Skip to content
This repository has been archived by the owner on Jan 22, 2023. It is now read-only.

Bump spotbugs-annotations from 4.4.1 to 4.5.2 #197

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 14, 2021

Bumps spotbugs-annotations from 4.4.1 to 4.5.2.

Release notes

Sourced from spotbugs-annotations's releases.

SpotBugs 4.5.2

CHANGELOG

Security

Fixed

CHECKSUM

file checksum (sha256)
spotbugs-4.5.2-javadoc.jar d12b874128f9d6b3467577d86c34581ea99840e920b318c75cc0c49e34ebd5f3
spotbugs-4.5.2-sources.jar 653bf298c0e8b7d366bbe64c7d5557f0aad7a65cf861f3de752ed0fb810702d2
spotbugs-4.5.2.tgz e9c8c945d16a4dd1b3552b5296e0df8bba70c3ace95b20bc2939a75f2e3bee3e
spotbugs-4.5.2.zip 0467dc71b24b61bfda7dfaec3df96b5095d526b99b034cad9d068ee026f4cbe3
spotbugs-annotations-4.5.2-javadoc.jar 1ed3f98f0d0efe3309b58edf163e6b5e5b1d0088c0246121850aa8344425911f
spotbugs-annotations-4.5.2-sources.jar b338136e3e82d585348cde58a8fe3a678e16f51a35c31c1463e05fefef557aad
spotbugs-annotations.jar f6fbf3e13a6c6862e19677a053598fac3cd7f2f6fde726a6765bf83101aa911f
spotbugs-ant-4.5.2-javadoc.jar 0f575c9fd20928faa13f826ef1f21ba6cb5bee1f4c50f4a09a8b65ef488dac52
spotbugs-ant-4.5.2-sources.jar 06f19afbb2fd63e554d1588328feea5aabe0ea4c104191986de03ba1e2f518cb
spotbugs-ant.jar e31cbd498a93ac92d19658bf45ca3a973b63e8932efca8da1cfd530ec9e547b3
spotbugs.jar 7a4c753d36114f480f63c91b538d0548787827bdefced006fa57eb423095e25a
test-harness-4.5.2-javadoc.jar 1aba8c6a4ada5b82c268ecc8fee6db154c0a788b8e42ac130fe6ea1398bc4804
test-harness-4.5.2-sources.jar 2c1f5ef929453f3b682c7eb7c1e22db3082b5f74c5a5be439be5dc31dd7a31aa
test-harness-4.5.2.jar 45ca0e944ee5704318d79f67815cde7ca5f7fb22814e325d00e2d25d9b552659
test-harness-core-4.5.2-javadoc.jar 88b2470f4ebcc4d10ccc13ee101b951208f8389963919d407c49cda451e5555a
test-harness-core-4.5.2-sources.jar f320f5eb4069e9686b760b2a6a0760989753225f9e9ce1226e3258ec64795d8a
test-harness-core-4.5.2.jar fd1a0c06a5eaff50ed0953d42fb7d69a41031c6a6630ad5e47c38a9f0eaca285
test-harness-jupiter-4.5.2-javadoc.jar d7afde7e639f3ec3737941b68118d4877c819274385f0bf4d62d9aac5549a9ba
test-harness-jupiter-4.5.2-sources.jar 210353a57016e26b1a654d936a15f039613fa1ac532d485c1b1d03902f6c6315
test-harness-jupiter-4.5.2.jar 18095fec31b85981ecaafdef86ca9ae1e9588e1b9bc6d209f82829cf9d0c13f4

SpotBugs 4.5.1

CHANGELOG

Fixed

CHECKSUM

file checksum (sha256)
spotbugs-4.5.1-javadoc.jar 899cbc1214eb942e01980cd9d6a64e937598e25c9c1ef7d3af2da43bce729636
spotbugs-4.5.1-sources.jar b52e0b2e883dcbea58268c5355f1fa4c7090c5d941a93ddf844fa09534ef66e4
spotbugs-4.5.1.tgz e846b2e374fad74621e45e8b01c31eb9a2636d60b4cd30168944bed98dcb5a4c
spotbugs-4.5.1.zip 26dd83027cd5e5a7e6a3f4c7a4239f27a9af8de209c7e37890835fc8cf035de7
spotbugs-annotations-4.5.1-javadoc.jar a66f6df0d2f53a88180980cbb465f558ec1614fc409b72f412949b10ec68db29
spotbugs-annotations-4.5.1-sources.jar b338136e3e82d585348cde58a8fe3a678e16f51a35c31c1463e05fefef557aad
spotbugs-annotations.jar 083cc7dcb72f1e39d1da4389753f29c91546376d05be730db812974f74e570d7

... (truncated)

Changelog

Sourced from spotbugs-annotations's changelog.

4.5.2 - 2021-12-13

Security

Fixed

  • Updated RV_01_TO_INT to handle float and long checks (#1518)

4.5.1 - 2021-12-08

Fixed

  • Ant task does not produce XML anymore (#1827)
  • Do not emit false positives of MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR and MC_OVERRIDABLE_METHOD_CALL_IN_CLONE for final classes (#1812).
  • Reports cannot be created on Windows platform (#1842)

4.5.0 - 2021-11-05

Changed

  • Replace "分析" with "解析" in Japanese document (#1573)
  • Add a section to document how to integrate find-sec-bugs into spotbugs-maven-plugin (#540)
  • Bump gson from 2.8.8 to 2.8.9 (#1784)
  • Changes related to dominators analysis in package edu.umd.cs.findbugs.classfile.engine.bcel (#1741):
    • DominatorsAnalysisFactory renamed to NonExceptionDominatorsAnalysisFactory (clarification)
    • NonExceptionPostdominatorsAnalysisFactory renamed to NonExceptionPostDominatorsAnalysisFactory (spelling)
    • NonImplicitExceptionDominatorsAnalysis introduced (API consistency)

Added

Fixed

  • False negative about the rule ES_COMPARING_STRINGS_WITH_EQ (#1764)
  • False negative about the rule IM_MULTIPLYING_RESULT_OF_IREM (#1498)(spotbugs/spotbugs#1498)

Deprecated

  • -output commandline option is deprecated. Use commandline options for report configuration like -xml=spotbugs.xml instead.

4.4.2 - 2021-10-08

Changed

  • Add bug code to report in fancy-hist.xsl (#1688)
  • Bump Saxon-HE from 10.5 to 10.6 (#1715)

Fixed

  • Fixed immutable java.lang.Class as being flagged as EI (#1695)
  • Agree verb with plural subject in the description of SW_SWING_METHODS_INVOKED_IN_SWING_THREAD (#1664)
  • Wrong description of the SE_TRANSIENT_FIELD_OF_NONSERIALIZABLE_CLASS (#1664)
  • Fixed java.util.Locale as being flagged as EI (#1702)
  • Fixed reference to java.awt.Cursor which caused it to be flagged as EI (#1702)
  • Treat types with @com.google.errorprone.annotations.Immutable as immutable (#1705)

... (truncated)

Commits
  • 0c8b4d1 Update CHANGELOG.md
  • 94d81f1 docs: fix category in the CHANGELOG
  • f29e292 Fixed typo in the date
  • d46acbf build(deps): bump log4j-slf4j18-impl from 2.15.0 to 2.16.0
  • ba7eb96 Release 4.5.2 to address CVE-2021-44228
  • c84b263 build(deps): bump log4j-slf4j18-impl from 2.14.1 to 2.15.0
  • 22fba92 fix: updated RV_01_TO_INT to include float and long (#1851)
  • 1f8f6d0 build(deps): bump com.github.spotbugs from 5.0.1 to 5.0.2 (#1860)
  • bef25f0 build(deps): bump com.github.spotbugs from 5.0.0-rc.1 to 5.0.1
  • 8023af6 prepare for the next development
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [spotbugs-annotations](https://github.com/spotbugs/spotbugs) from 4.4.1 to 4.5.2.
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](spotbugs/spotbugs@4.4.1...4.5.2)

---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs-annotations
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Jan 5, 2022

A newer version of com.github.spotbugs:spotbugs-annotations exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant