Title: Bump com.github.spotbugs:spotbugs from 4.9.8 to 4.10.2 by dependabot[bot] · Pull Request #476 · OWASP-Benchmark/BenchmarkJava · GitHub
Open Graph Title: Bump com.github.spotbugs:spotbugs from 4.9.8 to 4.10.2 by dependabot[bot] · Pull Request #476 · OWASP-Benchmark/BenchmarkJava
X Title: Bump com.github.spotbugs:spotbugs from 4.9.8 to 4.10.2 by dependabot[bot] · Pull Request #476 · OWASP-Benchmark/BenchmarkJava
Description: Bumps com.github.spotbugs:spotbugs from 4.9.8 to 4.10.2. Release notes Sourced from com.github.spotbugs:spotbugs's releases. 4.10.2 SpotBugs 4.10.2 CHANGELOG Build Add release protection to ensure version released matches the tag and that snapshot has been removed. (#4156) Drop binary incompatible Saxon-HE back to 12.9 to keep java 11 compatibility. (#4159) Add binary check to the gradle build to ensure compatibility remains. (#4159) CHECKSUM file checksum (sha256) spotbugs-4.10.2-javadoc.jar 97bf36f386f75cecacbb7663700266d65176f8544c6f62bc7f21e0ecfb868444 spotbugs-4.10.2-sources.jar 76476f61ce6dc0eb0c38801e21da44e77043ba21226aef6c1b9d21df06d2395a spotbugs-4.10.2.tgz 63d7687c35fba12cbc8e55ec2a889a2bbf1b9be299dea91f2b0d351dc285308a spotbugs-4.10.2.zip d5c9ad825cd015fc943802f5c96d89c515fd9a6f7fbbd9ddc7d0aa24b13664df spotbugs-annotations-4.10.2-javadoc.jar a948f311281429a3060e4870d5a60e8508372113ce678c7e1e04b58ba07a2ec2 spotbugs-annotations-4.10.2-sources.jar 87974d23caffbc8c6e66c567747627267b5ed06573cee966d7af6d236b8d65bd spotbugs-annotations.jar 5335e5107c74cdd62ef96a7908066c51abb3de63b1ebf99dc953c2c7d0747678 spotbugs-ant-4.10.2-javadoc.jar 6e016db4c2929c0319c9f973ec1c76724d9ba17d26cd7b87136a8dbf0731cecb spotbugs-ant-4.10.2-sources.jar 91477d93b1fd1bebae35d318427b5238fb458e726478dc1a8ac41ce74838a1e6 spotbugs-ant.jar 22f2fa397e86663adcd4828cc1c91e63aa6cc2bfc56832885b749a86fac5c784 spotbugs.jar 46f5c9524c08d027cf96cda2704e5d8ded633626b94a19dc9ced3ae67595d80b test-harness-4.10.2-javadoc.jar ec93ddaa099a27c8fdb0522d8c0b24a3d696e10aaf7d71a5d8426a643c00f1b2 test-harness-4.10.2-sources.jar 805d2d124b0d4ea513ee9262d4ad6027c3471d45defd80fd7d20e23425d17df7 test-harness-4.10.2.jar bd10d1f11a1b93e4ca4db4d27772f611bd3407f9452dbbd2d1ba62584ddc171f test-harness-core-4.10.2-javadoc.jar a9782f2a1ecb26d561b4601c46f2dbcfbe4045d587c6ce545ae830cd61399118 test-harness-core-4.10.2-sources.jar 043a55d99a517c0d9cf702b0c183b4afd3f03af9eff4a86d59bb37df1b35b532 test-harness-core-4.10.2.jar 1f9a0ee8f150dd71f960ca4f59dcf7912a45d0e9e6aefc4585fd44b975454bc0 test-harness-jupiter-4.10.2-javadoc.jar eb18358668b3f2099ddcfe21e817210d34ee969eb7fecc6f697c6eecca803846 test-harness-jupiter-4.10.2-sources.jar 17144f315686bfd01c02fa4ae7c916060c41de8eed58d5b8470416fa08f46ced test-harness-jupiter-4.10.2.jar a91146da3e993479cfefd2690781cbd102c6360ecc63a96d88995be3bd60fcbb 4.10.1 SpotBugs 4.10.1 Note SpotBugs 4.10.0 was superseded by 4.10.1 due to a release issue. Users should use 4.10.1. See the discussion below for additional details: https://github.com/spotbugs/spotbugs/discussions/4155 CHANGELOG Build 4.10.0 was not released due to a release process error (artifacts were built from a -SNAPSHOT version). 4.10.1 is the corrected release and contains the intended 4.10.0 contents. CHECKSUM file checksum (sha256) spotbugs-4.10.1-javadoc.jar 582dc49e95b080333b1025dc23e76630e5f6f1648b2f9fa71ee34918f6d9dd2c ... (truncated) Changelog Sourced from com.github.spotbugs:spotbugs's changelog. 4.10.2 - 2026-06-09 Build Add release protection to ensure version released matches the tag and that snapshot has been removed. (#4156) Drop binary incompatible Saxon-HE back to 12.9 to keep java 11 compatibility. (#4159) Add binary check to the gradle build to ensure compatibility remains. (#4159) 4.10.1 - 2026-06-08 Build 4.10.0 was not released due to a release process error (artifacts were built from a -SNAPSHOT version). 4.10.1 is the corrected release and contains the intended 4.10.0 contents. 4.10.0 - 2026-06-07 Refactor Move internal usage of 'javax.annotation.Nonnull' to 'jakarta.annotation.NonNull'. (#3858) Move internal usage of 'javax.annotation.Nullable' to 'jakarta.annotation.Nullable'. (#3861) Renamed methods from edu.umd.cs.findbugs.SwitchHandler to reflect that they return a PC, not an offset (#3869) Make the progress bar more visually appealing by adding some borders (#3896) Reuse DismantleBytecode.isIf introduced in (#3869) Added Add partial support for org.jspecify.annotations.Nullable, org.jspecify.annotations.NonNull, org.jspecify.annotations.NullUnmarked and org.jspecify.annotations.NullMarked annotations. These are aliased to the closest existing SpotBugs nullness annotations. This is not a complete implementation of the JSpecify spec; scope-level semantics of @NullMarked and @NullUnmarked are not yet supported. (#3996) Recognize jakarta.annotation.Nonnull and jakarta.annotation.Nullable (#3780) Detect use of sun.misc.Unsafe and jdk.internal.misc.Unsafe (#3804) New bug type is introduced: NCR_NOT_PROPERLY_CHECKED_READ. Improper validation of the return value from the read() method in InputStream and Reader classes may result in an array not being fully filled. (#3766) New detector FindImproperSynchronization and introduced new bug types: USO_UNSAFE_METHOD_SYNCHRONIZATION is reported when using synchronized methods with the class' accessible intrinsic lock, USO_UNSAFE_STATIC_METHOD_SYNCHRONIZATION is reported when using static synchronized methods with the class' exposed intrinsic lock, USO_UNSAFE_OBJECT_SYNCHRONIZATION is reported when the lock used for synchronization is visible from the outside, USO_UNSAFE_ACCESSIBLE_OBJECT_SYNCHRONIZATION is reported when the lock used for synchronization is made accessible, with methods that update or return the lock, to the outside, USO_UNSAFE_INHERITABLE_OBJECT_SYNCHRONIZATION is reported when the lock used for synchronization is can be altered by subclasses, USO_UNSAFE_EXPOSED_OBJECT_SYNCHRONIZATION is reported when the lock used for synchronization is later exposed in the subclasses. USBC_UNSAFE_SYNCHRONIZATION_WITH_BACKING_COLLECTION is reported when the backing collection of a lock is visible from the outside, USBC_UNSAFE_SYNCHRONIZATION_WITH_ACCESSIBLE_BACKING_COLLECTION is reported when the backing collection of a lock is made accessible, with methods that update or return the lock, to the outside, USBC_UNSAFE_SYNCHRONIZATION_WITH_INHERITABLE_BACKING_COLLECTION is reported when the backing collection of a lock can be altered by subclasses. (See SEI CERT rule LCK00-J and SEI CERT rule LCK04-J) New detector FindIncreasedAccessibilityOfMethods for new bug type IAOM_DO_NOT_INCREASE_METHOD_ACCESSIBILITY. This detector reports a bug if a class increases the accessibility of overridden or hidden methods. (See SEI CERT rule MET04-J) Fixed Fix DM_STRING_TOSTRING false negative when toString() is chained before a method call (e.g., s.toString().toLowerCase()); multiple occurrences in the same method are now all reported (#3966) Stop exposing JUnit BOM as a transitive dependency to consumers (#3908) Fix incorrect bug counts and sizes when unioning reports (#3721) Classes containing only methods throwing UnsupportedOperationException with setter-like names are no longer considered as mutable (#1601) Enhanced SARIF output with full description sections - adding markdown is still an open issue (#2339) Added missing null check to MultipleInstantiationsOfSingletons detector (#3823) Fix invalid syntax in findbugsfilter.xsd (#3832) Fix CT_CONSTRUCTOR_THROW FP with public and private constructors (#3822) Fix tool name in usage info, (#3847) Fix the building of relative chains of ./././ in filenames in fbp files (#3852) Fix IllegalArgumentException initializing spotbugs when inside a fat jar on Java 25 (#3875) Do not report DM_DEFAULT_ENCODING for classes compiled with target >= 18 (#3866) Fix FS_BAD_DATE_FORMAT_FLAG_COMBO not suppressed by field-level annotation (#3838) ... (truncated) Commits 9efccc9 release v4.10.2 205d91b Check binary compatibility (#4159) a177422 Update spring core to v7.0.8 (#4158) 2d6857f update sonatype link in RELEASE_PROCEDURE.md (#4157) 32d4fb9 chore(build): Add verification on tag release that version matches the tag (#... 6657922 prepare for next release 7460889 release v4.10.1 f6c4597 prepare for next release 6e64d99 release v4.10.0 73a6f59 feat: add partial JSpecify annotations support (from PR #3142) (#3996) Additional commits viewable in compare view
Open Graph Description: Bumps com.github.spotbugs:spotbugs from 4.9.8 to 4.10.2. Release notes Sourced from com.github.spotbugs:spotbugs's releases. 4.10.2 SpotBugs 4.10.2 CHANGELOG Build Add release protection to ...
X Description: Bumps com.github.spotbugs:spotbugs from 4.9.8 to 4.10.2. Release notes Sourced from com.github.spotbugs:spotbugs's releases. 4.10.2 SpotBugs 4.10.2 CHANGELOG Build Add release protection...
Opengraph URL: https://github.com/OWASP-Benchmark/BenchmarkJava/pull/476
X: @github
Domain: github.com
| route-pattern | /:user_id/:repository/pull/:id/files(.:format) |
| route-controller | pull_requests |
| route-action | files |
| fetch-nonce | v2:07a83eb8-fffe-1843-e94d-ceda63660773 |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | 8A2A:35ABB0:2E9E3:3B954:6A5BE20D |
| html-safe-nonce | 019b52628035e5d1640b188a089e46100e4456d8fb431eeec74741d73f1baead |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiI4QTJBOjM1QUJCMDoyRTlFMzozQjk1NDo2QTVCRTIwRCIsInZpc2l0b3JfaWQiOiI4OTA0NTI4NTg3MzAwNTI4NjUzIiwicmVnaW9uX2VkZ2UiOiJpYWQiLCJyZWdpb25fcmVuZGVyIjoiaWFkIn0= |
| visitor-hmac | c02cbac22db49e8d1c1cabd6a0e6890537c1aeed0f2d45c54978e4b4e59cca52 |
| hovercard-subject-tag | pull_request:3838873324 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/OWASP-Benchmark/BenchmarkJava/pull/476/files |
| twitter:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| twitter:card | summary_large_image |
| og:image | https://avatars.githubusercontent.com/in/29110?s=400&v=4 |
| og:image:alt | Bumps com.github.spotbugs:spotbugs from 4.9.8 to 4.10.2. Release notes Sourced from com.github.spotbugs:spotbugs's releases. 4.10.2 SpotBugs 4.10.2 CHANGELOG Build Add release protection to ... |
| og:site_name | GitHub |
| og:type | object |
| hostname | github.com |
| expected-hostname | github.com |
| None | 5290d7e14309ad1e76106a9c4237bd1041517e83ea182c8ab756752cb0c6940b |
| turbo-cache-control | no-preview |
| diff-view | unified |
| go-import | github.com/OWASP-Benchmark/BenchmarkJava git https://github.com/OWASP-Benchmark/BenchmarkJava.git |
| octolytics-dimension-user_id | 80600360 |
| octolytics-dimension-user_login | OWASP-Benchmark |
| octolytics-dimension-repository_id | 33565372 |
| octolytics-dimension-repository_nwo | OWASP-Benchmark/BenchmarkJava |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 33565372 |
| octolytics-dimension-repository_network_root_nwo | OWASP-Benchmark/BenchmarkJava |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | true |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 9c975978430e9ad293956f2bbdaf153b1bd84a99 |
| ui-target | canary-2 |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width