Spotbugs v4.5.0 Release Notes
Release Date: 2021-11-05 // over 2 years ago-
๐ Changed
- Replace "ๅๆ" with "่งฃๆ" in Japanese document (#1573)
- โ Add a section to document how to integrate find-sec-bugs into spotbugs-maven-plugin (#540)
- โฌ๏ธ Bump gson from 2.8.8 to 2.8.9 (#1784)
- ๐ Changes related to dominators analysis in package
edu.umd.cs.findbugs.classfile.engine.bcel
(#1741):DominatorsAnalysisFactory
renamed toNonExceptionDominatorsAnalysisFactory
(clarification)NonExceptionPostdominatorsAnalysisFactory
renamed toNonExceptionPostDominatorsAnalysisFactory
(spelling)NonImplicitExceptionDominatorsAnalysis
introduced (API consistency)
โ Added
- Rule
DCN_NULLPOINTER_EXCEPTION
covers catching NullPointerExceptions in accordance with SEI Cert rule ERR08-J (#1740) - ๐ง Multiple types of report can be generated in batch. Set multiple commandline options for report configuration like
-html=report/spotbugs.html -xml:withMessages=report/spotbugs.xml
. - New rule
REFL_REFLECTION_INCREASES_ACCESSIBILITY_OF_CLASS
to detect public methods instantiating a class they get in their parameter. This rule based on the SEI CERT rule SEC05-J. Do not use reflection to increase accessibility of classes, methods, or fields. (#SEC05-J) - New detector
FindOverridableMethodCall
to detect invocation of overridable method in constructors (MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR
) and clone() method (MC_OVERRIDABLE_METHOD_CALL_IN_CLONE
), according to SEI CERT rules MET05-J. Ensure that constructors do not call overridable methods and MET06-J. Do not invoke overridable methods in clone(). - ๐ Translation of online manual to Brazilian Portuguese (PT-BR).
๐ Fixed
- False negative about the rule ES_COMPARING_STRINGS_WITH_EQ (#1764)
- False negative about the rule IM_MULTIPLYING_RESULT_OF_IREM ([#1498])(https://github.com/spotbugs/spotbugs/issues/1498)
๐ Deprecated
- ๐ง
-output
commandline option is deprecated. Use commandline options for report configuration like-xml=spotbugs.xml
instead.