ORC-1526: Bump spotbugs-maven-plugin to 4.8.1.0

Bumps [com.github.spotbugs:spotbugs-maven-plugin](https://github.com/spotbugs/spotbugs-maven-plugin) from 4.7.3.4 to 4.8.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/spotbugs/spotbugs-maven-plugin/releases">com.github.spotbugs:spotbugs-maven-plugin's releases</a>.</em></p>
<blockquote>
<h2>Spotbugs Maven Plugin 4.8.1.0</h2>
<ul>
<li>Supports Spotbugs 4.8.1</li>
</ul>
<h2>Build</h2>
<ul>
<li>Sorted pom now at 4 spaces instead of 2</li>
<li>Various updates to GHA - primed for jdk 22 but waiting on groovy 4.0.16 release</li>
</ul>
<p>See notes from 4.8.0 as important new feature added there that likely will be missed given released within hour of each other.</p>
<h2>Spotbugs Maven Plugin 4.8.0.0</h2>
<ul>
<li>Supports spotbugs 4.8.0 (note: there were considerable amount of issues with 4.8.0, this exists to be complete but suggest use 4.8.1.0 which will be out in a few).</li>
</ul>
<p>User Items</p>
<ul>
<li>Support through jdk 21</li>
<li>Moved code back to 'master' from 'spotbugs' branch given original fork is long archived and points to this repo</li>
<li>Plexus Utils/Xml upgraded in prep for maven 4 and will still work correctly with maven 3 projects</li>
<li>Add support to read a file for onlyAnalyze as follows</li>
</ul>
<pre><code>&lt;onlyAnalyze&gt;file:only-analyze.txt&lt;/onlyAnalyze&gt;
</code></pre>
<h2>Build</h2>
<ul>
<li>Move sonar to ubuntu</li>
<li>Use jdk 21 for coveralls</li>
<li>Point all GHA back to master</li>
<li>Bump base-parent pom to 41</li>
<li>Bump gmavenplus to 3.0.2</li>
<li>Bump commons-io to 2.15.0</li>
<li>Bump asm to 9.6</li>
<li>Bump maven to 3.9.5</li>
<li>Bump guava to 32.1.3-jre</li>
<li>Bump spotbugs to 4.8.0</li>
<li>Remove extra enforcer rules version from pom as parent updated</li>
<li>Bump junit to 5.10.0</li>
<li>Bump plexus utils to 4.0.0</li>
<li>Override pluxus xml to 3.0.0 so plexus continues to work with maven 3</li>
<li>Bump surefire to 3.1.2</li>
<li>Cleanup IT test names to match their usage</li>
<li>Update hashCode check in tests due to new features in spotbugs 4.8.0</li>
<li>Bump plugin plugin to 3.10.2</li>
<li>Bump javaparser to 3.25.6</li>
<li>Bump javadoc plugin to 3.6.2</li>
<li>Bump jxr plugin to 3.3.1</li>
<li>Bump surefire to 3.2.2</li>
</ul>
<h2>Spotbugs Maven Plugin 4.7.3.6</h2>
<p>Supports spotbugs 4.7.3</p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/d3e3ba4481200aebf79b218e54a62ad34c7cfd2d"><code>d3e3ba4</code></a> [maven-release-plugin] prepare release spotbugs-maven-plugin-4.8.1.0</li>
<li><a href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/17cbf141370f7aaddb0cac7db4f45ba06e63c767"><code>17cbf14</code></a> [pom] Bump spot bugs to 4.8.1</li>
<li><a href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/6fce4145bf88b69933e89a3aab8f72f65f3cdf36"><code>6fce414</code></a> Merge pull request <a href="https://redirect.github.com/spotbugs/spotbugs-maven-plugin/issues/664">#664</a> from hazendaz/master</li>
<li><a href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/0979cc5e12c4d53533db6a5ddcf7a9f41c779682"><code>0979cc5</code></a> [pom] Allow jdk 22</li>
<li><a href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/7fc8cb21f5670065c231eb6711edd88e9616acf6"><code>7fc8cb2</code></a> [docs] Per <a href="https://redirect.github.com/spotbugs/spotbugs-maven-plugin/issues/113">#113</a>, add how to use analysis properties with maven plugin</li>
<li><a href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/5dd597ec72d30e06829d896aba6d554788314f66"><code>5dd597e</code></a> [GHA] Update actions</li>
<li><a href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/33390482114f47a73b960cd8ad4ce108b3581fd1"><code>3339048</code></a> [pom] Run sortpom and using 4 char now instead of 2 char</li>
<li><a href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/fd16c1e47abe384bc2b268163b1f34dc8bdd6563"><code>fd16c1e</code></a> [maven-release-plugin] prepare for next development iteration</li>
<li><a href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/e591adf6ce37a39cb6afcb15043baaac4a6c6b8e"><code>e591adf</code></a> [maven-release-plugin] prepare release spotbugs-maven-plugin-4.8.0.0</li>
<li><a href="https://github.com/spotbugs/spotbugs-maven-plugin/commit/8ac9a56f9ce68ff806654f8e3dea59aadd85d52c"><code>8ac9a56</code></a> Merge pull request <a href="https://redirect.github.com/spotbugs/spotbugs-maven-plugin/issues/663">#663</a> from hazendaz/master</li>
<li>Additional commits viewable in <a href="https://github.com/spotbugs/spotbugs-maven-plugin/compare/spotbugs-maven-plugin-4.7.3.4...spotbugs-maven-plugin-4.8.1.0">compare view</a></li>
</ul>
</details>
<br />

<details>
<summary>Most Recent Ignore Conditions Applied to This Pull Request</summary>

| Dependency Name | Ignore Conditions |
| --- | --- |
| com.github.spotbugs:spotbugs-maven-plugin | [< 4.8, > 4.7.3.4] |
</details>

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=com.github.spotbugs:spotbugs-maven-plugin&package-manager=maven&previous-version=4.7.3.4&new-version=4.8.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>

Closes #1657 from dependabot[bot]/dependabot/maven/java/com.github.spotbugs-spotbugs-maven-plugin-4.8.1.0.

Authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Dongjoon Hyun <dongjoon@apache.org>

java/pom.xml

@@ -362,7 +362,7 @@
         <plugin>
           <groupId>com.github.spotbugs</groupId>
           <artifactId>spotbugs-maven-plugin</artifactId>
-          <version>4.7.3.4</version>
+          <version>4.8.1.0</version>
           <configuration>
             <includeFilterFile>spotbugs-include.xml</includeFilterFile>
             <excludeFilterFile>spotbugs-exclude.xml</excludeFilterFile>