dotwebstack / dotwebstack-framework

Framework for publishing rich data services.
https://dotwebstack.org/dotwebstack-framework/
MIT License
14 stars 8 forks source link

Bump org.checkerframework:checker-qual from 3.47.0 to 3.48.0 #1008

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps org.checkerframework:checker-qual from 3.47.0 to 3.48.0.

Release notes

Sourced from org.checkerframework:checker-qual's releases.

Checker Framework 3.48.0

Version 3.48.0 (October 2, 2024)

User-visible changes:

The new SqlQuotesChecker prevents errors in quoting in SQL queries. It prevents injection attacks that exploit quoting errors.

Aggregate Checkers now interleave error messages so that all errors about a line of code appear together.

Closed issues:

#3568, #6725, #6753, #6769, #6770, #6780, #6785, #6795, #6804, #6811, #6825.

Changelog

Sourced from org.checkerframework:checker-qual's changelog.

Version 3.48.0 (October 2, 2024)

User-visible changes:

The new SqlQuotesChecker prevents errors in quoting in SQL queries. It prevents injection attacks that exploit quoting errors.

Aggregate Checkers now interleave error messages so that all errors about a line of code appear together.

Closed issues:

#3568, #6725, #6753, #6769, #6770, #6780, #6785, #6795, #6804, #6811, #6825.

Commits
  • 8a5b585 new release 3.48.0
  • 33dfb84 Fix links.
  • dda798d Prep for release.
  • fe16b7f Remove checker-qual files from shaded dataflow jar
  • 642a853 Add a capture in type argument inference
  • b96e777 Capture the type of field accesses
  • 3b03b37 Updating macOS installation instructions (#6827)
  • 3e837a5 Skip TreeUtils.toStringTruncated when debugging is disabled
  • fe7b19f Check for proper type
  • 97beabc Fix a resource leak false positive due to a cast (#6821)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
sonarcloud[bot] commented 1 month ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud