Skip to content

Bump com.github.spotbugs:spotbugs from 4.10.2 to 4.10.3#1153

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/com.github.spotbugs-spotbugs-4.10.3
Open

Bump com.github.spotbugs:spotbugs from 4.10.2 to 4.10.3#1153
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/maven/com.github.spotbugs-spotbugs-4.10.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 13, 2026

Copy link
Copy Markdown
Contributor

Bumps com.github.spotbugs:spotbugs from 4.10.2 to 4.10.3.

Release notes

Sourced from com.github.spotbugs:spotbugs's releases.

4.10.3

SpotBugs 4.10.3

CHANGELOG

Fixed

  • Fix LI_LAZY_INIT_STATIC false negative when the null guard is written in yoda-style (null == field) (#4144)
  • Fix DC_DOUBLECHECK, NP_SYNC_AND_NULL_CHECK_FIELD and SP_SPIN_ON_FIELD false negatives when the null guard is written in yoda-style (null == field) (#4144)
  • Fix message for UNS_UNSAFE_CALL bug pattern
  • Restore CLI plugin loading by fixing DetectorFactoryCollection bootstrap ordering (#4191)
  • Fix UWF_NULL_FIELD false negative for fields initialized with cast null values (#4034)
  • Fix UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS false positive for methods reached only through method references (#4059)

Changed

  • Ant FindBugsViewerTask: use default look and feel by default. (#4165)

Refactor

  • Ant FindBugsViewerTask: extend AbstractFindBugsTask to reduce duplicate code. (#4165)

CHECKSUM

file checksum (sha256)
spotbugs-4.10.3-javadoc.jar 9670d6569864fd9a45c4aa92f6e3dc2d11e2c24b4ff0a3eabe64b293dc3f0534
spotbugs-4.10.3-sources.jar e00994265d6b771db8cc79edd70500ab8af6334f636d3ac7bf169c5d7daefcbc
spotbugs-4.10.3.tgz 53c03a77da9746ed0c17aae6c0a9419a12ddeb8bf61dd7209a2e417550afd01d
spotbugs-4.10.3.zip e814ee5bf9665412658c4d684e45eae3cf993148a71bc8bc93fb343e92288151
spotbugs-annotations-4.10.3-javadoc.jar 5da6c2d1fe6ef37022dda7fdf221965bb6de57a0276e1735f518840f56ccab1f
spotbugs-annotations-4.10.3-sources.jar 87974d23caffbc8c6e66c567747627267b5ed06573cee966d7af6d236b8d65bd
spotbugs-annotations.jar 3fabaf088f8cd10803cc87dba4666cf874bdcd2e07ad154ed3fe403647ce3f2a
spotbugs-ant-4.10.3-javadoc.jar fab78b3c109057689dc2057a18071b1a997048bb18b45ae39835c1007b18f440
spotbugs-ant-4.10.3-sources.jar af1c78c8e194c2f82ea3e0517ab38a5eb6ba608c8d0e776c9097605d6b7efca6
spotbugs-ant.jar 9ec240477b7c87270be7dfe3196180cd3763f04c369e5691feeb12e66110a065
spotbugs.jar 5b12b471979fd8d664e9772d4c7e7e11b25a55d71dbb0ef2d2dcb749959052e7
test-harness-4.10.3-javadoc.jar 1a495602098f524a4a62f227bc556f75236a0231d08d7bedaeae73d478067e94
test-harness-4.10.3-sources.jar 805d2d124b0d4ea513ee9262d4ad6027c3471d45defd80fd7d20e23425d17df7
test-harness-4.10.3.jar bd10d1f11a1b93e4ca4db4d27772f611bd3407f9452dbbd2d1ba62584ddc171f
test-harness-core-4.10.3-javadoc.jar cb08bb86e5c9d5b4c4459ab103b9cd0dd99527a56f6fa645ec10d07b0fe75735
test-harness-core-4.10.3-sources.jar 043a55d99a517c0d9cf702b0c183b4afd3f03af9eff4a86d59bb37df1b35b532
test-harness-core-4.10.3.jar 1f9a0ee8f150dd71f960ca4f59dcf7912a45d0e9e6aefc4585fd44b975454bc0
test-harness-jupiter-4.10.3-javadoc.jar 02b463d272ccc7e6f9c7dcbfe7087da23afb6f9b8ad24316362397ae21fcf4cc
test-harness-jupiter-4.10.3-sources.jar 17144f315686bfd01c02fa4ae7c916060c41de8eed58d5b8470416fa08f46ced
test-harness-jupiter-4.10.3.jar a91146da3e993479cfefd2690781cbd102c6360ecc63a96d88995be3bd60fcbb
Changelog

Sourced from com.github.spotbugs:spotbugs's changelog.

4.10.3 - 2026-07-12

Fixed

  • Fix LI_LAZY_INIT_STATIC false negative when the null guard is written in yoda-style (null == field) (#4144)
  • Fix DC_DOUBLECHECK, NP_SYNC_AND_NULL_CHECK_FIELD and SP_SPIN_ON_FIELD false negatives when the null guard is written in yoda-style (null == field) (#4144)
  • Fix message for UNS_UNSAFE_CALL bug pattern
  • Restore CLI plugin loading by fixing DetectorFactoryCollection bootstrap ordering (#4191)
  • Fix UWF_NULL_FIELD false negative for fields initialized with cast null values (#4034)
  • Fix UMAC_UNCALLABLE_METHOD_OF_ANONYMOUS_CLASS false positive for methods reached only through method references (#4059)

Changed

  • Ant FindBugsViewerTask: use default look and feel by default. (#4165)

Refactor

  • Ant FindBugsViewerTask: extend AbstractFindBugsTask to reduce duplicate code. (#4165)
Commits
  • 8d5cad4 release v4.10.3
  • f849bce Update junit-framework monorepo to v6.1.2 (#4199)
  • 368a213 Fixes #4138 : Detect yoda-style null guards in lazy-init and related detector...
  • 21ba538 Update actions/stale digest to 1e223db (#4197)
  • 6c91a0d Update dependency net.sf.saxon:Saxon-HE to v12.10 (#4198)
  • 7fb263e Update actions/setup-java digest to 0f481fc (#4196)
  • c8f9bb1 fix(deprecations): Replace deprecated io close with try with resources (#4194)
  • 1c78756 chore{build): Update eclipse-convention.gradle.kts file (#4193)
  • 1aec284 fix: improve EQ_DOESNT_OVERRIDE_EQUALS warning to mention symmetry risk (#4016)
  • f3ddc36 Fixes #4055 : Record method-reference targets as called methods (#4059)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [com.github.spotbugs:spotbugs](https://github.com/spotbugs/spotbugs) from 4.10.2 to 4.10.3.
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](spotbugs/spotbugs@4.10.2...4.10.3)

---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs
  dependency-version: 4.10.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jul 13, 2026
@sonarqubecloud

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants