Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update com.github.spotbugs.version to v4.8.3 - autoclosed #218

Closed
wants to merge 1 commit into from
Closed

Update com.github.spotbugs.version to v4.8.3 - autoclosed #218

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Nov 29, 2023
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
com.github.spotbugs:spotbugs-annotations (source) 4.8.1 -> 4.8.3 age adoption passing confidence
com.github.spotbugs:spotbugs (source) 4.8.1 -> 4.8.3 age adoption passing confidence

Release Notes

spotbugs/spotbugs (com.github.spotbugs:spotbugs-annotations)

v4.8.3

Compare Source

Fixed
  • Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits for checked exceptions (#​2710)
  • Applied changes for bcel 6.8.0 with adjustments to constant pool (#​2756)
    • More information bcel changes can be found on (#​2757)
  • Fix FN in CT_CONSTRUCTOR_THROW when the return value of the called method is not void or primitive type.
Changed
  • Improved Matcher checks for empty strings (#​2755)
  • Allow 'onlyAnalyze' option to specify negative matches, such that this facility can be used to prevent a subset of classes to be excluded from analysis (#​2754)
  • Strictly require logback 1.2.13 due to CVE-2023-6481 and CVE-23-6378 (#​2760)
  • Prefer log4j2 at 2.22.0 and logback at 1.4.14 (#​2760)

v4.8.2

Compare Source

Fixed
  • Fixed false positive UPM_UNCALLED_PRIVATE_METHOD for method used in JUnit's MethodSource (#​2379)
  • Use java.nio to load filter files (#​2684)
  • Eclipse: Do not export javax.annotation packages (#​2699)
  • Fixed not thread safe FindOverridableMethodCall detector (#​2701)
  • Fix the weird messages of PI_DO_NOT_REUSE_PUBLIC_IDENTIFIERS bugs. (#​2646)
  • Revert commons-text from 1.11.0 to 1.10.0 to resolve a version conflict (#​2686)
  • Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits (#​2710)
Added
  • New detector finding System.getenv() calls, where the corresponding Java property could be used (See ENV02-J).
Build
  • Run build using jdk 17 and 21 without usage of toolchains so we do not defeat the purpose of building on both. (#​2722)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about these updates again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot changed the title Update com.github.spotbugs.version to v4.8.2 Update com.github.spotbugs.version to v4.8.3 Dec 15, 2023
@renovate renovate bot force-pushed the renovate/com.github.spotbugs.version branch from 7a91aa4 to 4c41bbc Compare December 15, 2023 14:47
@renovate renovate bot changed the title Update com.github.spotbugs.version to v4.8.3 Update com.github.spotbugs.version to v4.8.3 - autoclosed Jan 31, 2024
@renovate renovate bot closed this Jan 31, 2024
@renovate renovate bot deleted the renovate/com.github.spotbugs.version branch January 31, 2024 15:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants