Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency com.github.spotbugs:spotbugs-annotations to v4.7.3 #301

Merged
merged 1 commit into from
Nov 5, 2022
Merged

Update dependency com.github.spotbugs:spotbugs-annotations to v4.7.3 #301

merged 1 commit into from
Nov 5, 2022

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 5, 2022

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
com.github.spotbugs:spotbugs-annotations (source) 4.7.0 -> 4.7.3 age adoption passing confidence

Release Notes

spotbugs/spotbugs

v4.7.3

Compare Source

Fixed
  • Fixed detector DontUseFloatsAsLoopCounters to prevent false positives. (#​2126)
  • Fixed regression in 4.7.2 caused by (#​2141)
  • improve compatibility with later version of jdk (>= 13). (#​2188)
  • Fixed detector UncallableMethodOfAnonymousClass to not report unused methods of method-local enumerations and records (#​2120)
  • Fixed detector FindSqlInjection to detect bug SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE SQL with high priority in case of unsafe appends also in Java 11 and above (#​2183)
  • Fixed detector StringConcatenation to detect bug SBSC_USE_STRINGBUFFER_CONCATENATION also in Java 11 and above (#​2182)
  • Fixed OpcodeStackDetector to to handle propagation of taints properly in case of string concatenation in Java 9 and above (#​2195)
  • Bump up log4j2 binding to 2.19.0
  • Bump ObjectWeb ASM from 9.3 to 9.4 supporting JDK 20 (#​2200)
  • Bump up commons-text to 1.10.0 (#​2197)
  • Fixed debug detector ViewCFG to generate file names that are also valid on Windows (#​2209)

v4.7.2

Compare Source

Fixed
  • Bumped gson from 2.9.0 to 2.9.1 (#​2136)
  • Bump up SLF4J API to 2.0.0
  • Bump up logback to 1.4.0
  • Bump up log4j2 binding to 2.18.0
  • Bump up Saxon-HE to 11.4 (#​2160)
  • Fixed InvalidInputException in Eclipse while bug reporting (#​2134)
  • Bug SA_FIELD_SELF_ASSIGNMENT is now reported from nested classes as well (#​2142)
  • Avoid warning on use of security manager on Java 17 and newer. (#​1579)
  • Fixed false positives EI_EXPOSE_REP thrown in case of fields initialized by the of or copyOf method of a List, Map or Set (#​1771)
  • Fixed CFGBuilderException thrown when dup_x2 is used to swap the reference and wide-value (double, long) in the stack (#​2146)

v4.7.1

Compare Source

Fixed
  • Fixed False positives for RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE on try-with-resources with interface references (#​1931)
  • Fixed NullPointerException thrown by detector FindPotentialSecurityCheckBasedOnUntrustedSource on Kotlin files. (#​2041)
  • Disabled detector ThrowingExceptions by default to avoid many false positives (#​2040)
  • Fixed False positives for THROWS_METHOD_THROWS_CLAUSE_BASIC_EXCEPTION and THROWS_METHOD_THROWS_CLAUSE_THROWABLE on evaluating synthetic classes (#​2040)
  • Fixed False positive for SSD_DO_NOT_USE_INSTANCE_LOCK_ON_SHARED_STATIC_DATA on proper protection by using static lock for synchronized block, but inside an unsecured (synchronized and not static) method (#​2089)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@codecov-commenter
Copy link

Codecov Report

Base: 15.89% // Head: 15.89% // No change to project coverage 👍

Coverage data is based on head (e0dd8e1) compared to base (b67dd80).
Patch has no changes to coverable lines.

Additional details and impacted files 
@@            Coverage Diff            @@
##             master     #301   +/-   ##
=========================================
  Coverage     15.89%   15.89%           
  Complexity       76       76           
=========================================
  Files            33       33           
  Lines          1302     1302           
  Branches        125      125           
=========================================
  Hits            207      207           
  Misses         1082     1082           
  Partials         13       13

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

@sparsick sparsick merged commit 6efaebb into master Nov 5, 2022
@sparsick sparsick deleted the renovate/com.github.spotbugs-spotbugs-annotations-4.x branch November 5, 2022 19:51
@sparsick sparsick added the dependencies Pull requests that update a dependency file label Nov 5, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@codecov-commenter @sparsick