java-packages/spotbugs
SHA256
7
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v4.9.4 #1

Merged
fstrba merged 1 commits from urbic/spotbugs:main into main 2025-11-24 09:48:19 +01:00
Conversation 0 Commits 1 Files Changed 7 +484 -400
7 changed files with 484 additions and 400 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
spotbugs-4.9.3.tar.gz
View File

@@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:156a21f948a807dcc9f702cd851b7af5f169bb9eee2afc171f3d044feb75a85c
size 4636324

401
spotbugs-4.9.3.pom → spotbugs-4.9.4.pom
View File

@@ -1,210 +1,191 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<!-- This module was also published with a richer model, Gradle metadata, -->
<!-- which should be used instead. Do not delete the following line which -->
<!-- is to indicate to Gradle or any Gradle module metadata file consumer -->
<!-- that they should prefer consuming it instead. -->
<!-- do_not_remove: published-with-gradle-metadata -->
<modelVersion>4.0.0</modelVersion>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs</artifactId>
<version>4.9.3</version>
<packaging>pom</packaging>
<name>SpotBugs</name>
<description>SpotBugs: Because it's easy!</description>
<url>https://spotbugs.github.io/</url>
<licenses>
<license>
<name>GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1</name>
<url>https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html</url>
</license>
</licenses>
<developers>
<developer>
<id>jsotuyod</id>
<name>Juan Martín Sotuyo Dodero</name>
<url>https://github.com/jsotuyod</url>
<timezone>-3</timezone>
</developer>
<developer>
<id>mebigfatguy</id>
<name>Dave Brosius</name>
<email>dbrosius@mebigfatguy.com</email>
<url>http://www.jroller.com/dbrosius/</url>
<timezone>-5</timezone>
</developer>
<developer>
<id>henrik242</id>
<url>https://github.com/henrik242</url>
</developer>
<developer>
<id>KengoTODA</id>
<name>Kengo TODA</name>
<email>skypencil@gmail.com</email>
<url>https://github.com/KengoTODA/</url>
<timezone>+8</timezone>
</developer>
<developer>
<id>iloveeclipse</id>
<name>Andrey Loskutov</name>
<email>loskutov@gmx.de</email>
<url>https://github.com/iloveeclipse</url>
<timezone>+2</timezone>
</developer>
<developer>
<id>ThrawnCA</id>
<url>https://github.com/ThrawnCA</url>
</developer>
<developer>
<id>sewe</id>
<name>Andreas Sewe</name>
<email>andreas.sewe@codetrails.com</email>
<url>https://github.com/sewe</url>
<timezone>+1</timezone>
</developer>
</developers>
<scm>
<connection>scm:git:git@github.com:spotbugs/spotbugs.git</connection>
<developerConnection>scm:git:git@github.com:spotbugs/spotbugs.git</developerConnection>
<url>https://github.com/spotbugs/spotbugs/</url>
</scm>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>[2.17.1, 3)</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<version>[1.2.9, 2)</version>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.ow2.asm</groupId>
<artifactId>asm</artifactId>
<version>9.7.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.ow2.asm</groupId>
<artifactId>asm-analysis</artifactId>
<version>9.7.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.ow2.asm</groupId>
<artifactId>asm-commons</artifactId>
<version>9.7.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.ow2.asm</groupId>
<artifactId>asm-tree</artifactId>
<version>9.7.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.ow2.asm</groupId>
<artifactId>asm-util</artifactId>
<version>9.7.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.bcel</groupId>
<artifactId>bcel</artifactId>
<version>6.10.0</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.github.stephenc.jcip</groupId>
<artifactId>jcip-annotations</artifactId>
<version>1.0-1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.dom4j</groupId>
<artifactId>dom4j</artifactId>
<version>2.1.4</version>
<scope>compile</scope>
<exclusions>
<exclusion>
<groupId>javax.xml.bind</groupId>
<artifactId>jaxb-api</artifactId>
</exclusion>
<exclusion>
<groupId>jaxen</groupId>
<artifactId>jaxen</artifactId>
</exclusion>
<exclusion>
<groupId>net.java.dev.msv</groupId>
<artifactId>xsdlib</artifactId>
</exclusion>
<exclusion>
<groupId>javax.xml.stream</groupId>
<artifactId>stax-api</artifactId>
</exclusion>
<exclusion>
<groupId>xpp3</groupId>
<artifactId>xpp3</artifactId>
</exclusion>
<exclusion>
<groupId>pull-parser</groupId>
<artifactId>pull-parser</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.17.0</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-text</artifactId>
<version>1.13.0</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>2.0.17</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-annotations</artifactId>
<version>4.9.3</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.google.code.gson</groupId>
<artifactId>gson</artifactId>
<version>2.12.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>jaxen</groupId>
<artifactId>jaxen</artifactId>
<version>2.0.0</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>net.sf.saxon</groupId>
<artifactId>Saxon-HE</artifactId>
<version>12.5</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>2.24.3</version>
<scope>runtime</scope>
</dependency>
</dependencies>
</project>
<?xml version="1.0" encoding="UTF-8"?>
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<!-- This module was also published with a richer model, Gradle metadata, -->
<!-- which should be used instead. Do not delete the following line which -->
<!-- is to indicate to Gradle or any Gradle module metadata file consumer -->
<!-- that they should prefer consuming it instead. -->
<!-- do_not_remove: published-with-gradle-metadata -->
<modelVersion>4.0.0</modelVersion>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs</artifactId>
<version>4.9.4</version>
<packaging>pom</packaging>
<name>SpotBugs</name>
<description>SpotBugs: Because it is easy!</description>
<url>https://spotbugs.github.io/</url>
<licenses>
<license>
<name>GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1</name>
<url>https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html</url>
</license>
</licenses>
<developers>
<developer>
<id>jsotuyod</id>
<name>Juan Martín Sotuyo Dodero</name>
<url>https://github.com/jsotuyod</url>
<timezone>-3</timezone>
</developer>
<developer>
<id>mebigfatguy</id>
<name>Dave Brosius</name>
<email>dbrosius@mebigfatguy.com</email>
<url>http://www.jroller.com/dbrosius/</url>
<timezone>-5</timezone>
</developer>
<developer>
<id>henrik242</id>
<url>https://github.com/henrik242</url>
</developer>
<developer>
<id>KengoTODA</id>
<name>Kengo TODA</name>
<email>skypencil@gmail.com</email>
<url>https://github.com/KengoTODA/</url>
<timezone>+8</timezone>
</developer>
<developer>
<id>iloveeclipse</id>
<name>Andrey Loskutov</name>
<email>loskutov@gmx.de</email>
<url>https://github.com/iloveeclipse</url>
<timezone>+2</timezone>
</developer>
<developer>
<id>ThrawnCA</id>
<url>https://github.com/ThrawnCA</url>
</developer>
<developer>
<id>sewe</id>
<name>Andreas Sewe</name>
<email>andreas.sewe@codetrails.com</email>
<url>https://github.com/sewe</url>
<timezone>+1</timezone>
</developer>
</developers>
<scm>
<connection>scm:git:git@github.com:spotbugs/spotbugs.git</connection>
<developerConnection>scm:git:git@github.com:spotbugs/spotbugs.git</developerConnection>
<url>https://github.com/spotbugs/spotbugs/</url>
</scm>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>[2.17.1, 3)</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<version>[1.2.9, 2)</version>
</dependency>
<dependency>
<groupId>org.junit</groupId>
<artifactId>junit-bom</artifactId>
<version>5.13.4</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.ow2.asm</groupId>
<artifactId>asm</artifactId>
<version>9.8</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.ow2.asm</groupId>
<artifactId>asm-analysis</artifactId>
<version>9.8</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.ow2.asm</groupId>
<artifactId>asm-commons</artifactId>
<version>9.8</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.ow2.asm</groupId>
<artifactId>asm-tree</artifactId>
<version>9.8</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.ow2.asm</groupId>
<artifactId>asm-util</artifactId>
<version>9.8</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.bcel</groupId>
<artifactId>bcel</artifactId>
<version>6.10.0</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.github.stephenc.jcip</groupId>
<artifactId>jcip-annotations</artifactId>
<version>1.0-1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.dom4j</groupId>
<artifactId>dom4j</artifactId>
<version>2.2.0</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.18.0</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-text</artifactId>
<version>1.14.0</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>2.0.17</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-annotations</artifactId>
<version>4.9.4</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>com.google.code.gson</groupId>
<artifactId>gson</artifactId>
<version>2.13.1</version>
<scope>compile</scope>
</dependency>
<dependency>
<groupId>jaxen</groupId>
<artifactId>jaxen</artifactId>
<version>2.0.0</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>net.sf.saxon</groupId>
<artifactId>Saxon-HE</artifactId>
<version>12.8</version>
<scope>runtime</scope>
</dependency>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>2.25.1</version>
<scope>runtime</scope>
</dependency>
</dependencies>
</project>

BIN
spotbugs-4.9.4.tar.gz LFS Normal file
View File

Binary file not shown.

193
spotbugs-annotations-4.9.3.pom → spotbugs-annotations-4.9.4.pom
View File

@@ -1,93 +1,100 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<!-- This module was also published with a richer model, Gradle metadata, -->
<!-- which should be used instead. Do not delete the following line which -->
<!-- is to indicate to Gradle or any Gradle module metadata file consumer -->
<!-- that they should prefer consuming it instead. -->
<!-- do_not_remove: published-with-gradle-metadata -->
<modelVersion>4.0.0</modelVersion>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-annotations</artifactId>
<version>4.9.3</version>
<name>SpotBugs Annotations</name>
<description>Annotations the SpotBugs tool supports</description>
<url>https://spotbugs.github.io/</url>
<licenses>
<license>
<name>GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1</name>
<url>https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html</url>
</license>
</licenses>
<developers>
<developer>
<id>jsotuyod</id>
<name>Juan Martín Sotuyo Dodero</name>
<url>https://github.com/jsotuyod</url>
<timezone>-3</timezone>
</developer>
<developer>
<id>mebigfatguy</id>
<name>Dave Brosius</name>
<email>dbrosius@mebigfatguy.com</email>
<url>http://www.jroller.com/dbrosius/</url>
<timezone>-5</timezone>
</developer>
<developer>
<id>henrik242</id>
<url>https://github.com/henrik242</url>
</developer>
<developer>
<id>KengoTODA</id>
<name>Kengo TODA</name>
<email>skypencil@gmail.com</email>
<url>https://github.com/KengoTODA/</url>
<timezone>+8</timezone>
</developer>
<developer>
<id>iloveeclipse</id>
<name>Andrey Loskutov</name>
<email>loskutov@gmx.de</email>
<url>https://github.com/iloveeclipse</url>
<timezone>+2</timezone>
</developer>
<developer>
<id>ThrawnCA</id>
<url>https://github.com/ThrawnCA</url>
</developer>
<developer>
<id>sewe</id>
<name>Andreas Sewe</name>
<email>andreas.sewe@codetrails.com</email>
<url>https://github.com/sewe</url>
<timezone>+1</timezone>
</developer>
</developers>
<scm>
<connection>scm:git:git@github.com:spotbugs/spotbugs.git</connection>
<developerConnection>scm:git:git@github.com:spotbugs/spotbugs.git</developerConnection>
<url>https://github.com/spotbugs/spotbugs/</url>
</scm>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>[2.17.1, 3)</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<version>[1.2.9, 2)</version>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>com.google.code.findbugs</groupId>
<artifactId>jsr305</artifactId>
<version>3.0.2</version>
<scope>compile</scope>
</dependency>
</dependencies>
</project>
<?xml version="1.0" encoding="UTF-8"?>
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<!-- This module was also published with a richer model, Gradle metadata, -->
<!-- which should be used instead. Do not delete the following line which -->
<!-- is to indicate to Gradle or any Gradle module metadata file consumer -->
<!-- that they should prefer consuming it instead. -->
<!-- do_not_remove: published-with-gradle-metadata -->
<modelVersion>4.0.0</modelVersion>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-annotations</artifactId>
<version>4.9.4</version>
<name>SpotBugs Annotations</name>
<description>Annotations the SpotBugs tool supports</description>
<url>https://spotbugs.github.io/</url>
<licenses>
<license>
<name>GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1</name>
<url>https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html</url>
</license>
</licenses>
<developers>
<developer>
<id>jsotuyod</id>
<name>Juan Martín Sotuyo Dodero</name>
<url>https://github.com/jsotuyod</url>
<timezone>-3</timezone>
</developer>
<developer>
<id>mebigfatguy</id>
<name>Dave Brosius</name>
<email>dbrosius@mebigfatguy.com</email>
<url>http://www.jroller.com/dbrosius/</url>
<timezone>-5</timezone>
</developer>
<developer>
<id>henrik242</id>
<url>https://github.com/henrik242</url>
</developer>
<developer>
<id>KengoTODA</id>
<name>Kengo TODA</name>
<email>skypencil@gmail.com</email>
<url>https://github.com/KengoTODA/</url>
<timezone>+8</timezone>
</developer>
<developer>
<id>iloveeclipse</id>
<name>Andrey Loskutov</name>
<email>loskutov@gmx.de</email>
<url>https://github.com/iloveeclipse</url>
<timezone>+2</timezone>
</developer>
<developer>
<id>ThrawnCA</id>
<url>https://github.com/ThrawnCA</url>
</developer>
<developer>
<id>sewe</id>
<name>Andreas Sewe</name>
<email>andreas.sewe@codetrails.com</email>
<url>https://github.com/sewe</url>
<timezone>+1</timezone>
</developer>
</developers>
<scm>
<connection>scm:git:git@github.com:spotbugs/spotbugs.git</connection>
<developerConnection>scm:git:git@github.com:spotbugs/spotbugs.git</developerConnection>
<url>https://github.com/spotbugs/spotbugs/</url>
</scm>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>[2.17.1, 3)</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<version>[1.2.9, 2)</version>
</dependency>
<dependency>
<groupId>org.junit</groupId>
<artifactId>junit-bom</artifactId>
<version>5.13.4</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>com.google.code.findbugs</groupId>
<artifactId>jsr305</artifactId>
<version>3.0.2</version>
<scope>compile</scope>
</dependency>
</dependencies>
</project>

193
spotbugs-ant-4.9.3.pom → spotbugs-ant-4.9.4.pom
View File

@@ -1,93 +1,100 @@
<?xml version="1.0" encoding="UTF-8"?>
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<!-- This module was also published with a richer model, Gradle metadata, -->
<!-- which should be used instead. Do not delete the following line which -->
<!-- is to indicate to Gradle or any Gradle module metadata file consumer -->
<!-- that they should prefer consuming it instead. -->
<!-- do_not_remove: published-with-gradle-metadata -->
<modelVersion>4.0.0</modelVersion>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-ant</artifactId>
<version>4.9.3</version>
<name>SpotBugs Ant Task</name>
<description>Ant Task to run SpotBugs</description>
<url>https://spotbugs.github.io/</url>
<licenses>
<license>
<name>GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1</name>
<url>https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html</url>
</license>
</licenses>
<developers>
<developer>
<id>jsotuyod</id>
<name>Juan Martín Sotuyo Dodero</name>
<url>https://github.com/jsotuyod</url>
<timezone>-3</timezone>
</developer>
<developer>
<id>mebigfatguy</id>
<name>Dave Brosius</name>
<email>dbrosius@mebigfatguy.com</email>
<url>http://www.jroller.com/dbrosius/</url>
<timezone>-5</timezone>
</developer>
<developer>
<id>henrik242</id>
<url>https://github.com/henrik242</url>
</developer>
<developer>
<id>KengoTODA</id>
<name>Kengo TODA</name>
<email>skypencil@gmail.com</email>
<url>https://github.com/KengoTODA/</url>
<timezone>+8</timezone>
</developer>
<developer>
<id>iloveeclipse</id>
<name>Andrey Loskutov</name>
<email>loskutov@gmx.de</email>
<url>https://github.com/iloveeclipse</url>
<timezone>+2</timezone>
</developer>
<developer>
<id>ThrawnCA</id>
<url>https://github.com/ThrawnCA</url>
</developer>
<developer>
<id>sewe</id>
<name>Andreas Sewe</name>
<email>andreas.sewe@codetrails.com</email>
<url>https://github.com/sewe</url>
<timezone>+1</timezone>
</developer>
</developers>
<scm>
<connection>scm:git:git@github.com:spotbugs/spotbugs.git</connection>
<developerConnection>scm:git:git@github.com:spotbugs/spotbugs.git</developerConnection>
<url>https://github.com/spotbugs/spotbugs/</url>
</scm>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>[2.17.1, 3)</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<version>[1.2.9, 2)</version>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs</artifactId>
<version>4.9.3</version>
<scope>runtime</scope>
</dependency>
</dependencies>
</project>
<?xml version="1.0" encoding="UTF-8"?>
<project xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns="http://maven.apache.org/POM/4.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<!-- This module was also published with a richer model, Gradle metadata, -->
<!-- which should be used instead. Do not delete the following line which -->
<!-- is to indicate to Gradle or any Gradle module metadata file consumer -->
<!-- that they should prefer consuming it instead. -->
<!-- do_not_remove: published-with-gradle-metadata -->
<modelVersion>4.0.0</modelVersion>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-ant</artifactId>
<version>4.9.4</version>
<name>SpotBugs Ant Task</name>
<description>Ant Task to run SpotBugs</description>
<url>https://spotbugs.github.io/</url>
<licenses>
<license>
<name>GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1</name>
<url>https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html</url>
</license>
</licenses>
<developers>
<developer>
<id>jsotuyod</id>
<name>Juan Martín Sotuyo Dodero</name>
<url>https://github.com/jsotuyod</url>
<timezone>-3</timezone>
</developer>
<developer>
<id>mebigfatguy</id>
<name>Dave Brosius</name>
<email>dbrosius@mebigfatguy.com</email>
<url>http://www.jroller.com/dbrosius/</url>
<timezone>-5</timezone>
</developer>
<developer>
<id>henrik242</id>
<url>https://github.com/henrik242</url>
</developer>
<developer>
<id>KengoTODA</id>
<name>Kengo TODA</name>
<email>skypencil@gmail.com</email>
<url>https://github.com/KengoTODA/</url>
<timezone>+8</timezone>
</developer>
<developer>
<id>iloveeclipse</id>
<name>Andrey Loskutov</name>
<email>loskutov@gmx.de</email>
<url>https://github.com/iloveeclipse</url>
<timezone>+2</timezone>
</developer>
<developer>
<id>ThrawnCA</id>
<url>https://github.com/ThrawnCA</url>
</developer>
<developer>
<id>sewe</id>
<name>Andreas Sewe</name>
<email>andreas.sewe@codetrails.com</email>
<url>https://github.com/sewe</url>
<timezone>+1</timezone>
</developer>
</developers>
<scm>
<connection>scm:git:git@github.com:spotbugs/spotbugs.git</connection>
<developerConnection>scm:git:git@github.com:spotbugs/spotbugs.git</developerConnection>
<url>https://github.com/spotbugs/spotbugs/</url>
</scm>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.apache.logging.log4j</groupId>
<artifactId>log4j-core</artifactId>
<version>[2.17.1, 3)</version>
</dependency>
<dependency>
<groupId>ch.qos.logback</groupId>
<artifactId>logback-core</artifactId>
<version>[1.2.9, 2)</version>
</dependency>
<dependency>
<groupId>org.junit</groupId>
<artifactId>junit-bom</artifactId>
<version>5.13.4</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs</artifactId>
<version>4.9.4</version>
<scope>runtime</scope>
</dependency>
</dependencies>
</project>

88
spotbugs.changes
View File

@@ -1,3 +1,91 @@
-------------------------------------------------------------------
Sun Nov 23 20:22:58 UTC 2025 - Anton Shvetz <shvetz.anton@gmail.com>
- Update to v4.9.4
* Changed
+ AnnotationMatcher can now ignore bugs if annotation is also
applied on methods or fields. Previously only annotations on
classes were considered.
+ Add relevant CWE ids to bugs and refer the CWEs in the bug
messages (#3354).
+ Replace LOCAL_VARIABLE_UNKNOWN with exact method name for
NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE (#3485)
* Fixed
+ Widen main method recognition according to JEP 445. (#3371)
+ Do not report US_USELESS_SUPPRESSION_ON_* on methods, fields,
parameters, packages or classes with an *.Generated
annotation with retention >= class (#3350)(#3409)
+ Rewrite some member in ResourceValueFrame.java to Enum
(#2061)
+ Ignore non-interpreted text when looking for
FS_BAD_DATE_FORMAT_FLAG_COMBO (#3387)
+ Fix IllegalArgumentException thrown from
FindNoSideEffectMethods detector (#3320)
+ Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when
part of a Mockito doAnswer(), doCallRealMethod(),
doNothing(), doThrow() or doReturn() call (#3334)
+ Fix CT_CONSTRUCTOR_THROW false positive with public and
private constructors in specific order of methods (#3417)
+ Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE,
AT_NONATOMIC_64BIT_PRIMITIVE and
AT_STALE_THREAD_WRITE_OF_PRIMITIVE FP when the relevant code
is in private method, which is only called with proper
synchronization (#3428)
+ Do not report RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT when
part of a BDDMockito call (#3441)
+ Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE when field of
a local variable is set. (#3459)
+ Fix AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE FP when there
was no compound operation (#3363)
+ Fix NM_FIELD_NAMING_CONVENTION crash in the TestASM detector
(#3489)
+ Do not report UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for
fields initialized in JUnit 3/4 setUp() method. (#3169)
+ Fix US_USELESS_SUPPRESSION_ON_FIELD/UUF_UNUSED_FIELD false
positive (#3496)
+ Make the osgi manifest of the annotations jar Java 8
compatible (#3498) (#3500)
+ TextUICommandLine supports all options encoded in Eclipse
preferences file (#3520)
+ Unnecessary suppressions fix for records headers (#3471)
+ Dead store fix when switch case contains loops (#3530)
(#3449)
+ Consider PUTFIELD and PUTSTATIC when looking for assertions
with side effects (#3463)
+ Detect cases when equals() unconditionally returns true or
false (#3528)
+ Do not report that an Iterator does not throw
NoSuchElementException when hasNext() returns true (#3501)
+ Detect random value cast to int when stored in temporary
variable (#3461)
+ Look for interfaces default methods when searching uncalled
private methods (#1988)
+ Fixed field self assignment false positive (#2258)
+ Fixed DMI_INVOKING_TOSTRING_ON_ARRAY on newer JDK (#1147)
+ Fix NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE false positive
with Objects.requireNonNull (#2965) (#3573)
+ Track inner classes access methods to correctly report the
bugs (#2029)
+ SF_SWITCH_NO_DEFAULT false positive fix (#1148) (#3572)
* Added
+ Added the unnecessary annotation to the
US_USELESS_SUPPRESSION_ON_* messages (#3395)
+ Multi-threaded code checks can be skipped with @NotThreadSafe
(#3390)
+ New bug type CWO_CLOSED_WITHOUT_OPENED for locks that might
be released without even being acquired. (See SEI CERT rule
LCK08-J) (#2055)
~ Breaking change: changed values and new items in
ResourceValueFrame.
+ Inline access method for method. (#3481)
+ Added DMI_MISLEADING_SUBSTRING for calling subString(0) on a
StringBuffer/StringBuilder (#1928)
* Signing
+ Signing for Eclipse plugin has been removed at the current
time due to signing keys being expired. The expired key
produced a warning during install, the same is true without
signing.
-------------------------------------------------------------------
Thu May 1 07:46:31 UTC 2025 - Fridrich Strba <fstrba@suse.com>

3
spotbugs.spec
View File

@@ -19,7 +19,7 @@
%global desc SpotBugs is the spiritual successor of FindBugs, carrying on from the point\
where it left off with support of its community.
Name: spotbugs
Version: 4.9.3
Version: 4.9.4
Release: 0
Summary: A tool for static analysis to look for bugs in Java code
License: LGPL-2.1-only
@@ -52,6 +52,7 @@ BuildRequires: mvn(org.apache.logging.log4j:log4j-slf4j-impl)
BuildRequires: mvn(org.codehaus.mojo:build-helper-maven-plugin)
BuildRequires: mvn(org.codehaus.mojo:properties-maven-plugin)
BuildRequires: mvn(org.dom4j:dom4j)
BuildRequires: mvn(org.junit:junit-bom:pom:)
BuildRequires: mvn(org.ow2.asm:asm)
BuildRequires: mvn(org.ow2.asm:asm-analysis)
BuildRequires: mvn(org.ow2.asm:asm-commons)