binkley
commented
1 month ago This issue is well-resolved by newer SpotBugs versions.
Closed binkley closed 1 month ago
binkley
commented
1 month ago This issue is well-resolved by newer SpotBugs versions.
Update the language on SpotBugs in the Use static analysis page, and check that SpotBugs has updated dependencies, and presently has no DependencyCheck violations.
SpotBugs uses an outdated version of BCEL. There is a CVE (vulnerability) aginst BCEL that is resolved, however SpotBugs uses a version of BCEL prior to the fix.
Outdated: This project uses a forced update of BCEL for SpotBugs, however that breaks the plugin (Gradle and Maven).