Skip to content
This repository was archived by the owner on Jan 16, 2023. It is now read-only.

Bump spotbugs from 4.1.2 to 4.6.0 #112

Closed
dependabot wants to merge 1 commit into from
Closed

Bump spotbugs from 4.1.2 to 4.6.0 #112

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Mar 8, 2022

Bumps spotbugs from 4.1.2 to 4.6.0.

Release notes

Sourced from spotbugs's releases.

SpotBugs 4.6.0

CHANGELOG

Fixed

Added

  • New detector FindInstanceLockOnSharedStaticData for new bug type SSD_DO_NOT_USE_INSTANCE_LOCK_ON_SHARED_STATIC_DATA. This detector reports a bug if an instance level lock is used to modify a shared static data. (See SEI CERT rule LCK06-J) @​gonczmisi

CHECKSUM

file checksum (sha256)
spotbugs-4.6.0-javadoc.jar f38dba26a1e419483b19c3acc35962347a6e5c3d6793729e84a637cef1423c1a
spotbugs-4.6.0-sources.jar 6926fee89be85021a3a58cc8f08c5f706f3696c151dcee38dbaf674b6fa7f357
spotbugs-4.6.0.tgz d357a5920bba4e7964d834de88fe64892ed02b5e1d4f61b8afb5187e4e4cdd04
spotbugs-4.6.0.zip 8486f721d80e62c300fd2db5076badac3d969b596904c23f429c922a03041ac0
spotbugs-annotations-4.6.0-javadoc.jar d001876f444fb41f946218571f6935b008578cdc560d75691951b682578f260c
spotbugs-annotations-4.6.0-sources.jar b338136e3e82d585348cde58a8fe3a678e16f51a35c31c1463e05fefef557aad
spotbugs-annotations.jar b7021b4ecbafd9b321bdf06eef2ec4519526e2b39fb7d080f2964308f017435e
spotbugs-ant-4.6.0-javadoc.jar 4d092495bee2eede65dbac444e72a89396dbc78beea15ae588d1d37e853c4cab
spotbugs-ant-4.6.0-sources.jar ce7cfbed848ccb0e3765cec6b9c60c458699aa51f60ad9216cf89dbf38d8d793
spotbugs-ant.jar b866a2a89a03b49e60b5f27e0f5987eb8c12c2d2aefc6e9ddcbcdae345c765db
spotbugs.jar 0c05d399522d4de7630a935eb24b2fef75cabf1867527abffbcd319a94804b5f
test-harness-4.6.0-javadoc.jar e5c5e087a6ae7dd919026dc1dc88e720ce239f73b125e150c15e70a78126574f
test-harness-4.6.0-sources.jar 2c1f5ef929453f3b682c7eb7c1e22db3082b5f74c5a5be439be5dc31dd7a31aa
test-harness-4.6.0.jar 45ca0e944ee5704318d79f67815cde7ca5f7fb22814e325d00e2d25d9b552659
test-harness-core-4.6.0-javadoc.jar 1e6bdfb261bbb17674d4ac94576cb3fb561b207d9b615fdcb575e6c565a03f09
test-harness-core-4.6.0-sources.jar f320f5eb4069e9686b760b2a6a0760989753225f9e9ce1226e3258ec64795d8a
test-harness-core-4.6.0.jar fd1a0c06a5eaff50ed0953d42fb7d69a41031c6a6630ad5e47c38a9f0eaca285
test-harness-jupiter-4.6.0-javadoc.jar 1a0f4bb21a3a2cf100b8b5d6ec6ccf6e54eef2d174e00cc34d54cf7f86d45640
test-harness-jupiter-4.6.0-sources.jar 210353a57016e26b1a654d936a15f039613fa1ac532d485c1b1d03902f6c6315
test-harness-jupiter-4.6.0.jar 18095fec31b85981ecaafdef86ca9ae1e9588e1b9bc6d209f82829cf9d0c13f4

SpotBugs 4.5.3

CHANGELOG

Security

Fixed

  • Remove duplicated logging frameworks from the Eclipse plugin distribution (#1868) @​KengoTODA
  • Corrected class name validation to no longer fail for Kotlin classes on class path containing special characters. (#1883) @​studro

CHECKSUM

file checksum (sha256)
spotbugs-4.5.3-javadoc.jar c5762e13d996117c5ae94675f6ab835d515c90a8cce7d10438bb99d004e0005a

... (truncated)

Changelog

Sourced from spotbugs's changelog.

4.6.0 - 2022-03-08

Fixed

  • Fixed spotbugs build with ecj compiler (#1903)
  • Moved tests from spotbugs project to spotbugs-tests project (#1914)
  • Fixed UI freezes in Eclipse on bug count decorations update (#285)
  • Bumped log4j from 2.17.1 to 2.17.2 (#1960)
  • Bumped gson from 2.8.9 to 2.9.0 (#1960)

Added

  • New detector FindInstanceLockOnSharedStaticData for new bug type SSD_DO_NOT_USE_INSTANCE_LOCK_ON_SHARED_STATIC_DATA. This detector reports a bug if an instance level lock is used to modify a shared static data. (See SEI CERT rule LCK06-J)

4.5.3 - 2022-01-04

Security

Fixed

  • Remove duplicated logging frameworks from the Eclipse plugin distribution (#1868)
  • Corrected class name validation to no longer fail for Kotlin classes on class path containing special characters. (#1883)

4.5.2 - 2021-12-13

Security

Fixed

  • False negative about the rule RV_DONT_JUST_NULL_CHECK_READLINE (#1821#1820#1819#1818)
  • Updated RV_01_TO_INT to handle float and long checks (#1518)

4.5.1 - 2021-12-08

Fixed

  • Ant task does not produce XML anymore (#1827)
  • Do not emit false positives of MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR and MC_OVERRIDABLE_METHOD_CALL_IN_CLONE for final classes (#1812).
  • Reports cannot be created on Windows platform (#1842)

4.5.0 - 2021-11-05

Changed

  • Replace "分析" with "解析" in Japanese document (#1573)
  • Add a section to document how to integrate find-sec-bugs into spotbugs-maven-plugin (#540)
  • Bump gson from 2.8.8 to 2.8.9 (#1784)
  • Changes related to dominators analysis in package edu.umd.cs.findbugs.classfile.engine.bcel (#1741):
    • DominatorsAnalysisFactory renamed to NonExceptionDominatorsAnalysisFactory (clarification)
    • NonExceptionPostdominatorsAnalysisFactory renamed to NonExceptionPostDominatorsAnalysisFactory (spelling)
    • NonImplicitExceptionDominatorsAnalysis introduced (API consistency)

Added

... (truncated)

Commits
  • e2f1577 release 4.6.0
  • 9679dce docs: add a missing CHANGELOG entry for #1966
  • 6d6ca37 docs: add a missing CHANGELOG entry for #1960
  • f830433 build(deps): bump spring-core from 5.3.15 to 5.3.16
  • e52ddad build(deps): bump com.diffplug.spotless from 6.2.0 to 6.3.0
  • adc8600 build(deps): bump com.github.spotbugs from 5.0.5 to 5.0.6
  • 5dabbe3 build(deps): bump gson from 2.8.9 to 2.9.0
  • a703224 build(deps): bump goomph from 3.34.1 to 3.35.0 in /buildSrc
  • a0b3350 build(deps): bump mockito-core from 4.2.0 to 4.3.1
  • 39ce75d build(deps): bump guiceVersion from 5.0.1 to 5.1.0
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump spotbugs from 4.1.2 to 4.6.0
fdaf966 
Bumps [spotbugs](https://github.com/spotbugs/spotbugs) from 4.1.2 to 4.6.0.
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](spotbugs/spotbugs@4.1.2...4.6.0)

---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 8, 2022
@dependabot dependabot bot mentioned this pull request Mar 8, 2022
Closed
@dependabot @github
Copy link
Author

dependabot bot commented on behalf of github May 5, 2022

Superseded by #126.

@dependabot dependabot bot closed this May 5, 2022
@dependabot dependabot bot deleted the dependabot/maven/com.github.spotbugs-spotbugs-4.6.0 branch May 5, 2022 09:08
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant