Skip to content

Bump the dependencies group across 1 directory with 4 updates #302

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: v2
Choose a base branch
from
Open

Bump the dependencies group across 1 directory with 4 updates #302

wants to merge 1 commit into from
+4 −4

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 20, 2025

Bumps the dependencies group with 4 updates in the / directory: software.amazon.awssdk:secretsmanager, com.github.spotbugs:spotbugs-annotations, com.github.spotbugs:spotbugs-maven-plugin and org.jacoco:jacoco-maven-plugin.

Updates software.amazon.awssdk:secretsmanager from 2.34.2 to 2.35.10

Updates com.github.spotbugs:spotbugs-annotations from 4.9.6 to 4.9.8

Release notes

Sourced from com.github.spotbugs:spotbugs-annotations's releases.

4.9.8

SpotBugs 4.9.8

CHANGELOG

Fixed

  • Maven plugin reporting issue if -adjustPriority is not set (#3774)

CHECKSUM

file checksum (sha256)
spotbugs-4.9.8-javadoc.jar 06fb742e3170087983c5855d7d8d846d7cdab9badfdf4b3564b424deb1dc0b28
spotbugs-4.9.8-sources.jar cbee8358dd239e81fdcf37c32d1e6bedf148d25638b0c8d1b687d97c3061ecd9
spotbugs-4.9.8.tgz 2eb8e0f2b223c22ffa2ce0c1cf1be4127dde19d240b8f7ce69a5fd3ad5c36ff3
spotbugs-4.9.8.zip e13d476403cf69074f415e35ebcc2f865f7a1ea444c1e659516bc0260e74dfa5
spotbugs-annotations-4.9.8-javadoc.jar aecf15bb27a4d067e9b5a1c85b5d3aeefc5026a66e93040995804662e285d679
spotbugs-annotations-4.9.8-sources.jar 075b2eed660c2fe2fb1ad1de028f8fdff5f358e25c1318706b95ab17bb28be44
spotbugs-annotations.jar 6f69d6fe9c55a54dcb30e87d8fa2d5f52246af50d7a3445246d9539ef221be1c
spotbugs-ant-4.9.8-javadoc.jar 025b2fb90e089dab1875068397736003bbf9e66bcac287ecb9e512dd0d387748
spotbugs-ant-4.9.8-sources.jar 91477d93b1fd1bebae35d318427b5238fb458e726478dc1a8ac41ce74838a1e6
spotbugs-ant.jar 22f2fa397e86663adcd4828cc1c91e63aa6cc2bfc56832885b749a86fac5c784
spotbugs.jar 4469bc080afe7cd2290a20bf63e28392b80abcc7c7ace33c8f55da52a17c7ca5
test-harness-4.9.8-javadoc.jar 81677f77441af941613c99a4f04b3cb2f6b1950be589afdec03905d8e2917824
test-harness-4.9.8-sources.jar 805d2d124b0d4ea513ee9262d4ad6027c3471d45defd80fd7d20e23425d17df7
test-harness-4.9.8.jar 0076a3bc9602c78d73edb048e625a96ee6a182fa3dd39300aa739af67b954189
test-harness-core-4.9.8-javadoc.jar e3e64a5fd96be16eec8b832e87da703e5eae910b3abd7bda9ff81a10363e5c7f
test-harness-core-4.9.8-sources.jar 043a55d99a517c0d9cf702b0c183b4afd3f03af9eff4a86d59bb37df1b35b532
test-harness-core-4.9.8.jar 4e439df3b499660d91a659d7c523fcdc4945c932dfc7fee68e796193f9dff6bb
test-harness-jupiter-4.9.8-javadoc.jar ae8ddee06796757be0526af1adf5969fbc149c0cf83542e6641405e69a044496
test-harness-jupiter-4.9.8-sources.jar 17144f315686bfd01c02fa4ae7c916060c41de8eed58d5b8470416fa08f46ced
test-harness-jupiter-4.9.8.jar 9e1bc39da08c6c80091f34f1fd92ec092109d0cdfd8009910bc22772df06eea7

4.9.7

SpotBugs 4.9.7

CHANGELOG

Fixed

  • Fix Eclipse not always using latest preferences file state (#3740)
  • Fix exception throw when singleton implementing Cloneable has no clone() method (#3727)
  • Fix for missing -adjustPriority parameter in Eclipse preferences (#3687)
  • Documentation of -adjustPriority parameter
  • Functionality from DetectorFactory setEnabledButNonReporting(), getPriorityAdjustment() methods and BugInstance.adjustForDetector() is deprecated and moved to PriorityAdjuster (#3753)
  • Improved FindNakedNotify to handle the case when the lock is loaded from a field (#3634)

Changed

  • Support for fully qualified class names for detectors in -adjustPriority parameter
  • Support for numerical and absolute priority adjustments
  • Bump up Apache Commons BCEL to the version 6.11.0 (#3569)

Deprecated

  • Add back and deprecate edu.umd.cs.findbugs.io.IO.close(InputStream) method. (#3756)

... (truncated)

Changelog

Sourced from com.github.spotbugs:spotbugs-annotations's changelog.

4.9.8 - 2025-10-18

Fixed

  • Maven plugin reporting issue if -adjustPriority is not set (#3774)

4.9.7 - 2025-10-14

Fixed

  • Fix Eclipse not always using latest preferences file state (#3740)
  • Fix exception throw when singleton implementing Cloneable has no clone() method (#3727)
  • Fix for missing -adjustPriority parameter in Eclipse preferences (#3687)
  • Documentation of -adjustPriority parameter
  • Functionality from DetectorFactory setEnabledButNonReporting(), getPriorityAdjustment() methods and BugInstance.adjustForDetector() is deprecated and moved to PriorityAdjuster (#3753)
  • Improved FindNakedNotify to handle the case when the lock is loaded from a field (#3634)

Changed

  • Support for fully qualified class names for detectors in -adjustPriority parameter
  • Support for numerical and absolute priority adjustments
  • Bump up Apache Commons BCEL to the version 6.11.0 (#3569)

Deprecated

  • Add back and deprecate edu.umd.cs.findbugs.io.IO.close(InputStream) method. (#3756)

Build

  • Allow our GA builds to work with JDK 25 (and drop support for JDK 24) (#3564)
Commits
  • c1fa7f2 release v4.9.8
  • 023f8dd fix(deps): update dependency org.apache.groovy:groovy-all to v5.0.2 (#3782)
  • 423f1d1 Unconditional while loops no raising IL_INFINITE_LOOP (#3537)
  • 9125bee Fix priority adjustment code
  • 183da6c fix(deps): update dependency org.springframework:spring-core to v6.2.12 (#3779)
  • a499f2e chore(deps): update dependency com.diffplug.gradle:goomph to v4.4.1 (#3776)
  • b339bc1 Unconditionally initialize PriorityAdjuster for AbstractBugReporter
  • 96891fe chore(deps): update plugin com.github.spotbugs to v6.4.3 (#3773)
  • a3667d7 chore(docs): Updated supported versions
  • 333a96a prepare for next release
  • Additional commits viewable in compare view

Updates com.github.spotbugs:spotbugs-maven-plugin from 4.9.6.0 to 4.9.8.1

Release notes

Sourced from com.github.spotbugs:spotbugs-maven-plugin's releases.

Spotbugs Maven Plugin 4.9.8.1

Bug fix with SpotbugsInfo.EOF error (was meant to be SpotbugsInfo.EOL).

Spotbugs Maven Plugin 4.9.8.0

Bug fix release supporting spotbugs 4.9.8.

Spotbugs Maven Plugin 4.9.7.0

Commits
  • 8eb6aa9 [maven-release-plugin] prepare release spotbugs-maven-plugin-4.9.8.1
  • 4ff769f Fix: Correct reported issue with 'EOF' where it should be 'EOL'
  • c210782 Merge pull request #1241 from spotbugs/renovate/execpluginversion
  • 662fa1e Update dependency org.codehaus.mojo:exec-maven-plugin to v3.6.2
  • 8cd9648 [maven-release-plugin] prepare for next development iteration
  • d8d4c69 [maven-release-plugin] prepare release spotbugs-maven-plugin-4.9.8.0
  • 52cdf26 [ci] Add note about pom entries to update for testing upstream master
  • 9b8e387 [pom] Prepare for 4.9.8 release
  • 0a8ac5a Merge pull request #1238 from spotbugs/renovate/github-codeql-action-digest
  • 4b02d8d Merge pull request #1240 from spotbugs/renovate/spotbugs.version
  • Additional commits viewable in compare view

Updates org.jacoco:jacoco-maven-plugin from 0.8.13 to 0.8.14

Release notes

Sourced from org.jacoco:jacoco-maven-plugin's releases.

0.8.14

New Features

  • JaCoCo now officially supports Java 25 (GitHub #1950).
  • Experimental support for Java 26 class files (GitHub #1870).
  • Branches added by the Kotlin compiler for default argument number 33 or higher are filtered out during generation of report (GitHub #1655).
  • Part of bytecode generated by the Kotlin compiler for elvis operator that follows safe call operator is filtered out during generation of report (GitHub #1814, #1954).
  • Part of bytecode generated by the Kotlin compiler for more cases of chained safe call operators is filtered out during generation of report (GitHub #1956).
  • Part of bytecode generated by the Kotlin compiler for invocations of suspendCoroutineUninterceptedOrReturn intrinsic is filtered out during generation of report (GitHub #1929).
  • Part of bytecode generated by the Kotlin compiler for suspending lambdas with parameters is filtered out during generation of report (GitHub #1945).
  • Part of bytecode generated by the Kotlin compiler for suspending functions and lambdas with suspension points that return inline value class is filtered out during generation of report (GitHub #1871).
  • Part of bytecode generated by the Kotlin Compose compiler plugin for pausable composition is filtered out during generation of report (GitHub #1911).
  • Methods generated by the Kotlin serialization compiler plugin are filtered out (GitHub #1885, #1970, #1971).

Fixed bugs

  • Fixed handling of implicit else clause of when with String subject in Kotlin (GitHub #1813, #1940).
  • Fixed handling of implicit default clause of switch by String in Java when compiled by ECJ (GitHub #1813, #1940). Fixed handling of exceptions in chains of safe call operators in Kotlin (GitHub #1819).

Non-functional Changes

  • JaCoCo now depends on ASM 9.9 (GitHub #1965).
Commits
  • 2eb2483 Prepare release v0.8.14
  • de76181 KotlinSerializableFilter should filter more methods (#1971)
  • 89c4bd5 Fix NPE in KotlinSerializableFilter (#1970)
  • 0981128 Migrate release staging to the Central Publisher Portal (#1968)
  • d07bc6b Add filter for bytecode generated by Kotlin serialization compiler plugin (#1...
  • 5e35fd5 Upgrade maven-dependency-plugin to 3.9.0 (#1966)
  • c2fe5cc Upgrade ASM to 9.9 (#1965)
  • b0f8e23 KotlinSafeCallOperatorFilter should filter "unoptimized" safe call followed b...
  • c7bd3f4 Upgrade spotless-maven-plugin to 3.0.0 (#1961)
  • faa289d KotlinSafeCallOperatorFilter should not be affected by presence of pseudo ins...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the dependencies group across 1 directory with 4 updates
b00e4d5 
Bumps the dependencies group with 4 updates in the / directory: software.amazon.awssdk:secretsmanager, [com.github.spotbugs:spotbugs-annotations](https://github.com/spotbugs/spotbugs), [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) and [org.jacoco:jacoco-maven-plugin](https://github.com/jacoco/jacoco).


Updates `software.amazon.awssdk:secretsmanager` from 2.34.2 to 2.35.10

Updates `com.github.spotbugs:spotbugs-annotations` from 4.9.6 to 4.9.8
- [Release notes](https://github.com/spotbugs/spotbugs/releases)
- [Changelog](https://github.com/spotbugs/spotbugs/blob/master/CHANGELOG.md)
- [Commits](spotbugs/spotbugs@4.9.6...4.9.8)

Updates `com.github.spotbugs:spotbugs-maven-plugin` from 4.9.6.0 to 4.9.8.1
- [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases)
- [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.9.6.0...spotbugs-maven-plugin-4.9.8.1)

Updates `org.jacoco:jacoco-maven-plugin` from 0.8.13 to 0.8.14
- [Release notes](https://github.com/jacoco/jacoco/releases)
- [Commits](jacoco/jacoco@v0.8.13...v0.8.14)

---
updated-dependencies:
- dependency-name: software.amazon.awssdk:secretsmanager
  dependency-version: 2.35.10
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: com.github.spotbugs:spotbugs-annotations
  dependency-version: 4.9.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: com.github.spotbugs:spotbugs-maven-plugin
  dependency-version: 4.9.8.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: org.jacoco:jacoco-maven-plugin
  dependency-version: 0.8.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Oct 20, 2025
@dependabot dependabot bot requested a review from a team as a code owner October 20, 2025 21:08
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Oct 20, 2025
@codecov
Copy link

codecov bot commented Oct 20, 2025

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 82.24%. Comparing base (36d50e2) to head (b00e4d5).

Additional details and impacted files 
@@            Coverage Diff            @@
##                 v2     #302   +/-   ##
=========================================
  Coverage     82.24%   82.24%           
  Complexity      143      143           
=========================================
  Files            12       12           
  Lines           366      366           
  Branches         45       45           
=========================================
  Hits            301      301           
  Misses           58       58           
  Partials          7        7

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file java Pull requests that update Java code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants