Description

I'd even consider calling this 2.0.0, as there is a Java version bump to 17

I'm in the process of moving to JDK17 and have noticed that this project hasn't been released since late 2020!

Please can we summarize what needs to be done to get there?

I was planning to do a release last year but I prioritize other projects.

I didn't have time to do regression tests on the 1.12 version. This is the main thing I was looking to do before the release.
There were also a couple of issues and enhancements I wanted added in. (These have been postponed to 1.13.0.)

Long story short, I will do a release in the next hours. The release notes and the packages are going to come soon.

Regarding the version format, we are using Semantic version. The first number increments when significant changes are made to the API. But since SpotBugs has a very stable API, I think the plugin is likely to work on all SpotBugs versions and even some old FindBugs ones.

@h3xstream thanks for the 1.12.0 release.
Could you publish (probably locally updated) PGP key 4ECE492B63E38ACF to servers, or share the link to it, please?

gpg: assuming signed data in 'findsecbugs-plugin-1.12.0.jar'
gpg: Signature made Wed 06 Apr 2022 06:41:25 CEST
gpg:                using RSA key CFC10B69382CBCF5387E51484ECE492B63E38ACF
gpg: Good signature from ... [expired]
gpg: Note: This key has expired!
Primary key fingerprint: CFC1 0B69 382C BCF5 387E  5148 4ECE 492B 63E3 8ACF

@h3xstream and @pzygielo were is the release? I cannot see a release here in GitHub.

were is the release?

Maven Central

@h3xstream are you releasing a CLI version here on GitHub as well?

I would really appreciate that.

1.12.0 is officially out !
The release notes and the CLI package are here: https://github.com/find-sec-bugs/find-sec-bugs/releases/tag/version-1.12.0