From a4dd7e9d67a3927d88e0cc49d24212819f9af5c8 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 4 Dec 2023 09:38:27 +0000
Subject: [PATCH 1/2] Bump com.github.spotbugs:spotbugs-maven-plugin from
 4.7.3.6 to 4.8.2.0

Bumps [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.7.3.6 to 4.8.2.0.
- [Release notes](https://github.com/spotbugs/spotbugs-maven-plugin/releases)
- [Commits](https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.7.3.6...spotbugs-maven-plugin-4.8.2.0)

---
updated-dependencies:
- dependency-name: com.github.spotbugs:spotbugs-maven-plugin
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index b07386b8fc..1f9b5aec19 100644
--- a/pom.xml
+++ b/pom.xml
@@ -105,7 +105,7 @@
     <maven-surefire-plugin.version>3.2.2</maven-surefire-plugin.version>
     <maven-war-plugin.version>3.4.0</maven-war-plugin.version>
     <mockito.version>5.8.0</mockito.version>
-    <spotbugs-maven-plugin.version>4.7.3.6</spotbugs-maven-plugin.version>
+    <spotbugs-maven-plugin.version>4.8.2.0</spotbugs-maven-plugin.version>
     <spotless-maven-plugin.version>2.41.1</spotless-maven-plugin.version>
     <stapler-maven-plugin.version>175.vff879c6738b_6</stapler-maven-plugin.version>
 

From 61dae087136f949f5377b0d97a68863bd4da6097 Mon Sep 17 00:00:00 2001
From: Mark Waite <mark.earl.waite@gmail.com>
Date: Mon, 1 Jan 2024 17:44:58 -0700
Subject: [PATCH 2/2] Globally omit spotbugs CT_CONSTRUCTOR_THROW bug pattern

The CT_CONSTRUCTOR_THROW bug pattern is related to libraries used with
SecurityManager and does not apply to Jenkins; we do not expect
untrusted code to be running inside the controller JVM, therefore we
suppress it globally.

https://github.com/jenkinsci/plugin-pom/pull/869#issuecomment-1860918407
has more details
---
 pom.xml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 6301d93c46..39122209c4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -116,8 +116,12 @@
       The MS_EXPOSE_REP, EI_EXPOSE_REP, EI_EXPOSE_REP2, EI_EXPOSE_STATIC_REP2, MS_EXPOSE_BUF,
       EI_EXPOSE_BUF, EI_EXPOSE_STATIC_BUF2, and EI_EXPOSE_BUF2 bug patterns are noisy and create
       little value; therefore, we suppress them globally.
+
+      The CT_CONSTRUCTOR_THROW bug pattern is related to libraries used with SecurityManager
+      and does not apply to Jenkins; we do not expect untrusted code to be running inside the
+      controller JVM, therefore we suppress it globally.
     -->
-    <spotbugs.omitVisitors>FindReturnRef</spotbugs.omitVisitors>
+    <spotbugs.omitVisitors>FindReturnRef,ConstructorThrow</spotbugs.omitVisitors>
 
     <!-- Set to false to enable Spotless -->
     <spotless.check.skip>true</spotless.check.skip>