Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): Bump spotbugs from 3.1.12 to 4.2.0 #77

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

dependabot-preview[bot]
Copy link
Contributor

Bumps spotbugs from 3.1.12 to 4.2.0.

Release notes

Sourced from spotbugs's releases.

SpotBugs 4.2.0

CHANGELOG

CHECKSUM

file checksum (sha256)
spotbugs-4.2.0-javadoc.jar 351df25a8ff5dcce9b14de670e1dbe0c6808d796686978ecee8821dbf305e5d0
spotbugs-4.2.0-sources.jar 95b25a75d6e36f2d3f4d501795db6a7468bfe23ddcc9e7496065d2bee6f36d9d
spotbugs-4.2.0.tgz f5e2ad6e94515923a8b9a6db370d3b34a3aad9eda13315146b9bbd03bcbe7e30
spotbugs-4.2.0.zip 4d16c579b8622a72ee57cc5c3e730ad78c8107208528f7de875976a9dd840443
spotbugs-annotations-4.2.0-javadoc.jar c18c4c920acec9cb7b9c204ecc78998c5bccf9150c5a8cecd2fdc25e565be71b
spotbugs-annotations-4.2.0-sources.jar b338136e3e82d585348cde58a8fe3a678e16f51a35c31c1463e05fefef557aad
spotbugs-annotations.jar 871aee8bb3f7400a0d09e9675dcd7388da584169f4aab3565efc5a3f5bc90eab
spotbugs-ant-4.2.0-javadoc.jar a88414de79a0c1cf420058583fe64a746e2ebe6a918f91f4e7d183c06a452810
spotbugs-ant-4.2.0-sources.jar c74dec42c0ed0dd1ae02a7410d8e0f0dbbee23e8e7da4a21910863677fcdbc8e
spotbugs-ant.jar 9233e48d37882ae4e7a42e9f42ef4c63d6f802cf8f3b03ba575bee26e5032367
spotbugs.jar 4d48063a6f7b623936b68e150ea73499f6bfeb5d1bc4769214e04a9c8804132e
test-harness-4.2.0-javadoc.jar bb4f6fdbc17757577685317cb41557ed2c08822850fdb9e23eb5fd19c07f5b0a
test-harness-4.2.0-sources.jar 2c1f5ef929453f3b682c7eb7c1e22db3082b5f74c5a5be439be5dc31dd7a31aa
test-harness-4.2.0.jar 55d3a590b81ffec48293a76c45c0695914b405bf9f02bfb930e3ab99b5867d4f
test-harness-core-4.2.0-javadoc.jar 3723e59c0430cd555c55c2082d24b93419711de47ce41e49cc5e072b0fe1f452
test-harness-core-4.2.0-sources.jar f320f5eb4069e9686b760b2a6a0760989753225f9e9ce1226e3258ec64795d8a
test-harness-core-4.2.0.jar cbec03867e077079d011e85f9932fb230fae3d909f741cffaa4c8097e91fdf40
test-harness-jupiter-4.2.0-javadoc.jar 4a1c523c1d1f0d1095ab1e4185f4e63390ecfde5759e7611a2e41c05ce0c5a4d
test-harness-jupiter-4.2.0-sources.jar 210353a57016e26b1a654d936a15f039613fa1ac532d485c1b1d03902f6c6315
test-harness-jupiter-4.2.0.jar 17e8d78d1868f86e63f3e5e3d878e86f3d7fb1b8cf1a8d5f893333c982bfd3e2

SpotBugs 4.1.4

CHANGELOG

CHECKSUM

file checksum (sha256)
spotbugs-4.1.4-javadoc.jar 32fd9b5cbc6cca027183d72de3dbef2bf4670b461f42db4eefab2e8cc7fa0e1f
spotbugs-4.1.4-sources.jar b36f8138c79be464f270c5fb9a89f53481c7282a857115f45f95e5d462dabeee
spotbugs-4.1.4.tgz 2e6ebf87f92887e06d3a5aa29a2c3331c7ed089019aca1529670e156c6b0849e
spotbugs-4.1.4.zip 80d37786abecb607937402517a778bd0ef2bf4ae49639994852104807ecd63b4
spotbugs-annotations-4.1.4-javadoc.jar 9fc57182b3293d8834a87e691de7ac2e35824518f80fc480c59e6bf51e141c92
spotbugs-annotations-4.1.4-sources.jar b338136e3e82d585348cde58a8fe3a678e16f51a35c31c1463e05fefef557aad
spotbugs-annotations.jar f4d784f99c40cd7240cc36cd9288ff89e03b00681f282ee7cca2348e364ce0a1
spotbugs-ant-4.1.4-javadoc.jar 1ded0d8eb8cb3724f4d2c4e523c3c3254ef1cd2e4a8510a32314f13c2a01d9cc
spotbugs-ant-4.1.4-sources.jar c74dec42c0ed0dd1ae02a7410d8e0f0dbbee23e8e7da4a21910863677fcdbc8e
spotbugs-ant.jar 9233e48d37882ae4e7a42e9f42ef4c63d6f802cf8f3b03ba575bee26e5032367
spotbugs.jar 9407c27b324ad493479e3c2365e01444ce88db0fa86c835940c0f9ddd746f268
test-harness-4.1.4-javadoc.jar 4459cdd093609a36e00c4fc4444d3bd95baa05ef9c14f3b6c8d21981992b529f
test-harness-4.1.4-sources.jar 2c1f5ef929453f3b682c7eb7c1e22db3082b5f74c5a5be439be5dc31dd7a31aa
test-harness-4.1.4.jar 55d3a590b81ffec48293a76c45c0695914b405bf9f02bfb930e3ab99b5867d4f
test-harness-core-4.1.4-javadoc.jar ad09ce092b138a5b1c0410e67620da269451d5d3f71540382b35017f68312e00
Changelog

Sourced from spotbugs's changelog.

4.2.0 - 2020-11-28

Fixed

  • spotbugs reports VO_VOLATILE_REFERENCE_TO_ARRAY in synthetic code generated by Eclipse 4.17+ Java compiler (#1313)
  • spotbugs reports DM_BOXED_PRIMITIVE_FOR_PARSING for Double and Float (previously only reported for Integer and Long) (#744)
  • sarif report not showing correctly the physical and logical location (#1281)

Added

  • The class search (in the GUI's class name filter) is now case-insensitive and forgives typos (part of (#749))

Changed

  • Bump Saxon-HE from 10.2 to 10.3

4.1.4 - 2020-10-15

Fixed

  • IllegalArgumentException during XML report generation (#1272)
  • Error dialog on cancelling SpotBugs job in Eclipse (#1314)
  • IllegalArgumentException in OpcodeStack.constantToInt (#893)
  • Typos in description, documentation and so on
  • spotbugs reports VR_UNRESOLVABLE_REFERENCE and UPM_UNCALLED_PRIVATE_METHOD when code is compiled with Java 11 (#1254)

Changed

  • Bump jaxen from 1.1.6 to 1.2.0 supporting Java 11 compilation (#1316)
  • Bump ASM from 8.0.1 to 9.0 supporting JDK16 (sealed classes)
  • Bump Saxon-HE from 10.1 to 10.2
  • The dependency from test-harness to spotbugs is now testImplementation (#1317)
  • The dependency from test-harness-core to spotbugs is now api (#1317)

4.1.3 - 2020-09-25

Fixed

  • False positive RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE on try-with-resources (#259)
  • Misconfiguration which makes ASM not supporting Java 14 (#1276)
  • Resolved fatal exception in html report if BugInstance contains multiple Class elements and use the plain.xsl XSLT stylesheet to generate the HTML (#1025)

4.1.2 - 2020-08-18

Fixed

Added

  • Implement issue 390 as a detector, DontAssertInstanceofInTests, which reports bugs of type JUA_DONT_ASSERT_INSTANCEOF_IN_TESTS.

4.1.1 - 2020-07-31

Fixed

  • Missing the version of commons-lang3 for Maven (#1239)

4.1.0 - 2020-07-30

Added

  • Support custom bug annotation
  • Experimental support for the SARIF 2.1.0 report (discuss#95)
Commits
  • fa4462b release SpotBugs v4.2.0
  • d955768 issue 744: DM_BOXED_PRIMITIVE_FOR_PARSING for Double and Float (#1343)
  • 45c75d6 build(deps): bump mockito-core from 3.6.0 to 3.6.28
  • 891e43c build(deps): bump com.diffplug.spotless from 5.7.0 to 5.8.2
  • 8b50ea5 build(deps): bump Saxon-HE from 10.2 to 10.3 (#1358)
  • 4c51a35 Case-Insensitivity and Levenshtein-distance for the Class Name Filter in the ...
  • bb8dd77 ci: bump up actions to the latest version
  • cdfd0af Rank matcher and its documentation do not match - #566
  • 40ed8b7 build(deps): bump log4j-slf4j18-impl from 2.13.3 to 2.14.0
  • 405f7de build(deps): bump spring-core from 5.3.0 to 5.3.1
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
  • @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

@dependabot-preview dependabot-preview bot added the dependencies Pull requests that update a dependency file label Nov 30, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants