Upgrade gradle, it's dependencies and project dependencies

adminapi/src/main/java/io/minio/admin/Crypto.java

@@ -25,6 +25,7 @@
 import org.bouncycastle.crypto.engines.AESEngine;
 import org.bouncycastle.crypto.generators.Argon2BytesGenerator;
 import org.bouncycastle.crypto.modes.GCMBlockCipher;
+import org.bouncycastle.crypto.modes.GCMModeCipher;
 import org.bouncycastle.crypto.params.AEADParameters;
 import org.bouncycastle.crypto.params.Argon2Parameters;
 import org.bouncycastle.crypto.params.KeyParameter;
@@ -83,7 +84,7 @@ private static byte[] generateKey(byte[] password, byte[] salt) {
    */
   private static byte[] generateAdditionalData(byte[] key, byte[] paddedNonce)
       throws InvalidCipherTextException {
-    GCMBlockCipher cipher = new GCMBlockCipher(new AESEngine());
+    GCMModeCipher cipher = GCMBlockCipher.newInstance(AESEngine.newInstance());
     cipher.init(true, new AEADParameters(new KeyParameter(key), 128, paddedNonce));
     int outputLength = cipher.getMac().length;
     byte[] additionalData = new byte[outputLength];
@@ -132,7 +133,7 @@ public static byte[] encrypt(String password, byte[] data)
     /** Increment IV (nonce) by 1 as we used it for generating a tag for additional data. */
     paddedNonce[8] = 1;
 
-    GCMBlockCipher cipher = new GCMBlockCipher(new AESEngine());
+    GCMModeCipher cipher = GCMBlockCipher.newInstance(AESEngine.newInstance());
     cipher.init(true, new AEADParameters(new KeyParameter(key), 128, paddedNonce, additionalData));
     int outputLength = cipher.getOutputSize(data.length);
     byte[] encryptedData = new byte[outputLength];
@@ -180,7 +181,7 @@ public static byte[] decrypt(String password, byte[] payload)
     /** Increment IV (nonce) by 1 as we used it for generating a tag for additional data. */
     paddedNonce[8] = 1;
 
-    GCMBlockCipher cipher = new GCMBlockCipher(new AESEngine());
+    GCMModeCipher cipher = GCMBlockCipher.newInstance(AESEngine.newInstance());
     cipher.init(false, new AEADParameters(new KeyParameter(key), 128, paddedNonce, additionalData));
     int outputLength = cipher.getOutputSize(encryptedData.length);
     byte[] decryptedData = new byte[outputLength];

api/src/main/java/io/minio/credentials/MinioClientConfigProvider.java

@@ -111,6 +111,9 @@ public Credentials fetch() {
     }
   }
 
+  @edu.umd.cs.findbugs.annotations.SuppressFBWarnings(
+      value = {"UwF", "UuF"},
+      justification = "All the fields are written at the time of JSON unmarshalling.")
   public static class McConfig {
     private Map<String, Map<String, String>> hosts;
 

api/src/main/java/io/minio/messages/ObjectLockConfiguration.java

@@ -29,6 +29,7 @@
  */
 @Root(name = "ObjectLockConfiguration", strict = false)
 @Namespace(reference = "http://s3.amazonaws.com/doc/2006-03-01/")
+@edu.umd.cs.findbugs.annotations.SuppressFBWarnings(value = "URF_UNREAD_FIELD")
 public class ObjectLockConfiguration {
   @Element(name = "ObjectLockEnabled")
   private String objectLockEnabled = "Enabled";

build.gradle

@@ -15,12 +15,12 @@
  */
 
 /*****************************/
-/*  gradleVersion = '8.1.1'  */
+/*   gradleVersion = '8.4'   */
 /*****************************/
 
 plugins {
-  id "com.github.johnrengelman.shadow" version "7.1.2"
-  id "com.github.spotbugs" version "5.0.14"
+  id "com.github.johnrengelman.shadow" version "8.1.1"
+  id "com.github.spotbugs" version "5.2.1"
   id "io.codearte.nexus-staging" version "0.30.0"
   id "de.marcphilipp.nexus-publish" version "0.4.0"
   id "com.diffplug.spotless" version "6.13.0"
@@ -52,15 +52,15 @@ subprojects {
 
     dependencies {
         api "com.carrotsearch.thirdparty:simple-xml-safe:2.7.1"
-        api "com.google.guava:guava:32.0.1-jre"
+        api "com.google.guava:guava:32.1.3-jre"
         api "com.squareup.okhttp3:okhttp:4.12.0"
-        api "com.fasterxml.jackson.core:jackson-annotations:2.15.2"
-        api "com.fasterxml.jackson.core:jackson-core:2.15.2"
-        api "com.fasterxml.jackson.core:jackson-databind:2.15.2"
-        api 'org.bouncycastle:bcprov-jdk18on:1.74'
-        api 'org.apache.commons:commons-compress:1.24.0'
-        api "org.xerial.snappy:snappy-java:1.1.10.1"
-        compileOnly "com.github.spotbugs:spotbugs-annotations:4.7.3"
+        api "com.fasterxml.jackson.core:jackson-annotations:2.15.3"
+        api "com.fasterxml.jackson.core:jackson-core:2.15.3"
+        api "com.fasterxml.jackson.core:jackson-databind:2.15.3"
+        api "org.bouncycastle:bcprov-jdk18on:1.76"
+        api "org.apache.commons:commons-compress:1.24.0"
+        api "org.xerial.snappy:snappy-java:1.1.10.5"
+        compileOnly "com.github.spotbugs:spotbugs-annotations:4.8.0"
 
         testImplementation "com.squareup.okhttp3:mockwebserver:4.12.0"
         testImplementation "junit:junit:4.13.2"
@@ -242,7 +242,7 @@ project(':adminapi') {
 
     dependencies {
         api project(':api')
-        api "com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.15.2"
+        api "com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.15.3"
         testImplementation project(':api')
     }
 

gradle/wrapper/gradle-wrapper.properties

@@ -1,6 +1,6 @@
 distributionBase=GRADLE_USER_HOME
 distributionPath=wrapper/dists
-distributionUrl=https\://services.gradle.org/distributions/gradle-8.1.1-bin.zip
+distributionUrl=https\://services.gradle.org/distributions/gradle-8.4-bin.zip
 networkTimeout=10000
 zipStoreBase=GRADLE_USER_HOME
 zipStorePath=wrapper/dists

spotbugs-filter.xml

@@ -20,4 +20,16 @@
   <Match>
     <Bug pattern="EI_EXPOSE_REP2"/>
   </Match>
+  <!-- False positive in many cases: minio-java does not shadow the publicly available identifier from the Java Standard Library by packaging them under io.minio. -->
+  <Match>
+    <Bug pattern="PI_DO_NOT_REUSE_PUBLIC_IDENTIFIERS_CLASS_NAMES"/>
+  </Match>
+  <!-- False positive in many cases: Classes cannot be final in reported classes and deprecated finalize() cannot be used. -->
+  <Match>
+    <Bug pattern="CT_CONSTRUCTOR_THROW"/>
+  </Match>
+  <!-- False positive: Method invocation is legit. -->
+  <Match>
+    <Bug pattern="DMI_DOH"/>
+  </Match>
 </FindBugsFilter>