You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from junit5-system-extensions's releases.

Delegate security manager calls

JUnit5 System Extensions 1.2.0, released 2021-04-26

Summary

When trapping System.exit calls, the ExitGuardSecurityManager now doesn't simply replace an existing security manager anymore. Instead it uses the existing one as a delegate for all checks except the exit check.

This way applications that require a security manager don't change their behavior.

Update of the release letter 2021-05-02: This version actually contains a breaking change that we overlooked: from this release on only Java 11 and above are supported.

Features

• #23: Delegate security manager calls to the original security manager

Refactoring

• #21: Migrate to Maven Central

• 9bc317c Prepare release 1.2.0
• bedde31 Improve ci build (#25)
• 04b834b #21: Delegate Security Manager (#24)
• f9000dd #21 migrate to maven central (#22)
• bb38fa9 Fixed typo
• 6958a72 Merge pull request #18 from itsallcode/added-maven-central-badge
• 2d890b1 Added maven central badge
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from spotbugs-maven-plugin's releases.

Spotbugs-maven-plugin 4.5.3.0

• Support spotbugs maven plugin 4.5.3.0
• Make maven scoped dependencies provided scope

Spotbugs-maven-plugin 4.5.2.0

• Support spotbugs 4.5.2
• Fix deprecations from spotbugs 4.5.0

Spotbugs-maven-plugin 4.5.0.0

support for spotbugs 4.5.0

Spotbugs-maven-plugin 4.4.2.2

• Use new base-parent pom with removal of undocumented maven url attributes that cause issues for users of older jfrog artifactory installations.

Spotbugs-maven-plugin 4.4.2.1 Release

• Reworked version string to account for any patches we need to make to plugin that would otherwise case a diverge from spotbugs or require us to wait. This is similar to how other plugins approach this such as lombok. The first 3 positions are reserved for the alignment with spotbugs. The last position is for our patch revision level. Normally this would be '0' but given we released 4.4.2 already, it made sense to denote '1' so that it was clear there was a difference.
• This patch release addresses issues with resolution of the maven dependencies that resulted in a few regression libraries that had vulnerabilities.
• This patch further changed lowest maven from 3.2.5 to 3.3.9 but reality is that even 3.3.9 likely doesn't work. Since all maven before 3.8.1 are vulnerable, most should be there. If not, let us know. Future releases will raise that revision number up.

Spotbugs-maven-plugin 4.4.2 Release

Added support for spotbugs 4.4.2 Now running github actions on jdk 17 and 18-ea to show this works there Now running against maven 3.8.3 Updated a number of plugins and dependencies

Spotbugs-maven-plugin 4.4.1 Release

• Add support for Sarif
• Support spotbugs 4.4.1
• Library Updates

• ae36586 [maven-release-plugin] prepare release spotbugs-maven-plugin-4.5.3.0
• 03b7e0d Merge pull request #392 from hazendaz/spotbugs
• 477b67e [pom] Bump spotbugs to 4.5.3
• 4c29db7 Merge pull request #390 from hazendaz/spotbugs
• 7ceb76b [actions] Adjust name for wrapper 3.3.9 usage and wrapper goal
• 15b5b51 [actions] Add github action to run entirely through maven 3.3.9
• fd7b8cc Merge pull request #389 from hazendaz/spotbugs
• 196b77f [mvn] Update maven wrapper
• 15fff12 Merge pull request #388 from hazendaz/spotbugs
• 6c0bb1e Merge pull request #387 from spotbugs/dependabot/maven/scmPluginVersion-1.12.2
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from equalsverifier's changelog.

[3.9] - 2022-01-31

Changed

• EqualsVerifier is now released as a multi-release JAR file, in two variants: equalsverifier and equalsverifier-nodep. equalsverifier-nodep has all its dependencies shaded into a fat jar file; equalsverifier has dependencies. Note that until now, equalsverifier was the only artifact, and it was a shaded fat jar. (Issue 575)

• 597e95c [maven-release-plugin] prepare release equalsverifier-3.9
• f4cb32b Version bump
• dae5f14 Configures release parameters
• fccf26b Simplifies checkstyle pom configuration
• c97c3a5 Bump byte-buddy from 1.12.6 to 1.12.7
• e8c15f7 Bump javafx-base from 17.0.1 to 17.0.2
• d4029af Bump maven-compiler-plugin from 3.8.1 to 3.9.0
• e25c9ef Bump maven-assembly-plugin from 3.1.0 to 3.3.0
• 7d2434f Bump version.slf4j from 1.7.32 to 1.7.35
• 0712ffb Bump spotless-maven-plugin from 2.18.0 to 2.20.0
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pmd-java's releases.

PMD 6.42.0 (29-January-2022)

29-January-2022 - 6.42.0

The PMD team is pleased to announce PMD 6.42.0.

This is a minor release.

Table Of Contents

• New and noteworthy
  • Javascript: Rhino updated to latest version 1.7.14
  • New rules
  • Modified rules
• Fixed Issues
• API Changes
• External Contributions
• Stats

New and noteworthy

Javascript: Rhino updated to latest version 1.7.14

Rhino, the implementation of JavaScript we use for parsing JavaScript code, has been updated to the latest version 1.7.14. Now language features like template strings can be parsed. However Rhino does not support all features of the latest EcmaScript standard.

New rules

• The new Java rule FinalParameterInAbstractMethod detects parameters that are declared as final in interfaces or abstract methods. Declaring the parameters as final is useless because the implementation may choose to not respect it.

    <rule ref="category/java/codestyle.xml/FinalParameterInAbstractMethod" />

The rule is part of the quickstart.xml ruleset.

Modified rules

• The Apex rule ApexDoc has a new property reportProperty. If set to false (default is true if unspecified) doesn't report missing ApexDoc comments on properties. It allows you to enforce ApexDoc comments for classes and methods without requiring them for properties.

Fixed Issues

• core
  • #3328: [core] designer.bat errors when JAVAFX_HOME contains spaces

... (truncated)

• 391c325 [maven-release-plugin] prepare release pmd_releases/6.42.0
• 2d6a149 Prepare pmd release 6.42.0
• 93811d3 Merge pull request #3726 from adangel:issue-3328-designer-bat
• fb913bd Merge pull request from Vyom-Yadav:CS-PMD-FIX-1
• fb5e4dc [doc] Update release notes (#3747)
• 0f01d46 [core] Updated DataType.java
• c0c2c76 Merge pull request #3722 from adangel:issue-3721-returnemptycollection
• 6558167 Merge pull request #3674 from adangel:issue-3639-usestringbufferlength
• ed611cd Add @​gredler as a contributor
• 3b8f87a Merge pull request #3745 from gredler:pmd-3712
• Additional commits viewable in compare view

Sourced from pmd-core's releases.

PMD 6.42.0 (29-January-2022)

29-January-2022 - 6.42.0

The PMD team is pleased to announce PMD 6.42.0.

This is a minor release.

Table Of Contents

• New and noteworthy
  • Javascript: Rhino updated to latest version 1.7.14
  • New rules
  • Modified rules
• Fixed Issues
• API Changes
• External Contributions
• Stats

New and noteworthy

Javascript: Rhino updated to latest version 1.7.14

Rhino, the implementation of JavaScript we use for parsing JavaScript code, has been updated to the latest version 1.7.14. Now language features like template strings can be parsed. However Rhino does not support all features of the latest EcmaScript standard.

New rules

• The new Java rule FinalParameterInAbstractMethod detects parameters that are declared as final in interfaces or abstract methods. Declaring the parameters as final is useless because the implementation may choose to not respect it.

    <rule ref="category/java/codestyle.xml/FinalParameterInAbstractMethod" />

The rule is part of the quickstart.xml ruleset.

Modified rules

• The Apex rule ApexDoc has a new property reportProperty. If set to false (default is true if unspecified) doesn't report missing ApexDoc comments on properties. It allows you to enforce ApexDoc comments for classes and methods without requiring them for properties.

Fixed Issues

• core
  • #3328: [core] designer.bat errors when JAVAFX_HOME contains spaces

... (truncated)

• 391c325 [maven-release-plugin] prepare release pmd_releases/6.42.0
• 2d6a149 Prepare pmd release 6.42.0
• 93811d3 Merge pull request #3726 from adangel:issue-3328-designer-bat
• fb913bd Merge pull request from Vyom-Yadav:CS-PMD-FIX-1
• fb5e4dc [doc] Update release notes (#3747)
• 0f01d46 [core] Updated DataType.java
• c0c2c76 Merge pull request #3722 from adangel:issue-3721-returnemptycollection
• 6558167 Merge pull request #3674 from adangel:issue-3639-usestringbufferlength
• ed611cd Add @​gredler as a contributor
• 3b8f87a Merge pull request #3745 from gredler:pmd-3712
• Additional commits viewable in compare view

Sourced from pmd-javascript's releases.

PMD 6.42.0 (29-January-2022)

29-January-2022 - 6.42.0

The PMD team is pleased to announce PMD 6.42.0.

This is a minor release.

Table Of Contents

• New and noteworthy
  • Javascript: Rhino updated to latest version 1.7.14
  • New rules
  • Modified rules
• Fixed Issues
• API Changes
• External Contributions
• Stats

New and noteworthy

Javascript: Rhino updated to latest version 1.7.14

Rhino, the implementation of JavaScript we use for parsing JavaScript code, has been updated to the latest version 1.7.14. Now language features like template strings can be parsed. However Rhino does not support all features of the latest EcmaScript standard.

New rules

• The new Java rule FinalParameterInAbstractMethod detects parameters that are declared as final in interfaces or abstract methods. Declaring the parameters as final is useless because the implementation may choose to not respect it.

    <rule ref="category/java/codestyle.xml/FinalParameterInAbstractMethod" />

The rule is part of the quickstart.xml ruleset.

Modified rules

• The Apex rule ApexDoc has a new property reportProperty. If set to false (default is true if unspecified) doesn't report missing ApexDoc comments on properties. It allows you to enforce ApexDoc comments for classes and methods without requiring them for properties.

Fixed Issues

• core
  • #3328: [core] designer.bat errors when JAVAFX_HOME contains spaces

... (truncated)

• 391c325 [maven-release-plugin] prepare release pmd_releases/6.42.0
• 2d6a149 Prepare pmd release 6.42.0
• 93811d3 Merge pull request #3726 from adangel:issue-3328-designer-bat
• fb913bd Merge pull request from Vyom-Yadav:CS-PMD-FIX-1
• fb5e4dc [doc] Update release notes (#3747)
• 0f01d46 [core] Updated DataType.java
• c0c2c76 Merge pull request #3722 from adangel:issue-3721-returnemptycollection
• 6558167 Merge pull request #3674 from adangel:issue-3639-usestringbufferlength
• ed611cd Add @​gredler as a contributor
• 3b8f87a Merge pull request #3745 from gredler:pmd-3712
• Additional commits viewable in compare view

Sourced from pmd-jsp's releases.

PMD 6.42.0 (29-January-2022)

29-January-2022 - 6.42.0

The PMD team is pleased to announce PMD 6.42.0.

This is a minor release.

Table Of Contents

• New and noteworthy
  • Javascript: Rhino updated to latest version 1.7.14
  • New rules
  • Modified rules
• Fixed Issues
• API Changes
• External Contributions
• Stats

New and noteworthy

Javascript: Rhino updated to latest version 1.7.14

Rhino, the implementation of JavaScript we use for parsing JavaScript code, has been updated to the latest version 1.7.14. Now language features like template strings can be parsed. However Rhino does not support all features of the latest EcmaScript standard.

New rules

• The new Java rule FinalParameterInAbstractMethod detects parameters that are declared as final in interfaces or abstract methods. Declaring the parameters as final is useless because the implementation may choose to not respect it.

    <rule ref="category/java/codestyle.xml/FinalParameterInAbstractMethod" />

The rule is part of the quickstart.xml ruleset.

Modified rules

• The Apex rule ApexDoc has a new property reportProperty. If set to false (default is true if unspecified) doesn't report missing ApexDoc comments on properties. It allows you to enforce ApexDoc comments for classes and methods without requiring them for properties.

Fixed Issues

• core
  • #3328: [core] designer.bat errors when JAVAFX_HOME contains spaces

... (truncated)

• 391c325 [maven-release-plugin] prepare release pmd_releases/6.42.0
• 2d6a149 Prepare pmd release 6.42.0
• 93811d3 Merge pull request #3726 from adangel:issue-3328-designer-bat
• fb913bd Merge pull request from Vyom-Yadav:CS-PMD-FIX-1
• fb5e4dc [doc] Update release notes (#3747)
• 0f01d46 [core] Updated DataType.java
• c0c2c76 Merge pull request #3722 from adangel:issue-3721-returnemptycollection
• 6558167 Merge pull request #3674 from adangel:issue-3639-usestringbufferlength
• ed611cd Add @​gredler as a contributor
• 3b8f87a Merge pull request #3745 from gredler:pmd-3712
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from pitest-maven's releases.

1.7.4

• #965 - BigDecimal Mutator (thanks @​MarcinNowak-codes)
• #750 - Support -DskipTests from commandline (thanks @​marwin1991)

• 2ec1178 update console link
• fca2366 Merge pull request #982 from hcoles/ci/latest-windows-and-osx
• 2684bb4 Merge pull request #973 from hcoles/dependabot/maven/pitest-maven-verificatio...
• 90a8deb Merge pull request #974 from hcoles/dependabot/maven/pitest-maven-verificatio...
• 9dac143 Merge pull request #975 from hcoles/dependabot/maven/pitest-maven-verificatio...
• 241f443 Merge pull request #976 from hcoles/dependabot/maven/pitest-maven-verificatio...
• 9e8b702 Merge pull request #977 from hcoles/dependabot/maven/pitest-maven-verificatio...
• 92244d6 Merge pull request #978 from hcoles/dependabot/maven/pitest-maven-verificatio...
• ad0b065 Merge pull request #979 from hcoles/dependabot/maven/pitest-maven-verificatio...
• dc93074 Merge pull request #981 from hcoles/dependabot/maven/pitest-entry/com.thought...
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)