Skip to content

Bump com.github.spotbugs:spotbugs-annotations from 4.9.3 to 4.9.6 #340

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 1, 2025
Merged

Bump com.github.spotbugs:spotbugs-annotations from 4.9.3 to 4.9.6 #340

merged 1 commit into from
Oct 1, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 1, 2025

Bumps com.github.spotbugs:spotbugs-annotations from 4.9.3 to 4.9.6.

Release notes

Sourced from com.github.spotbugs:spotbugs-annotations's releases.

4.9.6

SpotBugs 4.9.6

CHANGELOG

Fixed

  • Fix exception throw when analyzing jakarta.servlet.http.HttpServletRequest method calls (#3711)

CHECKSUM

file checksum (sha256)
spotbugs-4.9.6-javadoc.jar b4b9373ad6f22ad2547a8274501f87b01e2428c30aabaea3aeec3f9095636e24
spotbugs-4.9.6-sources.jar 89687b6e685c9a07f7faf49f29b832fb861884f2160947eb4396498cdbb33cc4
spotbugs-4.9.6.tgz 55aa9b9e3deef0391be285335dcf134d1ce54aae222bba1da757eaa616108957
spotbugs-4.9.6.zip 86fb3f93c4147383f76fe21ab2807956b34cf17108a42a76311efa4977f952cc
spotbugs-annotations-4.9.6-javadoc.jar 4c9f8027f6a2313ef22347f4832e5dccc9c58d350d1bd5bff4d5a53f37e1c220
spotbugs-annotations-4.9.6-sources.jar 075b2eed660c2fe2fb1ad1de028f8fdff5f358e25c1318706b95ab17bb28be44
spotbugs-annotations.jar 523d394a6b36174ad0a22f0c1c75b105ccff42869a8b7ce86e7fd339ca6f86ce
spotbugs-ant-4.9.6-javadoc.jar 9b510af8cd3a5c62560fe544b730ebf44cbb109e085fe526add155258612273c
spotbugs-ant-4.9.6-sources.jar 91477d93b1fd1bebae35d318427b5238fb458e726478dc1a8ac41ce74838a1e6
spotbugs-ant.jar 22f2fa397e86663adcd4828cc1c91e63aa6cc2bfc56832885b749a86fac5c784
spotbugs.jar 62a0def31899338200fc9013b4db8a8aedfc3536ca7d70d59038b092dfaa6819
test-harness-4.9.6-javadoc.jar bdcef7587312fb9a85d0d292623ea1a779bfe8b9a5e321d73bb8ad92ce79ed0a
test-harness-4.9.6-sources.jar 805d2d124b0d4ea513ee9262d4ad6027c3471d45defd80fd7d20e23425d17df7
test-harness-4.9.6.jar 0076a3bc9602c78d73edb048e625a96ee6a182fa3dd39300aa739af67b954189
test-harness-core-4.9.6-javadoc.jar 7d7a7d6944e7199e06384104b163c11145ed60dd567fefd9b788f3ac03770e18
test-harness-core-4.9.6-sources.jar 656579431db1b2714faeeca3c3d59426e2ffdfdb0725546b4090f993d2413eeb
test-harness-core-4.9.6.jar 66db286ae1dd056458c1e0303a8e2f81fe95a2c5d2888172a3ed17e993434bf1
test-harness-jupiter-4.9.6-javadoc.jar 8925836d7d1198ec223c4ff5118fd596278df4157d910eb767f7f312a7df8904
test-harness-jupiter-4.9.6-sources.jar 59bbb8581ed4bdd212a669d94ec363b6c1d6df9276a608359c66d7f0c1688279
test-harness-jupiter-4.9.6.jar 0582a99bdc66e24c7e36753014729149189fd27129ec5a2f38a8d67457bc9696

SpotBugs 4.9.5

CHANGELOG

Fixed

  • Fix for an error when a record method has the @SuppressFBWarnings annotation (#3622)
  • Fix SF_SWITCH_FALLTHROUGH false positive when continuing a loop (#3617)
  • CWO_CLOSED_WITHOUT_OPENED false positive (#3616)
  • SF_SWITCH_NO_DEFAULT false positive fix for switch-arrow (#3645)
  • Fix the issue with BCEL logging Duplicating value: ... (#3621)
  • Add missing jakarta support for servlets / pre/post destroy (#3694)

Added

  • Add 'java.nio.file.Path.of' to known types for path traversal checks (#3699)

Cleanup

  • S1481: Unused local variables should be removed (#3654)
  • Moved test libraries to jakarta namespace including switching off jsr305 where possible for jakarta.annotatoin (#3695)

CHECKSUM

| file | checksum (sha256) |

... (truncated)

Changelog

Sourced from com.github.spotbugs:spotbugs-annotations's changelog.

4.9.6 - 2025-09-16

Fixed

  • Fix exception throw when analyzing jakarta.servlet.http.HttpServletRequest method calls (#3711)

4.9.5 - 2025-09-14

Fixed

  • Fix for an error when a record method has the @SuppressFBWarnings annotation (#3622)
  • Fix SF_SWITCH_FALLTHROUGH false positive when continuing a loop (#3617)
  • CWO_CLOSED_WITHOUT_OPENED false positive (#3616)
  • SF_SWITCH_NO_DEFAULT false positive fix for switch-arrow (#3645)
  • Fix the issue with BCEL logging Duplicating value: ... (#3621)
  • Add missing jakarta support for servlets / pre/post destroy (#3694)

Added

  • Add 'java.nio.file.Path.of' to known types for path traversal checks (#3699)

Cleanup

  • S1481: Unused local variables should be removed (#3654)
  • Moved test libraries to jakarta namespace including switching off jsr305 where possible for jakarta.annotatoin (#3695)

4.9.4 - 2025-08-07

Changed

  • AnnotationMatcher can now ignore bugs if annotation is also applied on methods or fields. Previously only annotations on classes were considered.
  • Add relevant CWE ids to bugs and refer the CWEs in the bug messages (#3354).
  • Replace LOCAL_VARIABLE_UNKNOWN with exact method name for NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE (#3485)

Fixed

  • Widen main method recognition according to JEP 445. (#3371)
  • Do not report US_USELESS_SUPPRESSION_ON_* on methods, fields, parameters, packages or classes with an *.Generated annotation with retention >= class (#3350)(#3409)
  • Rewrite some member in ResourceValueFrame.java to Enum (#2061)
  • Ignore non-interpreted text when looking for FS_BAD_DATE_FORMAT_FLAG_COMBO (#3387)
  • Fix IllegalArgumentException thrown from FindNoSideEffectMethods detector (#3320)
  • Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when part of a Mockito doAnswer(), doCallRealMethod(), doNothing(), doThrow() or doReturn() call (#3334)
  • Fix CT_CONSTRUCTOR_THROW false positive with public and private constructors in specific order of methods (#3417)
  • Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE, AT_NONATOMIC_64BIT_PRIMITIVE and AT_STALE_THREAD_WRITE_OF_PRIMITIVE FP when the relevant code is in private method, which is only called with proper synchronization (#3428)
  • Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when part of a BDDMockito call (#3441)
  • Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE when field of a local variable is set. (#3459)
  • Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE FP when there was no compound operation (#3363)
  • Fix NM_FIELD_NAMING_CONVENTION crash in the TestASM detector (#3489)
  • Do not report UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for fields initialized in JUnit 3/4 setUp() method. (#3169)
  • Fix US_USELESS_SUPPRESSION_ON_FIELD/UUF_UNUSED_FIELD false positive (#3496)
  • Make the osgi manifest of the annotations jar Java 8 compatible (#3498) (#3500)
  • TextUICommandLine supports all options encoded in Eclipse preferences file (#3520)
  • Unnecessary suppressions fix for records headers (#3471)
  • Dead store fix when switch case contains loops (#3530) (#3449)
  • Consider PUTFIELD and PUTSTATIC when looking for assertions with side effects (#3463)
  • Detect cases when equals() unconditionally returns true or false (#3528)
  • Do not report that an Iterator does not throw NoSuchElementException when hasNext() returns true (#3501)
  • Detect random value cast to int when stored in temporary variable (#3461)
  • Look for interfaces default methods when searching uncalled private methods (#1988)

... (truncated)

Commits
  • aa3a737 release v4.9.6
  • 7d37faa chore(build): Temporarily remove the publish part
  • 923f053 chore(docs): Minor syntax
  • d662709 chore(build): Rework the bin/hub to gh replacement
  • 95470b8 prepare for next release
  • 71e3706 release v4.9.6
  • 68013c0 chore(Build): Rename as yaml extensions, use gh, and update conf versions (#3...
  • 9f0ec12 chore: Use proper import (#3716)
  • 6f81754 chore(deps): update plugin com.gradle.develocity to v4.2 (#3714)
  • 1f1fd68 Fix exception throw when analyzing jakarta.servlet.http.HttpServletRequest ...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump com.github.spotbugs:spotbugs-annotations from 4.9.3 to 4.9.6
9a0c474 
Bumps [com.github.spotbugs:spotbugs-annotations](https://github.com/spotbugs/spotbugs) from 4.9.3 to 4.9.6.
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](spotbugs/spotbugs@4.9.3...4.9.6)

---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs-annotations
  dependency-version: 4.9.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Oct 1, 2025
@dependabot dependabot bot requested a review from a team as a code owner October 1, 2025 05:04
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Oct 1, 2025
@github-actions github-actions bot enabled auto-merge (squash) October 1, 2025 05:08
@github-actions github-actions bot merged commit c8a1e9e into main Oct 1, 2025
10 checks passed
@github-actions github-actions bot deleted the dependabot/gradle/com.github.spotbugs-spotbugs-annotations-4.9.6 branch October 1, 2025 05:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants