Bump com.github.spotbugs:spotbugs-maven-plugin from 4.9.4.0 to 4.9.4.2

[dependabot]

Bumps com.github.spotbugs:spotbugs-maven-plugin from 4.9.4.0 to 4.9.4.2.

Release notes

Sourced from com.github.spotbugs:spotbugs-maven-plugin's releases.

Spotbugs Maven Plugin 4.9.4.2

Consumer

• Add support for 'chooseVisitors'
• Minor code cleanup
• Still supports spotbugs 4.9.4

Producer

• Remove add opens from jvm.config as no longer needed

Spotbugs Maven Plugin 4.9.4.1

Consumer

• Cleanup readme to better support plugin
• Dropped direct usage of plexus utils and commons io
• Groovy 5 now run engine
• Correct issue since 4.9.2.0 resulting in most runs getting spotbugs.html file incorrectly. This has been refactored to restore doxia 1 overrides to produce xml report only when not running in site lifecycle
• Correct defects with handling of various files on disk such as exclusion filters that were introduced into 4.9.4.0. Integration tests have been applied to prevent future regression.
• Commons io fileutils replaced by files.walk with detailed output moved to debug collection only rather than all runs
• Normalization of path to linux style
• Any regex usage is now precompiled
• Use re-entrant lock for source indexer
• Correct locale usage to use default if not given
• Block doctype and XXE when processing xml files
• Cleanup some fields from resources and in code never used

Producer

• Pin versions of github actions tools
• Run maven 3.6.3 integration test on windows to get more broad support
• Run maven integration test on mac to get more broad support
• Maven 4 integration tests will continue on linux
• Fix maven wrapper perceived path traversal issue
• Corrections to invoker to re-establish integration test verification's
• Fix bugs in integration tests
• Better secure xml usage in integration tests
• Cleanup integration test warnings
• Make sure transfer of artifacts is correctly disabled on integration tests

Commits

• 111fc3e [maven-release-plugin] prepare release spotbugs-maven-plugin-4.9.4.2
• 4c26dca [pom] Bump base-parent to 54 getting changelog turned off until maven fixes
• ba7e239 Merge pull request #1199 from spotbugs/renovate/github-codeql-action-digest
• d57c072 Update github/codeql-action digest to f1f6e5f
• 09a1816 Merge pull request #1198 from JuditKnoll/cleanup
• 7b2abe6 remove unnecessary public visibility modifiers from functions
• b25f847 make methods static when possible
• f713848 remove unnecessary semicolons from groovy files
• 0cb89f2 Merge pull request #1196 from JuditKnoll/choosevisitors
• 6ceadf8 Merge pull request #1197 from hazendaz/master
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

☀️   Quality Monitor

Tests

     Unit Tests: 100% successful (86 passed, 2 skipped)
   ⛔   Architecture Tests: 100% successful (17 passed, 2 skipped)

Code Coverage

   〰️   Line Coverage: 92% (61 missed lines)
   ➰   Branch Coverage: 91% (19 missed branches)

Mutation Coverage

     Mutation Coverage: 80% (80 survived mutations)
   💪   Test Strength: 85% (58 survived mutations in tested code)

Style

     CheckStyle: No warnings
     PMD: No warnings

Bugs

     SpotBugs: No bugs
   🐛   Error Prone: No bugs

API Problems

   🚫   Revapi: No warnings

Vulnerabilities

   🛡️   OWASP Dependency Check: No vulnerabilities

Software Metrics

   🌀   Cyclomatic Complexity: 376 (total)
   💭   Cognitive Complexity: 173 (total)
   ➿   N-Path Complexity: 340 (total)
   📏   Lines of Code: 4270 (total)
   📝   Non Commenting Source Statements: 1257 (total)
   🔗   Class Cohesion: 71.43% (maximum)
   ⚖️   Weight of Class: 100.00% (maximum)

🚦 Quality Gates

Overall Status: ✅ SUCCESS

✅ Passed Gates

• ✅ Tests Success Rate: 100.00 >= 100.00
• ✅ Line Coverage: 92.00 >= 80.00
• ✅ Branch Coverage: 91.00 >= 80.00
• ✅ Potential Bugs: 0.00 <= 0.00
• ✅ Style Violations: 0.00 <= 0.00

---

Created by Quality Monitor v3.2.0 (#a3f5b8b). More details are shown in the GitHub Checks Result.