solrbot opened a new pull request, #3039: URL: https://github.com/apache/solr/pull/3039
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [com.github.spotbugs:spotbugs-annotations](https://spotbugs.github.io/) ([source](https://redirect.github.com/spotbugs/spotbugs)) | dependencies | minor | `4.8.6` -> `4.9.0` | --- ### Release Notes <details> <summary>spotbugs/spotbugs (com.github.spotbugs:spotbugs-annotations)</summary> ### [`v4.9.0`](https://redirect.github.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#490---2025-01-15) [Compare Source](https://redirect.github.com/spotbugs/spotbugs/compare/4.8.6...4.9.0) ##### Added - Updated the `SuppressFBWarnings` annotation to support finer grained bug suppressions ([#​3102](https://redirect.github.com/spotbugs/spotbugs/pull/3102)) - SimpleDateFormat, DateTimeFormatter, FastDateFormat string check for bad combinations of flag formatting ([#​637](https://redirect.github.com/spotbugs/spotbugs/issues/637)) - New detector `ResourceInMultipleThreadsDetector` and introduced new bug type: - `AT_UNSAFE_RESOURCE_ACCESS_IN_THREAD` is reported in case of unsafe resource access in multiple threads. ##### Fixed - Do not consider Records as Singletons ([#​2981](https://redirect.github.com/spotbugs/spotbugs/issues/2981)) - Keep a maximum of 10000 cached analysis entries for plugin's analysis engines ([#​3025](https://redirect.github.com/spotbugs/spotbugs/pull/3025)) - Only report `MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT` when calling own methods ([#​2957](https://redirect.github.com/spotbugs/spotbugs/issues/2957)) - Check the actual caught exceptions (instead of their common type) when analyzing multi-catch blocks ([#​2968](https://redirect.github.com/spotbugs/spotbugs/issues/2968)) - System property `findbugs.refcomp.reportAll` is now being used. For some new conditions, it will emit an experimental warning ([#​2988](https://redirect.github.com/spotbugs/spotbugs/pull/2988)) - `-version` flag prints the version to the standard output ([#​2797](https://redirect.github.com/spotbugs/spotbugs/issues/2797)) - Revert the changes from ([#​2894](https://redirect.github.com/spotbugs/spotbugs/pull/2894)) to get HTML stylesheets to work again ([#​2969](https://redirect.github.com/spotbugs/spotbugs/issues/2969)) - Fix FP `SING_SINGLETON_GETTER_NOT_SYNCHRONIZED` report when the synchronization is in a called method ([#​3045](https://redirect.github.com/spotbugs/spotbugs/issues/3045)) - Let `BetterCFGBuilder2.isPEI` handle `dup2` bytecode used by Spring AOT ([#​3059](https://redirect.github.com/spotbugs/spotbugs/issues/3059)) - Detect failure to close RocksDB's ReadOptions ([#​3069](https://redirect.github.com/spotbugs/spotbugs/issues/3069)) - Fix FP `EI_EXPOSE_REP` when there are multiple immutable assignments ([#​3023](https://redirect.github.com/spotbugs/spotbugs/issues/3023)) - Fixed false positive `NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR` for Kotlin, handle Kotlin's `Intrinsics.checkNotNullParameter()` ([#​3094](https://redirect.github.com/spotbugs/spotbugs/issues/3094)) - Fixed some CWE mappings ([#​3124](https://redirect.github.com/spotbugs/spotbugs/pull/3124)) - Recognize some classes as immutable, fixing EI_EXPOSE and MS_EXPOSE FPs ([#​3137](https://redirect.github.com/spotbugs/spotbugs/pull/3137)) - Do not report UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for fields initialized in method annotated with TestNG's [@​BeforeClass](https://redirect.github.com/BeforeClass). ([#​3152](https://redirect.github.com/spotbugs/spotbugs/issues/3152)) - Fixed detector `FindReturnRef` not finding references exposed from nested and inner classes ([#​2042](https://redirect.github.com/spotbugs/spotbugs/issues/2042)) - Fix call graph, include non-parametric void methods ([#​3160](https://redirect.github.com/spotbugs/spotbugs/pull/3160)) - Fix multiple reporting of identical bugs messing up statistics ([#​3185](https://redirect.github.com/spotbugs/spotbugs/issues/3185)) - Added missing comma between line number and confidence when describing matching and mismatching bugs for tests ([#​3187](https://redirect.github.com/spotbugs/spotbugs/pull/3187)) - Fixed method matchers with array types ([#​3203](https://redirect.github.com/spotbugs/spotbugs/issues/3203)) - Fix SARIF report's message property in Exception to meet the standard ([#​3197](https://redirect.github.com/spotbugs/spotbugs/issues/3197)) - Fixed `FI_FINALIZER_NULLS_FIELDS` FPs for functions called finalize() but not with the correct signature. ([#​3207](https://redirect.github.com/spotbugs/spotbugs/issues/3207)) - Fixed an error in the detection of bridge methods causing analysis crashes ([#​3208](https://redirect.github.com/spotbugs/spotbugs/issues/3208)) - Fixed detector `ThrowingExceptions` by removing false positive reports, such as synthetic methods (lambdas), methods which inherited their exception specifications and methods which call throwing methods ([#​2040](https://redirect.github.com/spotbugs/spotbugs/issues/2040)) - Do not report `DP_DO_INSIDE_DO_PRIVILEGED`, `DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED` and `USC_POTENTIAL_SECURITY_CHECK_BASED_ON_UNTRUSTED_SOURCE` in code targeting Java 17 and above, since it advises the usage of deprecated method ([#​1515](https://redirect.github.com/spotbugs/spotbugs/issues/1515)). - Fixed a `RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT` false positive for a builder delegating to another builder ([#​3235](https://redirect.github.com/spotbugs/spotbugs/issues/3235)) ##### Cleanup - Cleanup thread issue and regex issue in test-harness ([#​3130](https://redirect.github.com/spotbugs/spotbugs/issues/3130)) - Remove extra blank lines and remove public from interface objects as inherently already public ([#​3131](https://redirect.github.com/spotbugs/spotbugs/issues/3131)) - Fix order of modifiers on properties/methods and ensure correct location in file ([#​3132](https://redirect.github.com/spotbugs/spotbugs/issues/3132), [#​3177](https://redirect.github.com/spotbugs/spotbugs/pull/3177)) - Return objects directly instead of creating more garbage collection by defining them ([#​3133](https://redirect.github.com/spotbugs/spotbugs/pull/3133), [#​3175](https://redirect.github.com/spotbugs/spotbugs/pull/3175)) - Restrict the constructor of abstract classes visibility to protected ([#​3178](https://redirect.github.com/spotbugs/spotbugs/pull/3178)) - Cleanup double initialization and fix comments referring to findbugs instead of spotbugs([#​3134](https://redirect.github.com/spotbugs/spotbugs/issues/3134)) - Use diamond operator in constructor calls of Collections ([#​3176](https://redirect.github.com/spotbugs/spotbugs/pull/3176)) - Use `Collection.isEmpty()` or `String.isEmpty()` to test for emptiness ([#​3180](https://redirect.github.com/spotbugs/spotbugs/pull/3180), [#​3219](https://redirect.github.com/spotbugs/spotbugs/pull/3219)) - Use method references instead of lambdas where possible ([#​3179](https://redirect.github.com/spotbugs/spotbugs/pull/3179)) - Move default clauses to the end of switches ([#​3222](https://redirect.github.com/spotbugs/spotbugs/pull/3222)) - Remove unnecessary throws declarations ([#​3220](https://redirect.github.com/spotbugs/spotbugs/pull/3220)) - Use `Boolean.parseBoolean()` for string-to-boolean conversion. ([#​3217](https://redirect.github.com/spotbugs/spotbugs/pull/3217)) - Rename shadowing fields ([#​3221](https://redirect.github.com/spotbugs/spotbugs/pull/3221)) - Combine catch blocks with the same body ([#​3223](https://redirect.github.com/spotbugs/spotbugs/pull/3223)) - Merge conditions of nested ifs ([#​3231](https://redirect.github.com/spotbugs/spotbugs/pull/3231)) - Use non deprecated 'getDottedClassName' instead of 'toDottedClassName'([#​3251](https://redirect.github.com/spotbugs/spotbugs/pull/3251)) - Use try with resources where possible ([#​3253](https://redirect.github.com/spotbugs/spotbugs/pull/3253)) ##### Changed - Bump up Java version to 11 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "* * * * *" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. â™» **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/solrbot/renovate-github-action) <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xMjQuMSIsInVwZGF0ZWRJblZlciI6IjM4LjEyNC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org For additional commands, e-mail: issues-h...@solr.apache.org
