search

xvik / dropwizard-guicey

Dropwizard guice integration
http://xvik.github.io/dropwizard-guicey/
MIT License
234 stars 49 forks source link

Bump com.github.spotbugs:spotbugs-annotations from 4.8.2 to 4.8.3 #361

Closed dependabot[bot] closed 11 months ago

dependabot[bot] commented 11 months ago

Bumps com.github.spotbugs:spotbugs-annotations from 4.8.2 to 4.8.3.

Release notes

Sourced from com.github.spotbugs:spotbugs-annotations's releases.

SpotBugs 4.8.3

CHANGELOG

Fixed

  • Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits for checked exceptions (#2710)
  • Applied changes for bcel 6.8.0 with adjustments to constant pool (#2756)
    • More information bcel changes can be found on (#2757)
  • Fix FN in CT_CONSTRUCTOR_THROW when the return value of the called method is not void or primitive type.

Changed

  • Improved Matcher checks for empty strings (#2755)
  • Allow 'onlyAnalyze' option to specify negative matches, such that this facility can be used to prevent a subset of classes to be excluded from analysis (#2754)
  • Strictly require logback 1.2.13 due to CVE-2023-6481 and CVE-23-6378 (#2760)
  • Prefer log4j2 at 2.22.0 and logback at 1.4.14 (#2760)

CHECKSUM

file checksum (sha256)
spotbugs-4.8.3-javadoc.jar 2e01e937ceb24dc02796690e73caa9d06e576741af497f22f2b1ccd41e98065d
spotbugs-4.8.3-sources.jar 383f1434925a9b5df46c03dc79aac9dbc9ac1e5020f40b34f4e6ab565b8082f5
spotbugs-4.8.3.tgz 4713c0ebcc76125ba11be3cfcb288a39b809fdabfbeec0acd0ac7494ef649851
spotbugs-4.8.3.zip 7468aaaf370ec9df0601a46cf0157b83022d00227ef724d80ebbfbb11cb26270
spotbugs-annotations-4.8.3-javadoc.jar eb513a89ac812f50e3d7de5efbb0e135994849c18412b04759e6d67e991e356e
spotbugs-annotations-4.8.3-sources.jar b5d0110b70b9c44915f2c3375d1b700acb6d409152baf70030787d17a684469b
spotbugs-annotations.jar e5d4f60be8e57595766ba7f1d4535dc46aebf98dae05e16372a4d4120d3ebb6b
spotbugs-ant-4.8.3-javadoc.jar a9713955805838408ed7b6adf030bffc4cd2036fa2fdb8fb772bc1857e4ac4a6
spotbugs-ant-4.8.3-sources.jar 9f1431331363f45ceb9b91c0e5246eab574fbff81c56eff0e385f572d346de61
spotbugs-ant.jar a798346790437cdc18217379fa54a7e6b044ba2070891ebe01faee28af79af6c
spotbugs.jar 84a286b65d1c2441ac24a57a998c83d43b9d287fd68ac0df7c7524b5f419fc2b
test-harness-4.8.3-javadoc.jar e3c3997b3a26bee7833b9e7ae634b32f7b060fe11af0a4111d0d62b2a872f760
test-harness-4.8.3-sources.jar 633ae795c1889fa59f1faad8ea8f1f5b39155029f4f75b51557085097570feb6
test-harness-4.8.3.jar 23f414f9988a3d44dded88ad2d827e95699dc6bb8d6e06a2b0920db2cac442b9
test-harness-core-4.8.3-javadoc.jar cd3a2bbcff93aba606a4e3340733d06684e2e456211068f8cb7069890c71efa0
test-harness-core-4.8.3-sources.jar f5db3e4ebf3f90c9bbf4815824c9d94f93fb740c9610b6f70a64bf7896a4e082
test-harness-core-4.8.3.jar 5bd0e9b18f0ec45c27ee3ec882cb6db86ed42a6b884f091468496de3281dc242
test-harness-jupiter-4.8.3-javadoc.jar 35631be40804da4e5613dfa70efc491c52d5b9d4e6d35d706efce78a4ceb1669
test-harness-jupiter-4.8.3-sources.jar 0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.8.3.jar d2ed802cc81dca3cf8c393fda7f77f02b01c0c1a8ffce7ec57da53aff27a1485
Changelog

Sourced from com.github.spotbugs:spotbugs-annotations's changelog.

4.8.3 - 2023-12-12

Fixed

  • Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits for checked exceptions (#2710)
  • Applied changes for bcel 6.8.0 with adjustments to constant pool (#2756)
    • More information bcel changes can be found on (#2757)
  • Fix FN in CT_CONSTRUCTOR_THROW when the return value of the called method is not void or primitive type.

Changed

  • Improved Matcher checks for empty strings (#2755)
  • Allow 'onlyAnalyze' option to specify negative matches, such that this facility can be used to prevent a subset of classes to be excluded from analysis (#2754)
  • Strictly require logback 1.2.13 due to CVE-2023-6481 and CVE-23-6378 (#2760)
  • Prefer log4j2 at 2.22.0 and logback at 1.4.14 (#2760)
Commits
  • 1e42fc9 release v4.8.3
  • 44dd360 Fix FNs in CT_CONSTRUCTOR_THROW (#2747)
  • 10422e8 Adjust log binding requirements due to CVEs from logback (#2760)
  • e720004 Support negated onlyAnalyze items (#2754)
  • 8a41d8f Sonar Analyses fixes (#2753)
  • a7aada2 fix(deps): update dependency org.apache.bcel:bcel to v6.8.0 (#2756)
  • c176966 chore(deps): update dependency com.diffplug.gradle:goomph to v3.44.0 (#2758)
  • 0f7a97f chore(deps): update plugin com.github.spotbugs to v6.0.2 (#2742)
  • 5495d4b chore(deps): update plugin com.gradle.enterprise to v3.16 (#2746)
  • 194f19b Use String.isEmpty() with null guards (#2755)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov-commenter commented 11 months ago

Codecov Report

All modified and coverable lines are covered by tests :white_check_mark:

Comparison is base (3773ed4) 94.33% compared to head (02c4a77) 94.33%.

:exclamation: Your organization needs to install the Codecov GitHub app to enable full functionality.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## master #361 +/- ## ========================================= Coverage 94.33% 94.33% Complexity 63 63 ========================================= Files 313 313 Lines 8874 8874 Branches 1135 1135 ========================================= Hits 8371 8371 Misses 235 235 Partials 268 268 ``` | [Flag](https://app.codecov.io/gh/xvik/dropwizard-guicey/pull/361/flags?src=pr&el=flags&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Vyacheslav+Rusakov) | Coverage Δ | | |---|---|---| | [LINUX](https://app.codecov.io/gh/xvik/dropwizard-guicey/pull/361/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Vyacheslav+Rusakov) | `94.30% <ø> (-0.02%)` | :arrow_down: | | [windows](https://app.codecov.io/gh/xvik/dropwizard-guicey/pull/361/flags?src=pr&el=flag&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Vyacheslav+Rusakov) | `94.33% <ø> (ø)` | | Flags with carried forward coverage won't be shown. [Click here](https://docs.codecov.io/docs/carryforward-flags?utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=Vyacheslav+Rusakov#carryforward-flags-in-the-pull-request-comment) to find out more.

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.