search

TownyAdvanced / FlagWar

The original war system for Towny, now with it's own repository. Celebrating over Ten Years of warfare.
https://townyadvanced.github.io/flagwar.html
Apache License 2.0
17 stars 9 forks source link

Bump com.github.spotbugs:spotbugs-annotations from 4.7.3 to 4.8.2 #323

Closed dependabot[bot] closed 7 months ago

dependabot[bot] commented 7 months ago

Bumps com.github.spotbugs:spotbugs-annotations from 4.7.3 to 4.8.2.

Release notes

Sourced from com.github.spotbugs:spotbugs-annotations's releases.

SpotBugs 4.8.2

CHANGELOG

Fixed

  • Fixed false positive UPM_UNCALLED_PRIVATE_METHOD for method used in JUnit's MethodSource (#2379)
  • Use java.nio to load filter files (#2684)
  • Eclipse: Do not export javax.annotation packages (#2699)
  • Fixed not thread safe FindOverridableMethodCall detector (#2701)
  • Fix the weird messages of PI_DO_NOT_REUSE_PUBLIC_IDENTIFIERS bugs. (#2646)
  • Revert commons-text from 1.11.0 to 1.10.0 to resolve a version conflict (#2686)
  • Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits (#2710)

Added

  • New detector finding System.getenv() calls, where the corresponding Java property could be used (See ENV02-J).

Build

  • Run build using jdk 17 and 21 without usage of toolchains so we do not defeat the purpose of building on both. (#2722)

CHECKSUM

file checksum (sha256)
spotbugs-4.8.2-javadoc.jar 9147da4187712ba3ec7fd232510181366f394443cf70a76ee918738a11c539e9
spotbugs-4.8.2-sources.jar 4486c8404debe8de2d5a7d71c14ad66480f463d84586cb3077c639c72192924c
spotbugs-4.8.2.tgz c3eb4e2077310bf19b06ed232dc8d71f3a4884a4619fd8a7c041ed5ce5af4819
spotbugs-4.8.2.zip 615400e86ee19ee1b74d0f8d1a170e2dfdb8f49d02b60fa7b276a8179c3b584a
spotbugs-annotations-4.8.2-javadoc.jar 22ec9f9658a7e569893db728a5cdcdb4121b4bca1ae1ee154189f2cbbc42f187
spotbugs-annotations-4.8.2-sources.jar b5d0110b70b9c44915f2c3375d1b700acb6d409152baf70030787d17a684469b
spotbugs-annotations.jar 3d02aacbf2d094d510c087c2a25a85e04f655b22260016473d02258237d0df27
spotbugs-ant-4.8.2-javadoc.jar b210ddbee668f591f0ff57ea8d546ac47e2753cbf56b6f1bbeb61a8d4c82d233
spotbugs-ant-4.8.2-sources.jar 9f1431331363f45ceb9b91c0e5246eab574fbff81c56eff0e385f572d346de61
spotbugs-ant.jar a798346790437cdc18217379fa54a7e6b044ba2070891ebe01faee28af79af6c
spotbugs.jar 01974233a0da943700b9b9d190f872f6dd155d5825e05d1fae5a531bebb284eb
test-harness-4.8.2-javadoc.jar a362bb855074be294da341b5ba7406c013174246c63061fc7dfc91f28795adbe
test-harness-4.8.2-sources.jar 633ae795c1889fa59f1faad8ea8f1f5b39155029f4f75b51557085097570feb6
test-harness-4.8.2.jar 23f414f9988a3d44dded88ad2d827e95699dc6bb8d6e06a2b0920db2cac442b9
test-harness-core-4.8.2-javadoc.jar 9b32bd7cc9e5af80379207b0b4ad2f6217c4e46db2db3f371d886e227b2ee266
test-harness-core-4.8.2-sources.jar f5db3e4ebf3f90c9bbf4815824c9d94f93fb740c9610b6f70a64bf7896a4e082
test-harness-core-4.8.2.jar 5bd0e9b18f0ec45c27ee3ec882cb6db86ed42a6b884f091468496de3281dc242
test-harness-jupiter-4.8.2-javadoc.jar 8029e928d3dfa2a93ff8d877693421f265122c5d0f4caee17fd6796d0c7e566d
test-harness-jupiter-4.8.2-sources.jar 0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.8.2.jar d2ed802cc81dca3cf8c393fda7f77f02b01c0c1a8ffce7ec57da53aff27a1485

SpotBugs 4.8.1

CHANGELOG

Fixed

  • Fixed schema location for findbugsfilter.xsd ([#1416])
  • Fixed missing null checks ([#2629])
  • Disabled DontReusePublicIdentifiers due to the high false positives rate ([#2627])
  • Removed signature of methods using UTF-8 in DefaultEncodingDetector ([#2634])
  • Fix exception escapes when calling functions of JUnit Assert or Assertions ([#2640])
  • Fixed an error in the SARIF export when a bug annotation is missing ([#2632])

... (truncated)

Changelog

Sourced from com.github.spotbugs:spotbugs-annotations's changelog.

4.8.2 - 2023-11-28

Fixed

  • Fixed false positive UPM_UNCALLED_PRIVATE_METHOD for method used in JUnit's MethodSource (#2379)
  • Use java.nio to load filter files (#2684)
  • Eclipse: Do not export javax.annotation packages (#2699)
  • Fixed not thread safe FindOverridableMethodCall detector (#2701)
  • Fix the weird messages of PI_DO_NOT_REUSE_PUBLIC_IDENTIFIERS bugs. (#2646)
  • Revert commons-text from 1.11.0 to 1.10.0 to resolve a version conflict (#2686)
  • Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits (#2710)

Added

  • New detector finding System.getenv() calls, where the corresponding Java property could be used (See ENV02-J).

Build

  • Run build using jdk 17 and 21 without usage of toolchains so we do not defeat the purpose of building on both. (#2722)

4.8.1 - 2023-11-06

Fixed

  • Fixed schema location for findbugsfilter.xsd (#1416)
  • Fixed missing null checks (#2629)
  • Disabled DontReusePublicIdentifiers due to the high false positives rate (#2627)
  • Removed signature of methods using UTF-8 in DefaultEncodingDetector (#2634)
  • Fix exception escapes when calling functions of JUnit Assert or Assertions (#2640)
  • Fixed an error in the SARIF export when a bug annotation is missing (#2632)
  • Fixed false positive RV_EXCEPTION_NOT_THROWN when asserting to exception throws (#2628)
  • Fix false positive CT_CONSTRUCTOR_THROW when supertype has final finalize (#2665)
  • Lowered the priority of PA_PUBLIC_MUTABLE_OBJECT_ATTRIBUTE bug (#2652)
  • Eclipse: fixed startup overhead (on computing classpath) for PDE projects (#2671)

Build

  • Fix deprecated GHA on '::set-output' by using GITHUB_OUTPUT (#2651)

4.8.0 - 2023-10-11

Changed

  • Bump up Apache Commons BCEL to the version 6.6.1 (#2223)
  • Bump up slf4j-api to 2.0.3 (#2220)
  • Bump up gson to 2.10 (#2235)
  • Allowed for large command line through writing arguments to file (UnionResults/UnionBugs2)
  • Use com.github.stephenc.jcip for jcip-annotations fixing (#887)
  • Bump ObjectWeb ASM from 9.4 to 9.6, supporting JDK 21 (#2578)

Fixed

  • Fixed missing classes not in report if using IErrorLogger.reportMissingClass(ClassDescriptor) (#219)
  • Stop exposing junit-bom to consumers (#2255)
  • Fixed AbstractBugReporter emits wrong non-sensical debug output during filtering (#184)
  • Added support for jakarta namespace (#2289)
  • Report a low priority bug for an unread field in reflective classes (#2325)

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 7 months ago

Superseded by #327.