Sourced from com.github.spotbugs:spotbugs's releases.

SpotBugs 4.9.3

CHANGELOG

Added

• Introduced UselessSuppressionDetector to report the useless annotations instead of NoteSuppressedWarnings (#3348)

Fixed

• Do not report US_USELESS_SUPPRESSION_ON_METHOD on synthetic methods (#3351)

CHECKSUM

file	checksum (sha256)
spotbugs-4.9.3-javadoc.jar	3d0d103724cbaaffc27f17d28d9b17f8972fb378397f8f04f6f05268bde110b7
spotbugs-4.9.3-sources.jar	0aa5c905469eb578a3dbe09dcf704cf892568610cdb58550b142d658e37a29d4
spotbugs-4.9.3.tgz	d464d56050cf1dbda032e9482e1188f7cd7b7646eaff79c2e6cbe4d6822f4d9f
spotbugs-4.9.3.zip	3b2dcf86f97d701700121cee4bd22305d4b54fd9ed7666fa0f53933a4ab92251
spotbugs-annotations-4.9.3-javadoc.jar	5fce79dc01a97aae84670922dd3581aa621b980535e4f6695a71db553dcb9cb4
spotbugs-annotations-4.9.3-sources.jar	990ad9f3500499a99466b7c1e01284f4f41d1499358e7dc38c8defc59dab114c
spotbugs-annotations.jar	13532bfe2f45fcd491432221df72d9cd0efb8f987c9245e12befa192c8925ce3
spotbugs-ant-4.9.3-javadoc.jar	346eb5215f9d157ab46c3216a783416e2fa2e8c9d4458143267fb518f81c7d77
spotbugs-ant-4.9.3-sources.jar	591073402e4110093a380169acd3f33b26c2f893c2eaed5a6460d9be0b26014e
spotbugs-ant.jar	3a6f453696294d5314e648d4891d35e34315e11cb63c758a1601021cc0d803d1
spotbugs.jar	710e8b98f1ae23cdb71aaaf07e8d71fb63b44f2bbbaa1df3c3ba0de62aba6ec9
test-harness-4.9.3-javadoc.jar	57f51147e289b5c6493f844beaac97cde57773a1d16ce064e9deb8963b3f99ce
test-harness-4.9.3-sources.jar	22688f14ef808cde65cc46e86d41c617fc397fc4967516006a73ce8bad658b9f
test-harness-4.9.3.jar	9bf5bba9546e4f89032006261dd2921a79fc3044e473ee1fa73af870cb43da15
test-harness-core-4.9.3-javadoc.jar	15aac012f3a8c8d6600075efe824aecab8233778e58345fecca65d7970256311
test-harness-core-4.9.3-sources.jar	13825de35190089490c7e290b52bafe6a9b08ab431177c0191dae9cf2a88a55d
test-harness-core-4.9.3.jar	3c74cc6d2d6f999d403f00f97685587e617d2bf1bfc348bbd0597e785c83feec
test-harness-jupiter-4.9.3-javadoc.jar	a8f276fb01743b8dc9f8cd6b517ae0748e38f673e31615a923c9c61f5fd9de58
test-harness-jupiter-4.9.3-sources.jar	0aefbc5c8bd406e5dc0b1d59bc3afc6889c02010d486b22242f4f19a1a935800
test-harness-jupiter-4.9.3.jar	0e9509de32f8fbc94cf088dbee80394fa93807a766532568e652cd622ce737c8

SpotBugs 4.9.2

CHANGELOG

Added

• Reporting useless @SuppressFBWarnings annotations (#641)

Fixed

• Fixed html bug descriptions for AT_STALE_THREAD_WRITE_OF_PRIMITIVE and AT_NONATOMIC_64BIT_PRIMITIVE (#3303)
• Fixed an HSM_HIDING_METHOD false positive when ECJ generates a synthetic method for an enum switch (#3305)
• Fix AT_UNSAFE_RESOURCE_ACCESS_IN_THREAD false negatives, detector depending on method order.
• Fix THROWS_METHOD_THROWS_CLAUSE_THROWABLE reported in a method calling MethodHandle.invokeExact due to its polymorphic signature (#3309)
• Fix AT_STALE_THREAD_WRITE_OF_PRIMITIVE false positive in inner class (#3310).
• Fix AT_STALE_THREAD_WRITE_OF_PRIMITIVE false positive for ECJ compiled enum switches (#3316)
• Fix RC_REF_COMPARISON false positive with Lombok With annotation (#3319)
• Avoid calling File.getCanonicalPath twice to improve performance (#3325)
• Fix MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR and MC_OVERRIDABLE_METHOD_CALL_IN_CLONE false positive when the overridable method is outside the class (#3328).
• Fix NullPointerException thrown from ThrowingExceptions detector (#3337).

Removed

... (truncated)

Sourced from com.github.spotbugs:spotbugs's changelog.

4.9.3 - 2025-03-14

Added

• Introduced UselessSuppressionDetector to report the useless annotations instead of NoteSuppressedWarnings (#3348)

Fixed

• Do not report US_USELESS_SUPPRESSION_ON_METHOD on synthetic methods (#3351)

4.9.2 - 2025-03-01

Added

• Reporting useless @SuppressFBWarnings annotations (#641)

Fixed

• Fixed html bug descriptions for AT_STALE_THREAD_WRITE_OF_PRIMITIVE and AT_NONATOMIC_64BIT_PRIMITIVE (#3303)
• Fixed an HSM_HIDING_METHOD false positive when ECJ generates a synthetic method for an enum switch (#3305)
• Fix AT_UNSAFE_RESOURCE_ACCESS_IN_THREAD false negatives, detector depending on method order.
• Fix THROWS_METHOD_THROWS_CLAUSE_THROWABLE reported in a method calling MethodHandle.invokeExact due to its polymorphic signature (#3309)
• Fix AT_STALE_THREAD_WRITE_OF_PRIMITIVE false positive in inner class (#3310).
• Fix AT_STALE_THREAD_WRITE_OF_PRIMITIVE false positive for ECJ compiled enum switches (#3316)
• Fix RC_REF_COMPARISON false positive with Lombok With annotation (#3319)
• Avoid calling File.getCanonicalPath twice to improve performance (#3325)
• Fix MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR and MC_OVERRIDABLE_METHOD_CALL_IN_CLONE false positive when the overridable method is outside the class (#3328).
• Fix NullPointerException thrown from ThrowingExceptions detector (#3337).

Removed

• Removed the TLW_TWO_LOCK_NOTIFY, LI_LAZY_INIT_INSTANCE, BRSA_BAD_RESULTSET_ACCESS, BC_NULL_INSTANCEOF, NP_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR and RCN_REDUNDANT_CHECKED_NULL_COMPARISON deprecated bug patterns.

4.9.1 - 2025-02-02

Added

• New detector SharedVariableAtomicityDetector for new bug types AT_NONATOMIC_OPERATIONS_ON_SHARED_VARIABLE, AT_NONATOMIC_64BIT_PRIMITIVE and AT_STALE_THREAD_WRITE_OF_PRIMITIVE (See SEI CERT rules VNA00-J, VNA02-J and VNA05-J).
• New detector FindHiddenMethod for bug type HSM_HIDING_METHOD. This bug is reported whenever a subclass method hides the static method of super class. (See SEI CERT MET07-J).

Fixed

• Fixed the parsing of generics methods in ThrowingExceptions (#3267)
• Accept the 1st parameter of java.util.concurrent.CompletableFuture's completeOnTimeout(), getNow() and obtrudeValue() functions as nullable (#1001).
• Fixed the analysis error when FindReturnRef was checking instructions corresponding to a CFG branch that was optimized away (#3266)
• Added execute file permission to files in the distribution archive (#3274)
• Fixed a stack overflow in MultipleInstantiationsOfSingletons when a singleton initializer makes recursive calls (#3280)
• Fixed NPE in FindReturnRef on inner class fields (#3283)
• Fixed NP_NULL_ON_SOME_PATH_FROM_RETURN_VALUE false positive when add edu.umd.cs.findbugs.annotations.Nullable (#3243)

4.9.0 - 2025-01-15

Added

• Updated the SuppressFBWarnings annotation to support finer grained bug suppressions (#3102)
• SimpleDateFormat, DateTimeFormatter, FastDateFormat string check for bad combinations of flag formatting (#637)
• New detector ResourceInMultipleThreadsDetector and introduced new bug type:
  • AT_UNSAFE_RESOURCE_ACCESS_IN_THREAD is reported in case of unsafe resource access in multiple threads.

Fixed

• Do not consider Records as Singletons (#2981)
• Keep a maximum of 10000 cached analysis entries for plugin's analysis engines (#3025)

... (truncated)

• 1f6a719 release v4.9.3
• 30f22d8 fix(deps): update junit5 monorepo to v5.12.1 (#3357)
• 4b0cfff cleanup: remove redundant implementations of getDetectorClassName() (#3352)
• bd996f4 chore(deps): update dependency com.diffplug.gradle:goomph to v4.3.0 (#3355)
• e46c442 Do not report US_USELESS_SUPPRESSION_ON_METHOD on synthetic methods (#3353)
• 7450785 Introduce UselessSuppressionDetector to report the useless suppressions
• 830e10c fix(deps): update dependency checkstyle to v10.21.4 (#3347)
• b5c7686 fix(deps): update dependency org.checkerframework:checker-qual to v3.49.1 (#3...
• c4b59b1 chore(deps): update sphinxdoc/sphinx docker tag to v8.2.3 (#3344)
• 7fd6fa4 fix(deps): update mockito monorepo to v5.16.0 (#3345)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)