[PR] fix(deps): update dependency spotbugs to v4.8.3 [jmeter]

Thu, 14 Dec 2023 08:38:32 -0800 


renovate-bot opened a new pull request, #6187:
URL: https://github.com/apache/jmeter/pull/6187

   [![Mend 
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)
   
   This PR contains the following updates:
   
   | Package | Change | Age | Adoption | Passing | Confidence |
   |---|---|---|---|---|---|
   | [spotbugs](https://spotbugs.github.io/) 
([source](https://togithub.com/spotbugs/spotbugs)) | `4.8.1` -> `4.8.3` | 
[![age](https://developer.mend.io/api/mc/badges/age/maven/spotbugs/4.8.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
 | 
[![adoption](https://developer.mend.io/api/mc/badges/adoption/maven/spotbugs/4.8.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
 | 
[![passing](https://developer.mend.io/api/mc/badges/compatibility/maven/spotbugs/4.8.1/4.8.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
 | 
[![confidence](https://developer.mend.io/api/mc/badges/confidence/maven/spotbugs/4.8.1/4.8.3?slim=true)](https://docs.renovatebot.com/merge-confidence/)
 |
   
   ---
   
   ### Release Notes
   
   <details>
   <summary>spotbugs/spotbugs (spotbugs)</summary>
   
   ### 
[`v4.8.3`](https://togithub.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#483---2023-12-12)
   
   [Compare 
Source](https://togithub.com/spotbugs/spotbugs/compare/4.8.2...4.8.3)
   
   ##### Fixed
   
   -   Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since 
the exception is thrown before java.lang.Object's constructor exits for checked 
exceptions ([#&#8203;2710](https://togithub.com/spotbugs/spotbugs/issues/2710))
   -   Applied changes for bcel 6.8.0 with adjustments to constant pool 
([#&#8203;2756](https://togithub.com/spotbugs/spotbugs/pull/2756))
       -   More information bcel changes can be found on 
([#&#8203;2757](https://togithub.com/spotbugs/spotbugs/pull/2757))
   -   Fix FN in CT_CONSTRUCTOR_THROW when the return value of the called 
method is not void or primitive type.
   
   ##### Changed
   
   -   Improved Matcher checks for empty strings 
([#&#8203;2755](https://togithub.com/spotbugs/spotbugs/pull/2755))
   -   Allow 'onlyAnalyze' option to specify negative matches, such that this 
facility can be used to prevent a subset of classes to be excluded from 
analysis ([#&#8203;2754](https://togithub.com/spotbugs/spotbugs/pull/2754))
   -   Strictly require logback 1.2.13 due to CVE-2023-6481 and CVE-23-6378 
([#&#8203;2760](https://togithub.com/spotbugs/spotbugs/pull/2760))
   -   Prefer log4j2 at 2.22.0 and logback at 1.4.14 
([#&#8203;2760](https://togithub.com/spotbugs/spotbugs/pull/2760))
   
   ### 
[`v4.8.2`](https://togithub.com/spotbugs/spotbugs/blob/HEAD/CHANGELOG.md#482---2023-11-28)
   
   [Compare 
Source](https://togithub.com/spotbugs/spotbugs/compare/4.8.1...4.8.2)
   
   ##### Fixed
   
   -   Fixed false positive UPM_UNCALLED_PRIVATE_METHOD for method used in 
JUnit's MethodSource 
([#&#8203;2379](https://togithub.com/spotbugs/spotbugs/issues/2379))
   -   Use java.nio to load filter files 
([#&#8203;2684](https://togithub.com/spotbugs/spotbugs/pull/2684))
   -   Eclipse: Do not export javax.annotation packages 
([#&#8203;2699](https://togithub.com/spotbugs/spotbugs/pull/2699))
   -   Fixed not thread safe FindOverridableMethodCall detector 
([#&#8203;2701](https://togithub.com/spotbugs/spotbugs/issues/2701))
   -   Fix the weird messages of PI_DO_NOT_REUSE_PUBLIC_IDENTIFIERS bugs. 
([#&#8203;2646](https://togithub.com/spotbugs/spotbugs/issues/2646))
   -   Revert commons-text from 1.11.0 to 1.10.0 to resolve a version conflict 
([#&#8203;2686](https://togithub.com/spotbugs/spotbugs/issues/2686))
   -   Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since 
the exception is thrown before java.lang.Object's constructor exits 
([#&#8203;2710](https://togithub.com/spotbugs/spotbugs/issues/2710))
   
   ##### Added
   
   -   New detector finding `System.getenv()` calls, where the corresponding 
Java property could be used (See 
[ENV02-J](https://wiki.sei.cmu.edu/confluence/display/java/ENV02-J.+Do+not+trust+the+values+of+environment+variables)).
   
   ##### Build
   
   -   Run build using jdk 17 and 21 without usage of toolchains so we do not 
defeat the purpose of building on both. 
([#&#8203;2722](https://togithub.com/spotbugs/spotbugs/pull/2722))
   
   </details>
   
   ---
   
   ### Configuration
   
   📅 **Schedule**: Branch creation - "every 3 weeks on Monday" (UTC), Automerge 
- At any time (no schedule defined).
   
   🚦 **Automerge**: Disabled by config. Please merge this manually once you are 
satisfied.
   
   â™» **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry 
checkbox.
   
   🔕 **Ignore**: Close this PR and you won't be reminded about this update 
again.
   
   ---
   
    - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this 
box
   
   ---
   
   This PR has been generated by [Mend 
Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository 
job log [here](https://developer.mend.io/github/apache/jmeter).
   
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy45My4xIiwidXBkYXRlZEluVmVyIjoiMzcuOTMuMSIsInRhcmdldEJyYW5jaCI6Im1hc3RlciJ9-->
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: dev-unsubscr...@jmeter.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to