build(deps): bump org.sonarsource.java:java-frontend from 8.19.0.40387 to 8.20.0.40630 #614

dependabot · 2025-10-31T04:05:17Z

Bumps org.sonarsource.java:java-frontend from 8.19.0.40387 to 8.20.0.40630.

Release notes

Sourced from org.sonarsource.java:java-frontend's releases.

8.20.0.40630

Release notes - SonarJava - 8.20

False Positive

SONARJAVA-4753 FP in S6813 and S3306 when using Micronaut framework AWS Lambdas

SONARJAVA-4895 S3329: FP when random IV is generated in separate function

SONARJAVA-5153 S1989 should not raise issue if exception is caught by try/catch block

SONARJAVA-5358 S6813 should not raise on fields in Activities and Fragments

SONARJAVA-5364 FP on S2187 for subclasses of test classes with Autoscan

SONARJAVA-5464 S1068: FP on variable used in @FieldSource in @ParameterizedTest

SONARJAVA-5548 FP on S1144 for jakarta.enterprise.event.ObservesAsync parameter annotations

SONARJAVA-5573 Type parameter annotations are wrongly used for nullability check

SONARJAVA-5620 FP on S1186 when testing that Spring Context loads

SONARJAVA-5751 S5738 should not report on the overriding of interface methods

SONARJAVA-5765 FP S2097 does not support PatternInstanceOfTree

SONARJAVA-5818 Fix FPs caused by state reset bug in CipherBlockChainingCheck

Bug

SONARJAVA-5763 S1948 should not crash when semantic is missing

SONARJAVA-5803 JSpecify @NullUnmarked is miss-interpreted

SONARJAVA-5819 CheckVerifier should keep the context for all files when analyzing multiple files

Task

SONARJAVA-5771 Delete ws_scan_task

SONARJAVA-5798 Create PR cleanup action

SONARJAVA-5800 Add nightly build using Github action

SONARJAVA-5802 New analysis parameter: sonar.java.failOnStackOverflow (true by default)

False Negative

SONARJAVA-5797 False Negative with java:S2698 for org.testng

... (truncated)

Commits

30e66d7 Update rule metadata (#5334)
227f78b SONARJAVA-5797 Fix FP in S2698 on fail and assertEquals with a message (#5332)
991bf5f SONARJAVA-5818: Fix FPs caused by missing state reset in CipherBlockChainingC...
3f2f593 SONARJAVA-5819: Make check verifier keep the context for all files when analy...
199ca4a Prepare next development iteration 8.20.0 (#5330)
cc118b6 SONARJAVA-5620 FP on S1186 when testing that Spring Context loads (#5329)
22044bb SONARJAVA-5803 JSpecify @NullUnmarked should be treated as unknown (#5327)
1c24c62 SONARJAVA-4895: Fix S3329 FPs when random IV is generated in separate functio...
8f3b201 SONARJAVA-5548: Add exception to S1144 for ObservesAsync annotations (#5328)
ce07d55 SONARJAVA-4967 FP in S4605 when basePackageClasses is used (#5324)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [org.sonarsource.java:java-frontend](https://github.com/SonarSource/sonar-java) from 8.19.0.40387 to 8.20.0.40630. - [Release notes](https://github.com/SonarSource/sonar-java/releases) - [Commits](SonarSource/sonar-java@8.19.0.40387...8.20.0.40630) --- updated-dependencies: - dependency-name: org.sonarsource.java:java-frontend dependency-version: 8.20.0.40630 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

sonarqubecloud · 2025-10-31T04:06:06Z

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update java code labels Oct 31, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): bump org.sonarsource.java:java-frontend from 8.19.0.40387 to 8.20.0.40630 #614

build(deps): bump org.sonarsource.java:java-frontend from 8.19.0.40387 to 8.20.0.40630 #614

Uh oh!

dependabot bot commented on behalf of github Oct 31, 2025

Uh oh!

sonarqubecloud bot commented Oct 31, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

build(deps): bump org.sonarsource.java:java-frontend from 8.19.0.40387 to 8.20.0.40630 #614

Are you sure you want to change the base?

build(deps): bump org.sonarsource.java:java-frontend from 8.19.0.40387 to 8.20.0.40630 #614

Uh oh!

Conversation

dependabot bot commented on behalf of github Oct 31, 2025

8.20.0.40630

Release notes - SonarJava - 8.20

False Positive

Bug

Task

False Negative

Uh oh!

sonarqubecloud bot commented Oct 31, 2025

Quality Gate passed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant