Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update dependency com.github.spotbugs:spotbugs-annotations to v4.9.0 #4100

Merged
merged 1 commit into from
Jan 16, 2025
Merged

chore(deps): update dependency com.github.spotbugs:spotbugs-annotations to v4.9.0 #4100

merged 1 commit into from
Jan 16, 2025

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 16, 2025

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
com.github.spotbugs:spotbugs-annotations (source) 4.8.6 -> 4.9.0 age adoption passing confidence

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

spotbugs/spotbugs (com.github.spotbugs:spotbugs-annotations)

v4.9.0

Compare Source

Added
  • Updated the SuppressFBWarnings annotation to support finer grained bug suppressions (#​3102)
  • SimpleDateFormat, DateTimeFormatter, FastDateFormat string check for bad combinations of flag formatting (#​637)
  • New detector ResourceInMultipleThreadsDetector and introduced new bug type:
    • AT_UNSAFE_RESOURCE_ACCESS_IN_THREAD is reported in case of unsafe resource access in multiple threads.
Fixed
  • Do not consider Records as Singletons (#​2981)
  • Keep a maximum of 10000 cached analysis entries for plugin's analysis engines (#​3025)
  • Only report MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT when calling own methods (#​2957)
  • Check the actual caught exceptions (instead of their common type) when analyzing multi-catch blocks (#​2968)
  • System property findbugs.refcomp.reportAll is now being used. For some new conditions, it will emit an experimental warning (#​2988)
  • -version flag prints the version to the standard output (#​2797)
  • Revert the changes from (#​2894) to get HTML stylesheets to work again (#​2969)
  • Fix FP SING_SINGLETON_GETTER_NOT_SYNCHRONIZED report when the synchronization is in a called method (#​3045)
  • Let BetterCFGBuilder2.isPEI handle dup2 bytecode used by Spring AOT (#​3059)
  • Detect failure to close RocksDB's ReadOptions (#​3069)
  • Fix FP EI_EXPOSE_REP when there are multiple immutable assignments (#​3023)
  • Fixed false positive NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for Kotlin, handle Kotlin's Intrinsics.checkNotNullParameter() (#​3094)
  • Fixed some CWE mappings (#​3124)
  • Recognize some classes as immutable, fixing EI_EXPOSE and MS_EXPOSE FPs (#​3137)
  • Do not report UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for fields initialized in method annotated with TestNG's @​BeforeClass. (#​3152)
  • Fixed detector FindReturnRef not finding references exposed from nested and inner classes (#​2042)
  • Fix call graph, include non-parametric void methods (#​3160)
  • Fix multiple reporting of identical bugs messing up statistics (#​3185)
  • Added missing comma between line number and confidence when describing matching and mismatching bugs for tests (#​3187)
  • Fixed method matchers with array types (#​3203)
  • Fix SARIF report's message property in Exception to meet the standard (#​3197)
  • Fixed FI_FINALIZER_NULLS_FIELDS FPs for functions called finalize() but not with the correct signature. (#​3207)
  • Fixed an error in the detection of bridge methods causing analysis crashes (#​3208)
  • Fixed detector ThrowingExceptions by removing false positive reports, such as synthetic methods (lambdas), methods which inherited their exception specifications and methods which call throwing methods (#​2040)
  • Do not report DP_DO_INSIDE_DO_PRIVILEGED, DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED and USC_POTENTIAL_SECURITY_CHECK_BASED_ON_UNTRUSTED_SOURCE in code targeting Java 17 and above, since it advises the usage of deprecated method (#​1515).
  • Fixed a RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT false positive for a builder delegating to another builder (#​3235)
Cleanup
  • Cleanup thread issue and regex issue in test-harness (#​3130)
  • Remove extra blank lines and remove public from interface objects as inherently already public (#​3131)
  • Fix order of modifiers on properties/methods and ensure correct location in file (#​3132, #​3177)
  • Return objects directly instead of creating more garbage collection by defining them (#​3133, #​3175)
  • Restrict the constructor of abstract classes visibility to protected (#​3178)
  • Cleanup double initialization and fix comments referring to findbugs instead of spotbugs(#​3134)
  • Use diamond operator in constructor calls of Collections (#​3176)
  • Use Collection.isEmpty() or String.isEmpty() to test for emptiness (#​3180, #​3219)
  • Use method references instead of lambdas where possible (#​3179)
  • Move default clauses to the end of switches (#​3222)
  • Remove unnecessary throws declarations (#​3220)
  • Use Boolean.parseBoolean() for string-to-boolean conversion. (#​3217)
  • Rename shadowing fields (#​3221)
  • Combine catch blocks with the same body (#​3223)
  • Merge conditions of nested ifs (#​3231)
  • Use non deprecated 'getDottedClassName' instead of 'toDottedClassName'(#​3251)
  • Use try with resources where possible (#​3253)
Changed
  • Bump up Java version to 11

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Jan 16, 2025
@renovate renovate bot enabled auto-merge (squash) January 16, 2025 10:02
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@codecov Codecov
Copy link

codecov bot commented Jan 16, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 0.00%. Comparing base (ab46933) to head (7b51be0).
Report is 14 commits behind head on master.

Additional details and impacted files 
@@          Coverage Diff           @@
##           master   #4100   +/-   ##
======================================
  Coverage    0.00%   0.00%           
======================================
  Files           2       2           
  Lines          90      90           
  Branches        3       3           
======================================
  Misses         90      90

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@renovate renovate bot merged commit 1b249c4 into master Jan 16, 2025
28 checks passed
@renovate renovate bot deleted the renovate/com.github.spotbugs-spotbugs-annotations-4.9.x branch January 16, 2025 10:48
angelacorte pushed a commit to angelacorte/Alchemist that referenced this pull request Jan 16, 2025
@renovate @angelacorte
chore(deps): update dependency com.github.spotbugs:spotbugs-annotatio…
e98de4d 
…ns to v4.9.0 (AlchemistSimulator#4100)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
AngeloFilaseta pushed a commit to AngeloFilaseta/Alchemist that referenced this pull request Jan 17, 2025
@renovate @AngeloFilaseta
chore(deps): update dependency com.github.spotbugs:spotbugs-annotatio…
eefc813 
…ns to v4.9.0 (AlchemistSimulator#4100)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
DanySK pushed a commit that referenced this pull request Jan 17, 2025
@semantic-release-bot
chore(release): 37.0.0 [skip ci]
72761a9 
## [37.0.0](36.1.3...37.0.0) (2025-01-17)

### ⚠ BREAKING CHANGES

* write `Environment` in Kotlin, introduce `TerminationPredicate`, improve simulation access from environments, use nullables for `Layer` access (#4105)

### Dependency updates

* **deps:** update danysk/makepkg docker tag to v1.1.29 ([#4086](#4086)) ([8dc2974](8dc2974))
* **deps:** update danysk/makepkg docker tag to v1.1.30 ([#4094](#4094)) ([d94d957](d94d957))
* **deps:** update danysk/makepkg docker tag to v1.1.31 ([#4108](#4108)) ([7625ff4](7625ff4))
* **deps:** update dependency com.github.spotbugs:spotbugs-annotations to v4.9.0 ([#4100](#4100)) ([1b249c4](1b249c4))
* **deps:** update dependency org.mapsforge:mapsforge-map-awt to v0.23.0 ([#4102](#4102)) ([f78ec3a](f78ec3a))
* **deps:** update dependency org.mongodb:mongodb-driver-sync to v5.3.0 ([#4092](#4092)) ([50726a4](50726a4))
* **deps:** update dependency scalafmt to v3.8.4 ([#4095](#4095)) ([41dace0](41dace0))
* **deps:** update dependency scalafmt to v3.8.5 ([#4106](#4106)) ([61d495c](61d495c))
* **deps:** update dependency semantic-release-preconfigured-conventional-commits to v1.1.119 ([#4093](#4093)) ([be9e560](be9e560))
* **deps:** update plugin java-qa to v1.83.0 ([#4085](#4085)) ([0c6a7aa](0c6a7aa))
* **deps:** update plugin java-qa to v1.84.0 ([#4087](#4087)) ([dc00791](dc00791))
* **deps:** update plugin java-qa to v1.85.0 ([#4101](#4101)) ([18cde4f](18cde4f))
* **deps:** update plugin java-qa to v1.86.0 ([#4103](#4103)) ([4f1f16a](4f1f16a))
* **deps:** update plugin java-qa to v1.87.0 ([#4109](#4109)) ([8610511](8610511))
* **deps:** update plugin publishoncentral to v8.0.1 ([#4084](#4084)) ([e77ecad](e77ecad))
* **deps:** update scala to v2.13.16 ([#4091](#4091)) ([36c9bb7](36c9bb7))

### Build and continuous integration

* create the staging repo using dedicated actions ([#4083](#4083)) ([6132ddb](6132ddb))
* **deps:** update actions/upload-artifact action to v4.6.0 ([#4090](#4090)) ([dda394f](dda394f))
* **deps:** update danysk/build-check-deploy-gradle-action action to v3.7.0 ([#4089](#4089)) ([ffb379c](ffb379c))
* fix release command syntax error ([c1da110](c1da110))
* remove no longer existing javadoc collector task ([13b40ec](13b40ec))
* update the dokka task name when generating ancillary files ([#4097](#4097)) ([230870d](230870d))

### General maintenance

* **build:** update the javadoc.io cache ([843b773](843b773))
* **build:** update the javadoc.io cache ([dd90d7a](dd90d7a))
* **build:** update the javadoc.io cache ([f1658e8](f1658e8))
* **build:** update the javadoc.io cache ([52c75ee](52c75ee))
* **build:** update the javadoc.io cache ([ab46933](ab46933))

### Refactoring

* write `Environment` in Kotlin, introduce `TerminationPredicate`, improve simulation access from environments, use nullables for `Layer` access ([#4105](#4105)) ([ddcafe9](ddcafe9))
@DanySK
Copy link
Member

DanySK commented Jan 17, 2025

🎉 This PR is included in version 37.0.0 🎉

The release is available on:

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@DanySK