build(deps): bump com.github.spotbugs:spotbugs-annotations from 4.8.0 to 4.8.2 #1618

dependabot · 2023-11-29T18:37:23Z

Bumps com.github.spotbugs:spotbugs-annotations from 4.8.0 to 4.8.2.

Release notes

Sourced from com.github.spotbugs:spotbugs-annotations's releases.

SpotBugs 4.8.2

CHANGELOG

Fixed

Fixed false positive UPM_UNCALLED_PRIVATE_METHOD for method used in JUnit's MethodSource (#2379)

Use java.nio to load filter files (#2684)

Eclipse: Do not export javax.annotation packages (#2699)

Fixed not thread safe FindOverridableMethodCall detector (#2701)

Fix the weird messages of PI_DO_NOT_REUSE_PUBLIC_IDENTIFIERS bugs. (#2646)

Revert commons-text from 1.11.0 to 1.10.0 to resolve a version conflict (#2686)

Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits (#2710)

Added

New detector finding System.getenv() calls, where the corresponding Java property could be used (See ENV02-J).

Build

Run build using jdk 17 and 21 without usage of toolchains so we do not defeat the purpose of building on both. (#2722)

CHECKSUM

file checksum (sha256)

spotbugs-4.8.2-javadoc.jar 9147da4187712ba3ec7fd232510181366f394443cf70a76ee918738a11c539e9

spotbugs-4.8.2-sources.jar 4486c8404debe8de2d5a7d71c14ad66480f463d84586cb3077c639c72192924c

spotbugs-4.8.2.tgz c3eb4e2077310bf19b06ed232dc8d71f3a4884a4619fd8a7c041ed5ce5af4819

spotbugs-4.8.2.zip 615400e86ee19ee1b74d0f8d1a170e2dfdb8f49d02b60fa7b276a8179c3b584a

spotbugs-annotations-4.8.2-javadoc.jar 22ec9f9658a7e569893db728a5cdcdb4121b4bca1ae1ee154189f2cbbc42f187

spotbugs-annotations-4.8.2-sources.jar b5d0110b70b9c44915f2c3375d1b700acb6d409152baf70030787d17a684469b

spotbugs-annotations.jar 3d02aacbf2d094d510c087c2a25a85e04f655b22260016473d02258237d0df27

spotbugs-ant-4.8.2-javadoc.jar b210ddbee668f591f0ff57ea8d546ac47e2753cbf56b6f1bbeb61a8d4c82d233

spotbugs-ant-4.8.2-sources.jar 9f1431331363f45ceb9b91c0e5246eab574fbff81c56eff0e385f572d346de61

spotbugs-ant.jar a798346790437cdc18217379fa54a7e6b044ba2070891ebe01faee28af79af6c

spotbugs.jar 01974233a0da943700b9b9d190f872f6dd155d5825e05d1fae5a531bebb284eb

test-harness-4.8.2-javadoc.jar a362bb855074be294da341b5ba7406c013174246c63061fc7dfc91f28795adbe

test-harness-4.8.2-sources.jar 633ae795c1889fa59f1faad8ea8f1f5b39155029f4f75b51557085097570feb6

test-harness-4.8.2.jar 23f414f9988a3d44dded88ad2d827e95699dc6bb8d6e06a2b0920db2cac442b9

test-harness-core-4.8.2-javadoc.jar 9b32bd7cc9e5af80379207b0b4ad2f6217c4e46db2db3f371d886e227b2ee266

test-harness-core-4.8.2-sources.jar f5db3e4ebf3f90c9bbf4815824c9d94f93fb740c9610b6f70a64bf7896a4e082

test-harness-core-4.8.2.jar 5bd0e9b18f0ec45c27ee3ec882cb6db86ed42a6b884f091468496de3281dc242

test-harness-jupiter-4.8.2-javadoc.jar 8029e928d3dfa2a93ff8d877693421f265122c5d0f4caee17fd6796d0c7e566d

test-harness-jupiter-4.8.2-sources.jar 0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800

test-harness-jupiter-4.8.2.jar d2ed802cc81dca3cf8c393fda7f77f02b01c0c1a8ffce7ec57da53aff27a1485

SpotBugs 4.8.1

CHANGELOG

Fixed

Fixed schema location for findbugsfilter.xsd ([#1416])

Fixed missing null checks ([#2629])

Disabled DontReusePublicIdentifiers due to the high false positives rate ([#2627])

Removed signature of methods using UTF-8 in DefaultEncodingDetector ([#2634])

Fix exception escapes when calling functions of JUnit Assert or Assertions ([#2640])

Fixed an error in the SARIF export when a bug annotation is missing ([#2632])

... (truncated)

Changelog

Sourced from com.github.spotbugs:spotbugs-annotations's changelog.

4.8.2 - 2023-11-28

Fixed

Fixed false positive UPM_UNCALLED_PRIVATE_METHOD for method used in JUnit's MethodSource (#2379)

Use java.nio to load filter files (#2684)

Eclipse: Do not export javax.annotation packages (#2699)

Fixed not thread safe FindOverridableMethodCall detector (#2701)

Fix the weird messages of PI_DO_NOT_REUSE_PUBLIC_IDENTIFIERS bugs. (#2646)

Revert commons-text from 1.11.0 to 1.10.0 to resolve a version conflict (#2686)

Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits (#2710)

Added

New detector finding System.getenv() calls, where the corresponding Java property could be used (See ENV02-J).

Build

Run build using jdk 17 and 21 without usage of toolchains so we do not defeat the purpose of building on both. (#2722)

4.8.1 - 2023-11-06

Fixed

Fixed schema location for findbugsfilter.xsd (#1416)

Fixed missing null checks (#2629)

Disabled DontReusePublicIdentifiers due to the high false positives rate (#2627)

Removed signature of methods using UTF-8 in DefaultEncodingDetector (#2634)

Fix exception escapes when calling functions of JUnit Assert or Assertions (#2640)

Fixed an error in the SARIF export when a bug annotation is missing (#2632)

Fixed false positive RV_EXCEPTION_NOT_THROWN when asserting to exception throws (#2628)

Fix false positive CT_CONSTRUCTOR_THROW when supertype has final finalize (#2665)

Lowered the priority of PA_PUBLIC_MUTABLE_OBJECT_ATTRIBUTE bug (#2652)

Eclipse: fixed startup overhead (on computing classpath) for PDE projects (#2671)

Build

Fix deprecated GHA on '::set-output' by using GITHUB_OUTPUT (#2651)

Commits

0f0e4b2 release v4.8.2
02f7366 Run build on both jdk 17 and 21 (#2722)
a659725 Fix doc on gradle plugin version and run on gradle 8.5 rc4 (#2721)
e3d4f6e Update RELEASE_PROCEDURE.md (#2719)
4e7ace1 chore(deps): update dependency sphinx_rtd_theme to v2 (#2718)
8e04ba7 Fix link stuck to earlier version
e847d62 Fixed extra brackets added to issues in changelog
126a750 Fix changelog entry
b694dd1 Fix issue in ConstructorThrow
9558fbd Add tests
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [com.github.spotbugs:spotbugs-annotations](https://github.com/spotbugs/spotbugs) from 4.8.0 to 4.8.2. - [Release notes](https://github.com/spotbugs/spotbugs/releases) - [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md) - [Commits](spotbugs/spotbugs@4.8.0...4.8.2) --- updated-dependencies: - dependency-name: com.github.spotbugs:spotbugs-annotations dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

…ugs-annotations-4.8.2

github-actions

I'm approving this pull request because it includes a patch or minor update

…ugs-annotations-4.8.2

github-actions

I'm approving this pull request because it includes a patch or minor update

- build(deps): bump com.sap.cloud.db.jdbc:ngdbc from 2.18.13 to 2.18.16 (#1595) - Merge branch 'master' into dependabot/maven/com.sap.cloud.db.jdbc-ngdbc-2.18.16 - build(deps): bump net.snowflake:snowflake-jdbc from 3.14.2 to 3.14.3 (#1607) - Merge branch 'master' into dependabot/maven/net.snowflake-snowflake-jdbc-3.14.3 - build(deps): bump com.google.api.grpc:grpc-google-cloud-bigquerystorage-v1 from 2.46.0 to 2.47.0 (#1635) - Merge branch 'master' into dependabot/maven/com.sap.cloud.db.jdbc-ngdbc-2.18.16 - Merge branch 'master' into dependabot/maven/net.snowflake-snowflake-jdbc-3.14.3 - Merge branch 'master' into dependabot/maven/com.google.api.grpc-grpc-google-cloud-bigquerystorage-v1-2.47.0 - build(deps): bump com.google.protobuf:protobuf-java from 3.24.4 to 3.25.1 (#1596) - Merge branch 'master' into dependabot/maven/com.google.protobuf-protobuf-java-3.25.1 - Merge branch 'master' into dependabot/maven/com.sap.cloud.db.jdbc-ngdbc-2.18.16 - Merge branch 'master' into dependabot/maven/com.google.api.grpc-grpc-google-cloud-bigquerystorage-v1-2.47.0 - build(deps): bump com.amazon.redshift:redshift-jdbc42 from 2.1.0.22 to 2.1.0.23 (#1633) - Merge branch 'master' into dependabot/maven/net.snowflake-snowflake-jdbc-3.14.3 - Merge branch 'master' into dependabot/maven/com.google.protobuf-protobuf-java-3.25.1 - Merge branch 'master' into dependabot/maven/com.sap.cloud.db.jdbc-ngdbc-2.18.16 - build(deps): bump com.google.api.grpc:grpc-google-cloud-bigquerystorage-v1 - build(deps): bump com.amazon.redshift:redshift-jdbc42 - build(deps-dev): bump com.amazonaws:aws-lambda-java-log4j2 from 1.5.1 to 1.6.0 (#1637) - Merge branch 'master' into dependabot/maven/net.snowflake-snowflake-jdbc-3.14.3 - Merge branch 'master' into dependabot/maven/com.google.protobuf-protobuf-java-3.25.1 - Merge branch 'master' into dependabot/maven/com.sap.cloud.db.jdbc-ngdbc-2.18.16 - build(deps-dev): bump com.amazonaws:aws-lambda-java-log4j2 - build(deps): bump org.apache.maven.plugins:maven-javadoc-plugin from 3.6.2 to 3.6.3 (#1636) - build(deps): bump org.apache.maven.plugins:maven-javadoc-plugin - build(deps): bump net.jqwik:jqwik from 1.8.1 to 1.8.2 (#1634) - Merge branch 'master' into dependabot/maven/net.jqwik-jqwik-1.8.2 - build(deps): bump org.apache.commons:commons-lang3 from 3.13.0 to 3.14.0 (#1632) - build(deps): bump org.apache.commons:commons-lang3 from 3.13.0 to 3.14.0 - build(deps): bump net.jqwik:jqwik from 1.8.1 to 1.8.2 - build(deps-dev): bump log4j2Version from 2.21.1 to 2.22.0 (#1631) - build(deps-dev): bump log4j2Version from 2.21.1 to 2.22.0 - build(deps): bump org.postgresql:postgresql from 42.6.0 to 42.7.0 (#1616) - Merge branch 'master' into dependabot/maven/org.postgresql-postgresql-42.7.0 - build(deps): bump aws-sdk.version from 1.12.589 to 1.12.604 (#1625) - Merge branch 'master' into dependabot/maven/com.google.protobuf-protobuf-java-3.25.1 - build(deps): bump aws-sdk.version from 1.12.589 to 1.12.604 - build(deps): bump org.junit:junit-bom from 5.10.0 to 5.10.1 (#1609) - Merge branch 'master' into dependabot/maven/org.junit-junit-bom-5.10.1 - build(deps): bump io.lettuce:lettuce-core from 6.2.6.RELEASE to 6.3.0.RELEASE (#1608) - Merge branch 'master' into dependabot/maven/org.junit-junit-bom-5.10.1 - Merge branch 'master' into dependabot/maven/io.lettuce-lettuce-core-6.3.0.RELEASE - build(deps): bump com.github.spotbugs:spotbugs-annotations from 4.8.0 to 4.8.2 (#1618) - Merge branch 'master' into dependabot/maven/org.postgresql-postgresql-42.7.0 - Merge branch 'master' into dependabot/maven/com.github.spotbugs-spotbugs-annotations-4.8.2 - build(deps): bump netty.version from 4.1.100.Final to 4.1.101.Final (#1598) - build(deps): bump netty.version from 4.1.100.Final to 4.1.101.Final - build(deps): bump com.ibm.db2:jcc from 11.5.8.0 to 11.5.9.0 (#1604) - build(deps): bump com.ibm.db2:jcc from 11.5.8.0 to 11.5.9.0 - build(deps): bump software.amazon.jsii:jsii-runtime from 1.90.0 to 1.92.0 (#1601) - build(deps): bump software.amazon.jsii:jsii-runtime - build(deps): bump org.apache.commons:commons-text from 1.10.0 to 1.11.0 (#1600) - build(deps): bump org.apache.commons:commons-text from 1.10.0 to 1.11.0 - build(deps): bump fasterxml.jackson.version from 2.15.3 to 2.16.0 (#1597) - build(deps): bump fasterxml.jackson.version from 2.15.3 to 2.16.0 - build(deps): bump net.sf.jt400:jt400 from 20.0.3 to 20.0.6 (#1602) - build(deps): bump net.sf.jt400:jt400 from 20.0.3 to 20.0.6 - Merge branch 'master' into dependabot/maven/net.snowflake-snowflake-jdbc-3.14.3 - Merge branch 'master' into dependabot/maven/io.lettuce-lettuce-core-6.3.0.RELEASE - Merge branch 'master' into dependabot/maven/org.junit-junit-bom-5.10.1 - Merge branch 'master' into dependabot/maven/org.postgresql-postgresql-42.7.0 - build(deps-dev): bump nl.jqno.equalsverifier:equalsverifier from 3.15.2 to 3.15.4 (#1619) - Merge branch 'master' into dependabot/maven/com.github.spotbugs-spotbugs-annotations-4.8.2 - Merge branch 'master' into dependabot/maven/com.sap.cloud.db.jdbc-ngdbc-2.18.16 - Merge branch 'master' into dependabot/maven/nl.jqno.equalsverifier-equalsverifier-3.15.4 - Update auto-approve.yml - Update auto-approve.yml - build(deps): bump com.github.spotbugs:spotbugs-annotations - build(deps): bump org.junit:junit-bom from 5.10.0 to 5.10.1 - build(deps): bump org.postgresql:postgresql from 42.6.0 to 42.7.0 - build(deps): bump net.snowflake:snowflake-jdbc from 3.14.2 to 3.14.3 - build(deps): bump io.lettuce:lettuce-core - Merge branch 'master' into dependabot/maven/nl.jqno.equalsverifier-equalsverifier-3.15.4 - Merge branch 'master' into dependabot/maven/com.google.protobuf-protobuf-java-3.25.1 - Merge branch 'master' into dependabot/maven/com.sap.cloud.db.jdbc-ngdbc-2.18.16 - build(deps): bump software.amazon.msk:aws-msk-iam-auth - build(deps-dev): bump nl.jqno.equalsverifier:equalsverifier - build(deps): bump org.apache.maven.plugins:maven-javadoc-plugin - Merge branch 'master' into dependabot/maven/com.google.protobuf-protobuf-java-3.25.1 - Merge branch 'master' into dependabot/maven/com.sap.cloud.db.jdbc-ngdbc-2.18.16 - Rename main.yml to auto-approve.yml - Update javadoc_sync.yaml - build(deps): bump com.google.protobuf:protobuf-java - build(deps): bump com.sap.cloud.db.jdbc:ngdbc from 2.18.13 to 2.18.16 - ignore doclint until we can fix at a later time - build(deps): bump surefire.failsafe.version from 3.1.2 to 3.2.2 - Create auto-approve-dependabot.yml - chore: change group to specific labels to avoid workflow_job webhook … (#1621) - Adding IAM support for Redshift connector, test level scope, excluded necessary classes. (#1590) - Merge branch 'mhavey-custom-query-fix' - Update README.md - remove merge comments - Update README.md - remove merge comments - Merge branch 'master' into custom-query-fix - Support Redshift External Schemas & Tables (#1610) - Merge branch 'master' into custom-query-fix - Merge branch 'master' into custom-query-fix - Update PropertyGraphHandler.java - Merge branch 'master' into custom-query-fix - Merge branch 'master' into custom-query-fix - merge - fixed issue in record handler - PR review - loglevel - loglevel - Update NeptuneSparqlConnection.java - Update RDFHandler.java - Update NeptuneConnection.java - Update NeptuneRecordHandler.java - Update athena-neptune.yaml - Update RDF.md - Add files via upload - Update RDF.md - Update sample-cli-rdf.sh - Update RDF.md - Update RDF.md - Add files via upload - Update RDF.md - Update RDF.md - Update README.md - Update RDF.md - Update RDF.md - Update RDF.md - Update RDF.md - Update RDF.md - Update RDF.md - Update RDF.md - Update RDF.md - Update RDF.md - Update RDF.md - Update RDF.md - Update sample-cli-script.sh - Update sample-cli-script.sh - Create sample-cli-rdf.sh - Update RDF.md - Update PropertyGraph.md - Update PropertyGraph.md - Update README.md - Update PropertyGraph.md - Update README.md - Create RDF.md - Create PropertyGraph.md - Update README.md - simplify - RDF - Merge pull request #11 from abhishekpradeepmishra/custom-query - Merge branch 'awslabs:master' into custom-query - changed componenttype to view, and other related changes - updated table creation script - Merge branch 'master' into custom-query - documentation update for custom query - code merge, custom query changes

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Nov 29, 2023

dependabot bot mentioned this pull request Nov 29, 2023

build(deps): bump com.github.spotbugs:spotbugs-annotations from 4.8.0 to 4.8.1 #1599

Closed

dependabot bot force-pushed the dependabot/maven/com.github.spotbugs-spotbugs-annotations-4.8.2 branch from 331042e to 424aae1 Compare December 2, 2023 17:12