sonarcloud[bot]
commented
9 months ago 
Quality Gate passed
Kudos, no new issues were introduced!
0 New issues
0 Security Hotspots
No data about Coverage
No data about Duplication
This PR contains the following updates:
4.8.0->4.8.3Release Notes
spotbugs/spotbugs (com.github.spotbugs:spotbugs-annotations)
### [`v4.8.3`](https://togithub.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#483---2023-12-12) [Compare Source](https://togithub.com/spotbugs/spotbugs/compare/4.8.2...4.8.3) ##### Fixed - Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits for checked exceptions ([#2710](https://togithub.com/spotbugs/spotbugs/issues/2710)) - Applied changes for bcel 6.8.0 with adjustments to constant pool ([#2756](https://togithub.com/spotbugs/spotbugs/pull/2756)) - More information bcel changes can be found on ([#2757](https://togithub.com/spotbugs/spotbugs/pull/2757)) - Fix FN in CT_CONSTRUCTOR_THROW when the return value of the called method is not void or primitive type. ##### Changed - Improved Matcher checks for empty strings ([#2755](https://togithub.com/spotbugs/spotbugs/pull/2755)) - Allow 'onlyAnalyze' option to specify negative matches, such that this facility can be used to prevent a subset of classes to be excluded from analysis ([#2754](https://togithub.com/spotbugs/spotbugs/pull/2754)) - Strictly require logback 1.2.13 due to CVE-2023-6481 and CVE-23-6378 ([#2760](https://togithub.com/spotbugs/spotbugs/pull/2760)) - Prefer log4j2 at 2.22.0 and logback at 1.4.14 ([#2760](https://togithub.com/spotbugs/spotbugs/pull/2760)) ### [`v4.8.2`](https://togithub.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#482---2023-11-28) [Compare Source](https://togithub.com/spotbugs/spotbugs/compare/4.8.1...4.8.2) ##### Fixed - Fixed false positive UPM_UNCALLED_PRIVATE_METHOD for method used in JUnit's MethodSource ([#2379](https://togithub.com/spotbugs/spotbugs/issues/2379)) - Use java.nio to load filter files ([#2684](https://togithub.com/spotbugs/spotbugs/pull/2684)) - Eclipse: Do not export javax.annotation packages ([#2699](https://togithub.com/spotbugs/spotbugs/pull/2699)) - Fixed not thread safe FindOverridableMethodCall detector ([#2701](https://togithub.com/spotbugs/spotbugs/issues/2701)) - Fix the weird messages of PI_DO_NOT_REUSE_PUBLIC_IDENTIFIERS bugs. ([#2646](https://togithub.com/spotbugs/spotbugs/issues/2646)) - Revert commons-text from 1.11.0 to 1.10.0 to resolve a version conflict ([#2686](https://togithub.com/spotbugs/spotbugs/issues/2686)) - Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits ([#2710](https://togithub.com/spotbugs/spotbugs/issues/2710)) ##### Added - New detector finding `System.getenv()` calls, where the corresponding Java property could be used (See [ENV02-J](https://wiki.sei.cmu.edu/confluence/display/java/ENV02-J.+Do+not+trust+the+values+of+environment+variables)). ##### Build - Run build using jdk 17 and 21 without usage of toolchains so we do not defeat the purpose of building on both. ([#2722](https://togithub.com/spotbugs/spotbugs/pull/2722)) ### [`v4.8.1`](https://togithub.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#481---2023-11-06) [Compare Source](https://togithub.com/spotbugs/spotbugs/compare/4.8.0...4.8.1) ##### Fixed - Fixed schema location for findbugsfilter.xsd (\[[#1416](https://togithub.com/spotbugs/spotbugs/issues/1416)]) - Fixed missing null checks (\[[#2629](https://togithub.com/spotbugs/spotbugs/issues/2629)]) - Disabled DontReusePublicIdentifiers due to the high false positives rate (\[[#2627](https://togithub.com/spotbugs/spotbugs/issues/2627)]) - Removed signature of methods using UTF-8 in DefaultEncodingDetector (\[[#2634](https://togithub.com/spotbugs/spotbugs/issues/2634)]) - Fix exception escapes when calling functions of JUnit Assert or Assertions (\[[#2640](https://togithub.com/spotbugs/spotbugs/issues/2640)]) - Fixed an error in the SARIF export when a bug annotation is missing (\[[#2632](https://togithub.com/spotbugs/spotbugs/issues/2632)]) - Fixed false positive RV_EXCEPTION_NOT_THROWN when asserting to exception throws (\[[#2628](https://togithub.com/spotbugs/spotbugs/issues/2628)]) - Fix false positive CT_CONSTRUCTOR_THROW when supertype has final finalize (\[[#2665](https://togithub.com/spotbugs/spotbugs/issues/2665)]) - Lowered the priority of `PA_PUBLIC_MUTABLE_OBJECT_ATTRIBUTE` bug (\[[#2652](https://togithub.com/spotbugs/spotbugs/issues/2652)]) - Eclipse: fixed startup overhead (on computing classpath) for PDE projects (\[[#2671](https://togithub.com/spotbugs/spotbugs/pull/2671)]) ##### Build - Fix deprecated GHA on '::set-output' by using GITHUB_OUTPUT (\[[#2651](https://togithub.com/spotbugs/spotbugs/pull/2651)])Configuration
📅 Schedule: Branch creation - "after 10pm" in timezone Europe/Prague, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.