Upgrade sb-contrib to 7.6.7

.github/workflows/build.yml

@@ -106,7 +106,7 @@ jobs:
         uses: ./.github/actions/sonar-update-center
         with:
           prop-file: findbugs.properties
-          description: Use SpotBugs 4.8.6, sb-contrib 7.6.4, and findsecbugs 1.13.0
+          description: Use SpotBugs 4.8.6, sb-contrib 7.6.7, and findsecbugs 1.13.0
           minimal-supported-sq-version: 9.9
           latest-supported-sq-version: LATEST
           changelog-url: https://github.com/spotbugs/sonar-findbugs/releases/tag/${{ github.event.release.tag_name }}

README.md

@@ -1,6 +1,6 @@
 # SonarQube Spotbugs Plugin
 [![.github/workflows/build.yml](https://github.com/spotbugs/sonar-findbugs/actions/workflows/build.yml/badge.svg)](https://github.com/spotbugs/sonar-findbugs/actions/workflows/build.yml)
-![FindBugs Rules](https://img.shields.io/badge/SpotBugs_rules-940-brightgreen.svg?maxAge=2592000)
+![FindBugs Rules](https://img.shields.io/badge/SpotBugs_rules-942-brightgreen.svg?maxAge=2592000)
 [![Coverage Status](https://sonarcloud.io/api/project_badges/measure?project=com.github.spotbugs%3Asonar-findbugs-plugin&metric=coverage)](https://sonarcloud.io/component_measures?id=com.github.spotbugs:sonar-findbugs-plugin&metric=coverage)
 
 ## Description / Features
@@ -76,4 +76,4 @@ Findbugs Plugin version|Embedded SpotBugs/Findbugs version|Embedded Findsecbugs
 4.2.9                  | 4.8.4 (SpotBugs)                 | 1.13.0                     | 7.6.4 (sb-contrib)        | 1.8|7.9~|5.10.1.16922
 4.2.10                 | 4.8.6 (SpotBugs)                 | 1.13.0                     | 7.6.4 (sb-contrib)        | 1.8|7.9~|5.10.1.16922
 4.3.0                  | 4.8.6 (SpotBugs)                 | 1.13.0                     | 7.6.4 (sb-contrib)        |  17|9.9~|8.0.1.36337
-4.3.1-SNAPSHOT         | 4.8.6 (SpotBugs)                 | 1.13.0                     | 7.6.4 (sb-contrib)        |  17|9.9~|8.0.1.36337
+4.3.1-SNAPSHOT         | 4.8.6 (SpotBugs)                 | 1.13.0                     | 7.6.7 (sb-contrib)        |  17|9.9~|8.0.1.36337

generate_profiles/BuildXmlFiles.groovy

@@ -9,13 +9,13 @@ import groovy.json.JsonSlurper;
 @Grapes([
 
     @Grab(group='com.github.spotbugs', module='spotbugs', version='4.8.6'),
-    @Grab(group='com.mebigfatguy.sb-contrib', module='sb-contrib', version='7.6.4'),
+    @Grab(group='com.mebigfatguy.sb-contrib', module='sb-contrib', version='7.6.7'),
     @Grab(group='com.h3xstream.findsecbugs' , module='findsecbugs-plugin', version='1.13.0')]
 )
 
 
 FB = new Plugin(groupId: 'com.github.spotbugs', artifactId: 'spotbugs', version: '4.8.6')
-CONTRIB = new Plugin(groupId: 'com.mebigfatguy.sb-contrib', artifactId: 'sb-contrib', version: '7.6.4')
+CONTRIB = new Plugin(groupId: 'com.mebigfatguy.sb-contrib', artifactId: 'sb-contrib', version: '7.6.7')
 FSB = new Plugin(groupId: 'com.h3xstream.findsecbugs', artifactId: 'findsecbugs-plugin', version: '1.13.0')
 
 def destDir() {

pom.xml

@@ -53,7 +53,7 @@
       Update the version table and the rules count badge in README.md
     -->
     <spotbugs.version>4.8.6</spotbugs.version>
-    <sbcontrib.version>7.6.4</sbcontrib.version>
+    <sbcontrib.version>7.6.7</sbcontrib.version>
     <findsecbugs.version>1.13.0</findsecbugs.version>
 
     <jdk.min.version>1.8</jdk.min.version>

src/main/java/org/sonar/plugins/findbugs/rules/FbContribRulesDefinition.java

@@ -27,8 +27,8 @@ public class FbContribRulesDefinition implements RulesDefinition {
 
   public static final String REPOSITORY_KEY = "fb-contrib";
   public static final String REPOSITORY_NAME = "FindBugs Contrib";
-  public static final int RULE_COUNT = 313;
-  public static final int DEACTIVED_RULE_COUNT = 1;
+  public static final int RULE_COUNT = 315;
+  public static final int DEACTIVED_RULE_COUNT = 0;
 
   @Override
   public void define(Context context) {

src/main/resources/org/sonar/plugins/findbugs/profile-findbugs-and-fb-contrib.xml

@@ -2060,6 +2060,9 @@
   <Match>
     <Bug pattern='UVA_USE_VAR_ARGS' />
   </Match>
+  <Match>
+    <Bug pattern='UVA_REMOVE_NULL_ARG' />
+  </Match>
   <Match>
     <Bug pattern='PUS_POSSIBLE_UNSUSPECTED_SERIALIZATION' />
   </Match>
@@ -2345,6 +2348,9 @@
   <Match>
     <Bug pattern='LUI_USE_COLLECTION_ADD' />
   </Match>
+  <Match>
+    <Bug pattern='FII_AVOID_CONTAINS_ON_COLLECTED_STREAM' />
+  </Match>
   <Match>
     <Bug pattern='FII_USE_METHOD_REFERENCE' />
   </Match>

src/main/resources/org/sonar/plugins/findbugs/rules-fbcontrib.xml

@@ -2383,6 +2383,14 @@ if (name != null) {
 			more convenient for client developers to use. This is not a bug, per se, just an improvement.&lt;/p&gt;</description>
     <tag>style</tag>
   </rule>
+  <rule key='UVA_REMOVE_NULL_ARG' priority='INFO'>
+    <name>Style - Method passes explicit null value to var arg parameter</name>
+    <configKey>UVA_REMOVE_NULL_ARG</configKey>
+    <description>&lt;p&gt;This method calls a var arg method, and passes an explicit null value as the var arg parameter.
+			It is better to just not pass any value at all, as there is confusion as to whether the null represents
+			the entire vararg array, or the first element of the varargs array&lt;/p&gt;</description>
+    <tag>style</tag>
+  </rule>
   <rule key='PUS_POSSIBLE_UNSUSPECTED_SERIALIZATION' priority='MAJOR'>
     <name>Correctness - Method serializes an instance of a non-static inner class</name>
     <configKey>PUS_POSSIBLE_UNSUSPECTED_SERIALIZATION</configKey>
@@ -3451,6 +3459,7 @@ if (shouldCalcHalting &amp;&amp; (calculateHaltingProbability() &amp;gt; 0) { }
     		&lt;p&gt;Unfortunately there isn't just one @Nullable annotation, but this detector will recognize:&lt;/p&gt;
     		&lt;ul&gt;
     		&lt;li&gt;org.jetbrains.annotations.Nullable&lt;/li&gt;
+	        &lt;li&gt;jakarta.annotation.Nullable&lt;/li&gt;
 	        &lt;li&gt;javax.annotation.Nullable&lt;/li&gt;
 	        &lt;li&gt;javax.annotation.CheckForNull&lt;/li&gt;
 	        &lt;li&gt;edu.umd.cs.findbugs.annotations.Nullable&lt;/li&gt;
@@ -3595,8 +3604,8 @@ if (shouldCalcHalting &amp;&amp; (calculateHaltingProbability() &amp;gt; 0) { }
     <tag>correctness</tag>
     <tag>bug</tag>
   </rule>
-  <rule key='FII_AVOID_CONTAINS_ON_COLLECTED_STREAM' priority='INFO'>
-    <name>Experimental - Method calls contains() on a collected lambda expression</name>
+  <rule key='FII_AVOID_CONTAINS_ON_COLLECTED_STREAM' priority='MAJOR'>
+    <name>Correctness - Method calls contains() on a collected lambda expression</name>
     <configKey>FII_AVOID_CONTAINS_ON_COLLECTED_STREAM</configKey>
     <description>&lt;p&gt;This method builds a collection using lambda expressions with a collect terminal operation. It then immediately
         calls the contains() method on it, to see if an item is present. This is sub optimal as the lambda still needs to 
@@ -3613,7 +3622,8 @@ if (shouldCalcHalting &amp;&amp; (calculateHaltingProbability() &amp;gt; 0) { }
         baubles.stream().anyMatch(b -&gt; name.equals(b.getName()))
         &lt;/pre&gt;&lt;/code&gt;
         &lt;/p&gt;</description>
-    <tag>experimental</tag>
+    <tag>correctness</tag>
+    <tag>bug</tag>
   </rule>
   <rule key='FII_USE_METHOD_REFERENCE' priority='MAJOR'>
     <name>Correctness - Method creates an anonymous lambda expression instead of specifying a method reference</name>