chore(deps): bump com.github.spotbugs:spotbugs-maven-plugin from 4.9.4.0 to 4.9.4.1 #6515

Spotbugs Maven Plugin 4.9.4.1

Consumer

Cleanup readme to better support plugin

Dropped direct usage of plexus utils and commons io

Groovy 5 now run engine

Correct issue since 4.9.2.0 resulting in most runs getting spotbugs.html file incorrectly. This has been refactored to restore doxia 1 overrides to produce xml report only when not running in site lifecycle

Correct defects with handling of various files on disk such as exclusion filters that were introduced into 4.9.4.0. Integration tests have been applied to prevent future regression.

Commons io fileutils replaced by files.walk with detailed output moved to debug collection only rather than all runs

Normalization of path to linux style

Any regex usage is now precompiled

Use re-entrant lock for source indexer

Correct locale usage to use default if not given

Block doctype and XXE when processing xml files

Cleanup some fields from resources and in code never used

Producer

Pin versions of github actions tools

Run maven 3.6.3 integration test on windows to get more broad support

Run maven integration test on mac to get more broad support

Maven 4 integration tests will continue on linux

Fix maven wrapper perceived path traversal issue

Corrections to invoker to re-establish integration test verification's

Fix bugs in integration tests

Better secure xml usage in integration tests

Cleanup integration test warnings

Make sure transfer of artifacts is correctly disabled on integration tests

Commits

a82261a [maven-release-plugin] prepare release spotbugs-maven-plugin-4.9.4.1
09a9375 Merge pull request #1194 from hazendaz/master
5819399 [mvn] Update maven wrapper
a800180 Merge pull request #1193 from hazendaz/groovy5
58b8c33 Resolve issue #75 by adding log when no files found to run on spotbugs
514f6fd Merge pull request #1192 from hazendaz/groovy5
b40d62e Correct exclude modules test as it was listing bugs file when using filter file
dcc13a3 Formatting
9a496b8 Merge pull request #1191 from hazendaz/groovy5
d10525d Include test for fix on #1166
Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot


 chore(deps): bump com.github.spotbugs:spotbugs-maven-plugin

8e9ae27

Bumps [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.9.4.0 to 4.9.4.1.
- [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases)
- [Commits](spotbugs/spotbugs-maven-plugin@spotbugs-maven-plugin-4.9.4.0...spotbugs-maven-plugin-4.9.4.1)
---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs-maven-plugin
 dependency-version: 4.9.4.1
 dependency-type: direct:production
 update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>

@dependabot dependabot bot added dependencies java labels

Sep 3, 2025

@dependabot dependabot bot requested review from DenizAltunkapan, yanglbme and alxkm as code owners

September 3, 2025 13:28

@dependabot dependabot bot added dependencies java labels

Sep 3, 2025

@codecov-commenter

Copy link

codecov-commenter commented Sep 3, 2025

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 75.10%. Comparing base (79dc0b4) to head (8e9ae27).

Additional details and impacted files

@@ Coverage Diff @@
## master #6515 +/- ##
=========================================
 Coverage 75.10% 75.10% 
 Complexity 5571 5571 
=========================================
 Files 685 685 
 Lines 19307 19307 
 Branches 3732 3732 
=========================================
 Hits 14500 14500 
 Misses 4245 4245 
 Partials 562 562

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow: