Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update all minor versions (master) (minor) #3469

Merged
merged 1 commit into from
Oct 3, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Oct 3, 2024

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
gradle (source) minor 8.6 -> 8.10.2 age adoption passing confidence
gradle final minor 8.6-jdk11 -> 8.10.2-jdk11 age adoption passing confidence
jquery-migrate (source) minor 3.4.1 -> 3.5.2 age adoption passing confidence
io.sentry:sentry-logback dependencies minor 7.5.0 -> 7.14.0 age adoption passing confidence
org.yaml:snakeyaml dependencies minor 2.2 -> 2.3 age adoption passing confidence
ch.qos.logback:logback-access (source, changelog) dependencies minor 1.4.14 -> 1.5.8 age adoption passing confidence
joda-time:joda-time (source) dependencies minor 2.12.7 -> 2.13.0 age adoption passing confidence
org.mockito:mockito-core dependencies minor 5.11.0 -> 5.14.1 age adoption passing confidence
spotbugs (source) dependencies minor 4.7.3 -> 4.8.6 age adoption passing confidence
commons-io:commons-io (source) dependencies minor 2.15.1 -> 2.17.0 age adoption passing confidence
com.google.guava:guava dependencies minor 33.0.0-jre -> 33.3.1-jre age adoption passing confidence

Release Notes

gradle/gradle (gradle)

v8.10.2

Compare Source

v8.10.1

Compare Source

v8.10

Compare Source

v8.9

Compare Source

v8.8: 8.8

Compare Source

The Gradle team is excited to announce Gradle 8.8.

Read the Release Notes

We would like to thank the following community members for their contributions to this release of Gradle:
Björn Kautler,
Denes Daniel,
Fabian Windheuser,
Hélio Fernandes Sebastião,
Jay Wei,
jhrom,
jwp345,
Jörgen Andersson,
Kirill Gavrilov,
MajesticMagikarpKing,
Maksim Lazeba,
Philip Wedemann,
Robert Elliot,
Róbert Papp,
Stefan M.,
Tibor Vyletel,
Tony Robalik,
Valentin Kulesh,
Yanming Zhou,
김용후

Upgrade instructions

Switch your build to use Gradle 8.8 by updating your wrapper:

./gradlew wrapper --gradle-version=8.8

See the Gradle 8.x upgrade guide to learn about deprecations, breaking changes and other considerations when upgrading.

For Java, Groovy, Kotlin and Android compatibility, see the full compatibility notes.

Reporting problems

If you find a problem with this release, please file a bug on GitHub Issues adhering to our issue guidelines.
If you're not sure you're encountering a bug, please use the forum.

We hope you will build happiness with Gradle, and we look forward to your feedback via Twitter or on GitHub.

v8.7

Compare Source

jquery/jquery-migrate (jquery-migrate)

v3.5.2

This release introduces only one change:

  • Make Migrate properly recognized as a CommonJS module in Node.js (#​523, #​525)

Note: you may also find jQuery Migrate 3.5.1 on npm. Do not use it, it's a result of a bad release.

v3.5.1

v3.5.0

Compare Source

Changes:

  • Manipulation: Deprecate jQuery.UNSAFE_restoreLegacyHtmlPrefilter (#​518)
  • Attributes: Fix compatibility with jQuery 4.x (#​496, #​495)
  • Docs: Mark jQuery.fn.load( [ eventData ], handler ) as removed (#​482)
  • Replace karma and testswarm with jQuery test runner (#​503 + followups)
getsentry/sentry-java (io.sentry:sentry-logback)

v7.14.0

Compare Source

Features
  • Session Replay: Gesture/touch support for Flutter (#​3623)
Fixes
  • Fix app start spans missing from Pixel devices (#​3634)
  • Avoid ArrayIndexOutOfBoundsException on Android cpu data collection (#​3598)
  • Fix lazy select queries instrumentation (#​3604)
  • Session Replay: buffer mode improvements (#​3622)
    • Align next segment timestamp with the end of the buffered segment when converting from buffer mode to session mode
    • Persist buffer replay type for the entire replay when converting from buffer mode to session mode
    • Properly store screen names for buffer mode
  • Session Replay: fix various crashes and issues (#​3628)
    • Fix video not being encoded on Pixel devices
    • Fix SIGABRT native crashes on Xiaomi devices when encoding a video
    • Fix RejectedExecutionException when redacting a screenshot
    • Fix FileNotFoundException when persisting segment values
Chores
  • Introduce ReplayShadowMediaCodec and refactor tests using custom encoder (#​3612)

v7.13.0

Compare Source

Features
  • Session Replay: (#​3565) (#​3609)
    • Capture remaining replay segment for ANRs on next app launch
    • Capture remaining replay segment for unhandled crashes on next app launch
Fixes
  • Session Replay: (#​3565) (#​3609)
    • Fix stopping replay in session mode at 1 hour deadline
    • Never encode full frames for a video segment, only do partial updates. This further reduces size of the replay segment
    • Use propagation context when no active transaction for ANRs
Dependencies

v7.12.1

Compare Source

Fixes
  • Check app start spans time and ignore background app starts (#​3550)
    • This should eliminate long-lasting App Start transactions

v7.12.0

Compare Source

Features
  • Session Replay Public Beta (#​3339)

    To enable Replay use the sessionReplay.sessionSampleRate or sessionReplay.errorSampleRate experimental options.

    import io.sentry.SentryReplayOptions
    import io.sentry.android.core.SentryAndroid
    
    SentryAndroid.init(context) { options ->
     
      // Currently under experimental options:
      options.experimental.sessionReplay.sessionSampleRate = 1.0
      options.experimental.sessionReplay.errorSampleRate = 1.0
    
      // To change default redaction behavior (defaults to true)
      options.experimental.sessionReplay.redactAllImages = true
      options.experimental.sessionReplay.redactAllText = true
    
      // To change quality of the recording (defaults to MEDIUM)
      options.experimental.sessionReplay.quality = SentryReplayOptions.SentryReplayQuality.MEDIUM // (LOW|MEDIUM|HIGH)
    }

    To learn more visit Sentry's Mobile Session Replay documentation page.

v7.11.0

Compare Source

Features
Fixes
  • Fix duplicate session start for React Native (#​3504)
  • Move onFinishCallback before span or transaction is finished (#​3459)
  • Add timestamp when a profile starts (#​3442)
  • Move fragment auto span finish to onFragmentStarted (#​3424)
  • Remove profiling timeout logic and disable profiling on API 21 (#​3478)
  • Properly reset metric flush flag on metric emission (#​3493)
  • Use SecureRandom in favor of Random for Metrics (#​3495)
  • Fix UncaughtExceptionHandlerIntegration Memory Leak (#​3398)
  • Deprecated User.segment. Use a custom tag or context instead. (#​3511)
  • Fix duplicated http spans (#​3526)
  • When capturing unhandled hybrid exception session should be ended and new start if need (#​3480)
Dependencies

v7.10.0

Compare Source

Features
  • Publish Gradle module metadata (#​3422)
Fixes
  • Fix faulty span.frame_delay calculation for early app start spans (#​3427)
  • Fix crash when installing ShutdownHookIntegration and the VM is shutting down (#​3456)

v7.9.0

Compare Source

Features
  • Add start_type to app context (#​3379)
  • Add ttid/ttfd contribution flags (#​3386)
Fixes
  • (Internal) Metrics code cleanup (#​3403)
  • Fix Frame measurements in app start transactions (#​3382)
  • Fix timing metric value different from span duration (#​3368)
  • Do not always write startup crash marker (#​3409)
    • This may have been causing the SDK init logic to block the main thread

v7.8.0

Compare Source

Features
  • Add description to OkHttp spans (#​3320)
  • Enable backpressure management by default (#​3284)
Fixes
  • Add rate limit to Metrics (#​3334)
  • Fix java.lang.ClassNotFoundException: org.springframework.web.servlet.HandlerMapping in Spring Boot Servlet mode without WebMVC (#​3336)
  • Fix normalization of metrics keys, tags and values (#​3332)

v7.7.0

Compare Source

Features
  • Add support for Spring Rest Client (#​3199)
  • Extend Proxy options with proxy type (#​3326)
Fixes
  • Fixed default deadline timeout to 30s instead of 300s (#​3322)
  • Fixed Fix java.lang.ClassNotFoundException: org.springframework.web.servlet.HandlerExceptionResolver in Spring Boot Servlet mode without WebMVC (#​3333)

v7.6.0

Compare Source

Features
  • Experimental: Add support for Sentry Developer Metrics (#​3205, #​3238, #​3248, #​3250)
    Use the Metrics API to track processing time, download sizes, user signups, and conversion rates and correlate them back to tracing data in order to get deeper insights and solve issues faster. Our API supports counters, distributions, sets, gauges and timers, and it's easy to get started:
    Sentry.metrics()
      .increment(
          "button_login_click", // key
          1.0,                  // value
          null,                 // unit
          mapOf(                // tags
              "provider" to "e-mail"
          )
      )
    To learn more about Sentry Developer Metrics, head over to our Java and Android docs page.
JodaOrg/joda-time (joda-time:joda-time)

v2.13.0

Compare Source

See the change notes for more information.

What's Changed

New Contributors

Full Changelog: JodaOrg/joda-time@v2.12.7...v2.13.0

mockito/mockito (org.mockito:mockito-core)

v5.14.1

Compare Source

What's Changed

Full Changelog: mockito/mockito@v5.14.0...v5.14.1

v5.14.0

Compare Source

Changelog generated by Shipkit Changelog Gradle Plugin

5.14.0
  • 2024-09-27 - 9 commit(s) by Ali-Hassan, Brice Dutheil, David Saff, Rafael Winterhalter, dependabot[bot]
  • Bump org.junit.platform:junit-platform-launcher from 1.11.0 to 1.11.1 (#​3451)
  • Bump bytebuddy from 1.15.1 to 1.15.2 (#​3450)
  • Update Documentation of ArgumentCaptor.java (#​3448)
  • Split subprojects (#​3447)
  • Separate extensions from integration tests (#​3443)
  • Bump org.eclipse.platform:org.eclipse.osgi from 3.20.0 to 3.21.0 (#​3440)
  • Bump com.gradle.enterprise from 3.18 to 3.18.1 (#​3439)
  • Allow for installing a Java agent within the Mockito jar, without exposing Byte Buddy's attach mechanism. (#​3437)
  • Bump bytebuddy from 1.15.0 to 1.15.1 (#​3434)
  • Fixes #​3419: Disable mocks with an error message (#​3424)
  • Accessing a mock after clearInlineMocks could provide much more useful error message. (#​3419)

v5.13.0

Changelog generated by Shipkit Changelog Gradle Plugin

5.13.0
  • 2024-08-27 - 43 commit(s) by Breno A, Caleb Cushing, Jinwoo, Kurt Alfred Kluever, Stefano Cordio, Thach Le, dependabot[bot]
  • Bump versions.bytebuddy from 1.14.19 to 1.15.0 (#​3429)
  • Bump org.jetbrains.kotlin:kotlin-stdlib from 2.0.10 to 2.0.20 (#​3427)
  • Bump org.junit.platform:junit-platform-launcher from 1.10.3 to 1.11.0 (#​3425)
  • Bump com.gradle.enterprise from 3.17.6 to 3.18 (#​3423)
  • Fix a typo in InjectMocks (#​3422)
  • Bump versions.bytebuddy from 1.14.18 to 1.14.19 (#​3417)
  • Bump androidx.test:runner from 1.6.1 to 1.6.2 (#​3415)
  • Bump versions.junitJupiter from 5.10.3 to 5.11.0 (#​3413)
  • Bump org.jetbrains.kotlin:kotlin-stdlib from 2.0.0 to 2.0.10 (#​3409)
  • Bump org.hamcrest:hamcrest-core from 2.2 to 3.0 (#​3408)
  • Bump com.google.googlejavaformat:google-java-format from 1.22.0 to 1.23.0 (#​3407)
  • Bump org.shipkit:shipkit-auto-version from 2.0.9 to 2.0.10 (#​3405)
  • Bump com.gradle.enterprise from 3.17.5 to 3.17.6 (#​3404)
  • Bump gradle/wrapper-validation-action from 3.4.2 to 3.5.0 (#​3401)
  • Bump org.assertj:assertj-core from 3.26.0 to 3.26.3 (#​3398)
  • Bump versions.bytebuddy from 1.14.17 to 1.14.18 (#​3397)
  • ci: add .m2 dependencies cache (#​3396)
  • Bump org.codehaus.groovy:groovy from 3.0.21 to 3.0.22 (#​3394)
  • Bump androidx.test:runner from 1.6.0 to 1.6.1 (#​3393)
  • Bump org.junit.platform:junit-platform-launcher from 1.10.2 to 1.10.3 (#​3392)
  • Gradle lazy configuration (#​3391)
  • Bump androidx.test.ext:junit from 1.2.0 to 1.2.1 (#​3388)
  • docs: cleanup javadoc for modularity (#​3386)
  • Bump versions.junitJupiter from 5.10.2 to 5.10.3 (#​3385)
  • Bump androidx.test.ext:junit from 1.1.5 to 1.2.0 (#​3383)
  • Bump androidx.test:runner from 1.5.2 to 1.6.0 (#​3382)
  • Bump net.ltgt.gradle:gradle-errorprone-plugin from 4.0.0 to 4.0.1 (#​3380)
  • Bump gradle/wrapper-validation-action from 3.4.1 to 3.4.2 (#​3376)
  • Bump gradle/wrapper-validation-action from 3.4.0 to 3.4.1 (#​3372)
  • Bump gradle/wrapper-validation-action from 3.3.2 to 3.4.0 (#​3365)
  • Bump org.shipkit:shipkit-auto-version from 2.0.7 to 2.0.9 (#​3364)
  • Bump com.gradle.enterprise from 3.17.4 to 3.17.5 (#​3363)
  • Bump org.eclipse.platform:org.eclipse.osgi from 3.19.0 to 3.20.0 (#​3362)
  • Bump net.ltgt.gradle:gradle-errorprone-plugin from 3.1.0 to 4.0.0 (#​3361)
  • Bump versions.bytebuddy from 1.14.16 to 1.14.17 (#​3357)
  • Bump org.assertj:assertj-core from 3.25.3 to 3.26.0 (#​3355)
  • EditorConfig enhancement (#​3353)
  • Bump versions.bytebuddy from 1.14.15 to 1.14.16 (#​3352)
  • Bump org.jetbrains.kotlin:kotlin-stdlib from 1.9.24 to 2.0.0 (#​3351)
  • �Fixes #​3237: Fix NullPointerException in Only.verify (#​3349)
  • Bump com.gradle.enterprise from 3.17.3 to 3.17.4 (#​3348)
  • potential editorconfig enhancement (#​3347)
  • Method Only.verify throws NullPointerException (#​3237)

v5.12.0

Compare Source

Changelog generated by Shipkit Changelog Gradle Plugin

5.12.0
  • 2024-05-11 - 25 commit(s) by Piotr Przybylak, Stefano Cordio, Tim van der Lippe, dependabot[bot], jonghoonpark
  • Bump com.gradle.enterprise from 3.17.2 to 3.17.3 (#​3341)
  • Bump org.jetbrains.kotlin:kotlin-stdlib from 1.9.23 to 1.9.24 (#​3339)
  • Bump versions.bytebuddy from 1.14.14 to 1.14.15 (#​3338)
  • Bump org.shipkit:shipkit-auto-version from 2.0.6 to 2.0.7 (#​3337)
  • Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.23 to 1.9.24 (#​3336)
  • Fixes #​3331 : Fix AdditionalMatchers.and() and AdditionalMatchers.or() not to swap the order of matchers (#​3335)
  • AdditionalMatchers.and() and or() swap matcher order (#​3331)
  • Bump gradle/wrapper-validation-action from 3.3.1 to 3.3.2 (#​3327)
  • Bump versions.bytebuddy from 1.14.13 to 1.14.14 (#​3324)
  • Bump org.shipkit:shipkit-auto-version from 2.0.5 to 2.0.6 (#​3322)
  • Bump gradle/wrapper-validation-action from 3.3.0 to 3.3.1 (#​3320)
  • Bump com.gradle.enterprise from 3.17 to 3.17.2 (#​3318)
  • Bump gradle/wrapper-validation-action from 2.1.2 to 3.3.0 (#​3317)
  • Update codecov-action version (#​3316)
  • Bump com.google.googlejavaformat:google-java-format from 1.21.0 to 1.22.0 (#​3312)
  • Bump com.gradle.enterprise from 3.16.2 to 3.17 (#​3311)
  • Bump versions.bytebuddy from 1.14.12 to 1.14.13 (#​3308)
  • Fix README logo (#​3305)
  • Bump gradle/wrapper-validation-action from 2.1.1 to 2.1.2 (#​3303)
  • Bump org.shipkit:shipkit-auto-version from 2.0.4 to 2.0.5 (#​3298)
  • Bump org.jetbrains.kotlin:kotlin-gradle-plugin from 1.9.22 to 1.9.23 (#​3296)
  • Bump org.eclipse.platform:org.eclipse.osgi from 3.18.600 to 3.19.0 (#​3295)
  • Bump org.jetbrains.kotlin:kotlin-stdlib from 1.9.22 to 1.9.23 (#​3292)
  • Bump com.google.googlejavaformat:google-java-format from 1.20.0 to 1.21.0 (#​3291)
  • Fixes #​3286 : Mockito.only() points to the wanted call as unwanted if it is the first being calledIssue3286 (#​3287)
  • Mockito.only() points to the wanted call as unwanted if it is the first being called. (#​3286)
  • Bump org.codehaus.groovy:groovy from 3.0.20 to 3.0.21 (#​3284)
spotbugs/spotbugs (spotbugs)

v4.8.6

Compare Source

Fixed
  • Do not report BC_UNCONFIRMED_CAST for Java 21's type switches when the switch instruction is TABLESWITCH (#​2782)
  • Do not throw exception when inspecting empty switch statements (#​2995)
  • Adjust priority since relaxed mode reports even IGNORED_PRIORITY (#​2994)
  • Fix duplicated log4j2 jar in distribution (#​3001)

v4.8.5

Compare Source

Fixed
  • Fix FP SING_SINGLETON_GETTER_NOT_SYNCHRONIZED with eager instances (#​2932)
  • Fix FPs when looking for multiple initialization of Singletons (#​2934)
  • Do not report DLS_DEAD_LOCAL_STORE for Java 21's type switches when switch instruction is TABLESWITCH(#​2736)
  • Fix FP SE_BAD_FIELD for record fields (#​2935)

v4.8.4

Compare Source

Fixed
  • Fix FP in SE_PREVENT_EXT_OBJ_OVERWRITE when the if statement checking for null value, checking multiple variables or the method exiting in the if branch with an exception. (#​2750)
  • Fix possible null value in taxonomies of SARIF output (#​2744)
  • Fix executionSuccessful flag in SARIF report being set to false when bugs were found (#​2116)
  • Move information contained in the SARIF property exitSignalName to exitCodeDescription (#​2739)
  • Do not report SE_NO_SERIALVERSIONID or other serialization issues for records (#​2793)
  • Added support for CONSTANT_Dynamic (#​2759)
  • Ignore generic variable types when looking for BC_UNCONFIRMED_CAST_OF_RETURN_VALUE (#​1219)
  • Do not report BC_UNCONFIRMED_CAST for Java 21's type switches (#​2813)
  • Remove AppleExtension library (note: menus slightly changed) (#​2823)
  • Fix false positive NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE even if Objects.requireNonNull is used. (#​651, #​456)
  • Fixed error preventing SpotBugs from reporting FE_FLOATING_POINT_EQUALITY (#​2843)
  • Fixed NP_LOAD_OF_KNOWN_NULL_VALUE and RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE false positives in try-with-resources generated finally blocks (#​2844)
  • Do not report DLS_DEAD_LOCAL_STORE for Java 21's type switches (#​2828)
  • Update UnreadFields detector to ignore warnings for fields with certain annotations (#​574)
  • Do not report UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for fields initialized in method annotated with @​PostConstruct, @​BeforeEach, etc. (#​2872 #​2870 #​453)
  • Do not report DLS_DEAD_LOCAL_STORE for Hibernate bytecode enhancements (#​2865)
  • Fixed NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE false positives due to source code formatting (#​2874)
  • Added more nullability annotations in TypeQualifierResolver (#​2558 #​2694)
  • Improved the bug description for VA_FORMAT_STRING_USES_NEWLINE when using text blocks, check the usage of String.formatted() (#​2881)
  • Fixed crash in ValueRangeAnalysisFactory when looking for redundant conditions used in assertions #​2887)
  • Revert again commons-text from 1.11.0 to 1.10.0 to resolve a version conflict (#​2686)
  • Fixed false positive MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR when referencing but not calling an overridable method (#​2837)
  • Update the filter XSD namespace and location for the upcoming 4.8.4 release (#​2909)
Added
  • New detector MultipleInstantiationsOfSingletons and introduced new bug types:
    • SING_SINGLETON_HAS_NONPRIVATE_CONSTRUCTOR is reported in case of a non-private constructor,
    • SING_SINGLETON_IMPLEMENTS_CLONEABLE is reported in case of a class directly implementing the Cloneable interface,
    • SING_SINGLETON_INDIRECTLY_IMPLEMENTS_CLONEABLE is reported when a class indirectly implements the Cloneable interface,
    • SING_SINGLETON_IMPLEMENTS_CLONE_METHOD is reported when a class does not implement the Cloneable interface, but has a clone() method,
    • SING_SINGLETON_IMPLEMENTS_SERIALIZABLE is reported when a class directly or indirectly implements the Serializable interface and
    • SING_SINGLETON_GETTER_NOT_SYNCHRONIZED is reported when the instance-getter method of the singleton class is not synchronized.
      (See SEI CERT MSC07-J)
  • Extend FindOverridableMethodCall detector with new bug type: MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT. It's reported when an overridable method is called from readObject(), according to SEI CERT rule SER09-J. Do not invoke overridable methods from the readObject() method.
Changed
  • Minor cleanup in connection with slashed and dotted names (#​2805)
Build
  • Fix sonar coverage for project (#​2796)
  • Upgraded the build to compile bug samples using Java 21 language features (#​2813)
  • Add 'configurations.checkstyle resolution starategy' to control bug in gradle on exclusions not being excluded properly as seen in checkstyle usage. See https://github.com/checkstyle/checkstyle/issues/14211 for more information. (#​2798)
  • Allow our builds to work with jdk 11 with drop back on Eclipse to 4.24 and spring to 5.3.31. (#​2604)

v4.8.3

Compare Source

Fixed
  • Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits for checked exceptions (#​2710)
  • Applied changes for bcel 6.8.0 with adjustments to constant pool (#​2756)
    • More information bcel changes can be found on (#​2757)
  • Fix FN in CT_CONSTRUCTOR_THROW when the return value of the called method is not void or primitive type.
  • Fix FP in CT_CONSTRUCTOR_THROW when exception throwing lambda is created, but not called in constructor (#​2695)
Changed
  • Improved Matcher checks for empty strings (#​2755)
  • Allow 'onlyAnalyze' option to specify negative matches, such that this facility can be used to prevent a subset of classes to be excluded from analysis (#​2754)
  • Strictly require logback 1.2.13 due to CVE-2023-6481 and CVE-23-6378 (#​2760)
  • Prefer log4j2 at 2.22.0 and logback at 1.4.14 (#​2760)

v4.8.2

Compare Source

Fixed
  • Fixed false positive UPM_UNCALLED_PRIVATE_METHOD for method used in JUnit's MethodSource (#​2379)
  • Use java.nio to load filter files (#​2684)
  • Eclipse: Do not export javax.annotation packages (#​2699)
  • Fixed not thread safe FindOverridableMethodCall detector (#​2701)
  • Fix the weird messages of PI_DO_NOT_REUSE_PUBLIC_IDENTIFIERS bugs. (#​2646)
  • Revert commons-text from 1.11.0 to 1.10.0 to resolve a version conflict (#​2686)
  • Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits (#​2710)
Added
  • New detector finding System.getenv() calls, where the corresponding Java property could be used (See ENV02-J).
Build
  • Run build using jdk 17 and 21 without usage of toolchains so we do not defeat the purpose of building on both. (#​2722)

v4.8.1

Compare Source

Fixed
  • Fixed schema location for findbugsfilter.xsd (#​1416)
  • Fixed missing null checks (#​2629)
  • Disabled DontReusePublicIdentifiers due to the high false positives rate (#​2627)
  • Removed signature of methods using UTF-8 in DefaultEncodingDetector (#​2634)
  • Fix exception escapes when calling functions of JUnit Assert or Assertions (#​2640)
  • Fixed an error in the SARIF export when a bug annotation is missing (#​2632)
  • Fixed false positive RV_EXCEPTION_NOT_THROWN when asserting to exception throws (#​2628)
  • Fix false positive CT_CONSTRUCTOR_THROW when supertype has final finalize (#​2665)
  • Lowered the priority of PA_PUBLIC_MUTABLE_OBJECT_ATTRIBUTE bug (#​2652)
  • Eclipse: fixed startup overhead (on computing classpath) for PDE projects (#​2671)
Build
  • Fix deprecated GHA on '::set-output' by using GITHUB_OUTPUT (#​2651)

v4.8.0

Compare Source

Changed
  • Bump up Apache Commons BCEL to the version 6.6.1 (#​2223)
  • Bump up slf4j-api to 2.0.3 (#​2220)
  • Bump up gson to 2.10 (#​2235)
  • Allowed for large command line through writing arguments to file (UnionResults/UnionBugs2)
  • Use com.github.stephenc.jcip for jcip-annotations fixing (#​887)
  • Bump ObjectWeb ASM from 9.4 to 9.6, supporting JDK 21 (#​2578)
Fixed
  • Fixed missing classes not in report if using IErrorLogger.reportMissingClass(ClassDescriptor) (#​219)
  • Stop exposing junit-bom to consumers (#​2255)
  • Fixed AbstractBugReporter emits wrong non-sensical debug output during filtering (#​184)
  • Added support for jakarta namespace (#​2289)
  • Report a low priority bug for an unread field in reflective classes (#​2325)
  • Fixed "Unhandled event loop exception" opening Bug Filter Configuration dialog in Eclipse (#​2327)
  • Fixed detector RandomOnceSubDetector to not report when doubles, ints, or longs are called on a new Random or SecureRandom (#​2370)
  • Fixed detector TestASM throwing error during analysis, because it doesn't note that it reports bugs.
  • Eclipse annotation classpath initializer is hard-coded to jsr305 version 3.0.1, fix to 3.0.2 per #​2470
  • Fixed annotation on generic or array incorrectly considered for the nullability of a method parameter or return type (#​2502)
  • Added support for CONSTANT_Dynamic in constant class pool (#​2506)
  • Recognise enums and records as immutable (#​2356)
  • Added detections of reliance on default encoding in java.nio.file.Files (#​2114)
  • Fixed a regression in the Value Number Analysis (#​2465)
  • Fix XML Output incorrectly escaped in Eclipse Bug Info view (#​2520)
  • Updated the MS_EXPOSE_REP description to mention mutable objects, not just arrays (#​1669)
  • Described Configuration option frc.suspicious for bug RC_REF_COMPARISON in bug description (#​2297)
  • Fixed FindHEMismatch not reporting HE_SIGNATURE_DECLARES_HASHING_OF_UNHASHABLE_CLASS for some classes (#​2402)
  • Added execute file permission to files in the distribution zip (#​2540)
  • Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when part of a Mockito.verify() call check (#​872)
  • Do not report SIC_INNER_SHOULD_BE_STATIC for classes annotated with JUnit Nested (#​560)
  • Detect created, but not-thrown exceptions, which are created by not the constructor (#​2547)
  • Fixed eclipse plugin Effort.values pass to effortViewer as required cast to varargs (#​2579)
Added
  • New simple name-based AnnotationMatcher for exclude files (now bug annotations store the class java annotations in an attribute called `classAnnota

Configuration

📅 Schedule: Branch creation - "after 5pm on the first day of the month" in timezone Europe/Zurich, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Update the dependencies label Oct 3, 2024
@renovate renovate bot enabled auto-merge (rebase) October 3, 2024 06:31
@sbrunner sbrunner force-pushed the renovate/master-all-minor-versions branch from 391ddb3 to 02606e5 Compare October 3, 2024 09:19
@renovate renovate bot force-pushed the renovate/master-all-minor-versions branch from 02606e5 to b6454cd Compare October 3, 2024 10:43
@renovate renovate bot merged commit eedd14c into master Oct 3, 2024
9 checks passed
@renovate renovate bot deleted the renovate/master-all-minor-versions branch October 3, 2024 10:57
@geo-ghci-int geo-ghci-int bot added this to the 3.31.0 milestone Oct 31, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Update the dependencies
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants