Bump spotbugs-annotations from 4.1.4 to 4.2.0

[dependabot-preview]

Bumps spotbugs-annotations from 4.1.4 to 4.2.0.

Release notes

Sourced from spotbugs-annotations's releases.

SpotBugs 4.2.0

CHANGELOG

• https://github.com/spotbugs/spotbugs/blob/4.2.0/CHANGELOG.md

CHECKSUM

file	checksum (sha256)
spotbugs-4.2.0-javadoc.jar	351df25a8ff5dcce9b14de670e1dbe0c6808d796686978ecee8821dbf305e5d0
spotbugs-4.2.0-sources.jar	95b25a75d6e36f2d3f4d501795db6a7468bfe23ddcc9e7496065d2bee6f36d9d
spotbugs-4.2.0.tgz	f5e2ad6e94515923a8b9a6db370d3b34a3aad9eda13315146b9bbd03bcbe7e30
spotbugs-4.2.0.zip	4d16c579b8622a72ee57cc5c3e730ad78c8107208528f7de875976a9dd840443
spotbugs-annotations-4.2.0-javadoc.jar	c18c4c920acec9cb7b9c204ecc78998c5bccf9150c5a8cecd2fdc25e565be71b
spotbugs-annotations-4.2.0-sources.jar	b338136e3e82d585348cde58a8fe3a678e16f51a35c31c1463e05fefef557aad
spotbugs-annotations.jar	871aee8bb3f7400a0d09e9675dcd7388da584169f4aab3565efc5a3f5bc90eab
spotbugs-ant-4.2.0-javadoc.jar	a88414de79a0c1cf420058583fe64a746e2ebe6a918f91f4e7d183c06a452810
spotbugs-ant-4.2.0-sources.jar	c74dec42c0ed0dd1ae02a7410d8e0f0dbbee23e8e7da4a21910863677fcdbc8e
spotbugs-ant.jar	9233e48d37882ae4e7a42e9f42ef4c63d6f802cf8f3b03ba575bee26e5032367
spotbugs.jar	4d48063a6f7b623936b68e150ea73499f6bfeb5d1bc4769214e04a9c8804132e
test-harness-4.2.0-javadoc.jar	bb4f6fdbc17757577685317cb41557ed2c08822850fdb9e23eb5fd19c07f5b0a
test-harness-4.2.0-sources.jar	2c1f5ef929453f3b682c7eb7c1e22db3082b5f74c5a5be439be5dc31dd7a31aa
test-harness-4.2.0.jar	55d3a590b81ffec48293a76c45c0695914b405bf9f02bfb930e3ab99b5867d4f
test-harness-core-4.2.0-javadoc.jar	3723e59c0430cd555c55c2082d24b93419711de47ce41e49cc5e072b0fe1f452
test-harness-core-4.2.0-sources.jar	f320f5eb4069e9686b760b2a6a0760989753225f9e9ce1226e3258ec64795d8a
test-harness-core-4.2.0.jar	cbec03867e077079d011e85f9932fb230fae3d909f741cffaa4c8097e91fdf40
test-harness-jupiter-4.2.0-javadoc.jar	4a1c523c1d1f0d1095ab1e4185f4e63390ecfde5759e7611a2e41c05ce0c5a4d
test-harness-jupiter-4.2.0-sources.jar	210353a57016e26b1a654d936a15f039613fa1ac532d485c1b1d03902f6c6315
test-harness-jupiter-4.2.0.jar	17e8d78d1868f86e63f3e5e3d878e86f3d7fb1b8cf1a8d5f893333c982bfd3e2

Changelog

Sourced from spotbugs-annotations's changelog.

4.2.0 - 2020-11-28

Fixed

• spotbugs reports VO_VOLATILE_REFERENCE_TO_ARRAY in synthetic code generated by Eclipse 4.17+ Java compiler (#1313)
• spotbugs reports DM_BOXED_PRIMITIVE_FOR_PARSING for Double and Float (previously only reported for Integer and Long) (#744)
• sarif report not showing correctly the physical and logical location (#1281)

Added

• The class search (in the GUI's class name filter) is now case-insensitive and forgives typos (part of (#749))

Changed

• Bump Saxon-HE from 10.2 to 10.3

Commits

• fa4462b release SpotBugs v4.2.0
• d955768 issue 744: DM_BOXED_PRIMITIVE_FOR_PARSING for Double and Float (#1343)
• 45c75d6 build(deps): bump mockito-core from 3.6.0 to 3.6.28
• 891e43c build(deps): bump com.diffplug.spotless from 5.7.0 to 5.8.2
• 8b50ea5 build(deps): bump Saxon-HE from 10.2 to 10.3 (#1358)
• 4c51a35 Case-Insensitivity and Levenshtein-distance for the Class Name Filter in the ...
• bb8dd77 ci: bump up actions to the latest version
• cdfd0af Rank matcher and its documentation do not match - #566
• 40ed8b7 build(deps): bump log4j-slf4j18-impl from 2.13.3 to 2.14.0
• 405f7de build(deps): bump spring-core from 5.3.0 to 5.3.1
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)