dependabot[bot] opened a new pull request, #1391: URL: https://github.com/apache/ratis/pull/1391
Bumps [com.github.spotbugs:spotbugs](https://github.com/spotbugs/spotbugs) from 4.8.6 to 4.9.8. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/spotbugs/spotbugs/releases";>com.github.spotbugs:spotbugs's releases</a>.</em></p> <blockquote> <h2>4.9.8</h2> <p>SpotBugs 4.9.8</p> <h3>CHANGELOG</h3> <h3>Fixed</h3> <ul> <li>Maven plugin reporting issue if -adjustPriority is not set (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3774";>#3774</a>)</li> </ul> <h3>CHECKSUM</h3> <table> <thead> <tr> <th>file</th> <th>checksum (sha256)</th> </tr> </thead> <tbody> <tr> <td>spotbugs-4.9.8-javadoc.jar</td> <td>06fb742e3170087983c5855d7d8d846d7cdab9badfdf4b3564b424deb1dc0b28</td> </tr> <tr> <td>spotbugs-4.9.8-sources.jar</td> <td>cbee8358dd239e81fdcf37c32d1e6bedf148d25638b0c8d1b687d97c3061ecd9</td> </tr> <tr> <td>spotbugs-4.9.8.tgz</td> <td>2eb8e0f2b223c22ffa2ce0c1cf1be4127dde19d240b8f7ce69a5fd3ad5c36ff3</td> </tr> <tr> <td>spotbugs-4.9.8.zip</td> <td>e13d476403cf69074f415e35ebcc2f865f7a1ea444c1e659516bc0260e74dfa5</td> </tr> <tr> <td>spotbugs-annotations-4.9.8-javadoc.jar</td> <td>aecf15bb27a4d067e9b5a1c85b5d3aeefc5026a66e93040995804662e285d679</td> </tr> <tr> <td>spotbugs-annotations-4.9.8-sources.jar</td> <td>075b2eed660c2fe2fb1ad1de028f8fdff5f358e25c1318706b95ab17bb28be44</td> </tr> <tr> <td>spotbugs-annotations.jar</td> <td>6f69d6fe9c55a54dcb30e87d8fa2d5f52246af50d7a3445246d9539ef221be1c</td> </tr> <tr> <td>spotbugs-ant-4.9.8-javadoc.jar</td> <td>025b2fb90e089dab1875068397736003bbf9e66bcac287ecb9e512dd0d387748</td> </tr> <tr> <td>spotbugs-ant-4.9.8-sources.jar</td> <td>91477d93b1fd1bebae35d318427b5238fb458e726478dc1a8ac41ce74838a1e6</td> </tr> <tr> <td>spotbugs-ant.jar</td> <td>22f2fa397e86663adcd4828cc1c91e63aa6cc2bfc56832885b749a86fac5c784</td> </tr> <tr> <td>spotbugs.jar</td> <td>4469bc080afe7cd2290a20bf63e28392b80abcc7c7ace33c8f55da52a17c7ca5</td> </tr> <tr> <td>test-harness-4.9.8-javadoc.jar</td> <td>81677f77441af941613c99a4f04b3cb2f6b1950be589afdec03905d8e2917824</td> </tr> <tr> <td>test-harness-4.9.8-sources.jar</td> <td>805d2d124b0d4ea513ee9262d4ad6027c3471d45defd80fd7d20e23425d17df7</td> </tr> <tr> <td>test-harness-4.9.8.jar</td> <td>0076a3bc9602c78d73edb048e625a96ee6a182fa3dd39300aa739af67b954189</td> </tr> <tr> <td>test-harness-core-4.9.8-javadoc.jar</td> <td>e3e64a5fd96be16eec8b832e87da703e5eae910b3abd7bda9ff81a10363e5c7f</td> </tr> <tr> <td>test-harness-core-4.9.8-sources.jar</td> <td>043a55d99a517c0d9cf702b0c183b4afd3f03af9eff4a86d59bb37df1b35b532</td> </tr> <tr> <td>test-harness-core-4.9.8.jar</td> <td>4e439df3b499660d91a659d7c523fcdc4945c932dfc7fee68e796193f9dff6bb</td> </tr> <tr> <td>test-harness-jupiter-4.9.8-javadoc.jar</td> <td>ae8ddee06796757be0526af1adf5969fbc149c0cf83542e6641405e69a044496</td> </tr> <tr> <td>test-harness-jupiter-4.9.8-sources.jar</td> <td>17144f315686bfd01c02fa4ae7c916060c41de8eed58d5b8470416fa08f46ced</td> </tr> <tr> <td>test-harness-jupiter-4.9.8.jar</td> <td>9e1bc39da08c6c80091f34f1fd92ec092109d0cdfd8009910bc22772df06eea7</td> </tr> </tbody> </table> <h2>4.9.7</h2> <p>SpotBugs 4.9.7</p> <h3>CHANGELOG</h3> <h3>Fixed</h3> <ul> <li>Fix Eclipse not always using latest preferences file state (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3740";>#3740</a>)</li> <li>Fix exception throw when singleton implementing Cloneable has no clone() method (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3727";>#3727</a>)</li> <li>Fix for missing -adjustPriority parameter in Eclipse preferences (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3687";>#3687</a>)</li> <li>Documentation of -adjustPriority parameter</li> <li>Functionality from DetectorFactory setEnabledButNonReporting(), getPriorityAdjustment() methods and BugInstance.adjustForDetector() is deprecated and moved to PriorityAdjuster (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3753";>#3753</a>)</li> <li>Improved <code>FindNakedNotify</code> to handle the case when the lock is loaded from a field (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3634";>#3634</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Support for fully qualified class names for detectors in -adjustPriority parameter</li> <li>Support for numerical and absolute priority adjustments</li> <li>Bump up Apache Commons BCEL to the version 6.11.0 (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3569";>#3569</a>)</li> </ul> <h3>Deprecated</h3> <ul> <li>Add back and deprecate <code>edu.umd.cs.findbugs.io.IO.close(InputStream)</code> method. (<a href="https://redirect.github.com/spotbugs/spotbugs/pull/3756";>#3756</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md";>com.github.spotbugs:spotbugs's changelog</a>.</em></p> <blockquote> <h2>4.9.8 - 2025-10-18</h2> <h3>Fixed</h3> <ul> <li>Maven plugin reporting issue if -adjustPriority is not set (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3774";>#3774</a>)</li> </ul> <h2>4.9.7 - 2025-10-14</h2> <h3>Fixed</h3> <ul> <li>Fix Eclipse not always using latest preferences file state (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3740";>#3740</a>)</li> <li>Fix exception throw when singleton implementing Cloneable has no clone() method (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3727";>#3727</a>)</li> <li>Fix for missing -adjustPriority parameter in Eclipse preferences (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3687";>#3687</a>)</li> <li>Documentation of -adjustPriority parameter</li> <li>Functionality from DetectorFactory setEnabledButNonReporting(), getPriorityAdjustment() methods and BugInstance.adjustForDetector() is deprecated and moved to PriorityAdjuster (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3753";>#3753</a>)</li> <li>Improved <code>FindNakedNotify</code> to handle the case when the lock is loaded from a field (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3634";>#3634</a>)</li> </ul> <h3>Changed</h3> <ul> <li>Support for fully qualified class names for detectors in -adjustPriority parameter</li> <li>Support for numerical and absolute priority adjustments</li> <li>Bump up Apache Commons BCEL to the version 6.11.0 (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3569";>#3569</a>)</li> </ul> <h3>Deprecated</h3> <ul> <li>Add back and deprecate <code>edu.umd.cs.findbugs.io.IO.close(InputStream)</code> method. (<a href="https://redirect.github.com/spotbugs/spotbugs/pull/3756";>#3756</a>)</li> </ul> <h3>Build</h3> <ul> <li>Allow our GA builds to work with JDK 25 (and drop support for JDK 24) (<a href="https://redirect.github.com/spotbugs/spotbugs/pull/3564";>#3564</a>)</li> </ul> <h2>4.9.6 - 2025-09-16</h2> <h3>Fixed</h3> <ul> <li>Fix exception throw when analyzing <code>jakarta.servlet.http.HttpServletRequest</code> method calls (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3711";>#3711</a>)</li> </ul> <h2>4.9.5 - 2025-09-14</h2> <h3>Fixed</h3> <ul> <li>Fix for an error when a record method has the <code>@SuppressFBWarnings</code> annotation (<a href="https://redirect.github.com/spotbugs/spotbugs/pull/3622";>#3622</a>)</li> <li>Fix <code>SF_SWITCH_FALLTHROUGH</code> false positive when continuing a loop (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3617";>#3617</a>)</li> <li><code>CWO_CLOSED_WITHOUT_OPENED</code> false positive (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3616";>#3616</a>)</li> <li><code>SF_SWITCH_NO_DEFAULT</code> false positive fix for switch-arrow (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3645";>#3645</a>)</li> <li>Fix the issue with BCEL logging <code>Duplicating value: ...</code> (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3621";>#3621</a>)</li> <li>Add missing jakarta support for servlets / pre/post destroy (<a href="https://redirect.github.com/spotbugs/spotbugs/pull/3694";>#3694</a>)</li> </ul> <h3>Added</h3> <ul> <li>Add 'java.nio.file.Path.of' to known types for path traversal checks (<a href="https://redirect.github.com/spotbugs/spotbugs/pull/3699";>#3699</a>)</li> </ul> <h3>Cleanup</h3> <ul> <li>S1481: Unused local variables should be removed (<a href="https://redirect.github.com/spotbugs/spotbugs/pull/3654";>#3654</a>)</li> <li>Moved test libraries to jakarta namespace including switching off jsr305 where possible for jakarta.annotation (<a href="https://redirect.github.com/spotbugs/spotbugs/pull/3695";>#3695</a>)</li> </ul> <h2>4.9.4 - 2025-08-07</h2> <h3>Changed</h3> <ul> <li><code>AnnotationMatcher</code> can now ignore bugs if annotation is also applied on methods or fields. Previously only annotations on classes were considered.</li> <li>Add relevant CWE ids to bugs and refer the CWEs in the bug messages (<a href="https://redirect.github.com/spotbugs/spotbugs/pull/3354";>#3354</a>).</li> <li>Replace <code>LOCAL_VARIABLE_UNKNOWN</code> with exact method name for <code>NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE</code> (<a href="https://redirect.github.com/spotbugs/spotbugs/pull/3485";>#3485</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/spotbugs/spotbugs/commit/c1fa7f2ffa1cc51b7fd7977eb654eb37327a6cca";><code>c1fa7f2</code></a> release v4.9.8</li> <li><a href="https://github.com/spotbugs/spotbugs/commit/023f8dd53a7d5ebd4ea01756a175cb61016dad7f";><code>023f8dd</code></a> fix(deps): update dependency org.apache.groovy:groovy-all to v5.0.2 (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3782";>#3782</a>)</li> <li><a href="https://github.com/spotbugs/spotbugs/commit/423f1d1858b9deafcff0cc91c6a30dbc7169cd34";><code>423f1d1</code></a> Unconditional while loops no raising <code>IL_INFINITE_LOOP</code> (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3537";>#3537</a>)</li> <li><a href="https://github.com/spotbugs/spotbugs/commit/9125bee9c68702c5b974a91b1c8e9feeedbcaa48";><code>9125bee</code></a> Fix priority adjustment code</li> <li><a href="https://github.com/spotbugs/spotbugs/commit/183da6cf6e96e9c15d64c9235f445c038f9e0423";><code>183da6c</code></a> fix(deps): update dependency org.springframework:spring-core to v6.2.12 (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3779";>#3779</a>)</li> <li><a href="https://github.com/spotbugs/spotbugs/commit/a499f2eff918979cae13195dacce1b7b308393c4";><code>a499f2e</code></a> chore(deps): update dependency com.diffplug.gradle:goomph to v4.4.1 (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3776";>#3776</a>)</li> <li><a href="https://github.com/spotbugs/spotbugs/commit/b339bc1b8b46fd2b6190851b46da9e036ed85317";><code>b339bc1</code></a> Unconditionally initialize PriorityAdjuster for AbstractBugReporter</li> <li><a href="https://github.com/spotbugs/spotbugs/commit/96891fe4f0b95f17a07459f6f9e348aee7a11164";><code>96891fe</code></a> chore(deps): update plugin com.github.spotbugs to v6.4.3 (<a href="https://redirect.github.com/spotbugs/spotbugs/issues/3773";>#3773</a>)</li> <li><a href="https://github.com/spotbugs/spotbugs/commit/a3667d7b0de3545d236e7cfdc90ce8a669bb6111";><code>a3667d7</code></a> chore(docs): Updated supported versions</li> <li><a href="https://github.com/spotbugs/spotbugs/commit/333a96ad88a7e15a019327343f60b2483cd0f8df";><code>333a96a</code></a> prepare for next release</li> <li>Additional commits viewable in <a href="https://github.com/spotbugs/spotbugs/compare/4.8.6...4.9.8";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
