renovate-bot opened a new pull request, #2312: URL: https://github.com/apache/polaris/pull/2312
This PR contains the following updates: | Package | Change | Age | Confidence | |---|---|---|---| | [com.github.spotbugs:spotbugs-annotations](https://spotbugs.github.io/) ([source](https://redirect.github.com/spotbugs/spotbugs)) | `4.9.3` -> `4.9.4` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | --- ### Release Notes <details> <summary>spotbugs/spotbugs (com.github.spotbugs:spotbugs-annotations)</summary> ### [`v4.9.4`](https://redirect.github.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#494---2025-08-07) [Compare Source](https://redirect.github.com/spotbugs/spotbugs/compare/4.9.3...4.9.4) ##### Changed - `AnnotationMatcher` can now ignore bugs if annotation is also applied on methods or fields. Previously only annotations on classes were considered. - Add relevant CWE ids to bugs and refer the CWEs in the bug messages ([#​3354](https://redirect.github.com/spotbugs/spotbugs/pull/3354)). - Replace `LOCAL_VARIABLE_UNKNOWN` with exact method name for `NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE` ([#​3485](https://redirect.github.com/spotbugs/spotbugs/pull/3485)) ##### Fixed - Widen main method recognition according to [JEP 445](https://openjdk.org/jeps/445). ([#​3371](https://redirect.github.com/spotbugs/spotbugs/pull/3371)) - Do not report `US_USELESS_SUPPRESSION_ON_*` on methods, fields, parameters, packages or classes with an `*.Generated` annotation with retention >= class ([#​3350](https://redirect.github.com/spotbugs/spotbugs/issues/3350))([#​3409](https://redirect.github.com/spotbugs/spotbugs/pull/3409)) - Rewrite some member in `ResourceValueFrame.java` to Enum ([#​2061](https://redirect.github.com/spotbugs/spotbugs/issues/2061)) - Ignore non-interpreted text when looking for `FS_BAD_DATE_FORMAT_FLAG_COMBO` ([#​3387](https://redirect.github.com/spotbugs/spotbugs/issues/3387)) - Fix IllegalArgumentException thrown from `FindNoSideEffectMethods` detector ([#​3320](https://redirect.github.com/spotbugs/spotbugs/issues/3320)) - Do not report `RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT` when part of a Mockito `doAnswer()`, `doCallRealMethod()`, `doNothing()`, `doThrow()` or `doReturn()` call ([#​3334](https://redirect.github.com/spotbugs/spotbugs/issues/3334)) - Fix `CT_CONSTRUCTOR_THROW` false positive with public and private constructors in specific order of methods ([#​3417](https://redirect.github.com/spotbugs/spotbugs/issues/3417)) - Fix `AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE`, `AT_NONATOMIC_64BIT_PRIMITIVE` and `AT_STALE_THREAD_WRITE_OF_PRIMITIVE` FP when the relevant code is in private method, which is only called with proper synchronization ([#​3428](https://redirect.github.com/spotbugs/spotbugs/issues/3428)) - Do not report `RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT` when part of a BDDMockito call ([#​3441](https://redirect.github.com/spotbugs/spotbugs/issues/3441)) - Fix `AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE` when field of a local variable is set. ([#​3459](https://redirect.github.com/spotbugs/spotbugs/pull/3459)) - Fix `AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE` FP when there was no compound operation ([#​3363](https://redirect.github.com/spotbugs/spotbugs/issues/3363)) - Fix `NM_FIELD_NAMING_CONVENTION` crash in the TestASM detector ([#​3489](https://redirect.github.com/spotbugs/spotbugs/pull/3489)) - Do not report `UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR` for fields initialized in JUnit 3/4 `setUp()` method. ([#​3169](https://redirect.github.com/spotbugs/spotbugs/issues/3169)) - Fix `US_USELESS_SUPPRESSION_ON_FIELD`/`UUF_UNUSED_FIELD` false positive ([#​3496](https://redirect.github.com/spotbugs/spotbugs/pull/3496)) - Make the osgi manifest of the annotations jar Java 8 compatible ([#​3498](https://redirect.github.com/spotbugs/spotbugs/pull/3498)) ([#​3500](https://redirect.github.com/spotbugs/spotbugs/pull/3500)) - `TextUICommandLine` supports all options encoded in Eclipse preferences file ([#​3520](https://redirect.github.com/spotbugs/spotbugs/issues/3520)) - Unnecessary suppressions fix for records headers ([#​3471](https://redirect.github.com/spotbugs/spotbugs/issues/3471)) - Dead store fix when switch case contains loops ([#​3530](https://redirect.github.com/spotbugs/spotbugs/issues/3530)) ([#​3449](https://redirect.github.com/spotbugs/spotbugs/issues/3449)) - Consider PUTFIELD and PUTSTATIC when looking for assertions with side effects ([#​3463](https://redirect.github.com/spotbugs/spotbugs/issues/3463)) - Detect cases when equals() unconditionally returns true or false ([#​3528](https://redirect.github.com/spotbugs/spotbugs/issues/3528)) - Do not report that an Iterator does not throw `NoSuchElementException` when `hasNext()` returns true ([#​3501](https://redirect.github.com/spotbugs/spotbugs/issues/3501)) - Detect random value cast to int when stored in temporary variable ([#​3461](https://redirect.github.com/spotbugs/spotbugs/issues/3461)) - Look for interfaces default methods when searching uncalled private methods ([#​1988](https://redirect.github.com/spotbugs/spotbugs/issues/1988)) - Fixed field self assignment false positive ([#​2258](https://redirect.github.com/spotbugs/spotbugs/issues/2258)) - Fixed `DMI_INVOKING_TOSTRING_ON_ARRAY` on newer JDK ([#​1147](https://redirect.github.com/spotbugs/spotbugs/issues/1147)) - Fix `NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE` false positive with `Objects.requireNonNull` ([#​2965](https://redirect.github.com/spotbugs/spotbugs/issues/2965)) ([#​3573](https://redirect.github.com/spotbugs/spotbugs/issues/3573)) - Track inner classes access methods to correctly report the bugs ([#​2029](https://redirect.github.com/spotbugs/spotbugs/issues/2029)) - `SF_SWITCH_NO_DEFAULT` false positive fix ([#​1148](https://redirect.github.com/spotbugs/spotbugs/issues/1148)) ([#​3572](https://redirect.github.com/spotbugs/spotbugs/issues/3572)) ##### Added - Added the unnecessary annotation to the `US_USELESS_SUPPRESSION_ON_*` messages ([#​3395](https://redirect.github.com/spotbugs/spotbugs/issues/3395)) - Multi-threaded code checks can be skipped with `@NotThreadSafe` ([#​3390](https://redirect.github.com/spotbugs/spotbugs/issues/3390)) - New bug type `CWO_CLOSED_WITHOUT_OPENED` for locks that might be released without even being acquired. (See [SEI CERT rule LCK08-J](https://wiki.sei.cmu.edu/confluence/display/java/LCK08-J.+Ensure+actively+held+locks+are+released+on+exceptional+conditions)) ([#​2055](https://redirect.github.com/spotbugs/spotbugs/pull/2055)) - Breaking change: changed values and new items in `ResourceValueFrame`. - Inline access method for method. ([#​3481](https://redirect.github.com/spotbugs/spotbugs/issues/3481)) - Added `DMI_MISLEADING_SUBSTRING` for calling `subString(0)` on a StringBuffer/StringBuilder ([#​1928](https://redirect.github.com/spotbugs/spotbugs/issues/1928)) ##### Signing - Signing for Eclipse plugin has been removed at the current time due to signing keys being expired. The expired key produced a warning during install, the same is true without signing. </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. â™» **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/apache/polaris). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS41MS4xIiwidXBkYXRlZEluVmVyIjoiNDEuNTEuMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsicmVub3ZhdGUtcG9sYXJpcyJdfQ==--> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: issues-unsubscr...@polaris.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
