Bump classgraph from 4.8.105 to 4.8.116

[dependabot[bot]]

Bumps classgraph from 4.8.105 to 4.8.116.

Release notes

Sourced from classgraph's releases.

classgraph-4.8.116

• Handle unchecked exceptions such as UnsupportedOperationException (rather than dying), which may be thrown by filesystems when accessing a Path object discovered as a classpath element. (#553, thanks to @​wajda for the report and the helpful info on how to reproduce.)
• Specifically, ignore JrtFileSystem (which throws UnsupportedOperationException if you try to open a new FileChannel on a resource). This filesystem is not needed anyway, as ClassGraph already has the ability to scan all visible modules using the JPMS API.

classgraph-4.8.115

Merged pull request from @​larsgrefer to allow class references and not just class names to be used (e.g. to find all the subclasses of a given class). (#549, thanks Lars for the contribution!)

classgraph-4.8.114

Fixed bug where short constant values (e.g. short-typed annotation parameter values) were always being read as zero. Thanks to @​liangzengle for reporting the bug and tracing it right down to the source line that needed to be fixed!

classgraph-4.8.113

• Don't throw IllegalArgumentException if ClassInfo#getClassesImplementing() or ScanResult#getClassesImplementing() are called for a non-interface class.
• Don't throw IllegalArgumentException if ClassInfo#getClassesWithAnnotation() or ScanResult#getClassesWithAnnotation() are called for a non-annotation class.

#543, thanks to @​parttimenerd for the request.

classgraph-4.8.112

• Added a secure version of DocumentBuilderFactory and XPATHFactory to prevent XXE (XML External Entity) attack when reading pom.xml file (#539, thanks to @​kshitizg for the pull request!).

classgraph-4.8.111

Allow globs when accepting/rejecting specific classes, e.g. new ClassGraph().acceptClasses("*.*Suffix") (#536, thanks to @​cushon for the request!)

classgraph-4.8.110

Add method AnnotationInfo#getParameterValues(boolean includeDefaultValues) so that defaults don't have to be included (#535, thanks to @​zerikv for requesting).

classgraph-4.8.109

Add support for Quarkus 1.13's new classloader. Thanks to @​itmrat01 for the code contribution! (#531, #532).

classgraph-4.8.108

JDK 11 classfile format compatibility fix (JDK 11 added a constant pool tag, and the classfile can't be read without knowing how long the corresponding constant pool entry is expected to be). (#527, thanks to @​haoyuf for reporting.)

classgraph-4.8.107

Fix classloader detection for TomEE JAX-RS endpoints (#515, thanks to @​Restage for detailed assistance in debugging this weird issue!).

classgraph-4.8.106

• Support TomEE classloaders for JAX-RS endpoints (#515, thanks to @​Restage for the request)
• Don't try reading user.dir (the current directory) unless it's on the classpath, since some security environments can't read the current directory (#520, thanks to @​elkman for the bug report).

Commits

• d89f233 [maven-release-plugin] prepare release classgraph-4.8.116
• 8241e57 Merge pull request #554 from classgraph/dependabot/maven/org.apache.maven.plu...
• fb55a39 Merge pull request #552 from classgraph/dependabot/maven/org.slf4j-slf4j-jdk1...
• ea04799 Merge pull request #551 from classgraph/dependabot/maven/org.slf4j-slf4j-api-...
• 6ca4484 Ignore JrtFileSystem (#553)
• c2792fc Bump maven-javadoc-plugin from 3.3.0 to 3.3.1
• 9745946 Catch Exception when processing work units (#553)
• 3f4d2c4 Bump slf4j-jdk14 from 2.0.0-alpha4 to 2.0.0-alpha5
• 44acd68 Bump slf4j-api from 2.0.0-alpha4 to 2.0.0-alpha5
• 4fc27be Source > Cleanup
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov[bot]]

Codecov Report

Merging #174 (2259eb8) into master (262edf1) will decrease coverage by 0.15%. The diff coverage is n/a.

@@            Coverage Diff             @@
##           master     #174      +/-   ##
==========================================
- Coverage   34.72%   34.56%   -0.16%     
==========================================
  Files          63       63              
  Lines        2534     2534              
  Branches      286      286              
==========================================
- Hits          880      876       -4     
- Misses       1591     1594       +3     
- Partials       63       64       +1     

Impacted Files	Coverage Δ
...dumbdogdiner/stickyapi/common/util/StringUtil.java	89.87% <0.00%> (-5.07%)	:arrow_down:

---

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 262edf1...2259eb8. Read the comment docs.

[dependabot[bot]]

Superseded by #187.