build(deps): bump com.github.spotbugs:spotbugs-maven-plugin from 4.7.3.6 to 4.8.0.0

[dependabot[bot]]

Bumps com.github.spotbugs:spotbugs-maven-plugin from 4.7.3.6 to 4.8.0.0.

Release notes

Sourced from com.github.spotbugs:spotbugs-maven-plugin's releases.

Spotbugs Maven Plugin 4.8.0.0

• Supports spotbugs 4.8.0 (note: there were considerable amount of issues with 4.8.0, this exists to be complete but suggest use 4.8.1.0 which will be out in a few).

User Items

• Support through jdk 22
• Moved code back to 'master' from 'spotbugs' branch given original fork is long archived and points to this repo
• Plexus Utils/Xml upgraded in prep for maven 4 and will still work correctly with maven 3 projects
• Add support to read a file for onlyAnalyze as follows

<onlyAnalyze>file:only-analyze.txt</onlyAnalyze>

Build

• Move sonar to ubuntu
• Use jdk 21 for coveralls
• Point all GHA back to master
• Bump base-parent pom to 41
• Bump gmavenplus to 3.0.2
• Bump commons-io to 2.15.0
• Bump asm to 9.6
• Bump maven to 3.9.5
• Bump guava to 32.1.3-jre
• Bump spotbugs to 4.8.0
• Remove extra enforcer rules version from pom as parent updated
• Bump junit to 5.10.0
• Bump plexus utils to 4.0.0
• Override pluxus xml to 3.0.0 so plexus continues to work with maven 3
• Bump surefire to 3.1.2
• Cleanup IT test names to match their usage
• Update hashCode check in tests due to new features in spotbugs 4.8.0
• Bump plugin plugin to 3.10.2
• Bump javaparser to 3.25.6
• Bump javadoc plugin to 3.6.2
• Bump jxr plugin to 3.3.1
• Bump surefire to 3.2.2

Commits

• e591adf [maven-release-plugin] prepare release spotbugs-maven-plugin-4.8.0.0
• 8ac9a56 Merge pull request #663 from hazendaz/master
• a7cb4b0 Merge pull request #635 from Rahul-khandelwal/spotbugs
• 18d9111 [pom] Bump surefire to 3.2.2
• a852e2f [pom] Bump jxr to 3.3.1
• b0f6c37 [pom] Update comment on site of 3.6 to address once we move to java 11
• 7107a0b Merge pull request #661 from spotbugs/renovate/javadocpluginversion
• fc7e346 Update dependency org.apache.maven.plugins:maven-javadoc-plugin to v3.6.2
• 8865b1c Merge pull request #662 from spotbugs/renovate/pluginpluginversion
• c6e9320 Update pluginPluginVersion to v3.10.2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)