Skip to content

chore(deps): Bump com.github.spotbugs:spotbugs-annotations from 4.9.3 to 4.9.5 in /pbj-core/hiero-dependency-versions #611

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

chore(deps): Bump com.github.spotbugs:spotbugs-annotations from 4.9.3 to 4.9.5 in /pbj-core/hiero-dependency-versions #611

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 15, 2025

Bumps com.github.spotbugs:spotbugs-annotations from 4.9.3 to 4.9.5.

Release notes

Sourced from com.github.spotbugs:spotbugs-annotations's releases.

SpotBugs 4.9.5

CHANGELOG

Fixed

  • Fix for an error when a record method has the @SuppressFBWarnings annotation (#3622)
  • Fix SF_SWITCH_FALLTHROUGH false positive when continuing a loop (#3617)
  • CWO_CLOSED_WITHOUT_OPENED false positive (#3616)
  • SF_SWITCH_NO_DEFAULT false positive fix for switch-arrow (#3645)
  • Fix the issue with BCEL logging Duplicating value: ... (#3621)
  • Add missing jakarta support for servlets / pre/post destroy (#3694)

Added

  • Add 'java.nio.file.Path.of' to known types for path traversal checks (#3699)

Cleanup

  • S1481: Unused local variables should be removed (#3654)
  • Moved test libraries to jakarta namespace including switching off jsr305 where possible for jakarta.annotatoin (#3695)

CHECKSUM

file checksum (sha256)
spotbugs-4.9.5-javadoc.jar e615f45f056f39d543f0b35b2e855755c332cdf70b2ae9d3317d8d92bdf1ba14
spotbugs-4.9.5-sources.jar 3d8bf289f16288d9e5412a4dc3b8ce36cf035edbddc5b0bca0e979990bec5a95
spotbugs-4.9.5.tgz 6c55c38f28a76dd11946117c175a520fbbc0abdfe6e62fdc3291fe449e8e3202
spotbugs-4.9.5.zip 064da05951ca2d93a54bef9990b0d61328fa681a3e026cab99ad850edf945204
spotbugs-annotations-4.9.5-javadoc.jar 6d5865f18b091eef7349c1557c24d30e3ad8bb05666cd76b3a00d1debdd4424a
spotbugs-annotations-4.9.5-sources.jar 075b2eed660c2fe2fb1ad1de028f8fdff5f358e25c1318706b95ab17bb28be44
spotbugs-annotations.jar 946451cdd75fd3c5a99d5ed8d783a9eb0dbf4f570c10b7b8f8473f381a47b03d
spotbugs-ant-4.9.5-javadoc.jar 05582d9d6671cc7ef96d8fe384fe6dc120a1e3a1e96e412984862ded945d6a87
spotbugs-ant-4.9.5-sources.jar 91477d93b1fd1bebae35d318427b5238fb458e726478dc1a8ac41ce74838a1e6
spotbugs-ant.jar 22f2fa397e86663adcd4828cc1c91e63aa6cc2bfc56832885b749a86fac5c784
spotbugs.jar 50f0f825d184e6843bca36a3c55a61e5e99f852ec7063b5f21a15c420cb4d0a3
test-harness-4.9.5-javadoc.jar 9c6b872bfeb5ac1e7078da2a26ff2816a690f4e728219b619d7c47f4092f9947
test-harness-4.9.5-sources.jar 805d2d124b0d4ea513ee9262d4ad6027c3471d45defd80fd7d20e23425d17df7
test-harness-4.9.5.jar 0076a3bc9602c78d73edb048e625a96ee6a182fa3dd39300aa739af67b954189
test-harness-core-4.9.5-javadoc.jar f371500e18eeb0c3fe5318d741800e125741efe558234550d2951601ef07b195
test-harness-core-4.9.5-sources.jar 656579431db1b2714faeeca3c3d59426e2ffdfdb0725546b4090f993d2413eeb
test-harness-core-4.9.5.jar 66db286ae1dd056458c1e0303a8e2f81fe95a2c5d2888172a3ed17e993434bf1
test-harness-jupiter-4.9.5-javadoc.jar aa21348a1bbab2fb65bf19dbeb9a884eeb5223c9f9395b29636802fab32d2e52
test-harness-jupiter-4.9.5-sources.jar 59bbb8581ed4bdd212a669d94ec363b6c1d6df9276a608359c66d7f0c1688279
test-harness-jupiter-4.9.5.jar 0582a99bdc66e24c7e36753014729149189fd27129ec5a2f38a8d67457bc9696

SpotBugs 4.9.4

CHANGELOG

Changed

  • AnnotationMatcher can now ignore bugs if annotation is also applied on methods or fields. Previously only annotations on classes were considered.
  • Add relevant CWE ids to bugs and refer the CWEs in the bug messages (#3354).
  • Replace LOCAL_VARIABLE_UNKNOWN with exact method name for NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE (#3485)

Fixed

  • Widen main method recognition according to JEP 445. (#3371)

... (truncated)

Changelog

Sourced from com.github.spotbugs:spotbugs-annotations's changelog.

4.9.5 - 2025-09-14

Fixed

  • Fix for an error when a record method has the @SuppressFBWarnings annotation (#3622)
  • Fix SF_SWITCH_FALLTHROUGH false positive when continuing a loop (#3617)
  • CWO_CLOSED_WITHOUT_OPENED false positive (#3616)
  • SF_SWITCH_NO_DEFAULT false positive fix for switch-arrow (#3645)
  • Fix the issue with BCEL logging Duplicating value: ... (#3621)
  • Add missing jakarta support for servlets / pre/post destroy (#3694)

Added

  • Add 'java.nio.file.Path.of' to known types for path traversal checks (#3699)

Cleanup

  • S1481: Unused local variables should be removed (#3654)
  • Moved test libraries to jakarta namespace including switching off jsr305 where possible for jakarta.annotatoin (#3695)

4.9.4 - 2025-08-07

Changed

  • AnnotationMatcher can now ignore bugs if annotation is also applied on methods or fields. Previously only annotations on classes were considered.
  • Add relevant CWE ids to bugs and refer the CWEs in the bug messages (#3354).
  • Replace LOCAL_VARIABLE_UNKNOWN with exact method name for NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE (#3485)

Fixed

  • Widen main method recognition according to JEP 445. (#3371)
  • Do not report US_USELESS_SUPPRESSION_ON_* on methods, fields, parameters, packages or classes with an *.Generated annotation with retention >= class (#3350)(#3409)
  • Rewrite some member in ResourceValueFrame.java to Enum (#2061)
  • Ignore non-interpreted text when looking for FS_BAD_DATE_FORMAT_FLAG_COMBO (#3387)
  • Fix IllegalArgumentException thrown from FindNoSideEffectMethods detector (#3320)
  • Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when part of a Mockito doAnswer(), doCallRealMethod(), doNothing(), doThrow() or doReturn() call (#3334)
  • Fix CT_CONSTRUCTOR_THROW false positive with public and private constructors in specific order of methods (#3417)
  • Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE, AT_NONATOMIC_64BIT_PRIMITIVE and AT_STALE_THREAD_WRITE_OF_PRIMITIVE FP when the relevant code is in private method, which is only called with proper synchronization (#3428)
  • Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when part of a BDDMockito call (#3441)
  • Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE when field of a local variable is set. (#3459)
  • Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE FP when there was no compound operation (#3363)
  • Fix NM_FIELD_NAMING_CONVENTION crash in the TestASM detector (#3489)
  • Do not report UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for fields initialized in JUnit 3/4 setUp() method. (#3169)
  • Fix US_USELESS_SUPPRESSION_ON_FIELD/UUF_UNUSED_FIELD false positive (#3496)
  • Make the osgi manifest of the annotations jar Java 8 compatible (#3498) (#3500)
  • TextUICommandLine supports all options encoded in Eclipse preferences file (#3520)
  • Unnecessary suppressions fix for records headers (#3471)
  • Dead store fix when switch case contains loops (#3530) (#3449)
  • Consider PUTFIELD and PUTSTATIC when looking for assertions with side effects (#3463)
  • Detect cases when equals() unconditionally returns true or false (#3528)
  • Do not report that an Iterator does not throw NoSuchElementException when hasNext() returns true (#3501)
  • Detect random value cast to int when stored in temporary variable (#3461)
  • Look for interfaces default methods when searching uncalled private methods (#1988)
  • Fixed field self assignment false positive (#2258)
  • Fixed DMI_INVOKING_TOSTRING_ON_ARRAY on newer JDK (#1147)
  • Fix NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE false positive with Objects.requireNonNull (#2965) (#3573)
  • Track inner classes access methods to correctly report the bugs (#2029)

... (truncated)

Commits
  • 4c0531d release v4.9.5
  • 3e3cd53 chore: Cleanup improper regex usage on replaceAll with replace (#3704)
  • fe5205c chore(deps): update plugin com.github.spotbugs to v6.4.0 (#3703)
  • b1e8fed fix: Correct file handling and potential leaks (#3701)
  • 24f2035 chore: Use Java 11 Path.of instead of Paths.get (#3699)
  • 81cd5c7 Use modifiers in correct order (#3700)
  • 2d7e1b2 ci: formatting (#3698)
  • a46e49a chore: Minor code cleanup in eclipse plugin (#3697)
  • e945b7b ci: Fix comment in build file about spotbugs annotations as they are not rebu...
  • 6013c61 chore: Move spotbugs tests to jakarta (#3695)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): Bump com.github.spotbugs:spotbugs-annotations
53e9e75 
Bumps [com.github.spotbugs:spotbugs-annotations](https://github.com/spotbugs/spotbugs) from 4.9.3 to 4.9.5.
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](spotbugs/spotbugs@4.9.3...4.9.5)

---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs-annotations
  dependency-version: 4.9.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Sep 15, 2025
@dependabot dependabot bot requested review from a team as code owners September 15, 2025 12:28
@dependabot dependabot bot added the java Pull requests that update Java code label Sep 15, 2025
@dependabot dependabot bot requested a review from a team as a code owner September 15, 2025 12:28
@dependabot dependabot bot requested a review from rbarker-dev September 15, 2025 12:28
@dependabot dependabot bot mentioned this pull request Sep 15, 2025
Closed
@github-actions
Copy link

github-actions bot commented Sep 15, 2025

JUnit Test Report

   77 files  ±0     77 suites  ±0   3m 51s ⏱️ -10s
1 328 tests ±0  1 324 ✅ ±0   4 💤 ±0  0 ❌ ±0 
7 185 runs  ±0  7 165 ✅ ±0  20 💤 ±0  0 ❌ ±0 

Results for commit 53e9e75. ± Comparison against base commit aab7528.

This pull request removes 8 and adds 7 tests. Note that renamed tests count towards both. 
, 1
com.hedera.pbj.runtime.ProtoWriterToolsTest ‑ [1] FLOAT, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c04479f0@15c3585, [0.1, 0.5, 100.0], 12, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c0447c00@5b86f4cb
com.hedera.pbj.runtime.ProtoWriterToolsTest ‑ [1] STRING, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c0454a60@912a644, [string 1, testing here, testing there], com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c0454c70@478cc5f1
com.hedera.pbj.runtime.ProtoWriterToolsTest ‑ [2] BYTES, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c0454e80@37d3e740, [010203, ff7f0f, 42da07370bff], com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c0455090@5afba80c
com.hedera.pbj.runtime.ProtoWriterToolsTest ‑ [2] DOUBLE, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c044c000@630e5010, [0.1, 0.5, 100.0, 1.7653472635472653E240], 32, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c044c210@10b5ff4d
com.hedera.pbj.runtime.ProtoWriterToolsTest ‑ [3] BOOL, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c044c420@222eda8a, [true, false, false, true, true, true], 6, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c044c630@3331800f
com.hedera.pbj.runtime.ProtoWriterToolsTest ‑ [4] ENUM, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c044c840@4edd8a0a, [Mock for EnumWithProtoMetadata, hashCode: 1678404939, Mock for EnumWithProtoMetadata, hashCode: 1161255903, Mock for EnumWithProtoMetadata, hashCode: 1049618395], 3, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c044ca50@1701beb3
com.hedera.pbj.runtime.Utf8ToolsTest ‑ [4] 

com.hedera.pbj.runtime.ProtoWriterToolsTest ‑ [1] FLOAT, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c044c638@468646ea, [0.1, 0.5, 100.0], 12, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c044c848@4056cdb2
com.hedera.pbj.runtime.ProtoWriterToolsTest ‑ [1] STRING, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c04556c0@245b0bd7, [string 1, testing here, testing there], com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c04558d0@3bf41cd0
com.hedera.pbj.runtime.ProtoWriterToolsTest ‑ [2] BYTES, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c0455ae0@c4ca86a, [010203, ff7f0f, 42da07370bff], com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c0455cf0@7e741d6b
com.hedera.pbj.runtime.ProtoWriterToolsTest ‑ [2] DOUBLE, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c044ca58@58835bba, [0.1, 0.5, 100.0, 1.7653472635472653E240], 32, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c044cc68@222eda8a
com.hedera.pbj.runtime.ProtoWriterToolsTest ‑ [3] BOOL, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c044ce78@c414eb3, [true, false, false, true, true, true], 6, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c044d088@4edd8a0a
com.hedera.pbj.runtime.ProtoWriterToolsTest ‑ [4] ENUM, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c044d298@257d3968, [Mock for EnumWithProtoMetadata, hashCode: 901087828, Mock for EnumWithProtoMetadata, hashCode: 1659209382, Mock for EnumWithProtoMetadata, hashCode: 1687194297], 3, com.hedera.pbj.runtime.ProtoWriterToolsTest$$Lambda/0x00000007c044d4a8@4c599679
com.hedera.pbj.runtime.Utf8ToolsTest ‑ [4] 
, 1

@github-actions
Copy link

github-actions bot commented Sep 15, 2025

Integration Test Report

    404 files  ±0      404 suites  ±0   16m 47s ⏱️ - 1m 40s
114 835 tests ±0  114 835 ✅ ±0  0 💤 ±0  0 ❌ ±0 
115 076 runs  ±0  115 076 ✅ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit 53e9e75. ± Comparison against base commit aab7528.

This pull request removes 3 and adds 3 tests. Note that renamed tests count towards both. 
com.hedera.pbj.integration.test.ParserNeverWrapsTest ‑ [1] com.hedera.pbj.integration.test.ParserNeverWrapsTest$$Lambda/0x00007f7d74b14e68@4b7619dd
com.hedera.pbj.integration.test.ParserNeverWrapsTest ‑ [2] com.hedera.pbj.integration.test.ParserNeverWrapsTest$$Lambda/0x00007f7d74b15098@15aca221
com.hedera.pbj.integration.test.ParserNeverWrapsTest ‑ [3] com.hedera.pbj.integration.test.ParserNeverWrapsTest$$Lambda/0x00007f7d74b152c8@2dbc7e12

com.hedera.pbj.integration.test.ParserNeverWrapsTest ‑ [1] com.hedera.pbj.integration.test.ParserNeverWrapsTest$$Lambda/0x00007fc1a8b5da30@3cfe9cd8
com.hedera.pbj.integration.test.ParserNeverWrapsTest ‑ [2] com.hedera.pbj.integration.test.ParserNeverWrapsTest$$Lambda/0x00007fc1a8b5dc60@1a48a0c2
com.hedera.pbj.integration.test.ParserNeverWrapsTest ‑ [3] com.hedera.pbj.integration.test.ParserNeverWrapsTest$$Lambda/0x00007fc1a8b5de90@182dcaf7

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 17, 2025

Superseded by #617.

@dependabot dependabot bot closed this Sep 17, 2025
@dependabot dependabot bot deleted the dependabot/gradle/pbj-core/hiero-dependency-versions/com.github.spotbugs-spotbugs-annotations-4.9.5 branch September 17, 2025 11:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@anthony-swirldslabs anthony-swirldslabs anthony-swirldslabs approved these changes

@rbarker-dev rbarker-dev Awaiting requested review from rbarker-dev rbarker-dev is a code owner automatically assigned from hashgraph/platform-ci

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@anthony-swirldslabs