René's URL Explorer Experiment


Title: Bump com.github.spotbugs:spotbugs from 4.9.3 to 4.9.4 by dependabot[bot] · Pull Request #347 · OWASP-Benchmark/BenchmarkJava · GitHub

Open Graph Title: Bump com.github.spotbugs:spotbugs from 4.9.3 to 4.9.4 by dependabot[bot] · Pull Request #347 · OWASP-Benchmark/BenchmarkJava

X Title: Bump com.github.spotbugs:spotbugs from 4.9.3 to 4.9.4 by dependabot[bot] · Pull Request #347 · OWASP-Benchmark/BenchmarkJava

Description: Bumps com.github.spotbugs:spotbugs from 4.9.3 to 4.9.4. Release notes Sourced from com.github.spotbugs:spotbugs's releases. SpotBugs 4.9.4 CHANGELOG Changed AnnotationMatcher can now ignore bugs if annotation is also applied on methods or fields. Previously only annotations on classes were considered. Add relevant CWE ids to bugs and refer the CWEs in the bug messages (#3354). Replace LOCAL_VARIABLE_UNKNOWN with exact method name for NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE (#3485) Fixed Widen main method recognition according to JEP 445. (#3371) Do not report US_USELESS_SUPPRESSION_ON_* on methods, fields, parameters, packages or classes with an *.Generated annotation with retention >= class (#3350)(#3409) Rewrite some member in ResourceValueFrame.java to Enum (#2061) Ignore non-interpreted text when looking for FS_BAD_DATE_FORMAT_FLAG_COMBO (#3387) Fix IllegalArgumentException thrown from FindNoSideEffectMethods detector (#3320) Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when part of a Mockito doAnswer(), doCallRealMethod(), doNothing(), doThrow() or doReturn() call (#3334) Fix CT_CONSTRUCTOR_THROW false positive with public and private constructors in specific order of methods (#3417) Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE, AT_NONATOMIC_64BIT_PRIMITIVE and AT_STALE_THREAD_WRITE_OF_PRIMITIVE FP when the relevant code is in private method, which is only called with proper synchronization (#3428) Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when part of a BDDMockito call (#3441) Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE when field of a local variable is set. (#3459) Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE FP when there was no compound operation (#3363) Fix NM_FIELD_NAMING_CONVENTION crash in the TestASM detector (#3489) Do not report UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for fields initialized in JUnit 3/4 setUp() method. (#3169) Fix US_USELESS_SUPPRESSION_ON_FIELD/UUF_UNUSED_FIELD false positive (#3496) Make the osgi manifest of the annotations jar Java 8 compatible (#3498) (#3500) TextUICommandLine supports all options encoded in Eclipse preferences file (#3520) Unnecessary suppressions fix for records headers (#3471) Dead store fix when switch case contains loops (#3530) (#3449) Consider PUTFIELD and PUTSTATIC when looking for assertions with side effects (#3463) Detect cases when equals() unconditionally returns true or false (#3528) Do not report that an Iterator does not throw NoSuchElementException when hasNext() returns true (#3501) Detect random value cast to int when stored in temporary variable (#3461) Look for interfaces default methods when searching uncalled private methods (#1988) Fixed field self assignment false positive (#2258) Fixed DMI_INVOKING_TOSTRING_ON_ARRAY on newer JDK (#1147) Fix NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE false positive with Objects.requireNonNull (#2965) (#3573) Track inner classes access methods to correctly report the bugs (#2029) SF_SWITCH_NO_DEFAULT false positive fix (#1148) (#3572) Added Added the unnecessary annotation to the US_USELESS_SUPPRESSION_ON_* messages (#3395) Multi-threaded code checks can be skipped with @NotThreadSafe (#3390) New bug type CWO_CLOSED_WITHOUT_OPENED for locks that might be released without even being acquired. (See SEI CERT rule LCK08-J) (#2055) Breaking change: changed values and new items in ResourceValueFrame. Inline access method for method. (#3481) Added DMI_MISLEADING_SUBSTRING for calling subString(0) on a StringBuffer/StringBuilder (#1928) Signing Signing for Eclipse plugin has been removed at the current time due to signing keys being expired. The expired key produced a warning during install, the same is true without signing. CHECKSUM | file | checksum (sha256) | ... (truncated) Changelog Sourced from com.github.spotbugs:spotbugs's changelog. 4.9.4 - 2025-08-07 Changed AnnotationMatcher can now ignore bugs if annotation is also applied on methods or fields. Previously only annotations on classes were considered. Add relevant CWE ids to bugs and refer the CWEs in the bug messages (#3354). Replace LOCAL_VARIABLE_UNKNOWN with exact method name for NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE (#3485) Fixed Widen main method recognition according to JEP 445. (#3371) Do not report US_USELESS_SUPPRESSION_ON_* on methods, fields, parameters, packages or classes with an *.Generated annotation with retention >= class (#3350)(#3409) Rewrite some member in ResourceValueFrame.java to Enum (#2061) Ignore non-interpreted text when looking for FS_BAD_DATE_FORMAT_FLAG_COMBO (#3387) Fix IllegalArgumentException thrown from FindNoSideEffectMethods detector (#3320) Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when part of a Mockito doAnswer(), doCallRealMethod(), doNothing(), doThrow() or doReturn() call (#3334) Fix CT_CONSTRUCTOR_THROW false positive with public and private constructors in specific order of methods (#3417) Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE, AT_NONATOMIC_64BIT_PRIMITIVE and AT_STALE_THREAD_WRITE_OF_PRIMITIVE FP when the relevant code is in private method, which is only called with proper synchronization (#3428) Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when part of a BDDMockito call (#3441) Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE when field of a local variable is set. (#3459) Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE FP when there was no compound operation (#3363) Fix NM_FIELD_NAMING_CONVENTION crash in the TestASM detector (#3489) Do not report UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for fields initialized in JUnit 3/4 setUp() method. (#3169) Fix US_USELESS_SUPPRESSION_ON_FIELD/UUF_UNUSED_FIELD false positive (#3496) Make the osgi manifest of the annotations jar Java 8 compatible (#3498) (#3500) TextUICommandLine supports all options encoded in Eclipse preferences file (#3520) Unnecessary suppressions fix for records headers (#3471) Dead store fix when switch case contains loops (#3530) (#3449) Consider PUTFIELD and PUTSTATIC when looking for assertions with side effects (#3463) Detect cases when equals() unconditionally returns true or false (#3528) Do not report that an Iterator does not throw NoSuchElementException when hasNext() returns true (#3501) Detect random value cast to int when stored in temporary variable (#3461) Look for interfaces default methods when searching uncalled private methods (#1988) Fixed field self assignment false positive (#2258) Fixed DMI_INVOKING_TOSTRING_ON_ARRAY on newer JDK (#1147) Fix NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE false positive with Objects.requireNonNull (#2965) (#3573) Track inner classes access methods to correctly report the bugs (#2029) SF_SWITCH_NO_DEFAULT false positive fix (#1148) (#3572) Added Added the unnecessary annotation to the US_USELESS_SUPPRESSION_ON_* messages (#3395) Multi-threaded code checks can be skipped with @NotThreadSafe (#3390) New bug type CWO_CLOSED_WITHOUT_OPENED for locks that might be released without even being acquired. (See SEI CERT rule LCK08-J) (#2055) Breaking change: changed values and new items in ResourceValueFrame. Inline access method for method. (#3481) Added DMI_MISLEADING_SUBSTRING for calling subString(0) on a StringBuffer/StringBuilder (#1928) Signing Signing for Eclipse plugin has been removed at the current time due to signing keys being expired. The expired key produced a warning during install, the same is true without signing. Commits 014b0ee release v4.9.4 0c0f125 build: Adjustments to the tag checking 788524b prepare for next release 44656f0 release v4.9.4 da2f64d build: Make sure check is against origin/master not master 0db0852 prepare for next release 7ecaa15 release v4.9.4 a2845af build: Remove space in curl b433c57 build: Disable parallel builds for now a4e906f build: Cleanup release action to correctly work Additional commits viewable in compare view Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase. Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: @dependabot rebase will rebase this PR @dependabot recreate will recreate this PR, overwriting any edits that have been made to it @dependabot merge will merge this PR after your CI passes on it @dependabot squash and merge will squash and merge this PR after your CI passes on it @dependabot cancel merge will cancel a previously requested merge and block automerging @dependabot reopen will reopen this PR if it is closed @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually @dependabot show ignore conditions will show all of the ignore conditions of the specified dependency @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Open Graph Description: Bumps com.github.spotbugs:spotbugs from 4.9.3 to 4.9.4. Release notes Sourced from com.github.spotbugs:spotbugs's releases. SpotBugs 4.9.4 CHANGELOG Changed AnnotationMatcher can now ignore ...

X Description: Bumps com.github.spotbugs:spotbugs from 4.9.3 to 4.9.4. Release notes Sourced from com.github.spotbugs:spotbugs's releases. SpotBugs 4.9.4 CHANGELOG Changed AnnotationMatcher can now ign...

Opengraph URL: https://github.com/OWASP-Benchmark/BenchmarkJava/pull/347

X: @github

direct link

Domain: github.com

route-pattern/:user_id/:repository/pull/:id/files(.:format)
route-controllerpull_requests
route-actionfiles
fetch-noncev2:9f86a788-d2f0-2c4d-32da-519d57b23566
current-catalog-service-hashae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b
request-idCA68:3A8185:5567BE:71C771:6A5BD3C4
html-safe-nonce535a3e823ae1a7e2aa2f3d90d79d7d251787ca500b90292d87ea69f719e9a1a0
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJDQTY4OjNBODE4NTo1NTY3QkU6NzFDNzcxOjZBNUJEM0M0IiwidmlzaXRvcl9pZCI6IjI5ODIyODY3NDEzMzkwMjc2IiwicmVnaW9uX2VkZ2UiOiJpYWQiLCJyZWdpb25fcmVuZGVyIjoiaWFkIn0=
visitor-hmac9bea615d45fc7f0fc3f85dbb5b5f38a35a5e1a8c98676804f3e03947212d4e5c
hovercard-subject-tagpull_request:2736082940
github-keyboard-shortcutsrepository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location///pull_requests/show/files
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files
twitter:imagehttps://avatars.githubusercontent.com/in/29110?s=400&v=4
twitter:cardsummary_large_image
og:imagehttps://avatars.githubusercontent.com/in/29110?s=400&v=4
og:image:altBumps com.github.spotbugs:spotbugs from 4.9.3 to 4.9.4. Release notes Sourced from com.github.spotbugs:spotbugs's releases. SpotBugs 4.9.4 CHANGELOG Changed AnnotationMatcher can now ignore ...
og:site_nameGitHub
og:typeobject
hostnamegithub.com
expected-hostnamegithub.com
None5290d7e14309ad1e76106a9c4237bd1041517e83ea182c8ab756752cb0c6940b
turbo-cache-controlno-preview
diff-viewunified
go-importgithub.com/OWASP-Benchmark/BenchmarkJava git https://github.com/OWASP-Benchmark/BenchmarkJava.git
octolytics-dimension-user_id80600360
octolytics-dimension-user_loginOWASP-Benchmark
octolytics-dimension-repository_id33565372
octolytics-dimension-repository_nwoOWASP-Benchmark/BenchmarkJava
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forkfalse
octolytics-dimension-repository_network_root_id33565372
octolytics-dimension-repository_network_root_nwoOWASP-Benchmark/BenchmarkJava
turbo-body-classeslogged-out env-production page-responsive
disable-turbotrue
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
release9c975978430e9ad293956f2bbdaf153b1bd84a99
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files#start-of-content
https://github.com/
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2FOWASP-Benchmark%2FBenchmarkJava%2Fpull%2F347%2Ffiles
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub Copilot appDirect agents from issue to mergehttps://github.com/features/ai/github-app
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
View all resourceshttps://github.com/resources
GitHub SponsorsFund open source developershttps://github.com/open-source/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/open-source/accelerator
GitHub Starshttps://stars.github.com
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/enterprise/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2FOWASP-Benchmark%2FBenchmarkJava%2Fpull%2F347%2Ffiles
Sign up https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fpull_requests%2Fshow%2Ffiles&source=header-repo&source_repo=OWASP-Benchmark%2FBenchmarkJava
Reloadhttps://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files
Reloadhttps://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files
Reloadhttps://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files
Please reload this pagehttps://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files
OWASP-Benchmark https://github.com/OWASP-Benchmark
BenchmarkJavahttps://github.com/OWASP-Benchmark/BenchmarkJava
Notifications https://github.com/login?return_to=%2FOWASP-Benchmark%2FBenchmarkJava
Fork 1.5k https://github.com/login?return_to=%2FOWASP-Benchmark%2FBenchmarkJava
Star 817 https://github.com/login?return_to=%2FOWASP-Benchmark%2FBenchmarkJava
Code https://github.com/OWASP-Benchmark/BenchmarkJava
Issues 12 https://github.com/OWASP-Benchmark/BenchmarkJava/issues
Pull requests 8 https://github.com/OWASP-Benchmark/BenchmarkJava/pulls
Actions https://github.com/OWASP-Benchmark/BenchmarkJava/actions
Projects https://github.com/OWASP-Benchmark/BenchmarkJava/projects
Security and quality 0 https://github.com/OWASP-Benchmark/BenchmarkJava/security
Insights https://github.com/OWASP-Benchmark/BenchmarkJava/pulse
Code https://github.com/OWASP-Benchmark/BenchmarkJava
Issues https://github.com/OWASP-Benchmark/BenchmarkJava/issues
Pull requests https://github.com/OWASP-Benchmark/BenchmarkJava/pulls
Actions https://github.com/OWASP-Benchmark/BenchmarkJava/actions
Projects https://github.com/OWASP-Benchmark/BenchmarkJava/projects
Security and quality https://github.com/OWASP-Benchmark/BenchmarkJava/security
Insights https://github.com/OWASP-Benchmark/BenchmarkJava/pulse
Sign up for GitHub https://github.com/signup?return_to=%2FOWASP-Benchmark%2FBenchmarkJava%2Fissues%2Fnew%2Fchoose
terms of servicehttps://docs.github.com/terms
privacy statementhttps://docs.github.com/privacy
Sign inhttps://github.com/login?return_to=%2FOWASP-Benchmark%2FBenchmarkJava%2Fissues%2Fnew%2Fchoose
davewichershttps://github.com/davewichers
masterhttps://github.com/OWASP-Benchmark/BenchmarkJava/tree/master
dependabot/maven/com.github.spotbugs-spotbugs-4.9.4https://github.com/OWASP-Benchmark/BenchmarkJava/tree/dependabot/maven/com.github.spotbugs-spotbugs-4.9.4
Conversation 0 https://github.com/OWASP-Benchmark/BenchmarkJava/pull/347
Commits 1 https://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/commits
Checks 5 https://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/checks
Files changed https://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files
Please reload this pagehttps://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files
Bump com.github.spotbugs:spotbugs from 4.9.3 to 4.9.4 https://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files#top
Show all changes 1 commit https://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files
a8a92a3 Bump com.github.spotbugs:spotbugs from 4.9.3 to 4.9.4 dependabot[bot] Aug 11, 2025 https://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/commits/a8a92a38af5928146752029b980f70effe620724
Clear filters https://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files
Please reload this pagehttps://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files
Please reload this pagehttps://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files
pom.xmlhttps://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files#diff-9c5fb3d1b7e3b0f54bc5c4182965c4fe1f9023d449017cece3005d3f90e8e4d8
View file https://github.com/OWASP-Benchmark/BenchmarkJava/blob/a8a92a38af5928146752029b980f70effe620724/pom.xml
Open in desktop https://desktop.github.com
https://github.co/hiddenchars
https://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/{{ revealButtonHref }}
https://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files#diff-9c5fb3d1b7e3b0f54bc5c4182965c4fe1f9023d449017cece3005d3f90e8e4d8
https://github.com/OWASP-Benchmark/BenchmarkJava/pull/347/files#diff-9c5fb3d1b7e3b0f54bc5c4182965c4fe1f9023d449017cece3005d3f90e8e4d8
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width


URLs of crawlers that visited me.