will-molloy / java-template

template repo for Java projects using Gradle with everything setup
https://github.com/will-molloy/java-template/generate
GNU General Public License v2.0
4 stars 58 forks source link

Bump spotbugs-annotations from 4.2.3 to 4.4.0 #133

Closed dependabot[bot] closed 3 years ago

dependabot[bot] commented 3 years ago

Bumps spotbugs-annotations from 4.2.3 to 4.4.0.

Release notes

Sourced from spotbugs-annotations's releases.

SpotBugs 4.4.0

CHANGELOG

CHECKSUM

file checksum (sha256)
spotbugs-4.4.0-javadoc.jar c25c0a3056ccf1ce9ae4c182ab73f6c9626d9031a30bf48857941d6c56ba3cc7
spotbugs-4.4.0-sources.jar 7b9b931b258f1db321fc5fb2e00946594dea976ad51a79a7f3ae48cac17d6c6e
spotbugs-4.4.0.tgz 126b952cf248c92fbb7ba07462a71b3400bd1726fed96e179d8a50edd3e40745
spotbugs-4.4.0.zip f5f8b9aba1f3c87a508fbcb6045dcdc748e1ca4ce16803d6676417c9d82fb862
spotbugs-annotations-4.4.0-javadoc.jar 33a7ccc8917b9c5d2a6b133dceb5b212c0079986232a876471df4d7eb843bc8a
spotbugs-annotations-4.4.0-sources.jar b338136e3e82d585348cde58a8fe3a678e16f51a35c31c1463e05fefef557aad
spotbugs-annotations.jar 383fe580c90e1fea94a3387a8245e096beb792efdca7e04a0bbb4a8cbb81dea2
spotbugs-ant-4.4.0-javadoc.jar da10c9d3273d4367d8c940eec20e2799eba9ae54b920c506478236c241b75a55
spotbugs-ant-4.4.0-sources.jar c74dec42c0ed0dd1ae02a7410d8e0f0dbbee23e8e7da4a21910863677fcdbc8e
spotbugs-ant.jar 9233e48d37882ae4e7a42e9f42ef4c63d6f802cf8f3b03ba575bee26e5032367
spotbugs.jar eb02e80126a4cdfb997fe90a1a2c6ff128b114cc7daab77ed3a773bef3adc2ca
test-harness-4.4.0-javadoc.jar 4aee854334bb0dbcfd4697443abc0594a96c8c7db12e9e5408839fad4bf75162
test-harness-4.4.0-sources.jar 2c1f5ef929453f3b682c7eb7c1e22db3082b5f74c5a5be439be5dc31dd7a31aa
test-harness-4.4.0.jar 55d3a590b81ffec48293a76c45c0695914b405bf9f02bfb930e3ab99b5867d4f
test-harness-core-4.4.0-javadoc.jar 76c8694c8051dbc3f5e989448f3746f6da5374e24db22a022b5c2ffe73336f01
test-harness-core-4.4.0-sources.jar f320f5eb4069e9686b760b2a6a0760989753225f9e9ce1226e3258ec64795d8a
test-harness-core-4.4.0.jar cbec03867e077079d011e85f9932fb230fae3d909f741cffaa4c8097e91fdf40
test-harness-jupiter-4.4.0-javadoc.jar 7792b72f6e8467508bcc143f9511a341f2b11ae0d10d726b54bf38cc98c37158
test-harness-jupiter-4.4.0-sources.jar 210353a57016e26b1a654d936a15f039613fa1ac532d485c1b1d03902f6c6315
test-harness-jupiter-4.4.0.jar 17e8d78d1868f86e63f3e5e3d878e86f3d7fb1b8cf1a8d5f893333c982bfd3e2

SpotBugs 4.3.0

CHANGELOG

CHECKSUM

file checksum (sha256)
spotbugs-4.3.0-javadoc.jar 58eeba2dcdcfd6f73c5203a5745ab1a120ded4df484a6d70124a1dcc0573b37f
spotbugs-4.3.0-sources.jar ab8847620bd47be9f20cad53462bce1ae49e5495a75796f9ba8d547a703f346e
spotbugs-4.3.0.tgz bf9687476cebe0876d9a27679af97705a79b3f0f5629519ca6ec086741b6d884
spotbugs-4.3.0.zip a1c59df789b14a423f24127501db1bd6b0ae642f079f7212ff61343cd387d7f0
spotbugs-annotations-4.3.0-javadoc.jar a49426fbd559394d176c7bc81c8b601b496768048ce29e6f36e05dfcc42f6c19
spotbugs-annotations-4.3.0-sources.jar b338136e3e82d585348cde58a8fe3a678e16f51a35c31c1463e05fefef557aad
spotbugs-annotations.jar ae576422c3a090adc372a4542214a38e195f62ada906184e773a8916d83ec386
spotbugs-ant-4.3.0-javadoc.jar 150875811f177a99c60e8e7afdc5c5d3e58393f84de2662bc32d0409254688a0
spotbugs-ant-4.3.0-sources.jar c74dec42c0ed0dd1ae02a7410d8e0f0dbbee23e8e7da4a21910863677fcdbc8e
spotbugs-ant.jar 9233e48d37882ae4e7a42e9f42ef4c63d6f802cf8f3b03ba575bee26e5032367
spotbugs.jar c619ef5233ff1115e5b4ceeacd4bed4070a7e5bd95d9c3172b7376cd0cbb1c72
test-harness-4.3.0-javadoc.jar 463ab8a236314d537f3ff78d229ed5a11a56143db18f1e1c87b64c8d93d1eac4
test-harness-4.3.0-sources.jar 2c1f5ef929453f3b682c7eb7c1e22db3082b5f74c5a5be439be5dc31dd7a31aa
test-harness-4.3.0.jar 55d3a590b81ffec48293a76c45c0695914b405bf9f02bfb930e3ab99b5867d4f
test-harness-core-4.3.0-javadoc.jar b817f0ca2af5fd603ffdf4d95e5071961a2cb2552bbb9403cf1f5390ca0a37c9

... (truncated)

Changelog

Sourced from spotbugs-annotations's changelog.

4.4.0 - 2021-08-12

Fixed

  • Fixed False positives for RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE (#600 and #1338)
  • Inconsistent bug description on EQ_COMPARING_CLASS_NAMES (#1523)
  • Add a declaration of charset encoding in generated reports (#1623)
  • Fixed regression in Bug Info view for Eclipse 2021-03+ (#1477)

Added

  • New detector FindBadEndOfStreamCheck for new bug type EOS_BAD_END_OF_STREAM_CHECK. This bug is reported whenever the return value of java.io.FileInputStream.read() or java.io.FileReader.read() is first converted to byte/int and only thereafter checked against -1. (See SEI CERT rule FIO08-J)

4.3.0 - 2021-07-01

Fixed

  • MS_EXPOSE_REP and EI_EXPOSE_REP are now reported for code returning a reference to a mutable object indirectly (e.g. via a local variable)

Changed

  • Bump ObjectWeb ASM from 9.1 to 9.2 supporting JDK 18 (#1591)
  • Bump Saxon-HE from 10.3 to 10.5 (#1513)
  • Bump gson from 2.8.6 to 2.8.7 (#1556)
  • Function mutableSignature() improved and factored out from the MutableStaticFields detector

Added

  • New bugs MS_EXPOSE_BUF, EI_EXPOSE_BUF, EI_EXPOSE_STATIC_BUF2 and EI_EXPOSE_BUF2 by the FindReturnRef detector to detect cases where buffers or their backing arrays are exposed (see SEI CERT rule FIO05-J)
  • MS_EXPOSE_REP, EI_EXPOSE_REP, EI_EXPOSE_STATIC_REP2 and EI_EXPOSE_REP2 now report for shallowly copied arrays (using clone()) of mutable objects
Commits
  • 02c21e1 chore: release 4.4.0
  • 9b8c6a7 ci: migrate ReadTheDocs App with GitHub Actions
  • ea0b850 Update CHANGELOG.md
  • e8d7300 Fix #1477 by removing invalid NO_BACKGROUND style
  • 542545b build: attach Eclipse plugin to GitHub Releases
  • 9868ac4 build(deps): bump checker-qual from 3.16.0 to 3.17.0 (#1633)
  • e13334a Declare character encodings in HTML
  • d86f677 Update CHANGELOG.md
  • 84ea0cf Declare character encodings in HTML
  • d43d81a Fix #1523, solving inconsistency in SpotBugs Bug Description of EQ_COMPARING_...
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov[bot] commented 3 years ago

Codecov Report

Merging #133 (3ffb140) into master (6c523be) will not change coverage. The diff coverage is n/a.

Impacted file tree graph

@@             Coverage Diff             @@
##              master      #133   +/-   ##
===========================================
  Coverage     100.00%   100.00%           
  Complexity         2         2           
===========================================
  Files              1         1           
  Lines              2         2           
===========================================
  Hits               2         2           
Flag Coverage Δ
unittests 100.00% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.


Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 6c523be...3ffb140. Read the comment docs.

dependabot[bot] commented 3 years ago

Superseded by #144.