Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency com.github.spotbugs:spotbugs-annotations to v4.7.3 #30

Merged
merged 1 commit into from
Mar 2, 2023
Merged

Update dependency com.github.spotbugs:spotbugs-annotations to v4.7.3 #30

merged 1 commit into from
Mar 2, 2023

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 21, 2023

Mend Renovate

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
com.github.spotbugs:spotbugs-annotations (source) 4.7.1 -> 4.7.3 age adoption passing confidence

Release Notes

spotbugs/spotbugs

v4.7.3

Compare Source

Fixed
  • Fixed detector DontUseFloatsAsLoopCounters to prevent false positives. (#​2126)
  • Fixed regression in 4.7.2 caused by (#​2141)
  • improve compatibility with later version of jdk (>= 13). (#​2188)
  • Fixed detector UncallableMethodOfAnonymousClass to not report unused methods of method-local enumerations and records (#​2120)
  • Fixed detector FindSqlInjection to detect bug SQL_NONCONSTANT_STRING_PASSED_TO_EXECUTE SQL with high priority in case of unsafe appends also in Java 11 and above (#​2183)
  • Fixed detector StringConcatenation to detect bug SBSC_USE_STRINGBUFFER_CONCATENATION also in Java 11 and above (#​2182)
  • Fixed OpcodeStackDetector to to handle propagation of taints properly in case of string concatenation in Java 9 and above (#​2195)
  • Bump up log4j2 binding to 2.19.0
  • Bump ObjectWeb ASM from 9.3 to 9.4 supporting JDK 20 (#​2200)
  • Bump up commons-text to 1.10.0 (#​2197)
  • Fixed debug detector ViewCFG to generate file names that are also valid on Windows (#​2209)

v4.7.2

Compare Source

Fixed
  • Bumped gson from 2.9.0 to 2.9.1 (#​2136)
  • Bump up SLF4J API to 2.0.0
  • Bump up logback to 1.4.0
  • Bump up log4j2 binding to 2.18.0
  • Bump up Saxon-HE to 11.4 (#​2160)
  • Fixed InvalidInputException in Eclipse while bug reporting (#​2134)
  • Bug SA_FIELD_SELF_ASSIGNMENT is now reported from nested classes as well (#​2142)
  • Avoid warning on use of security manager on Java 17 and newer. (#​1579)
  • Fixed false positives EI_EXPOSE_REP thrown in case of fields initialized by the of or copyOf method of a List, Map or Set (#​1771)
  • Fixed CFGBuilderException thrown when dup_x2 is used to swap the reference and wide-value (double, long) in the stack (#​2146)

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone Europe/Prague, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/spotbugs branch from 211dac4 to c1ce91f Compare March 2, 2023 14:45
@github-actions
Copy link

github-actions bot commented Mar 2, 2023

❌ GraalVM CE CI 17 latest failed: https://ge.micronaut.io/s/537jzqh3sme7a

@dstepanov dstepanov merged commit b56b560 into master Mar 2, 2023
@dstepanov dstepanov deleted the renovate/spotbugs branch March 2, 2023 16:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependency-upgrade
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@dstepanov