8000 Releases · spotbugs/spotbugs · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Releases: spotbugs/spotbugs

SpotBugs 4.9.3

15 Mar 19:18
@github-actions github-actions
4.9.3
1f6a719
Compare
Choose a tag to compare
SpotBugs 4.9.3 Latest
Latest

CHANGELOG

Added

  • Introduced UselessSuppressionDetector to report the useless annotations instead of NoteSuppressedWarnings (#3348)

Fixed

  • Do not report US_USELESS_SUPPRESSION_ON_METHOD on synthetic methods (#3351)

CHECKSUM

file checksum (sha256)
spotbugs-4.9.3-javadoc.jar 3d0d103724cbaaffc27f17d28d9b17f8972fb378397f8f04f6f05268bde110b7
spotbugs-4.9.3-sources.jar 0aa5c905469eb578a3dbe09dcf704cf892568610cdb58550b142d658e37a29d4
spotbugs-4.9.3.tgz d464d56050cf1dbda032e9482e1188f7cd7b7646eaff79c2e6cbe4d6822f4d9f
spotbugs-4.9.3.zip 3b2dcf86f97d701700121cee4bd22305d4b54fd9ed7666fa0f53933a4ab92251
spotbugs-annotations-4.9.3-javadoc.jar 5fce79dc01a97aae84670922dd3581aa621b980535e4f6695a71db553dcb9cb4
spotbugs-annotations-4.9.3-sources.jar 990ad9f3500499a99466b7c1e01284f4f41d1499358e7dc38c8defc59dab114c
spotbugs-annotations.jar 13532bfe2f45fcd491432221df72d9cd0efb8f987c9245e12befa192c8925ce3
spotbugs-ant-4.9.3-javadoc.jar 346eb5215f9d157ab46c3216a783416e2fa2e8c9d4458143267fb518f81c7d77
spotbugs-ant-4.9.3-sources.jar 591073402e4110093a380169acd3f33b26c2f893c2eaed5a6460d9be0b26014e
spotbugs-ant.jar 3a6f453696294d5314e648d4891d35e34315e11cb63c758a1601021cc0d803d1
spotbugs.jar 710e8b98f1ae23cdb71aaaf07e8d71fb63b44f2bbbaa1df3c3ba0de62aba6ec9
test-harness-4.9.3-javadoc.jar 57f51147e289b5c6493f844beaac97cde57773a1d16ce064e9deb8963b3f99ce
test-harness-4.9.3-sources.jar 22688f14ef808cde65cc46e86d41c617fc397fc4967516006a73ce8bad658b9f
test-harness-4.9.3.jar 9bf5bba9546e4f89032006261dd2921a79fc3044e473ee1fa73af870cb43da15
test-harness-core-4.9.3-javadoc.jar 15aac012f3a8c8d6600075efe824aecab8233778e58345fecca65d7970256311
test-harness-core-4.9.3-sources.jar 13825de35190089490c7e290b52bafe6a9b08ab431177c0191dae9cf2a88a55d
test-harness-core-4.9.3.jar 3c74cc6d2d6f999d403f00f97685587e617d2bf1bfc348bbd0597e785c83feec
test-harness-jupiter-4.9.3-javadoc.jar a8f276fb01743b8dc9f8cd6b517ae0748e38f673e31615a923c9c61f5fd9de58
test-harness-jupiter-4.9.3-sources.jar 0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.9.3.jar 0e9509de32f8fbc94cf088dbee80394fa93807a766532568e652cd622ce737c8
Assets 8
Loading

SpotBugs 4.9.2

01 Mar 20:12
@github-actions github-actions
4.9.2
dcce8fb
Compare
Choose a tag to compare
SpotBugs 4.9.2

CHANGELOG

Added

  • Reporting useless @SuppressFBWarnings annotations (#641)

Fixed

  • Fixed html bug descriptions for AT_STALE_THREAD_WRITE_OF_PRIMITIVE and AT_NONATOMIC_64BIT_PRIMITIVE (#3303)
  • Fixed an HSM_HIDING_METHOD false positive when ECJ generates a synthetic method for an enum switch (#3305)
  • Fix AT_UNSAFE_RESOURCE_ACCESS_IN_THREAD false negatives, detector depending on method order.
  • Fix THROWS_METHOD_THROWS_CLAUSE_THROWABLE reported in a method calling MethodHandle.invokeExact due to its polymorphic signature (#3309)
  • Fix AT_STALE_THREAD_WRITE_OF_PRIMITIVE false positive in inner class (#3310).
  • Fix AT_STALE_THREAD_WRITE_OF_PRIMITIVE false positive for ECJ compiled enum switches (#3316)
  • Fix RC_REF_COMPARISON false positive with Lombok With annotation (#3319)
  • Avoid calling File.getCanonicalPath twice to improve performance (#3325)
  • Fix MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR and MC_OVERRIDABLE_METHOD_CALL_IN_CLONE false positive when the overridable method is outside the class (#3328).
  • Fix NullPointerException thrown from ThrowingExceptions detector (#3337).

Removed

  • Removed the TLW_TWO_LOCK_NOTIFY, LI_LAZY_INIT_INSTANCE, BRSA_BAD_RESULTSET_ACCESS, BC_NULL_INSTANCEOF, NP_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR and RCN_REDUNDANT_CHECKED_NULL_COMPARISON deprecated bug patterns.

CHECKSUM

8000
file checksum (sha256)
spotbugs-4.9.2-javadoc.jar d34b4e08d87474b5970b9d1d9185a9944c2738a3b974332595dfc06355e5b2de
spotbugs-4.9.2-sources.jar e70ddb0feee2aa0a67ee64d1ed5ff9fb57eb25cd9a78bbdef2742b02f2cd2799
spotbugs-4.9.2.tgz ecee09196ce66ab686b6a874047107b01f51a6ee2fb9b8604ce64d88688a1400
spotbugs-4.9.2.zip 2ac6f163c266d2f7c11cc89d80d07ccad6755ac468cee20ca0b1e4217e567548
spotbugs-annotations-4.9.2-javadoc.jar fbc8d5ad201ecae48bc3debca7f22fc791173b58d774e59a9e344f963e9e42e0
spotbugs-annotations-4.9.2-sources.jar 990ad9f3500499a99466b7c1e01284f4f41d1499358e7dc38c8defc59dab114c
spotbugs-annotations.jar d5bef4678385fa052040bc7a5deeb8f2e06902189dea1a8dd818a5680ac0f015
spotbugs-ant-4.9.2-javadoc.jar 5451c7d63238ecfb3aacf540f348486a965574a6a8ae9486b0aa8c3240f1e413
spotbugs-ant-4.9.2-sources.jar 591073402e4110093a380169acd3f33b26c2f893c2eaed5a6460d9be0b26014e
spotbugs-ant.jar 3a6f453696294d5314e648d4891d35e34315e11cb63c758a1601021cc0d803d1
spotbugs.jar 7a75726e9da4c99d767813f5e9e65cf2a367a17e58f68befe009d05568ec8932
test-harness-4.9.2-javadoc.jar a98da04ba818e358845dd96162f3e7301d9f8fd6fb82b3c105f33fa2a2de65db
test-harness-4.9.2-sources.jar 22688f14ef808cde65cc46e86d41c617fc397fc4967516006a73ce8bad658b9f
test-harness-4.9.2.jar 9bf5bba9546e4f89032006261dd2921a79fc3044e473ee1fa73af870cb43da15
test-harness-core-4.9.2-javadoc.jar 2a40c65270651ac8783bdf63939616b366482949d56746dcca0acf53f30a0da3
test-harness-core-4.9.2-sources.jar 13825de35190089490c7e290b52bafe6a9b08ab431177c0191dae9cf2a88a55d
test-harness-core-4.9.2.jar 3c74cc6d2d6f999d403f00f97685587e617d2bf1bfc348bbd0597e785c83feec
test-harness-jupiter-4.9.2-javadoc.jar c50778636a54122dbf9f3c676ec2089d2938cbb6468364d0ee3a64022cae1881
test-harness-jupiter-4.9.2-sources.jar 0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.9.2.jar 0e9509de32f8fbc94cf088dbee80394fa93807a766532568e652cd622ce737c8
Loading

SpotBugs 4.9.1

05 Feb 16:59
@github-actions github-actions
4.9.1
b1bd255
Compare
Choose a tag to compare
SpotBugs 4.9.1

CHANGELOG

Added

  • New detector SharedVariableAtomicityDetector for new bug types AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE, AT_NONATOMIC_64BIT_PRIMITIVE and AT_STALE_THREAD_WRITE_OF_PRIMITIVE (See SEI CERT rules VNA00-J, VNA02-J and VNA05-J).
  • New detector FindHiddenMethod for bug type HSM_HIDING_METHOD. This bug is reported whenever a subclass method hides the static method of super class. (See SEI CERT MET07-J).

Fixed

  • Fixed the parsing of generics methods in ThrowingExceptions (#3267)
  • Accept the 1st parameter of java.util.concurrent.CompletableFuture's completeOnTimeout(), getNow() and obtrudeValue() functions as nullable (#1001).
  • Fixed the analysis error when FindReturnRef was checking instructions corresponding to a CFG branch that was optimized away (#3266)
  • Added execute file permission to files in the distribution archive (#3274)
  • Fixed a stack overflow in MultipleInstantiationsOfSingletons when a singleton initializer makes recursive calls (#3280)
  • Fixed NPE in FindReturnRef on inner class fields (#3283)
  • Fixed NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE false positive when add edu.umd.cs.findbugs.annotations.Nullable (#3243)

CHECKSUM

file checksum (sha256)
spotbugs-4.9.1-javadoc.jar 23ac58ad28f3d0914f0f151ab98b1bc2572b0ea80f14e653086cc82dedb96269
spotbugs-4.9.1-sources.jar 8fe4015f36346bef7ba66b038faad9563f133ad64615e45c7132ef721da5d48f
spotbugs-4.9.1.tgz 4f992d7d204c1b23c031b4282c2e8638bafe91c50fc58324d9dbf71f556687b3
spotbugs-4.9.1.zip f7ee284368d64d33f97e142f33e8251cddeacf366df20853fefa342be281f31a
spotbugs-annotations-4.9.1-javadoc.jar 6dcf2bd7634c56975d851a4edc5c273854b09857efc0ba5c52731fe0deb5b113
spotbugs-annotations-4.9.1-sources.jar 990ad9f3500499a99466b7c1e01284f4f41d1499358e7dc38c8defc59dab114c
spotbugs-annotations.jar 7ff76e691441580bc26589eaf1c3be18a8c01a593e32bcce257c44491c2a61cc
spotbugs-ant-4.9.1-javadoc.jar f661c6055e7bc5667bbbfa596efca02f390ef3fe3744a46219da588125513eda
spotbugs-ant-4.9.1-sources.jar 591073402e4110093a380169acd3f33b26c2f893c2eaed5a6460d9be0b26014e
spotbugs-ant.jar 3a6f453696294d5314e648d4891d35e34315e11cb63c758a1601021cc0d803d1
spotbugs.jar f983f79cdee9d567f05886006cd42ce7489d990fb7175bcc5792541a00057549
test-harness-4.9.1-javadoc.jar d5ac152ea55383267dbe14460d41f36acd6dca7c76d0430b4a422c52f2f8ad2a
test-harness-4.9.1-sources.jar 22688f14ef808cde65cc46e86d41c617fc397fc4967516006a73ce8bad658b9f
test-harness-4.9.1.jar 9bf5bba9546e4f89032006261dd2921a79fc3044e473ee1fa73af870cb43da15
test-harness-core-4.9.1-javadoc.jar 09c0156df759dd15ad98527cdc5dd9faf0e920007a0c9841ad83224fe9f77b51
test-harness-core-4.9.1-sources.jar 13825de35190089490c7e290b52bafe6a9b08ab431177c0191dae9cf2a88a55d
test-harness-core-4.9.1.jar 3c74cc6d2d6f999d403f00f97685587e617d2bf1bfc348bbd0597e785c83feec
test-harness-jupiter-4.9.1-javadoc.jar d62f86e4b2a2162a0c06b545bf52df2350a95a3917c692fb4ea6970aeaf5eb96
test-harness-jupiter-4.9.1-sources.jar 0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.9.1.jar 0e9509de32f8fbc94cf088dbee80394fa93807a766532568e652cd622ce737c8
Loading

SpotBugs 4.9.0

16 Jan 05:16
@github-actions github-actions
4.9.0
ef76e9b
Compare
Choose a tag to compare
SpotBugs 4.9.0

CHANGELOG

Added

  • Updated the SuppressFBWarnings annotation to support finer grained bug suppressions (#3102)
  • SimpleDateFormat, DateTimeFormatter, FastDateFormat string check for bad combinations of flag formatting (#637)
  • New detector ResourceInMultipleThreadsDetector and introduced new bug type:
    • AT_UNSAFE_RESOURCE_ACCESS_IN_THREAD is reported in case of unsafe resource access in multiple threads.

Fixed

  • Do not consider Records as Singletons (#2981)
  • Keep a maximum of 10000 cached analysis entries for plugin's analysis engines (#3025)
  • Only report MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT when calling own methods (#2957)
  • Check the actual caught exceptions (instead of their common type) when analyzing multi-catch blocks (#2968)
  • System property findbugs.refcomp.reportAll is now being used. For some new conditions, it will emit an experimental warning (#2988)
  • -version flag prints the version to the standard output (#2797)
  • Revert the changes from (#2894) to get HTML stylesheets to work again (#2969)
  • Fix FP SING_SINGLETON_GETTER_NOT_SYNCHRONIZED report when the synchronization is in a called method (#3045)
  • Let BetterCFGBuilder2.isPEI handle dup2 bytecode used by Spring AOT (#3059)
  • Detect failure to close RocksDB's ReadOptions (#3069)
  • Fix FP EI_EXPOSE_REP when there are multiple immutable assignments (#3023)
  • Fixed false positive NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for Kotlin, handle Kotlin's Intrinsics.checkNotNullParameter() (#3094)
  • Fixed some CWE mappings (#3124)
  • Recognize some classes as immutable, fixing EI_EXPOSE and MS_EXPOSE FPs (#3137)
  • Do not report UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for fields initialized in method annotated with TestNG's @BeforeClass. (#3152)
  • Fixed detector FindReturnRef not finding references exposed from nested and inner classes (#2042)
  • Fix call graph, include non-parametric void methods (#3160)
  • Fix multiple reporting of identical bugs messing up statistics (#3185)
  • Added missing comma between line number and confidence when describing matching and mismatching bugs for tests (#3187)
  • Fixed method matchers with array types (#3203)
  • Fix SARIF report's message property in Exception to meet the standard (#3197)
  • Fixed FI_FINALIZER_NULLS_FIELDS FPs for functions called finalize() but not with the correct signature. (#3207)
  • Fixed an error in the detection of bridge methods causing analysis crashes (#3208)
  • Fixed detector ThrowingExceptions by removing false positive reports, such as synthetic methods (lambdas), methods which inherited their exception specifications and methods which call throwing methods (#2040)
  • Do not report DP_DO_INSIDE_DO_PRIVILEGED, DP_CREATE_CLASSLOADER_INSIDE_DO_PRIVILEGED and USC_POTENTIAL_SECURITY_CHECK_BASED_ON_UNTRUSTED_SOURCE in code targeting Java 17 and above, since it advises the usage of deprecated method (#1515).
  • Fixed a RV_RETURN_VALUE_IGNORED_NO_SIDE_EFFECT false positive for a builder delegating to another builder (#3235)

Cleanup

  • Cleanup thread issue and regex issue in test-harness (#3130)
  • Remove extra blank lines and remove public from interface objects as inherently already public (#3131)
  • Fix order of modifiers on properties/methods and ensure correct location in file (#3132, #3177)
  • Return objects directly instead of creating more garbage collection by defining them (#3133, #3175)
  • Restrict the constructor of abstract classes visibility to protected (#3178)
  • Cleanup double initialization and fix comments referring to findbugs instead of spotbugs(#3134)
  • Use diamond operator in constructor calls of Collections (#3176)
  • Use Collection.isEmpty() or String.isEmpty() to test for emptiness (#3180, #3219)
  • Use method references instead of lambdas where possible (#3179)
  • Move default clauses to the end of switches (#3222)
  • Remove unnecessary throws declarations (#3220)
  • Use Boolean.parseBoolean() for string-to-boolean conversion. (#3217)
  • Rename shadowing fields (#3221)
  • Combine catch blocks with the same body (#3223)
  • Merge conditions of nested ifs (#3231)
  • Use non deprecated 'getDottedClassName' instead of 'toDottedClassName'(#3251)
  • Use try with resources where possible (#3253)

Changed

  • Bump up Java version to 11

CHECKSUM

file checksum (sha256)
spotbugs-4.9.0-javadoc.jar 5d577a6bc5a67ea1ed93c132caa5825228aecf7814b7d54406b93ab182d6e7b6
spotbugs-4.9.0-sources.jar 310d5b46d76d06698303b21a26482d070c04df78fe0807b8f734ca6477cc6028
spotbugs-4.9.0.tgz d9fec1c0d0d2771153ed3f654a2a793558cefa7796cca3a5cad801f5529ec82d
spotbugs-4.9.0.zip 47a8fcafb93da34dcaa8ab862c24dfd16263b9d0feb89fc68bdf75445ac0fe25
spotbugs-annotations-4.9.0-javadoc.jar 4a75bb25717e01513b37f1214710bdeeafe8b23472c5880de9951ccd2b746515
spotbugs-annotations-4.9.0-sources.jar 990ad9f3500499a99466b7c1e01284f4f41d1499358e7dc38c8defc59dab114c
spotbugs-annotations.jar c13d24d43609a1418472f046d739bceda714ed7aa500e0589c872e0d684a47da
spotbugs-ant-4.9.0-javadoc.jar 19742deb83c58bc9cc7a415d1b9afed9d4e9144869f4b618fea94c7dcd9b6942
spotbugs-ant-4.9.0-sources.jar 591073402e4110093a380169acd3f33b26c2f893c2eaed5a6460d9be0b26014e
spotbugs-ant.jar 3a6f453696294d5314e648d4891d35e34315e11cb63c758a1601021cc0d803d1
spotbugs.jar a4a29bc8c1080e03bfc33bee2aa8f5f37003c8a568fff034a39f126623b7b536
test-harness-4.9.0-javadoc.jar 187bd2f939d9b0eed59498606ead50f6175d7c0d30f9274637a5910e6488a156
test-harness-4.9.0-sources.jar 22688f14ef808cde65cc46e86d41c617fc397fc4967516006a73ce8bad658b9f
test-harness-4.9.0.jar 9bf5bba9546e4f89032006261dd2921a79fc3044e473ee1fa73af870cb43da15
test-harness-core-4.9.0-javadoc.jar 16754b3383b694650aef3ecfc2ed88e66574db9ebb42aad96e252e78912a5dd0
test-harness-core-4.9.0-sources.jar 13825de35190089490c7e290b52bafe6a9b08ab431177c0191dae9cf2a88a55d
test-harness-core-4.9.0.jar 3c74cc6d2d6f999d403f00f97685587e617d2bf1bfc348bbd0597e785c83feec
test-harness-jupiter-4.9.0-javadoc.jar cbbdc4038e5a3aa04278e9a82139679e5044a7f63571b88abd6818531230c736
test-harness-jupiter-4.9.0-sources.jar 0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.9.0.jar 0e9509de32f8fbc94cf088dbee80394fa93807a766532568e652cd622ce737c8
Loading

SpotBugs 4.8.6

18 Jun 02:46
@github-actions github-actions
4.8.6
6cf7b2c
Compare
Choose a tag to compare
SpotBugs 4.8.6

CHANGELOG

Fixed

  • Do not report BC_UNCONFIRMED_CAST for Java 21's type switches when the switch instruction is TABLESWITCH (#2782)
  • Do not throw exception when inspecting empty switch statements (#2995)
  • Adjust priority since relaxed mode reports even IGNORED_PRIORITY (#2994)
  • Fix duplicated log4j2 jar in distribution (#3001)

CHECKSUM

file checksum (sha256)
spotbugs-4.8.6-javadoc.jar e0af15063395b5eb8002a896dad1d02da869dbc53a7a4b1eee76e9e0f0444fbc
spotbugs-4.8.6-sources.jar fc38f6b06cf134a6b065e4e73747b17a8d9b107d935c828ebb1b8bee89527da1
spotbugs-4.8.6.tgz b9d4d25e53cd4202b2dc19c549c0ff54f8a72fc76a71a8c40dee94422c67ebea
spotbugs-4.8.6.zip 67cdc52cceb17eae394f8fc3660f21659cf354908f818e4d1f45a6935c2e4425
spotbugs-annotations-4.8.6-javadoc.jar 0f095f2d0c766b3e2c21ebc226b4f228898fa8c141736f7615a47a2e3be14ba7
spotbugs-annotations-4.8.6-sources.jar b5d0110b70b9c44915f2c3375d1b700acb6d409152baf70030787d17a684469b
spotbugs-annotations.jar 4548b74a815ed44f5480ca4f06204a8b00809dc7e5f6a825a9edf18f40377b65
spotbugs-ant-4.8.6-javadoc.jar 58f477c4fc59d8355a6c3ec972f216537baa2d30cb9afd38f16b511a31baaa89
spotbugs-ant-4.8.6-sources.jar 9f1431331363f45ceb9b91c0e5246eab574fbff81c56eff0e385f572d346de61
spotbugs-ant.jar a798346790437cdc18217379fa54a7e6b044ba2070891ebe01faee28af79af6c
spotbugs.jar 69fde8787971a26b2372d416015d806bf7df4f847f7121bd5eeef239324cf180
test-harness-4.8.6-javadoc.jar 1a220e01369a892e765f5956a38c7ebf1b54111eba623f5f79f430dd0336f901
test-harness-4.8.6-sources.jar 76788749afa9e2a8d6c39231f683bd8e3faab26947975c751c0ab0fbdfc3c17a
test-harness-4.8.6.jar 04c7c8e778a1688ab9636ab58b55f1236ae99bb5428a934a7ba0f54857263c74
test-harness-core-4.8.6-javadoc.jar 4a88789a52b52b4227d1f8384caa59f12e503dbb4ae266d4b5c3270e977afa35
test-harness-core-4.8.6-sources.jar f5db3e4ebf3f90c9bbf4815824c9d94f93fb740c9610b6f70a64bf7896a4e082
test-harness-core-4.8.6.jar 30c2b71900f38b77fb0e4a788b8ae1ea5b9e54f42636111576e338085c9c53dd
test-harness-jupiter-4.8.6-javadoc.jar 49ae6407f1ff6a72a6d49a19b3de55eae791223129ff3b56079f26b3f3a85b1f
test-harness-jupiter-4.8.6-sources.jar 0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.8.6.jar 94c5ceecb79b93f5e357b5d9805f0a7a22536a52c70a376182faa14923d86021
Loading

SpotBugs 4.8.5

03 May 23:22
@github-actions github-actions
4.8.5
1dbd799
Compare
Choose a tag to compare
SpotBugs 4.8.5

CHANGELOG

Fixed

  • Fix FP SING_SINGLETON_GETTER_NOT_SYNCHRONIZED with eager instances (#2932)
  • Fix FPs when looking for multiple initialization of Singletons (#2934)
  • Do not report DLS_DEAD_LOCAL_STORE for Java 21's type switches when switch instruction is TABLESWITCH(#2736)
  • Fix FP SE_BAD_FIELD for record fields (#2935)

CHECKSUM

file checksum (sha256)
spotbugs-4.8.5-javadoc.jar c8abae80768a5cd98bb09d13ae8baee1258efaf673e4c21688a581a8bc55cbe6
spotbugs-4.8.5-sources.jar c21daa57e931c0ea342de685884251e198ea3a48993a6d4c0ac8a9513fc8dd89
spotbugs-4.8.5.tgz c514054fd8f81f242ac6d64871d30bdb7b79cb49be7bd6b58067484efae8bfa0
spotbugs-4.8.5.zip a4b7bad5bb8d2d3cdc42b07d6cdd2a0d7864c0b24732120426d0002df4a9dd0f
spotbugs-annotations-4.8.5-javadoc.jar 5e35895e56ea0c2c4beb71a5b6962070d7a7092a79297419482c123c14324096
spotbugs-annotations-4.8.5-sources.jar b5d0110b70b9c44915f2c3375d1b700acb6d409152baf70030787d17a684469b
spotbugs-annotations.jar 6e63acb693f156e4fb79151b88f9eebe731b4da65fe12843503613e0d6e6f68d
spotbugs-ant-4.8.5-javadoc.jar b2807de49cc2e6d733285be3c22a4ef5a51cc95e266b6b93174fc41968eb7738
spotbugs-ant-4.8.5-sources.jar 9f1431331363f45ceb9b91c0e5246eab574fbff81c56eff0e385f572d346de61
spotbugs-ant.jar a798346790437cdc18217379fa54a7e6b044ba2070891ebe01faee28af79af6c
spotbugs.jar 4b0809797d9e05685ef97ec92c9ae1fdabf9e63368948a66badd934183b807d0
test-harness-4.8.5-javadoc.jar f5c977da2391ef6b7237e3b89a9be56ff82fdbe4d7c59c4f1f854e79fb28142d
test-harness-4.8.5-sources.jar 76788749afa9e2a8d6c39231f683bd8e3faab26947975c751c0ab0fbdfc3c17a
test-harness-4.8.5.jar 04c7c8e778a1688ab9636ab58b55f1236ae99bb5428a934a7ba0f54857263c74
test-harness-core-4.8.5-javadoc.jar 9258f6be3c3a1a4103b268b3c528a7ed0530c54b83d10bccb3c20aed6e38d2ec
test-harness-core-4.8.5-sources.jar f5db3e4ebf3f90c9bbf4815824c9d94f93fb740c9610b6f70a64bf7896a4e082
test-harness-core-4.8.5.jar 30c2b71900f38b77fb0e4a788b8ae1ea5b9e54f42636111576e338085c9c53dd
test-harness-jupiter-4.8.5-javadoc.jar 18e10f9ae7f4c88a8a7790d4ea5e9422901c6a84a768e6961b6d8ce2bc07b9ea
test-harness-jupiter-4.8.5-sources.jar 0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.8.5.jar 94c5ceecb79b93f5e357b5d9805f0a7a22536a52c70a376182faa14923d86021
Loading

SpotBugs 4.8.4

23 Apr 13:33
@JuditKnoll JuditKnoll
4.8.4
a86cfd3
Compare
Choose a tag to compare
SpotBugs 4.8.4 8000

CHANGELOG

Fixed

  • Fix FP in SE_PREVENT_EXT_OBJ_OVERWRITE when the if statement checking for null value, checking multiple variables or the method exiting in the if branch with an exception. (#2750)
  • Fix possible null value in taxonomies of SARIF output (#2744)
  • Fix executionSuccessful flag in SARIF report being set to false when bugs were found (#2116)
  • Move information contained in the SARIF property exitSignalName to exitCodeDescription (#2739)
  • Do not report SE_NO_SERIALVERSIONID or other serialization issues for records (#2793)
  • Added support for CONSTANT_Dynamic (#2759)
  • Ignore generic variable types when looking for BC_UNCONFIRMED_CAST_OF_RETURN_VALUE (#1219)
  • Do not report BC_UNCONFIRMED_CAST for Java 21's type switches (#2813)
  • Remove AppleExtension library (note: menus slightly changed) (#2823)
  • Fix false positive NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE even if Objects.requireNonNull is used. (#651, #456)
  • Fixed error preventing SpotBugs from reporting FE_FLOATING_POINT_EQUALITY (#2843)
  • Fixed NP_LOAD_OF_KNOWN_NULL_VALUE and RCN_REDUNDANT_NULLCHECK_OF_NULL_VALUE false positives in try-with-resources generated finally blocks (#2844)
  • Do not report DLS_DEAD_LOCAL_STORE for Java 21's type switches (#2828)
  • Update UnreadFields detector to ignore warnings for fields with certain annotations (#574)
  • Do not report UWF_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR for fields initialized in method annotated with @PostConstruct, @BeforeEach, etc. (#2872 #2870 #453)
  • Do not report DLS_DEAD_LOCAL_STORE for Hibernate bytecode enhancements (#2865)
  • Fixed NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE false positives due to source code formatting (#2874)
  • Added more nullability annotations in TypeQualifierResolver (#2558 #2694)
  • Improved the bug description for VA_FORMAT_STRING_USES_NEWLINE when using text blocks, check the usage of String.formatted() (#2881)
  • Fixed crash in ValueRangeAnalysisFactory when looking for redundant conditions used in assertions #2887)
  • Revert again commons-text from 1.11.0 to 1.10.0 to resolve a version conflict (#2686)
  • Fixed false positive MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR when referencing but not calling an overridable method #2837)
  • Update the filter XSD namespace and location for the upcoming 4.8.4 release #2909)

Added

  • New detector MultipleInstantiationsOfSingletons and introduced new bug types:
    • SING_SINGLETON_HAS_NONPRIVATE_CONSTRUCTOR is reported in case of a non-private constructor,
    • SING_SINGLETON_IMPLEMENTS_CLONEABLE is reported in case of a class directly implementing the Cloneable interface,
    • SING_SINGLETON_INDIRECTLY_IMPLEMENTS_CLONEABLE is reported when a class indirectly implements the Cloneable interface,
    • SING_SINGLETON_IMPLEMENTS_CLONE_METHOD is reported when a class does not implement the Cloneable interface, but has a clone() method,
    • SING_SINGLETON_IMPLEMENTS_SERIALIZABLE is reported when a class directly or indirectly implements the Serializable interface and
    • SING_SINGLETON_GETTER_NOT_SYNCHRONIZED is reported when the instance-getter method of the singleton class is not synchronized.
      (See SEI CERT MSC07-J)
  • Extend FindOverridableMethodCall detector with new bug type: MC_OVERRIDABLE_METHOD_CALL_IN_READ_OBJECT. It's reported when an overridable method is called from readObject(), according to SEI CERT rule SER09-J. Do not invoke overridable methods from the readObject() method.

Changed

  • Minor cleanup in connection with slashed and dotted names (#2805)

Build

  • Fix sonar coverage for project (#2796)
  • Upgraded the build to compile bug samples using Java 21 language features (#2813)
  • Add 'configurations.checkstyle resolution starategy' to control bug in gradle on exclusions not being excluded properly as seen in checkstyle usage. See checkstyle/checkstyle#14211 for more information. (#2798)
  • Allow our builds to work with jdk 11 with drop back on Eclipse to 4.24 and spring to 5.3.31. (#2604)

CHECKSUM

file checksum (sha256)
spotbugs-4.8.4-javadoc.jar eeb8bff5bcd8fb6a3a59470f6a692f1364e707c81c05604306b61d251feaa945
spotbugs-4.8.4-sources.jar 8b1bcd6d4f885e39140f13cd03636e6598d6e58f224f1ebc6ce691ce586c9c13
spotbugs-4.8.4.tgz 11629b13aad39c453c23f8a8a43096b003afb55924a17424a9e1bc722190576b
spotbugs-4.8.4.zip 20584b304d4b5755c1e99e712093c3a5df58d7fca848094460ace64410537127
spotbugs-annotations-4.8.4-javadoc.jar 068306fc4fd7151ad714743073ea50b2e06ff305b07fd8a00ddde9474d6fcbe8
spotbugs-annotations-4.8.4-sources.jar b5d0110b70b9c44915f2c3375d1b700acb6d409152baf70030787d17a684469b
spotbugs-annotations.jar baa8208c3a16d4bc08eb3717e295604154f1c12bf9fe547799ed8bae325f2718
spotbugs-ant-4.8.4-javadoc.jar f8755ad5aeda98e314c346b64d80608e84d0b21e1cf4d1944236782fd93c552a
spotbugs-ant-4.8.4-sources.jar 9f1431331363f45ceb9b91c0e5246eab574fbff81c56eff0e385f572d346de61
spotbugs-ant.jar a798346790437cdc18217379fa54a7e6b044ba2070891ebe01faee28af79af6c
spotbugs.jar 1ca27492ff249922c8a0df73d3bad3551fad860ee2333d52fcd6d7ca05e48312
test-harness-4.8.4-javadoc.jar fc219a8628b999e1518220abb1143bd721c27a4a02737d3b42f016736265afcc
test-harness-4.8.4-sources.jar 76788749afa9e2a8d6c39231f683bd8e3faab26947975c751c0ab0fbdfc3c17a
test-harness-4.8.4.jar 2136665f90315fee5f4e6c4d5f7003e3d6b61ba0fb55346b4d583602a2587c28
test-harness-core-4.8.4-javadoc.jar 303a41589c918af6ac64a9c133d62ec3efb2512be319f44e3341ee2d441e2272
test-harness-core-4.8.4-sources.jar f5db3e4ebf3f90c9bbf4815824c9d94f93fb740c9610b6f70a64bf7896a4e082
test-harness-core-4.8.4.jar 5bd0e9b18f0ec45c27ee3ec882cb6db86ed42a6b884f091468496de3281dc242
test-harness-jupiter-4.8.4-javadoc.jar 191183626b64d9e9a0d7a78b3eb35ecf4540b76fc3df4cd7966219ef8ef79402
test-harness-jupiter-4.8.4-sources.jar 0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.8.4.jar d2ed802cc81dca3cf8c393fda7f77f02b01c0c1a8ffce7ec57da53aff27a1485
Loading

SpotBugs 4.8.3

12 Dec 10:47
@github-actions github-actions
4.8.3
1e42fc9
Compare
Choose a tag to compare
SpotBugs 4.8.3

CHANGELOG

Fixed

  • Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits for checked exceptions (#2710)
  • Applied changes for bcel 6.8.0 with adjustments to constant pool (#2756)
    • More information bcel changes can be found on (#2757)
  • Fix FN in CT_CONSTRUCTOR_THROW when the return value of the called method is not void or primitive type.

Changed

  • Improved Matcher checks for empty strings (#2755)
  • Allow 'onlyAnalyze' option to specify negative matches, such that this facility can be used to prevent a subset of classes to be excluded from analysis (#2754)
  • Strictly require logback 1.2.13 due to CVE-2023-6481 and CVE-23-6378 (#2760)
  • Prefer log4j2 at 2.22.0 and logback at 1.4.14 (#2760)

CHECKSUM

file checksum (sha256)
spotbugs-4.8.3-javadoc.jar 2e01e937ceb24dc02796690e73caa9d06e576741af497f22f2b1ccd41e98065d
spotbugs-4.8.3-sources.jar 383f1434925a9b5df46c03dc79aac9dbc9ac1e5020f40b34f4e6ab565b8082f5
spotbugs-4.8.3.tgz 4713c0ebcc76125ba11be3cfcb288a39b809fdabfbeec0acd0ac7494ef649851
spotbugs-4.8.3.zip 7468aaaf370ec9df0601a46cf0157b83022d00227ef724d80ebbfbb11cb26270
spotbugs-annotations-4.8.3-javadoc.jar eb513a89ac812f50e3d7de5efbb0e135994849c18412b04759e6d67e991e356e
spotbugs-annotations-4.8.3-sources.jar b5d0110b70b9c44915f2c3375d1b700acb6d409152baf70030787d17a684469b
spotbugs-annotations.jar e5d4f60be8e57595766ba7f1d4535dc46aebf98dae05e16372a4d4120d3ebb6b
spotbugs-ant-4.8.3-javadoc.jar a9713955805838408ed7b6adf030bffc4cd2036fa2fdb8fb772bc1857e4ac4a6
spotbugs-ant-4.8.3-sources.jar 9f1431331363f45ceb9b91c0e5246eab574fbff81c56eff0e385f572d346de61
spotbugs-ant.jar a798346790437cdc18217379fa54a7e6b044ba2070891ebe01faee28af79af6c
spotbugs.jar 84a286b65d1c2441ac24a57a998c83d43b9d287fd68ac0df7c7524b5f419fc2b
test-harness-4.8.3-javadoc.jar e3c3997b3a26bee7833b9e7ae634b32f7b060fe11af0a4111d0d62b2a872f760
test-harness-4.8.3-sources.jar 633ae795c1889fa59f1faad8ea8f1f5b39155029f4f75b51557085097570feb6
test-harness-4.8.3.jar 23f414f9988a3d44dded88ad2d827e95699dc6bb8d6e06a2b0920db2cac442b9
test-harness-core-4.8.3-javadoc.jar cd3a2bbcff93aba606a4e3340733d06684e2e456211068f8cb7069890c71efa0
test-harness-core-4.8.3-sources.jar f5db3e4ebf3f90c9bbf4815824c9d94f93fb740c9610b6f70a64bf7896a4e082
test-harness-core-4.8.3.jar 5bd0e9b18f0ec45c27ee3ec882cb6db86ed42a6b884f091468496de3281dc242
test-harness-jupiter-4.8.3-javadoc.jar 35631be40804da4e5613dfa70efc491c52d5b9d4e6d35d706efce78a4ceb1669
test-harness-jupiter-4.8.3-sources.jar 0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.8.3.jar d2ed802cc81dca3cf8c393fda7f77f02b01c0c1a8ffce7ec57da53aff27a1485
Loading

SpotBugs 4.8.2

29 Nov 04:06
@github-actions github-actions
4.8.2
0f0e4b2
Compare
Choose a tag to compare
SpotBugs 4.8.2

CHANGELOG

Fixed

  • Fixed false positive UPM_UNCALLED_PRIVATE_METHOD for method used in JUnit's MethodSource (#2379)
  • Use java.nio to load filter files (#2684)
  • Eclipse: Do not export javax.annotation packages (#2699)
  • Fixed not thread safe FindOverridableMethodCall detector (#2701)
  • Fix the weird messages of PI_DO_NOT_REUSE_PUBLIC_IDENTIFIERS bugs. (#2646)
  • Revert commons-text from 1.11.0 to 1.10.0 to resolve a version conflict (#2686)
  • Fix FP in CT_CONSTRUCTOR_THROW when the finalizer does not run, since the exception is thrown before java.lang.Object's constructor exits (#2710)

Added

  • New detector finding System.getenv() calls, where the corresponding Java property could be used (See ENV02-J).

Build

  • Run build using jdk 17 and 21 without usage of toolchains so we do not defeat the purpose of building on both. (#2722)

CHECKSUM

file checksum (sha256)
spotbugs-4.8.2-javadoc.jar 9147da4187712ba3ec7fd232510181366f394443cf70a76ee918738a11c539e9
spotbugs-4.8.2-sources.jar 4486c8404debe8de2d5a7d71c14ad66480f463d84586cb3077c639c72192924c
spotbugs-4.8.2.tgz c3eb4e2077310bf19b06ed232dc8d71f3a4884a4619fd8a7c041ed5ce5af4819
spotbugs-4.8.2.zip 615400e86ee19ee1b74d0f8d1a170e2dfdb8f49d02b60fa7b276a8179c3b584a
spotbugs-annotations-4.8.2-javadoc.jar 22ec9f9658a7e569893db728a5cdcdb4121b4bca1ae1ee154189f2cbbc42f187
spotbugs-annotations-4.8.2-sources.jar b5d0110b70b9c44915f2c3375d1b700acb6d409152baf70030787d17a684469b
spotbugs-annotations.jar 3d02aacbf2d094d510c087c2a25a85e04f655b22260016473d02258237d0df27
spotbugs-ant-4.8.2-javadoc.jar b210ddbee668f591f0ff57ea8d546ac47e2753cbf56b6f1bbeb61a8d4c82d233
spotbugs-ant-4.8.2-sources.jar 9f1431331363f45ceb9b91c0e5246eab574fbff81c56eff0e385f572d346de61
spotbugs-ant.jar a798346790437cdc18217379fa54a7e6b044ba2070891ebe01faee28af79af6c
spotbugs.jar 01974233a0da943700b9b9d190f872f6dd155d5825e05d1fae5a531bebb284eb
test-harness-4.8.2-javadoc.jar a362bb855074be294da341b5ba7406c013174246c63061fc7dfc91f28795adbe
test-harness-4.8.2-sources.jar 633ae795c1889fa59f1faad8ea8f1f5b39155029f4f75b51557085097570feb6
test-harness-4.8.2.jar 23f414f9988a3d44dded88ad2d827e95699dc6bb8d6e06a2b0920db2cac442b9
test-harness-core-4.8.2-javadoc.jar 9b32bd7cc9e5af80379207b0b4ad2f6217c4e46db2db3f371d886e227b2ee266
test-harness-core-4.8.2-sources.jar f5db3e4ebf3f90c9bbf4815824c9d94f93fb740c9610b6f70a64bf7896a4e082
test-harness-core-4.8.2.jar 5bd0e9b18f0ec45c27ee3ec882cb6db86ed42a6b884f091468496de3281dc242
test-harness-jupiter-4.8.2-javadoc.jar 8029e928d3dfa2a93ff8d877693421f265122c5d0f4caee17fd6796d0c7e566d
test-harness-jupiter-4.8.2-sources.jar 0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.8.2.jar d2ed802cc81dca3cf8c393fda7f77f02b01c0c1a8ffce7ec57da53aff27a1485
Loading

SpotBugs 4.8.1

07 Nov 02:19
@github-actions github-actions
4.8.1
a93f606
Compare
Choose a tag to compare
SpotBugs 4.8.1

CHANGELOG

Fixed

  • Fixed schema location for findbugsfilter.xsd ([#1416])
  • Fixed missing null checks ([#2629])
  • Disabled DontReusePublicIdentifiers due to the high false positives rate ([#2627])
  • Removed signature of methods using UTF-8 in DefaultEncodingDetector ([#2634])
  • Fix exception escapes when calling functions of JUnit Assert or Assertions ([#2640])
  • Fixed an error in the SARIF export when a bug annotation is missing ([#2632])
  • Fixed false positive RV_EXCEPTION_NOT_THROWN when asserting to exception throws ([#2628])
  • Fix false positive CT_CONSTRUCTOR_THROW when supertype has final finalize ([#2665])
  • Lowered the priority of PA_PUBLIC_MUTABLE_OBJECT_ATTRIBUTE bug ([#2652])
  • Eclipse: fixed startup overhead (on computing classpath) for PDE projects ([#2671])

Build

  • Fix deprecated GHA on '::set-output' by using GITHUB_OUTPUT ([#2651])

CHECKSUM

file checksum (sha256)
spotbugs-4.8.1-javadoc.jar f8ef08283a500d3f250f87f5b01fac2ed19acc11bc78657fd277ca7d27c9c211
spotbugs-4.8.1-sources.jar 29fef7bebfe1597f8477e21cf139ac6f1ef01afabce8bb3e6ae258a3d6c3de8f
spotbugs-4.8.1.tgz b8e8f755c3e629885616d898e1a857162273253559f9e0e329983c671c02cd4e
spotbugs-4.8.1.zip 5cb639cf1ce79dc58ba07ee459a6da8bd665e06e10cfb66a79c685601326c111
spotbugs-annotations-4.8.1-javadoc.jar 56be7c8808111619cf87f4385368b8c0d30e4a01bcea4add878780608a6e932a
spotbugs-annotations-4.8.1-sources.jar b5d0110b70b9c44915f2c3375d1b700acb6d409152baf70030787d17a684469b
spotbugs-annotations.jar 06eba41a81aaccb011c3f75afa019e509cda7f1eb7a4e057bb860c60845f915e
spotbugs-ant-4.8.1-javadoc.jar 3862ce0fe8a201562cb32ddfbff3d78745950aeb0d0ea8c849bf55d1aa9b71de
spotbugs-ant-4.8.1-sources.jar 9f1431331363f45ceb9b91c0e5246eab574fbff81c56eff0e385f572d346de61
spotbugs-ant.jar a798346790437cdc18217379fa54a7e6b044ba2070891ebe01faee28af79af6c
spotbugs.jar e49adbc51addf00264042d82075db98a10ad2af9348f7275de6bc075b7245a95
test-harness-4.8.1-javadoc.jar 6f2d3a6c452c972e2890161ee1ff84437bba0877bcd302041df73e9d02217d7b
test-harness-4.8.1-sources.jar 633ae795c1889fa59f1faad8ea8f1f5b39155029f4f75b51557085097570feb6
test-harness-4.8.1.jar 23f414f9988a3d44dded88ad2d827e95699dc6bb8d6e06a2b0920db2cac442b9
test-harness-core-4.8.1-javadoc.jar af4e056c212f1039e9f756067fce7125f24160f2e70918fa710e6e3cd9993e92
test-harness-core-4.8.1-sources.jar f5db3e4ebf3f90c9bbf4815824c9d94f93fb740c9610b6f70a64bf7896a4e082
test-harness-core-4.8.1.jar 5bd0e9b18f0ec45c27ee3ec882cb6db86ed42a6b884f091468496de3281dc242
test-harness-jupiter-4.8.1-javadoc.jar 1d84b2c269263a7eb0641d021e99da9a6da2bfac05430b341a38a4b0530e57a9
test-harness-jupiter-4.8.1-sources.jar 0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.8.1.jar d2ed802cc81dca3cf8c393fda7f77f02b01c0c1a8ffce7ec57da53aff27a1485
Loading
0