Skip to content

Bump classgraph from 4.8.110 to 4.8.116 #271

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 27, 2021
Merged

Bump classgraph from 4.8.110 to 4.8.116 #271

merged 1 commit into from
Sep 27, 2021

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 10, 2021

Bumps classgraph from 4.8.110 to 4.8.116.

Release notes

Sourced from classgraph's releases.

classgraph-4.8.116

  • Handle unchecked exceptions such as UnsupportedOperationException (rather than dying), which may be thrown by filesystems when accessing a Path object discovered as a classpath element. (#553, thanks to @​wajda for the report and the helpful info on how to reproduce.)
  • Specifically, ignore JrtFileSystem (which throws UnsupportedOperationException if you try to open a new FileChannel on a resource). This filesystem is not needed anyway, as ClassGraph already has the ability to scan all visible modules using the JPMS API.

classgraph-4.8.115

Merged pull request from @​larsgrefer to allow class references and not just class names to be used (e.g. to find all the subclasses of a given class). (#549, thanks Lars for the contribution!)

classgraph-4.8.114

Fixed bug where short constant values (e.g. short-typed annotation parameter values) were always being read as zero. Thanks to @​liangzengle for reporting the bug and tracing it right down to the source line that needed to be fixed!

classgraph-4.8.113

  • Don't throw IllegalArgumentException if ClassInfo#getClassesImplementing() or ScanResult#getClassesImplementing() are called for a non-interface class.
  • Don't throw IllegalArgumentException if ClassInfo#getClassesWithAnnotation() or ScanResult#getClassesWithAnnotation() are called for a non-annotation class.

#543, thanks to @​parttimenerd for the request.

classgraph-4.8.112

  • Added a secure version of DocumentBuilderFactory and XPATHFactory to prevent XXE (XML External Entity) attack when reading pom.xml file (#539, thanks to @​kshitizg for the pull request!).

classgraph-4.8.111

Allow globs when accepting/rejecting specific classes, e.g. new ClassGraph().acceptClasses("*.*Suffix") (#536, thanks to @​cushon for the request!)

Commits
  • d89f233 [maven-release-plugin] prepare release classgraph-4.8.116
  • 8241e57 Merge pull request #554 from classgraph/dependabot/maven/org.apache.maven.plu...
  • fb55a39 Merge pull request #552 from classgraph/dependabot/maven/org.slf4j-slf4j-jdk1...
  • ea04799 Merge pull request #551 from classgraph/dependabot/maven/org.slf4j-slf4j-api-...
  • 6ca4484 Ignore JrtFileSystem (#553)
  • c2792fc Bump maven-javadoc-plugin from 3.3.0 to 3.3.1
  • 9745946 Catch Exception when processing work units (#553)
  • 3f4d2c4 Bump slf4j-jdk14 from 2.0.0-alpha4 to 2.0.0-alpha5
  • 44acd68 Bump slf4j-api from 2.0.0-alpha4 to 2.0.0-alpha5
  • 4fc27be Source > Cleanup
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump classgraph from 4.8.110 to 4.8.116
62966ca 
Bumps [classgraph](https://github.com/classgraph/classgraph) from 4.8.110 to 4.8.116.
- [Release notes](https://github.com/classgraph/classgraph/releases)
- [Commits](classgraph/classgraph@classgraph-4.8.110...classgraph-4.8.116)

---
updated-dependencies:
- dependency-name: io.github.classgraph:classgraph
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file java Pull requests that update Java code labels Sep 10, 2021
@theshadowco theshadowco merged commit 5376857 into develop Sep 27, 2021
@theshadowco theshadowco deleted the dependabot/gradle/io.github.classgraph-classgraph-4.8.116 branch September 27, 2021 07:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file java Pull requests that update Java code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@theshadowco