugs/issues/2934)) - Do not report DLS_DEAD_LOCAL_STORE for Java 21's type switches when switch instruction is TABLESWITCH([#​2736](https://redirect.github.com/spotbugs/spotbugs/issues/2736)) - Fix FP `SE_BAD_FIELD` for record fields ([#​2935](https://redirect.github.com/spotbugs/spotbugs/issues/2935)) ### [`v4.8.4`](https://redirect.github.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#484---2024-04-07) [Compare Source](https://redirect.github.com/spotbugs/spotbugs/compare/4.8.3...4.8.4) ##### Fixed - Fix FP in SE_PREVENT_EXT_OBJ_OVERWRITE when the if statement checking for null value, checking multiple variables or the method exiting in the if branch with an exception. ([#​2750](https://redirect.github.com/spotbugs/spotbugs/issues/2750)) - Fix possible null value in taxonomies of SARIF output ([#​2744](https://redirect.github.com/spotbugs/spotbugs/issues/2744)) - Fix `executionSuccessful` flag in SARIF report being set to false when bugs were found ([#​2116](https://redirect.github.com/spotbugs/spotbugs/issues/2116)) - Move information contained in the SARIF property `exitSignalName` to `exitCodeDescription` ([#​2739](https://redirect.github.com/spotbugs/spotbugs/issues/2739)) - Do not report SE_NO_SERIALVERSIONID or other serialization issues for records ([#​2793](https://redirect.github.com/spotbugs/spotbugs/issues/2793)) - Added support for CONSTANT_Dynamic ([#​2759](https://redirect.github.com/spotbugs/spotbugs/issues/2759)) - Ignore generic variable types when looking for BC_UNCONFIRMED_CAST_OF_RETURN_VALUE ([#​1219](https://redirect.github.com/spotbugs/spotbugs/issues/1219)) - Do not report BC_UNCONFIRMED_CAST for Java 21's type switches ([#​2813](https://redirect.github.com/spotbugs/spotbugs/pull/2813)) - Remove AppleExtension library (note: menus slightly changed) ([#​2823](https://redirect.github.com/spotbugs/spotbugs/pull/2823)) - Fix false positive NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE even if Objects.requireNonNull is used. ([#​651](https://redirect.github.com/spotbugs/spotbugs/issues/651), [#​456](https://redirect.github.com/spotbugs/spotbugs/issues/456)) - Fixed error preventing SpotBugs from reporting FE_FLOATING_POINT_EQUALITY ([#​2843](https://redirect.github.com/spotbugs/spotbugs/pull/2843)) - Fixed NP_LOAD_OF_KNOWN_NULL_VALUE and RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE false positives in try-with-resources generated finally blocks ([#​2844](https://redirect.github.com/spotbugs/spotbugs/pull/2844)) - Do not report DLS_DEAD_LOCAL_STORE for Java 21's type switches ([#​2828](https://redirect.github.com/spotbugs/spotbugs/pull/2828)) - Update UnreadFields detector to ignore warnings for fields with certain annotations ([#​574](https://redirect.github.com/spotbugs/spotbugs/issues/574)) - Do not report UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for fields initialized in method annotated with [@​PostConstruct](https://redirect.github.com/PostConstruct), [@​BeforeEach](https://redirect.github.com/BeforeEach), etc. ([#​2872](https://redirect.github.com/spotbugs/spotbugs/pull/2872) [#​2870](https://redirect.github.com/spotbugs/spotbugs/issues/2870) [#​453](https://redirect.github.com/spotbugs/spotbugs/issues/453)) - Do not report DLS_DEAD_LOCAL_STORE for Hibernate bytecode enhancements ([#​2865](https://redirect.github.com/spotbugs/spotbugs/pull/2865)) - Fixed NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE false positives due to source code formatting ([#​2874](https://redirect.github.com/spotbugs/spotbugs/pull/2874)) - Added more nullability annotations in TypeQualifierResolver ([#​2558](https://redirect.github.com/spotbugs/spotbugs/issues/2558) [#​2694](https://redirect.github.com/spotbugs/spotbugs/pull/2694)) - Improved the bug description for VA_FORMAT_STRING_USES_NEWLINE when using text blocks, check the usage of String.formatted() ([#​2881](https://redirect.github.com/spotbugs/spotbugs/pull/2881)) - Fixed crash in ValueRangeAnalysisFactory when looking for redundant conditions used in assertions [#​2887](https://redirect.github.com/spotbugs/spotbugs/pull/2887)) - Revert again commons-text from 1.11.0 to 1.10.0 to resolve a version conflict ([#​2686](https://redirect.github.com/spotbugs/spotbugs/issues/2686)) - Fixed false positive MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR when referencing but not calling an overridable method ([#​2837](https://redirect.github.com/spotbugs/spotbugs/pull/2837)) - Update the filter XSD namespace and location for the upcoming 4.8.4 release ([#​2909](https://redirect.github.com/spotbugs/spotbugs/issues/2909)) ##### Added - New detector `MultipleInstantiationsOfSingletons` and introduced new bug types: - `SING_SINGLETON_HAS_NONPRIVATE_CONSTRUCTOR` is reported in case of a non-private constructor, - `SING_SINGLETON_IMPLEMENTS_CLONEABLE` is reported in case of a class directly implementing the `Cloneable` interface, - `SING_SINGLETON_INDIRECTLY_IMPLEMENTS_CLONEABLE` is reported when a class indirectly implements the `Cloneable` interface, - `SING_SINGLETON_IMPLEMENTS_CLONE_METHOD` is reported when a class does not implement the `Cloneable` interface, but has a `clone()` method, - `SING_SINGLETON_IMPLEMENTS_SERIALIZABLE` is reported when a class directly or indirectly implements the `Serializable` interface and - `SING_SINGLETON_GETTER_NOT_SYNCHRONIZED` is reported when the instance-getter method of the singleton class is not synchronized. (See [SEI CERT MSC07-J](https://wiki.sei.cmu.edu/confluence/display/java/MSC07-J.+Prevent+multiple+instantiations+of+singleton+objects)) - Extend `FindOverridableMethodCall` detector with new bug type: `MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT`. It's reported when an overridable method is called from `readObject()`, according to SEI CERT rule [SER09-J. Do not invoke overridable methods from the readObject() method](https://wiki.sei.cmu.edu/confluence/display/java/SER09-J.+Do+not+invoke+overridable+methods+from+the+readObject%28%29+method). ##### Changed - Minor cleanup in connection with slashed and dotted names ([#​2805](https://redirect.github.com/spotbugs/spotbugs/pull/2805)) ##### Build - Fix sonar coverage for project ([#​2796](https://redirect.github.com/spotbugs/spotbugs/issues/2796)) - Upgraded the build to compile bug samples using Java 21 language features ([#​2813](https://redirect.github.com/spotbugs/spotbugs/pull/2813)) - Add 'configurations.checkstyle resolution starategy' to control bug in gradle on exclusions not being excluded properly as seen in checkstyle usage. See [https://github.com/checkstyle/checkstyle/issues/14211](https://redirect.github.com/checkstyle/checkstyle/issues/14211) for more information. ([#​2798](https://redirect.github.com/spotbugs/spotbugs/issues/2798)) - Allow our builds to work with jdk 11 with drop back on Eclipse to 4.24 and spring to 5.3.31. ([#​2604](https://redirect.github.com/spotbugs/spotbugs/pull/2604/)) ### [`v4.8.3`](https://redirect.github.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#483---2023-12-12) [Compare Source](https://redirect.github.com/spotbugs/spotbugs/compare/4.8.2...4.8.3) ##### Fixed - Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits for checked exceptions ([#​2710](https://redirect.github.com/spotbugs/spotbugs/issues/2710)) - Applied changes for bcel 6.8.0 with adjustments to constant pool ([#​2756](https://redirect.github.com/spotbugs/spotbugs/pull/2756)) - More information bcel changes can be found on ([#​2757](https://redirect.github.com/spotbugs/spotbugs/pull/2757)) - Fix FN in CT_CONSTRUCTOR_THROW when the return value of the called method is not void or primitive type. - Fix FP in CT_CONSTRUCTOR_THROW when exception throwing lambda is created, but not called in constructor ([#​2695](https://redirect.github.com/spotbugs/spotbugs/issues/2695)) ##### Changed - Improved Matcher checks for empty strings ([#​2755](https://redirect.github.com/spotbugs/spotbugs/pull/2755)) - Allow 'onlyAnalyze' option to specify negative matches, such that this facility can be used to prevent a subset of classes to be excluded from analysis ([#​2754](https://redirect.github.com/spotbugs/spotbugs/pull/2754)) - Strictly require logback 1.2.13 due to CVE-2023-6481 and CVE-23-6378 ([#​2760](https://redirect.github.com/spotbugs/spotbugs/pull/2760)) - Prefer log4j2 at 2.22.0 and logback at 1.4.14 ([#​2760](https://redirect.github.com/spotbugs/spotbugs/pull/2760)) ### [`v4.8.2`](https://redirect.github.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#482---2023-11-28) [Compare Source](https://redirect.github.com/spotbugs/spotbugs/compare/4.8.1...4.8.2) ##### Fixed - Fixed false positive UPM_UNCALLED_PRIVATE_METHOD for method used in JUnit's MethodSource ([#​2379](https://redirect.github.com/spotbugs/spotbugs/issues/2379)) - Use java.nio to load filter files ([#​2684](https://redirect.github.com/spotbugs/spotbugs/pull/2684)) - Eclipse: Do not export javax.annotation packages ([#​2699](https://redirect.github.com/spotbugs/spotbugs/pull/2699)) - Fixed not thread safe FindOverridableMethodCall detector ([#​2701](https://redirect.github.com/spotbugs/spotbugs/issues/2701)) - Fix the weird messages of PI_DO_NOT_REUSE_PUBLIC_IDENTIFIERS bugs. ([#​2646](https://redirect.github.com/spotbugs/spotbugs/issues/2646)) - Revert commons-text from 1.11.0 to 1.10.0 to resolve a version conflict ([#​2686](https://redirect.github.com/spotbugs/spotbugs/issues/2686)) - Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits ([#​2710](https://redirect.github.com/spotbugs/spotbugs/issues/2710)) ##### Added - New detector finding `System.getenv()` calls, where the corresponding Java property could be used (See [ENV02-J](https://wiki.sei.cmu.edu/confluence/display/java/ENV02-J.+Do+not+trust+the+values+of+environment+variables)). ##### Build - Run build using jdk 17 and 21 without usage of toolchains so we do not defeat the purpose of building on both. ([#​2722](https://redirect.github.com/spotbugs/spotbugs/pull/2722)) ### [`v4.8.1`](https://redirect.github.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#481---2023-11-06) [Compare Source](https://redirect.github.com/spotbugs/spotbugs/compare/4.8.0...4.8.1) ##### Fixed - Fixed schema location for findbugsfilter.xsd ([#​1416](https://redirect.github.com/spotbugs/spotbugs/issues/1416)) - Fixed missing null checks ([#​2629](https://redirect.github.com/spotbugs/spotbugs/issues/2629)) - Disabled DontReusePublicIdentifiers due to the high false positives rate ([#​2627](https://redirect.github.com/spotbugs/spotbugs/issues/2627)) - Removed signature of methods using UTF-8 in DefaultEncodingDetector ([#​2634](https://redirect.github.com/spotbugs/spotbugs/issues/2634)) - Fix exception escapes when calling functions of JUnit Assert or Assertions ([#​2640](https://redirect.github.com/spotbugs/spotbugs/issues/2640)) - Fixed an error in the SARIF export when a bug annotation is missing ([#​2632](https://redirect.github.com/spotbugs/spotbugs/issues/2632)) - Fixed false positive RV_EXCEPTION_NOT_THROWN when asserting to exception throws ([#​2628](https://redirect.github.com/spotbugs/spotbugs/issues/2628)) - Fix false positive CT_CONSTRUCTOR_THROW when supertype has final finalize ([#​2665](https://redirect.github.com/spotbugs/spotbugs/issues/2665)) - Lowered the priority of `PA_PUBLIC_MUTABLE_OBJECT_ATTRIBUTE` bug ([#​2652](https://redirect.github.com/spotbugs/spotbugs/issues/2652)) - Eclipse: fixed startup overhead (on computing classpath) for PDE projects ([#​2671](https://redirect.github.com/spotbugs/spotbugs/pull/2671)) ##### Build - Fix deprecated GHA on '::set-output' by using GITHUB_OUTPUT ([#​2651](https://redirect.github.com/spotbugs/spotbugs/pull/2651)) ### [`v4.8.0`](https://redirect.github.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#480---2023-10-11) [Compare Source](https://redirect.github.com/spotbugs/spotbugs/compare/4.7.3...4.8.0) ##### Changed - Bump up Apache Commons BCEL to the version 6.6.1 ([#​2223](https://redirect.github.com/spotbugs/spotbugs/pull/2223)) - Bump up slf4j-api to 2.0.3 ([#​2220](https://redirect.github.com/spotbugs/spotbugs/pull/2220)) - Bump up gson to 2.10 ([#​2235](https://redirect.github.com/spotbugs/spotbugs/pull/2235)) - Allowed for large command line through writing arguments to file (UnionResults/UnionBugs2) - Use com.github.stephenc.jcip for jcip-annotations fixing ([#​887](https://redirect.github.com/spotbugs/spotbugs/issues/887)) - Bump ObjectWeb ASM from 9.4 to 9.6, supporting JDK 21 ([#​2578](https://redirect.github.com/spotbugs/spotbugs/pull/2578)) ##### Fixed - Fixed missing classes not in report if using IErrorLogger.reportMissingClass(ClassDescriptor) ([#​219](https://redirect.github.com/spotbugs/spotbugs/issues/219)) - Stop exposing junit-bom to consumers ([#​2255](https://redirect.github.com/spotbugs/spotbugs/pull/2255)) - Fixed AbstractBugReporter emits wrong non-sensical debug output during filtering ([#​184](https://redirect.github.com/spotbugs/spotbugs/issues/184)) - Added support for jakarta namespace ([#​2289](https://redirect.github.com/spotbugs/spotbugs/pull/2289)) - Report a low priority bug for an unread field in reflective classes ([#​2325](https://redirect.github.com/spotbugs/spotbugs/issues/2325)) - Fixed "Unhandled event loop exception" opening Bug Filter Configuration dialog in Eclipse ([#​2327](https://redirect.github.com/spotbugs/spotbugs/issues/2327)) - Fixed detector `RandomOnceSubDetector` to not report when `doubles`, `ints`, or `longs` are called on a new `Random` or `SecureRandom` ([#​2370](https://redirect.github.com/spotbugs/spotbugs/issues/2325)) - Fixed detector `TestASM` throwing error during analysis, because it doesn't note that it reports bugs. - Eclipse annotation classpath initializer is hard-coded to jsr305 version 3.0.1, fix to 3.0.2 per [#​2470](https://redirect.github.com/spotbugs/spotbugs/issues/2470) - Fixed annotation on generic or array incorrectly considered for the nullability of a method parameter or return type ([#​2502](https://redirect.github.com/spotbugs/spotbugs/issues/2502)) - Added support for CONSTANT_Dynamic in constant class pool ([#​2506](https://redirect.github.com/spotbugs/spotbugs/issues/2506)) - Recognise enums and records as immutable ([#​2356](https://redirect.github.com/spotbugs/spotbugs/issues/2356)) - Added detections of reliance on default encoding in java.nio.file.Files ([#​2114](https://redirect.github.com/spotbugs/spotbugs/issues/2114)) - Fixed a regression in the Value Number Analysis ([#​2465](https://redirect.github.com/spotbugs/spotbugs/issues/2465)) - Fix XML Output incorrectly escaped in Eclipse Bug Info view ([#​2520](https://redirect.github.com/spotbugs/spotbugs/pull/2520)) - Updated the MS_EXPOSE_REP description to mention mutable objects, not just arrays ([#​1669](https://redirect.github.com/spotbugs/spotbugs/issues/1669)) - Described Configuration option frc.suspicious for bug RC_REF_COMPARISON in bug description ([#​2297](https://redirect.github.com/spotbugs/spotbugs/issues/2297)) - Fixed FindHEMismatch not reporting HE_SIGNATURE_DECLARES_HASHING_OF_UNHASHABLE_CLASS for some classes ([#​2402](https://redirect.github.com/spotbugs/spotbugs/issues/2402)) - Added execute file permission to files in the distribution zip ([#​2540](https://redirect.github.com/spotbugs/spotbugs/issues/2540)) - Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when part of a Mockito.verify() call check ([#​872](https://redirect.github.com/spotbugs/spotbugs/issues/872)) - Do not report SIC_INNER_SHOULD_BE_STATIC for classes annotated with JUnit Nested ([#​560](https://redirect.github.com/spotbugs/spotbugs/issues/560)) - Detect created, but not-thrown exceptions, which are created by not the constructor ([#​2547](https://redirect.github.com/spotbugs/spotbugs/issues/2547)) - Fixed eclipse plugin Effort.values pass to effortViewer as required cast to varargs ([#​2579](https://redirect.github.com/spotbugs/spotbugs/pull/2579)) ##### Added - New simple name-based AnnotationMatcher for exclude files (now bug annotations store the class java annotations in an attribute called `classAnnotationNames`). For example, use like in an excludeFilter.xml to ignore classes generated by the Immutable framework. This ignores all class, method or field bugs in classes with that annotation. - Added the Common Weakness Enumeration (CWE) taxonomy to the Static Analysis Results Interchange Format (SARIF) report. The short and long description for the CWEs are retrived from a JSON file which is a slimmed down version of the official comprehensive CWE XML from MITRE. The JSON contains information about all CWEs. ([#​2410](https://redirect.github.com/spotbugs/spotbugs/pull/2410)). - New detector `FindAssertionsWithSideEffects` detecting bug `ASSERTION_WITH_SIDE_EFFECT` and `ASSERTION_WITH_SIDE_EFFECT_METHOD` in case of assertions which may have side effects (See [EXP06-J. Expressions used in assertions must not produce side effects](https://wiki.sei.cmu.edu/confluence/display/java/EXP06-J.+Expressions+used+in+assertions+must+not+produce+side+effects)) - New rule set `PA_PUBLIC_PRIMITIVE_ATTRIBUTE`, `PA_PUBLIC_ARRAY_ATTRIBUTE` and `PA_PUBLIC_MUTABLE_OBJECT_ATTRIBUTE` to warn for public attributes which are written by the methods of the class. This rule is loosely based on the SEI CERT rule *OBJ01-J Limit accessibility of fields*. ([#OBJ01-J](https://wiki.sei.cmu.edu/confluence/display/java/OBJ01-J.+Limit+accessibility+of+fields)) - Extend `SerializableIdiom` detector with new bug type: `SE_PREVENT_EXT_OBJ_OVERWRITE`. It's reported in case of the `readExternal()` method allows any caller to reset any value of an object - New Detector `FindVulnerableSecurityCheckMethods` for new bug type `VSC_VULNERABLE_SECURITY_CHECK_METHODS`. This bug is reported whenever a non-final and non-private method of a non-final class performs a security check using the `java.lang.SecurityManager`. (See \[SEI CERT MET03-J] (https://wiki.sei.cmu.edu/confluence/display/java/MET03-J.+Methods+that+perform+a+security+check+must+be+declared+private+or+final)) - New function added to detector `SynchronizationOnSharedBuiltinConstant`to detect `DL_SYNCHRONIZATION_ON_INTERNED_STRING` ([#​2266](https://redirect.github.com/spotbugs/spotbugs/pull/2266)) - Make TypeQualifierResolver recognize org.apache.avro.reflect.Nullable ([#​2066](https://redirect.github.com/spotbugs/spotbugs/pull/2066)) - New detector `FindArgumentAssertions` detecting bug `ASSERTION_OF_ARGUMENTS` in case of validation of arguments of public functions using assertions (See [MET01-J. Never use assertions to validate method arguments](https://wiki.sei.cmu.edu/confluence/display/java/MET01-J.+Never+use+assertions+to+validate+method+arguments)) - Add new detector `CT_CONSTRUCTOR_THROW` for detecting constructors that throw exceptions. - New detector `DontReusePublicIdentifiers` for new bug type `PI_DO_NOT_REUSE_PUBLIC_IDENTIFIERS`. This bug is reported whenever a new class, interface, field, method or variable is created reusing an identifier from the *Java Standard Library* . (See [SEI CERT rule DCL01-J](https://wiki.sei.cmu.edu/confluence/display/java/DCL01-J.+Do+not+reuse+public+identifiers+from+the+Java+Standard+Library)) ##### Security - Disable access to external entities when processing XML ([#​2217](https://redirect.github.com/spotbugs/spotbugs/pull/2217)) ##### Build - Bump Eclipse from 4.6.3 to 4.14 ([#​2314](https://redirect.github.com/spotbugs/spotbugs/pull/2314)) - Use jakarta annotation 1.3.5 instead of legacy javax annotation 1.3.2 ([#​2315](https://redirect.github.com/spotbugs/spotbugs/pull/2315)) - Change hamcrest-all to hamcrest-core as that is what was actually used and then update to 2.2 ([#​2316](https://redirect.github.com/spotbugs/spotbugs/pull/2316)) - Only run release action on 'spotbugs' and use Eclipse 4.14 ([#​2317](https://redirect.github.com/spotbugs/spotbugs/pull/2317)) - Prefer log4j2 2.20.0 ([#​2480](https://redirect.github.com/spotbugs/spotbugs/pull/2480)) - Prefer logback 1.4.8 ([#​2480](https://redirect.github.com/spotbugs/spotbugs/pull/2480)) - Prefer logback 1.4.11 ([#​2580](https://redirect.github.com/spotbugs/spotbugs/pull/2580)) - Switch junit 4 for junit 5 vintage engine ([#​2483](https://redirect.github.com/spotbugs/spotbugs/pull/2483)) - LineEndings and Spotless ([#​2343](https://redirect.github.com/spotbugs/spotbugs/pull/2343)) - Cleanup gitattributes switching text to auto. For developers using windows, run 'git add . --renormalize' and see https://docs.github.com/en/get-started/getting-started-with-git/configuring-git-to-handle-line-endings if needed. - Rework spotless setup from plugin to build file plugin matching that of gradle plugin and thus allowing spotless to be updated to 6.22.0 - Remove customized line endings for spotless so it uses git attributes as suggested by spotless - Add trimTrailingWhitespace for spotless - Fix deprecated usage of eclipse version from 4.13.0 to 4.13 per spotless requirements - Bump spotbugs gradle plugin to 6.0.0-beta.3 demonstrating breaking changes for 6.0.0 in gradle/java.gradle build file ([#​2582](https://redirect.github.com/spotbugs/spotbugs/pull/2582)) - Delete checked in j2ee jar and instead use servlet/ejb apis from jakarta (javax standard) ([#​2585](https://redirect.github.com/spotbugs/spotbugs/pull/2585)) - Bump Eclipse from 4.14 to 4.29 (latest) ([#​2589](https://redirect.github.com/spotbugs/spotbugs/pull/2589)) - Cleanup hamcrest imports / used library ([#​2600](https://redirect.github.com/spotbugs/spotbugs/pull/2600)) - Migrate entirely to junit 5 ([#​2605](https://redirect.github.com/spotbugs/spotbugs/pull/2605)) - Some parts of codebase were junit 3 - Delete the SpotbugsRule - Replace custom java determination on build with Junit 5 usage - Various 'public' methods in tests fixed to 'private' - Junit 5 styling applied throughout - Add missing code to the SpotBugsRunner and now use the Extension as replacement of SpotbugsRule

Configuration

📅 Schedule: Branch creation - "after 10pm every weekday,before 5am every weekday,every weekend" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR was generated by Mend Renovate. View the repository job log.