Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade SpotBugs to 4.7.1 #584

Merged
merged 1 commit into from
Jun 27, 2022
Merged

Upgrade SpotBugs to 4.7.1 #584

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions .github/workflows/build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -113,7 +113,7 @@ jobs:
uses: ./.github/actions/sonar-update-center
with:
prop-file: findbugs.properties
description: Use SpotBugs 4.7.0, sb-contrib 7.4.7, and findsecbugs 1.12.0
description: Use SpotBugs 4.7.1, sb-contrib 7.4.7, and findsecbugs 1.12.0
minimal-supported-sq-version: 8.9
latest-supported-sq-version: LATEST
changelog-url: https://github.com/spotbugs/sonar-findbugs/releases/tag/${{ github.event.release.tag_name }}
Expand All @@ -122,5 +122,5 @@ jobs:
sonar-cloud-url: https://sonarcloud.io/summary/new_code?id=com.github.spotbugs:sonar-findbugs-plugin
github-token: ${{ secrets.PAT_TO_FORK }}
discourse-api-key: ${{ secrets.DISCOURSE_API_KEY }}
skip-creating-pull-request: true
skip-announcing: true
skip-creating-pull-request: false
skip-announcing: false
2 changes: 1 addition & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,4 +54,4 @@ Findbugs Plugin version|Embedded SpotBugs/Findbugs version|Embedded Findsecbugs
4.1.4 | 4.6.0 (SpotBugs) | 1.12.0 | 7.4.7 (sb-contrib) | 1.8|7.9~|5.10.1.16922
4.1.5 | 4.7.0 (SpotBugs) | 1.12.0 | 7.4.7 (sb-contrib) | 1.8|7.9~|5.10.1.16922
4.1.6 | 4.7.0 (SpotBugs) | 1.12.0 | 7.4.7 (sb-contrib) | 1.8|7.9~|5.10.1.16922
4.1.7-SNAPSHOT | 4.7.0 (SpotBugs) | 1.12.0 | 7.4.7 (sb-contrib) | 1.8|7.9~|5.10.1.16922
4.2.0-SNAPSHOT | 4.7.1 (SpotBugs) | 1.12.0 | 7.4.7 (sb-contrib) | 1.8|7.9~|5.10.1.16922
4 changes: 2 additions & 2 deletions generate_profiles/BuildXmlFiles.groovy
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,13 @@ import groovy.json.JsonSlurper;

@Grapes([

@Grab(group='com.github.spotbugs', module='spotbugs', version='4.7.0'),
@Grab(group='com.github.spotbugs', module='spotbugs', version='4.7.1'),
@Grab(group='com.mebigfatguy.sb-contrib', module='sb-contrib', version='7.4.7'),
@Grab(group='com.h3xstream.findsecbugs' , module='findsecbugs-plugin', version='1.12.0')]
)


FB = new Plugin(groupId: 'com.github.spotbugs', artifactId: 'spotbugs', version: '4.7.0')
FB = new Plugin(groupId: 'com.github.spotbugs', artifactId: 'spotbugs', version: '4.7.1')
CONTRIB = new Plugin(groupId: 'com.mebigfatguy.sb-contrib', artifactId: 'sb-contrib', version: '7.4.7')
FSB = new Plugin(groupId: 'com.h3xstream.findsecbugs', artifactId: 'findsecbugs-plugin', version: '1.12.0')

Expand Down
4 changes: 2 additions & 2 deletions pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@

<groupId>com.github.spotbugs</groupId>
<artifactId>sonar-findbugs-plugin</artifactId>
<version>4.1.7-SNAPSHOT</version>
<version>4.2.0-SNAPSHOT</version>
<packaging>sonar-plugin</packaging>

<name>SonarQube SpotBugs Plugin</name>
Expand Down Expand Up @@ -52,7 +52,7 @@
Also need to update profiles, see ./generate_profiles/README.md for detail.
Update the version table and the rules count badge in README.md
-->
<spotbugs.version>4.7.0</spotbugs.version>
<spotbugs.version>4.7.1</spotbugs.version>
<sbcontrib.version>7.4.7</sbcontrib.version>
<findsecbugs.version>1.12.0</findsecbugs.version>

Expand Down
7 changes: 3 additions & 4 deletions src/main/resources/org/sonar/plugins/findbugs/rules-findbugs.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5606,11 +5606,10 @@ object explicitly.&lt;/p&gt;</description>
<tag>malicious-code</tag>
</rule>
<rule key='SSD_DO_NOT_USE_INSTANCE_LOCK_ON_SHARED_STATIC_DATA' priority='MAJOR'>
<name>Correctness - Instance level lock was used on a shared static data</name>
<name>Multi-threading - Instance level lock was used on a shared static data</name>
<configKey>SSD_DO_NOT_USE_INSTANCE_LOCK_ON_SHARED_STATIC_DATA</configKey>
<description>&lt;p&gt;
Instance level synchronization, that modifies a static shared object could cause security leaks.
If the lock or the method is not static, that modifies the static field, and is synchronized,
If the lock or the synchronized method is not static, that modifies the static field,
that could leave the shared static data unprotected against concurrent access.
This could occur in two ways, if a synchronization method uses a non-static lock object,
or a synchronized method is declared as non-static. Both ways are ineffective.
Expand All @@ -5620,7 +5619,7 @@ object explicitly.&lt;/p&gt;</description>
&lt;a href="https://wiki.sei.cmu.edu/confluence/display/java/LCK06-J.+Do+not+use+an+instance+lock+to+protect+shared+static+data"&gt;
LCK06-J. Do not use an instance lock to protect shared static data&lt;/a&gt;.
&lt;/p&gt;</description>
<tag>correctness</tag>
<tag>multi-threading</tag>
<tag>bug</tag>
</rule>
<rule key='FL_FLOATS_AS_LOOP_COUNTERS' priority='MAJOR'>
Expand Down