search

FraunhoferIOSB / FAAAST-Service

FA³ST - Fraunhofer Advanced Asset Administration Shell Tools (for Digital Twins)
Other
58 stars 11 forks source link

Bump com.guardsquare:proguard-core from 9.1.4 to 9.1.5 #833

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 3 months ago

Bumps com.guardsquare:proguard-core from 9.1.4 to 9.1.5.

Release notes

Sourced from com.guardsquare:proguard-core's releases.

9.1.5

Bugfixes

  • Prevent unknown enum value for KmVersionRequirementVersionKind exception when processing code compiled with an outdated Kotlin version.
  • Fix UnknownReferenceValue return wrong string format in getType.
  • Fix ReflectionExecutor not updating instance of StringBuilders in fallback result.

API changes

  • Executors do not support MethodSignature wildcards anymore. The assumption from ExecutorLookup is now that all the signatures supported by the executor are declared explicitly in getSupportedMethodSignatures.
  • StringExecutor, ExecutingInvocationUnit, and JvmValueBamCpaRun now need the library class pool as parameter.
  • Calls to InstructionSequenceBuilder.ldc now optionally accept a ConstantVisitor. The visitor will visit the constant that is referenced by the added instruction.
Commits
  • f584676 Fix incorrect ldc_w(int) delegate call
  • 673e36f Remove debug logging
  • 14e69ea Update log4j
  • 68cb51b Allow to pass optional ConstantVisitor to InstructionSequenceBuilder.ldc
  • 254e455 Add separate check to verify validity of member signature attributes
  • 54f85da Fix class signature handling
  • d068760 Fix NPE in executor lookup when TypedReferenceValue is not actually typed
  • 3487544 Add log warning for executor lookup when static signature matches an executor...
  • 7fae99d Update WildCardManager exceptions to ProguardException with better error message
  • 9ae93fd Modify LookupExecutor to expect all the signatures the executors are interest...
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
sonarcloud[bot] commented 3 months ago

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud