Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump spotbugs-annotations from 4.5.2 to 4.5.3 #772

Merged

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jan 5, 2022

Bumps spotbugs-annotations from 4.5.2 to 4.5.3.

Release notes

Sourced from spotbugs-annotations's releases.

SpotBugs 4.5.3

CHANGELOG

Security

Fixed

  • Remove duplicated logging frameworks from the Eclipse plugin distribution (#1868) @​KengoTODA
  • Corrected class name validation to no longer fail for Kotlin classes on class path containing special characters. (#1883) @​studro

CHECKSUM

file checksum (sha256)
spotbugs-4.5.3-javadoc.jar c5762e13d996117c5ae94675f6ab835d515c90a8cce7d10438bb99d004e0005a
spotbugs-4.5.3-sources.jar 196df4ebf7fb681cb819362461137d4e8b475b6a8229bb65363c7042924b702b
spotbugs-4.5.3.tgz 7118d112804701f79172f4c3c8904832cdd085236eaa34ce847c71bddcd08927
spotbugs-4.5.3.zip 15e9ee3a0de47195e6206bb50c0c9e487627ba9affe2da586e05333c1d4a12e8
spotbugs-annotations-4.5.3-javadoc.jar 81825340a691d8b2df8670cb67db4a142d8889b32183c8f1a235bde41b9c1607
spotbugs-annotations-4.5.3-sources.jar b338136e3e82d585348cde58a8fe3a678e16f51a35c31c1463e05fefef557aad
spotbugs-annotations.jar cb8ef0e128fefc3885205b09a758bcc5aeca2c4faa205195a10d22301530e4f8
spotbugs-ant-4.5.3-javadoc.jar 9b1902fea658a339414b26559c505f4244b749f823f55568ce8b6c64153b540a
spotbugs-ant-4.5.3-sources.jar ce7cfbed848ccb0e3765cec6b9c60c458699aa51f60ad9216cf89dbf38d8d793
spotbugs-ant.jar b866a2a89a03b49e60b5f27e0f5987eb8c12c2d2aefc6e9ddcbcdae345c765db
spotbugs.jar 7416dda5bf6f1e2740a906bc86b0db4c4413a039cc81d5a80a171d0996708745
test-harness-4.5.3-javadoc.jar 48a87a2484c96f84292b443ec07d19b327f790b03b42294d016bd12153150540
test-harness-4.5.3-sources.jar 2c1f5ef929453f3b682c7eb7c1e22db3082b5f74c5a5be439be5dc31dd7a31aa
test-harness-4.5.3.jar 45ca0e944ee5704318d79f67815cde7ca5f7fb22814e325d00e2d25d9b552659
test-harness-core-4.5.3-javadoc.jar 0adc71c823667b6db8c1284ad20844ad94c59a64f60df108c3c8c99b7b854b08
test-harness-core-4.5.3-sources.jar f320f5eb4069e9686b760b2a6a0760989753225f9e9ce1226e3258ec64795d8a
test-harness-core-4.5.3.jar fd1a0c06a5eaff50ed0953d42fb7d69a41031c6a6630ad5e47c38a9f0eaca285
test-harness-jupiter-4.5.3-javadoc.jar c612793dda9d1aef37420e35e415cf54b66fa5348540726ece51ae72d8a81dcc
test-harness-jupiter-4.5.3-sources.jar 210353a57016e26b1a654d936a15f039613fa1ac532d485c1b1d03902f6c6315
test-harness-jupiter-4.5.3.jar 18095fec31b85981ecaafdef86ca9ae1e9588e1b9bc6d209f82829cf9d0c13f4
Changelog

Sourced from spotbugs-annotations's changelog.

4.5.3 - 2022-01-04

Security

Fixed

  • Remove duplicated logging frameworks from the Eclipse plugin distribution (#1868)
  • Corrected class name validation to no longer fail for Kotlin classes on class path containing special characters. (#1883)
Commits
  • e7aaa9c release 4.5.3
  • 13530c7 chore: replace all CRLF with LF
  • df0505a chore: stop handling binary files as text
  • a262e67 docs: update CHANGELOG entry
  • f9663e6 build(deps): bump log4j-slf4j18-impl from 2.17.0 to 2.17.1
  • 1f72232 Make the governance policy for this repo clear (#1856)
  • 24a56b5 Fix some false negative issues about the rule RV_DONT_JUST_NULL_CHECK_READLIN...
  • d8cef7f build(deps): bump com.gradle.enterprise from 3.7.2 to 3.8
  • 1345756 Corrected class name validation to no longer fail for Kotlin classes on class...
  • 569a383 optim: removed linear search in ValueNumberFrame.getLoad()
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Jan 5, 2022
@Stypox
Copy link
Member

Stypox commented Jan 7, 2022

Bumped log4j from 2.16.0 to 2.17.1 to address CVE-2021-45105 and CVE-2021-44832 (#1885, #1897)

Should this be merged ASAP? (I guess not, but who knows)

Bumps [spotbugs-annotations](https://github.com/spotbugs/spotbugs) from 4.5.2 to 4.5.3.
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](spotbugs/spotbugs@4.5.2...4.5.3)

---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs-annotations
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/gradle/com.github.spotbugs-spotbugs-annotations-4.5.3 branch from c3de594 to 74c0a10 Compare January 24, 2022 15:56
@TobiGr TobiGr merged commit a4399fd into dev Jan 24, 2022
@TobiGr TobiGr deleted the dependabot/gradle/com.github.spotbugs-spotbugs-annotations-4.5.3 branch January 24, 2022 17:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants