From c50bf2ede84a67a6ee155c78a2bf5f00e33dc8eb Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 7 May 2024 23:41:42 -0700
Subject: [PATCH] ORC-1713: Bump spotbugs-maven-plugin to 4.8.5.0
Bumps [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.8.4.0 to 4.8.5.0.
Release notes
Sourced from com.github.spotbugs:spotbugs-maven-plugin's releases.
Spotbugs Maven Plugin 4.8.5.0
- Support spotbugs 4.8.5.0
- Dependency and plugin general updates
- Maven wrapper update to 3.3.1
Commits
ca8b5a3 [maven-release-plugin] prepare release spotbugs-maven-plugin-4.8.5.01ee6f5f [ci] Update version in readme to 4.8.5.04c46d8d [pom] Bump all to spotbugs 4.8.55912a28 Merge pull request #800 from spotbugs/renovate/guava-monorepo9537abe Merge pull request #801 from spotbugs/renovate/spotbugsversion7cb964e Update dependency com.github.spotbugs:spotbugs to v4.8.50981f50 Update dependency com.google.guava:guava to v33.2.0-jref5482b1 Merge pull request #799 from hazendaz/master1f2f111 [mvn] Update maven wrapper5f9ae49 Merge pull request #797 from spotbugs/renovate/codec.version- Additional commits viewable in compare view
Most Recent Ignore Conditions Applied to This Pull Request
| Dependency Name | Ignore Conditions |
| --- | --- |
| com.github.spotbugs:spotbugs-maven-plugin | [< 4.8, > 4.7.3.4] |
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Closes #1921 from dependabot[bot]/dependabot/maven/java/com.github.spotbugs-spotbugs-maven-plugin-4.8.5.0.
Authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: William Hyun
---
java/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/pom.xml b/java/pom.xml
index 93590ba9cf..32fb380c44 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -395,7 +395,7 @@
com.github.spotbugs
spotbugs-maven-plugin
- 4.8.4.0
+ 4.8.5.0
spotbugs-include.xml
spotbugs-exclude.xml