Spotbugs changelog

Changelog History

Page 3

• v4.5.1 Changes

  December 08, 2021

  🛠 Fixed

  • Ant task does not produce XML anymore (#1827)
  • Do not emit false positives of MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR and MC_OVERRIDABLE_METHOD_CALL_IN_CLONE for final classes (#1812).
  • 🏁 Reports cannot be created on Windows platform (#1842)

• v4.5.0 Changes

  November 05, 2021

  🔄 Changed

  • Replace "分析" with "解析" in Japanese document (#1573)
  • ➕ Add a section to document how to integrate find-sec-bugs into spotbugs-maven-plugin (#540)
  • ⬆️ Bump gson from 2.8.8 to 2.8.9 (#1784)
  • 🔄 Changes related to dominators analysis in package edu.umd.cs.findbugs.classfile.engine.bcel (#1741):
    • DominatorsAnalysisFactory renamed to NonExceptionDominatorsAnalysisFactory (clarification)
    • NonExceptionPostdominatorsAnalysisFactory renamed to NonExceptionPostDominatorsAnalysisFactory (spelling)
    • NonImplicitExceptionDominatorsAnalysis introduced (API consistency)

  ➕ Added

  • Rule DCN_NULLPOINTER_EXCEPTION covers catching NullPointerExceptions in accordance with SEI Cert rule ERR08-J (#1740)
  • 🔧 Multiple types of report can be generated in batch. Set multiple commandline options for report configuration like -html=report/spotbugs.html -xml:withMessages=report/spotbugs.xml.
  • New rule REFL_REFLECTION_INCREASES_ACCESSIBILITY_OF_CLASS to detect public methods instantiating a class they get in their parameter. This rule based on the SEI CERT rule SEC05-J. Do not use reflection to increase accessibility of classes, methods, or fields. (#SEC05-J)
  • New detector FindOverridableMethodCall to detect invocation of overridable method in constructors (MC_OVERRIDABLE_METHOD_CALL_IN_CONSTRUCTOR) and clone() method (MC_OVERRIDABLE_METHOD_CALL_IN_CLONE), according to SEI CERT rules MET05-J. Ensure that constructors do not call overridable methods and MET06-J. Do not invoke overridable methods in clone().
  • 🌐 Translation of online manual to Brazilian Portuguese (PT-BR).

  🛠 Fixed

  • False negative about the rule ES_COMPARING_STRINGS_WITH_EQ (#1764)
  • False negative about the rule IM_MULTIPLYING_RESULT_OF_IREM ([#1498])(https://github.com/spotbugs/spotbugs/issues/1498)

  🗄 Deprecated

  • 🔧 -output commandline option is deprecated. Use commandline options for report configuration like -xml=spotbugs.xml instead.

• v4.4.2 Changes

  October 08, 2021

  🔄 Changed

  • ➕ Add bug code to report in fancy-hist.xsl (#1688)
  • ⬆️ Bump Saxon-HE from 10.5 to 10.6 (#1715)

  🛠 Fixed

  • 🛠 Fixed immutable java.lang.Class as being flagged as EI (#1695)
  • Agree verb with plural subject in the description of SW_SWING_METHODS_INVOKED_IN_SWING_THREAD (#1664)
  • Wrong description of the SE_TRANSIENT_FIELD_OF_NONSERIALIZABLE_CLASS (#1664)
  • 🛠 Fixed java.util.Locale as being flagged as EI (#1702)
  • 🛠 Fixed reference to java.awt.Cursor which caused it to be flagged as EI (#1702)
  • Treat types with @com.google.errorprone.annotations.Immutable as immutable (#1705)
  • 🛠 Fix annotation check for jdk.internal.ValueBased (#1706)
  • DMI_RANDOM_USED_ONLY_ONCE false positive (#1539)
  • NP_NONNULL_FIELD_NOT_INITIALIZED_IN_CONSTRUCTOR false negative (#1642)
  • Immutable java.util.regex.Pattern as being flagged as EI (#1695)
  • Resource leak in the JrtfsCodeBase (#1732)

• v4.4.1 Changes

  September 07, 2021

  🔄 Changed

  • ⬆️ Bump gson from 2.8.7 to 2.8.8 (#1658)
  • Lower ExitCodes logger to debug level (#1661)
  • 🛠 Fixed SARIF format to be compatible with Github code scanning API requirements (#1630)

  🛠 Fixed

  • 🛠 Fixed immutable classes in java.net.* as being flagged as EI (#1653
  • Classes containing only static methods with setter-like names are no longer considered as mutable (#1601)
  • 🖐 Handle all immutable collections in the Guava library as immutable (#1601)
  • Classes annotated with @Immutable or @jdk.internal.ValueBased are considered as immutable (#1601)
  • 📦 All classes in packages java.time and java.math are now correctly handled as immutable (#1601)

• v4.4.0 Changes

  August 12, 2021

  🛠 Fixed

  • Fixed False positives for RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE (#600 and #1338)
  • Inconsistent bug description on EQ_COMPARING_CLASS_NAMES (#1523)
  • ➕ Add a declaration of charset encoding in generated reports (#1623)
  • 🛠 Fixed regression in Bug Info view for Eclipse 2021-03+ (#1477)

  ➕ Added

  • New detector FindBadEndOfStreamCheck for new bug type EOS_BAD_END_OF_STREAM_CHECK. This bug is reported whenever the return value of java.io.FileInputStream.read() or java.io.FileReader.read() is first converted to byte/int and only thereafter checked against -1. (See SEI CERT rule FIO08-J)

• v4.3.0 Changes

  July 01, 2021

  🛠 Fixed

  • 🔦 MS_EXPOSE_REP and EI_EXPOSE_REP are now reported for code returning a reference to a mutable object indirectly (e.g. via a local variable)

  🔄 Changed

  • ⬆️ Bump ObjectWeb ASM from 9.1 to 9.2 supporting JDK 18 (#1591)
  • ⬆️ Bump Saxon-HE from 10.3 to 10.5 (#1513)
  • ⬆️ Bump gson from 2.8.6 to 2.8.7 (#1556)
  • Function mutableSignature() improved and factored out from the MutableStaticFields detector

  ➕ Added

  • 🔦 New bugs MS_EXPOSE_BUF, EI_EXPOSE_BUF, EI_EXPOSE_STATIC_BUF2 and EI_EXPOSE_BUF2 by the FindReturnRef detector to detect cases where buffers or their backing arrays are exposed (see SEI CERT rule FIO05-J)
  • 🔦 MS_EXPOSE_REP, EI_EXPOSE_REP, EI_EXPOSE_STATIC_REP2 and EI_EXPOSE_REP2 now report for shallowly copied arrays (using clone()) of mutable objects

• v4.2.3 Changes

  April 12, 2021

  🛠 Fixed

  • Inconsistency in the description of DLS_DEAD_LOCAL_INCREMENT_IN_RETURN, VO_VOLATILE_INCREMENT and QF_QUESTIONABLE_FOR_LOOP (#1470)
  • ⚠ Should issue warning for SecureRandom object created and used only once (#1464)
  • False positive OBL_UNSATIFIED_OBLIGATION with try with resources (#79)
  • SA_LOCAL_SELF_COMPUTATION bug (#1472)
  • False positive EQ_UNUSUAL with record classes (#1367)

• v4.2.2 Changes

  March 03, 2021

  🛠 Fixed

  • UWF_NULL_FIELD doesn't report line number (#1368)
  • 👍 UnsupportedOperationException in BugRanker.trimToMaxRank (#1161)

  🔄 Changed

  • ⬆️ Bump ASM from 9.0 to 9.1 supporting JDK17
  • ⬆️ Bump commons-lang from 3.11 to 3.12.0
  • Replace org.json:json:20201115 with com.google.code.gson:gson:2.8.6

• v4.2.1 Changes

  February 04, 2021

  🛠 Fixed

  • Invalid HTML in the description of LI_LAZY_INIT_UPDATE_STATIC bug pattern (#1383)
  • NP_NONNULL_PARAM_VIOLATION false-positive in CompletableFuture.completedStage(value) (#1397)

  🔄 Changed

  • ⬆️ Bump json from 20200518 to 20201115 (#1384)

• v4.2.0 Changes

  November 28, 2020

  🔄 CHANGELOG

  • https://github.com/spotbugs/spotbugs/blob/4.2.0/CHANGELOG.md

  CHECKSUM

  file	checksum (sha256)
  spotbugs-4.2.0-javadoc.jar	351df25a8ff5dcce9b14de670e1dbe0c6808d796686978ecee8821dbf305e5d0
  spotbugs-4.2.0-sources.jar	95b25a75d6e36f2d3f4d501795db6a7468bfe23ddcc9e7496065d2bee6f36d9d
  spotbugs-4.2.0.tgz	f5e2ad6e94515923a8b9a6db370d3b34a3aad9eda13315146b9bbd03bcbe7e30
  spotbugs-4.2.0.zip	4d16c579b8622a72ee57cc5c3e730ad78c8107208528f7de875976a9dd840443
  spotbugs-annotations-4.2.0-javadoc.jar	c18c4c920acec9cb7b9c204ecc78998c5bccf9150c5a8cecd2fdc25e565be71b
  spotbugs-annotations-4.2.0-sources.jar	b338136e3e82d585348cde58a8fe3a678e16f51a35c31c1463e05fefef557aad
  spotbugs-annotations.jar	871aee8bb3f7400a0d09e9675dcd7388da584169f4aab3565efc5a3f5bc90eab
  spotbugs-ant-4.2.0-javadoc.jar	a88414de79a0c1cf420058583fe64a746e2ebe6a918f91f4e7d183c06a452810
  spotbugs-ant-4.2.0-sources.jar	c74dec42c0ed0dd1ae02a7410d8e0f0dbbee23e8e7da4a21910863677fcdbc8e
  spotbugs-ant.jar	9233e48d37882ae4e7a42e9f42ef4c63d6f802cf8f3b03ba575bee26e5032367
  spotbugs.jar	4d48063a6f7b623936b68e150ea73499f6bfeb5d1bc4769214e04a9c8804132e
  ✅	test-harness-4.2.0-javadoc.jar
  ✅	test-harness-4.2.0-sources.jar
  ✅	test-harness-4.2.0.jar
  ✅	test-harness-core-4.2.0-javadoc.jar
  ✅	test-harness-core-4.2.0-sources.jar
  ✅	test-harness-core-4.2.0.jar
  ✅	test-harness-jupiter-4.2.0-javadoc.jar
  ✅	test-harness-jupiter-4.2.0-sources.jar
  ✅	test-harness-jupiter-4.2.0.jar

• « First
• ‹ Prev
• 1
• 2
• 3
• 4
• 5
• 6
• 7
• Next ›
• Last »