findbugs-slf4j
findbugs-slf4j copied to clipboard
KengoTODA
build(deps): bump sonar-java-plugin from 5.13.1.18282 to 7.14.0.30229
Bumps sonar-java-plugin from 5.13.1.18282 to 7.14.0.30229.
Release notes
Sourced from sonar-java-plugin's releases.
7.14.0.30229
Release notes - SonarJava - Version 7.14
False-Positive
SONARJAVA-4330 Rule S2272: FP on method calls that are not next()
SONARJAVA-4242 SE should handle "booleanValue()" from Boolean wrapper
SONARJAVA-4174 S2259 should not raise an issue when a null variable is passed to Optional.ofNullable
SONARJAVA-4131 Add support of org.springframework.util.StringUtils#isEmpty
Improvement
SONARJAVA-4288 Update Analyzer Commons to 1.27: changes in Regex check and resources loading
SONARJAVA-4220 Update ECJ to 3.30.0
SONARJAVA-3891 Add support of org.apache.commons.lang3.ArrayUtils methods
New Feature
SONARJAVA-4284 Rules support PCI DSS Security Standard
SONARJAVA-4278 Rule S2068: Remove method checks
SONARJAVA-4275 Rule S6437: Credentials should not be hard-coded
Task
SONARJAVA-4332 Update rules metadata
7.13.0.29990
Release Notes - SonarJava - Version 7.13
... (truncated)
Commits
9079835Update to the latest parent pom 63.0.187 (#4161)9865680SONARJAVA-4332 Update rules metadata (#4160)e4154bfSONARJAVA-4330 FP S2272: Should not raise issues in the presence of method ca...b201f30SONARJAVA-4275 S6437: Update rule documentation and infeasibility of quickfix...9162b73SONARJAVA-4275 S6437 reduce FPs on conditionally assigned and empty secrets (...8e48b88SONARJAVA-4278 Rule S2068: Remove method checks (#4154)83b9bd6SONARJAVA-4275 Rule S6437: Credentials should not be hard-coded (#4147)fc7606eSONARJAVA-4220 Update to ECJ 3.3072a3180SONARJAVA-4284 revert behavior of deprecated keys (#4151)fdbc579SONARJAVA-4131 FP in SE related to org.springframework.util.StringUtils#isEmp...- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}