Skip to content

Build(deps): Bump com.github.spotbugs:spotbugs from 4.8.6 to 4.9.7 in /libcobj #727

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

Build(deps): Bump com.github.spotbugs:spotbugs from 4.8.6 to 4.9.7 in /libcobj #727

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 15, 2025

Bumps com.github.spotbugs:spotbugs from 4.8.6 to 4.9.7.

Release notes

Sourced from com.github.spotbugs:spotbugs's releases.

4.9.7

SpotBugs 4.9.7

CHANGELOG

Fixed

  • Fix Eclipse not always using latest preferences file state (#3740)
  • Fix exception throw when singleton implementing Cloneable has no clone() method (#3727)
  • Fix for missing -adjustPriority parameter in Eclipse preferences (#3687)
  • Documentation of -adjustPriority parameter
  • Functionality from DetectorFactory setEnabledButNonReporting(), getPriorityAdjustment() methods and BugInstance.adjustForDetector() is deprecated and moved to PriorityAdjuster (#3753)
  • Improved FindNakedNotify to handle the case when the lock is loaded from a field (#3634)

Changed

  • Support for fully qualified class names for detectors in -adjustPriority parameter
  • Support for numerical and absolute priority adjustments
  • Bump up Apache Commons BCEL to the version 6.11.0 (#3569)

Deprecated

  • Add back and deprecate edu.umd.cs.findbugs.io.IO.close(InputStream) method. (#3756)

Build

  • Allow our GA builds to work with JDK 25 (and drop support for JDK 24) (#3564)

CHECKSUM

file checksum (sha256)
spotbugs-4.9.7-javadoc.jar 8147e7bbbf6d4690bf52c823efb788073366db99bedbf056c97c755c6a5160c8
spotbugs-4.9.7-sources.jar 67d554c54e1000b1da43f0404028ac41a1fbdb0e1ae052177923fc0bc6199d04
spotbugs-4.9.7.tgz 3dc8cea89e38237bd7da8ddf0ce61508c4da0d3b4490f86ed37fb99967ec0a81
spotbugs-4.9.7.zip aa5d06e17b820910aa71a52518c78f38282ee098918ad15036f0aab12ae3c3a5
spotbugs-annotations-4.9.7-javadoc.jar 47ae4240d19ff644c90620ce5eb313a5f1165bbe246dc0b4dccacd27c16849a5
spotbugs-annotations-4.9.7-sources.jar 075b2eed660c2fe2fb1ad1de028f8fdff5f358e25c1318706b95ab17bb28be44
spotbugs-annotations.jar e2f3cde66bf683e02d0b0a439a1a4898fcb79776682707e1fd50700a18f27a45
spotbugs-ant-4.9.7-javadoc.jar 1ef62c58d5547ef72d25ea7979c5c76ffb69455927ed83a1ad3955a1d8084d0f
spotbugs-ant-4.9.7-sources.jar 91477d93b1fd1bebae35d318427b5238fb458e726478dc1a8ac41ce74838a1e6
spotbugs-ant.jar 22f2fa397e86663adcd4828cc1c91e63aa6cc2bfc56832885b749a86fac5c784
spotbugs.jar c728dffc561e6844c02571a29bc62bf876b142fd71b682ee9eaea32fe773254c
test-harness-4.9.7-javadoc.jar 1562d31885c1cb356127023f4864b1255169d3af968db262929e2beea5e10d65
test-harness-4.9.7-sources.jar 805d2d124b0d4ea513ee9262d4ad6027c3471d45defd80fd7d20e23425d17df7
test-harness-4.9.7.jar 0076a3bc9602c78d73edb048e625a96ee6a182fa3dd39300aa739af67b954189
test-harness-core-4.9.7-javadoc.jar b77ba2437fb1b62482fe4407d1956eeace03716ed2753cd510febd7ef5260e6c
test-harness-core-4.9.7-sources.jar 043a55d99a517c0d9cf702b0c183b4afd3f03af9eff4a86d59bb37df1b35b532
test-harness-core-4.9.7.jar 4e439df3b499660d91a659d7c523fcdc4945c932dfc7fee68e796193f9dff6bb
test-harness-jupiter-4.9.7-javadoc.jar ce0143bd5566628a645cde31b7ca6d3bedff0f09292139a9392e18e5f262a0e5
test-harness-jupiter-4.9.7-sources.jar 17144f315686bfd01c02fa4ae7c916060c41de8eed58d5b8470416fa08f46ced
test-harness-jupiter-4.9.7.jar 9e1bc39da08c6c80091f34f1fd92ec092109d0cdfd8009910bc22772df06eea7

4.9.6

SpotBugs 4.9.6

... (truncated)

Changelog

Sourced from com.github.spotbugs:spotbugs's changelog.

4.9.7 - 2025-10-14

Fixed

  • Fix Eclipse not always using latest preferences file state (#3740)
  • Fix exception throw when singleton implementing Cloneable has no clone() method (#3727)
  • Fix for missing -adjustPriority parameter in Eclipse preferences (#3687)
  • Documentation of -adjustPriority parameter
  • Functionality from DetectorFactory setEnabledButNonReporting(), getPriorityAdjustment() methods and BugInstance.adjustForDetector() is deprecated and moved to PriorityAdjuster (#3753)
  • Improved FindNakedNotify to handle the case when the lock is loaded from a field (#3634)

Changed

  • Support for fully qualified class names for detectors in -adjustPriority parameter
  • Support for numerical and absolute priority adjustments
  • Bump up Apache Commons BCEL to the version 6.11.0 (#3569)

Deprecated

  • Add back and deprecate edu.umd.cs.findbugs.io.IO.close(InputStream) method. (#3756)

Build

  • Allow our GA builds to work with JDK 25 (and drop support for JDK 24) (#3564)

4.9.6 - 2025-09-16

Fixed

  • Fix exception throw when analyzing jakarta.servlet.http.HttpServletRequest method calls (#3711)

4.9.5 - 2025-09-14

Fixed

  • Fix for an error when a record method has the @SuppressFBWarnings annotation (#3622)
  • Fix SF_SWITCH_FALLTHROUGH false positive when continuing a loop (#3617)
  • CWO_CLOSED_WITHOUT_OPENED false positive (#3616)
  • SF_SWITCH_NO_DEFAULT false positive fix for switch-arrow (#3645)
  • Fix the issue with BCEL logging Duplicating value: ... (#3621)
  • Add missing jakarta support for servlets / pre/post destroy (#3694)

Added

  • Add 'java.nio.file.Path.of' to known types for path traversal checks (#3699)

Cleanup

  • S1481: Unused local variables should be removed (#3654)
  • Moved test libraries to jakarta namespace including switching off jsr305 where possible for jakarta.annotatoin (#3695)

4.9.4 - 2025-08-07

Changed

  • AnnotationMatcher can now ignore bugs if annotation is also applied on methods or fields. Previously only annotations on classes were considered.
  • Add relevant CWE ids to bugs and refer the CWEs in the bug messages (#3354).
  • Replace LOCAL_VARIABLE_UNKNOWN with exact method name for NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE (#3485)

Fixed

  • Widen main method recognition according to JEP 445. (#3371)
  • Do not report US_USELESS_SUPPRESSION_ON_* on methods, fields, parameters, packages or classes with an *.Generated annotation with retention >= class (#3350)(#3409)
  • Rewrite some member in ResourceValueFrame.java to Enum (#2061)

... (truncated)

Commits
  • 4f7bc6d release v4.9.7
  • 36bc19a chore(docs): Update archetype to 0.4.9
  • 3916029 False Negative NN_NAKED_NOTIFY when loading a field (#3635)
  • 76acf73 chore(deps): update plugin org.sonarqube to v7 (#3772)
  • 834ef51 chore(deps): update plugin com.gradle.develocity to v4.2.2 (#3770)
  • d03960f ci: run the build against JDK 25
  • 17b4ebe chore(deps): version upgrade org.apache.bcel:bcel: 6.10.0 -->> 6.11.0
  • 891a646 fix(deps): update dependency checkstyle to v12.0.1 (#3764)
  • 6891394 fix(deps): update dependency jacoco to v0.8.14 (#3765)
  • 2c7270c fix(deps): update dependency checkstyle to v12 (#3760)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Build(deps): Bump com.github.spotbugs:spotbugs in /libcobj
dcabda7 
Bumps [com.github.spotbugs:spotbugs](https://github.com/spotbugs/spotbugs) from 4.8.6 to 4.9.7.
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](spotbugs/spotbugs@4.8.6...4.9.7)

---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs
  dependency-version: 4.9.7
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Oct 15, 2025
@dependabot dependabot bot mentioned this pull request Oct 15, 2025
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants