(orc) branch main updated: ORC-1772: Bump `spotbugs-maven-plugin` to 4.8.6.3

Mon, 09 Sep 2024 20:46:38 -0700 

This is an automated email from the ASF dual-hosted git repository.

csy pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/orc.git


The following commit(s) were added to refs/heads/main by this push:
     new be4bb7408 ORC-1772: Bump `spotbugs-maven-plugin` to 4.8.6.3
be4bb7408 is described below

commit be4bb74081569203a26e4288db9fc4e4588ab765
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Tue Sep 10 11:46:20 2024 +0800

    ORC-1772: Bump `spotbugs-maven-plugin` to 4.8.6.3
    
    Bumps 
[com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin)
 from 4.8.6.2 to 4.8.6.3.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a 
href="https://github.com/spotbugs/spotbugs-maven-plugin/releases";>com.github.spotbugs:spotbugs-maven-plugin's
 releases</a>.</em></p>
    <blockquote>
    <h2>Spotbugs Maven Plugin 4.8.6.3</h2>
    <ul>
    <li>Ability to disable logs in quite mode (spotbugs.quiet) <a 
href="https://redirect.github.com/spotbugs/spotbugs-maven-plugin/issues/842";>#842</a></li>
    <li>Fix output directory per <a 
href="https://redirect.github.com/spotbugs/spotbugs-maven-plugin/issues/807";>#807</a></li>
    <li>Update plugins / dependencies</li>
    <li>Fix tag used to build spotbugs during GHA</li>
    <li>Use inject annotation from jsr330 instead of deprecated component 
annotation</li>
    </ul>
    <p>Build</p>
    <ul>
    <li>Remove old overrides from pom as addressed</li>
    <li>Cleanup javadocs</li>
    <li>Remove snapshot from javadocs at 2.1 as non existent</li>
    <li>Order attribute order of annotations</li>
    <li>Use log commonly throughout (newer coded used getLog in one place)</li>
    <li>Sort imports</li>
    <li>Add opens for java.lang and java.util for site build as needed on newer 
jdks</li>
    <li>Correct GHA for site distribution</li>
    <li>Delete duplicate codeql github action</li>
    <li>Speed up github actions</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a 
href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/4d122f59709a13234491915a252d804ae4e8c550";><code>4d122f5</code></a>
 [maven-release-plugin] prepare release spotbugs-maven-plugin-4.8.6.3</li>
    <li><a 
href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/08e4e4997b5f42a1a3668e6b24e20629b6845c9d";><code>08e4e49</code></a>
 [mvn] Move deprecated component to jsr330 inject</li>
    <li><a 
href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/62edad6f704aa2dbb3d263f7e5dbc4acb001e1a6";><code>62edad6</code></a>
 [pom] Set version to 4.8.6.3 snapshot</li>
    <li><a 
href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/ec0c400c4a7f5710e0192c7ac52a2ff6bc7ff86d";><code>ec0c400</code></a>
 [pom] Bump surefire to 3.5.0</li>
    <li><a 
href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/26cfa3810677945fae857015900f702d5bd0a41a";><code>26cfa38</code></a>
 Merge pull request <a 
href="https://redirect.github.com/spotbugs/spotbugs-maven-plugin/issues/878";>#878</a>
 from spotbugs/renovate/javaparserversion</li>
    <li><a 
href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/72a83d4f4eeba42baebf5f3ff07391eb88f1b6fd";><code>72a83d4</code></a>
 Update dependency com.github.javaparser:javaparser-core to v3.26.2</li>
    <li><a 
href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/494c61eb1308bbf79a5ccd92d8eb39e23bdfda2c";><code>494c61e</code></a>
 Merge pull request <a 
href="https://redirect.github.com/spotbugs/spotbugs-maven-plugin/issues/877";>#877</a>
 from hazendaz/master</li>
    <li><a 
href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/2e0118511499529b8248f3aa2593d8cd37eabf23";><code>2e01185</code></a>
 [GHA] Cleanup duplicate running in integration tests</li>
    <li><a 
href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/c8a6f4e02487e3a255e7630eb2d6f7c82140f45f";><code>c8a6f4e</code></a>
 Merge pull request <a 
href="https://redirect.github.com/spotbugs/spotbugs-maven-plugin/issues/876";>#876</a>
 from hazendaz/master</li>
    <li><a 
href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/296a9a9021d504440e19f15ab98e28bc2f95f7e1";><code>296a9a9</code></a>
 [GHA] Remove extra clean option as not needed</li>
    <li>Additional commits viewable in <a 
href="https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.8.6.2...spotbugs-maven-plugin-4.8.6.3";>compare
 view</a></li>
    </ul>
    </details>
    <br />
    
    <details>
    <summary>Most Recent Ignore Conditions Applied to This Pull 
Request</summary>
    
    | Dependency Name | Ignore Conditions |
    | --- | --- |
    | com.github.spotbugs:spotbugs-maven-plugin | [< 4.8, > 4.7.3.4] |
    </details>
    
    [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.github.spotbugs:spotbugs-maven-plugin&package-manager=maven&previous-version=4.8.6.2&new-version=4.8.6.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `dependabot rebase` will rebase this PR
    - `dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
    - `dependabot merge` will merge this PR after your CI passes on it
    - `dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
    - `dependabot cancel merge` will cancel a previously requested merge and 
block automerging
    - `dependabot reopen` will reopen this PR if it is closed
    - `dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
    - `dependabot show <dependency name> ignore conditions` will show all of 
the ignore conditions of the specified dependency
    - `dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
    - `dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
    - `dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
    
    </details>
    
    Closes #2022 from 
dependabot[bot]/dependabot/maven/java/com.github.spotbugs-spotbugs-maven-plugin-4.8.6.3.
    
    Authored-by: dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
    Signed-off-by: Shaoyun Chen <[email protected]>
---
 java/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/pom.xml b/java/pom.xml
index b0bc83853..4d69c75f7 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -395,7 +395,7 @@
         <plugin>
           <groupId>com.github.spotbugs</groupId>
           <artifactId>spotbugs-maven-plugin</artifactId>
-          <version>4.8.6.2</version>
+          <version>4.8.6.3</version>
           <configuration>
             <includeFilterFile>spotbugs-include.xml</includeFilterFile>
             <excludeFilterFile>spotbugs-exclude.xml</excludeFilterFile>

Reply via email to