Bump spotbugs-annotations from 4.3.0 to 4.4.1

[dependabot]

Bumps spotbugs-annotations from 4.3.0 to 4.4.1.

Release notes

Sourced from spotbugs-annotations's releases.

SpotBugs 4.4.1

CHANGELOG

• https://github.com/spotbugs/spotbugs/blob/4.4.1/CHANGELOG.md

CHECKSUM

file	checksum (sha256)
spotbugs-4.4.1-javadoc.jar	7021a519365315a5fc0f98a0d2c3ed2b73eb20e61baf5b937453b6d085fa02ef
spotbugs-4.4.1-sources.jar	4e6f932cf21f826d30873b0d51c250d5fc5307fd177ec782d38d82f1019c711d
spotbugs-4.4.1.tgz	341873c7c4a73508aca6f32f03339aad38c926703accb2e799b5b632b0832bd9
spotbugs-4.4.1.zip	414152869130c22646ff0e6898bba09e9e20d6ade87eeebe912e645b578b9385
spotbugs-annotations-4.4.1-javadoc.jar	cd290d907c4ab7a0ef0fcdacbe9059d8fa15a9de2b98f6ab9f5e02625f9ef557
spotbugs-annotations-4.4.1-sources.jar	b338136e3e82d585348cde58a8fe3a678e16f51a35c31c1463e05fefef557aad
spotbugs-annotations.jar	fa5d3b17d585868c74c0e25b3c57c17282f9a3328c73ea5259bfd9ac99c6933a
spotbugs-ant-4.4.1-javadoc.jar	eb5600fbe8c01fb9d2f0bf33a079ba7f60ca1ffd0fc41bb7f21a1728d7823e9b
spotbugs-ant-4.4.1-sources.jar	c74dec42c0ed0dd1ae02a7410d8e0f0dbbee23e8e7da4a21910863677fcdbc8e
spotbugs-ant.jar	9233e48d37882ae4e7a42e9f42ef4c63d6f802cf8f3b03ba575bee26e5032367
spotbugs.jar	48c53d2fdefbcd7292a05e23b50dbaab29047e3c87096e5129e4e7a627c354a3
test-harness-4.4.1-javadoc.jar	01c8e43294e9c2a394dcdb5224441e65bc9023a414efcd974b7af92ce10ce60a
test-harness-4.4.1-sources.jar	2c1f5ef929453f3b682c7eb7c1e22db3082b5f74c5a5be439be5dc31dd7a31aa
test-harness-4.4.1.jar	55d3a590b81ffec48293a76c45c0695914b405bf9f02bfb930e3ab99b5867d4f
test-harness-core-4.4.1-javadoc.jar	74b76f75cb4e4a8504d6ff09ca8fcff6d0dba19b24979998ae214b230e44c018
test-harness-core-4.4.1-sources.jar	f320f5eb4069e9686b760b2a6a0760989753225f9e9ce1226e3258ec64795d8a
test-harness-core-4.4.1.jar	cbec03867e077079d011e85f9932fb230fae3d909f741cffaa4c8097e91fdf40
test-harness-jupiter-4.4.1-javadoc.jar	ad8111b37ab5ff2d33415fbb8bd559526259f316028a4129182a98e5966631e8
test-harness-jupiter-4.4.1-sources.jar	210353a57016e26b1a654d936a15f039613fa1ac532d485c1b1d03902f6c6315
test-harness-jupiter-4.4.1.jar	17e8d78d1868f86e63f3e5e3d878e86f3d7fb1b8cf1a8d5f893333c982bfd3e2

SpotBugs 4.4.0

CHANGELOG

• https://github.com/spotbugs/spotbugs/blob/4.4.0/CHANGELOG.md

CHECKSUM

file	checksum (sha256)
spotbugs-4.4.0-javadoc.jar	c25c0a3056ccf1ce9ae4c182ab73f6c9626d9031a30bf48857941d6c56ba3cc7
spotbugs-4.4.0-sources.jar	7b9b931b258f1db321fc5fb2e00946594dea976ad51a79a7f3ae48cac17d6c6e
spotbugs-4.4.0.tgz	126b952cf248c92fbb7ba07462a71b3400bd1726fed96e179d8a50edd3e40745
spotbugs-4.4.0.zip	f5f8b9aba1f3c87a508fbcb6045dcdc748e1ca4ce16803d6676417c9d82fb862
spotbugs-annotations-4.4.0-javadoc.jar	33a7ccc8917b9c5d2a6b133dceb5b212c0079986232a876471df4d7eb843bc8a
spotbugs-annotations-4.4.0-sources.jar	b338136e3e82d585348cde58a8fe3a678e16f51a35c31c1463e05fefef557aad
spotbugs-annotations.jar	383fe580c90e1fea94a3387a8245e096beb792efdca7e04a0bbb4a8cbb81dea2
spotbugs-ant-4.4.0-javadoc.jar	da10c9d3273d4367d8c940eec20e2799eba9ae54b920c506478236c241b75a55
spotbugs-ant-4.4.0-sources.jar	c74dec42c0ed0dd1ae02a7410d8e0f0dbbee23e8e7da4a21910863677fcdbc8e
spotbugs-ant.jar	9233e48d37882ae4e7a42e9f42ef4c63d6f802cf8f3b03ba575bee26e5032367
spotbugs.jar	eb02e80126a4cdfb997fe90a1a2c6ff128b114cc7daab77ed3a773bef3adc2ca
test-harness-4.4.0-javadoc.jar	4aee854334bb0dbcfd4697443abc0594a96c8c7db12e9e5408839fad4bf75162
test-harness-4.4.0-sources.jar	2c1f5ef929453f3b682c7eb7c1e22db3082b5f74c5a5be439be5dc31dd7a31aa
test-harness-4.4.0.jar	55d3a590b81ffec48293a76c45c0695914b405bf9f02bfb930e3ab99b5867d4f
test-harness-core-4.4.0-javadoc.jar	76c8694c8051dbc3f5e989448f3746f6da5374e24db22a022b5c2ffe73336f01

... (truncated)

Changelog

Sourced from spotbugs-annotations's changelog.

4.4.1 - 2021-09-07

Changed

• Bump gson from 2.8.7 to 2.8.8 (#1658)
• Lower ExitCodes logger to debug level (#1661)
• Fixed SARIF format to be compatible with Github code scanning API requirements (#1630)

Fixed

• Fixed immutable classes in java.net.* as being flagged as EI (#1653
• Classes containing only static methods with setter-like names are no longer considered as mutable (#1601)
• Handle all immutable collections in the Guava library as immutable (#1601)
• Classes annotated with @​Immutable or @​jdk.internal.ValueBased are considered as immutable (#1601)
• All classes in packages java.time and java.math are now correctly handled as immutable (#1601)

4.4.0 - 2021-08-12

Fixed

• Fixed False positives for RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE (#600 and #1338)
• Inconsistent bug description on EQ_COMPARING_CLASS_NAMES (#1523)
• Add a declaration of charset encoding in generated reports (#1623)
• Fixed regression in Bug Info view for Eclipse 2021-03+ (#1477)

Added

• New detector FindBadEndOfStreamCheck for new bug type EOS_BAD_END_OF_STREAM_CHECK. This bug is reported whenever the return value of java.io.FileInputStream.read() or java.io.FileReader.read() is first converted to byte/int and only thereafter checked against -1. (See SEI CERT rule FIO08-J)

Commits

• fca3406 build: set group even to the root project
• 8da7825 release v4.4.1
• 69a2ae8 build(deps): bump com.github.spotbugs from 4.7.3 to 4.7.4
• 9d2884d Add field "text" to the object message in result (SARIF) (#1631)
• 3a111bc Classes annotated with @​Immutable or @​jdk.internal.ValueBased are considered ...
• e0966ca Consider all classes in java.time and java.math as immutable
• aa7717d build(deps): bump com.diffplug.spotless from 5.14.3 to 5.15.0
• aed3659 build(deps): bump checker-qual from 3.17.0 to 3.18.0
• e338ed0 Add the Guava immutable collections to the set of immutable classes
• 2f09b4b Exclude static methods from setter-like methods when considering a class as i...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #208.