Bump classgraph from 4.2.12 to 4.4.2

[dependabot-preview[bot]]

Bumps classgraph from 4.2.12 to 4.4.2.

Release notes

*Sourced from [classgraph's releases](https://github.com/classgraph/classgraph/releases).* > ## classgraph-4.4.2 > Fix an exception when verbose logging (or calling `toString()` on) methods of anonymous inner classes that have both varargs constructors and captured variables ([#260](https://github-redirect.dependabot.com/classgraph/classgraph/issues/260)). > > ## classgraph-4.4.1 > Fix to previous release to allow dynamically instantiated `Annotation` objects to be used after the `ScanResult` is closed. > > ## classgraph-4.4.0 > ### Added support for instantiating annotation instances > > Added method **`AnnotationInfo#loadClassAndInstantiate()`** that loads the class returned by `AnnotationInfo#.getClassInfo()`, and then returns an `Annotation` instance that can be cast to the specific annotation type represented by the `AnnotationInfo` object. > > **This method call makes annotations significantly easier to work with** (assuming you don't mind calling the classloader to load the annotation class and any classes in the annotation parameter values), since you can just call the methods of the returned `Annotation` instance directly once you have cast it to the correct annotation type. > > This method is implemented by dynamically instantiating an `InvocationHandler` that emulates the annotation class for the specific annotation instance represented by the `AnnotationInfo` object. The `InvocationHandler` retrieves annotation parameters from the `AnnotationInfo` object, overriding any annotation default parameter values with instance-specific values. (An `InvocationHandler` is needed because annotations can't be directly instantiated.) > > ### Changed `AnnotationParameterValue#getValue()` to return primitive arrays where possible > > Changed `AnnotationParameterValue#getValue()` to return primitive- and String-typed arrays (e.g. `int[]`, 'String[]`, etc.) for primitive-array-typed annotation parameter values, rather than `Object[]` arrays of boxed types or Strings. This brings the `AnnotationParameterValue` API more in line with the standard Java `Annotation` API. > > (This method still returns all values cast as Object, since there can be many different return types.) > > This is a breaking change for `AnnotationParameterValue#getValue()`, hence the version bump to 4.4.x. > > ## classgraph-4.3.1 > One fix for the new `AnnotationParameterValueList` class in the previous release: make `AnnotationParameterValueList#get(String paramName)` return `AnnotationParameterValue#getValue()`, not the `AnnotationParameterValue` itself. > > ## classgraph-4.3.0 > Small API changes (hence version bump to 4.3.x) that should not affect most users; a bugfix for annotation default parameter values. > > ### API changes: > > * `List` (returned by `AnnotationInfo#getParameterValues()` and `AnnotationInfo#getDefaultParameterValues()`) has been replaced with a new class `AnnotationParameterValueList` (extends `List` with some convenience methods, similar to the other `*List` classes). In particular the following methods will cut down on boilerplate code when dealing with annotation parameter values: > * `.get(String parameterName)` returns the parameter value with the given name. > * `.asMap()` returns all the annotation parameters as a map from name to value. > * Removed deprecated methods `.getDefiningClassName()` and `.getDefiningClassInfo()` from `MethodInfo` and `FieldInfo` classes. (Instead use `.getClassInfo().getName()` and `.getClassInfo()` respectively.) > * `Resource#toString()` now returns the `URL` of the `Resource`, rather than a custom-formatted string. > > ### Bugfix: > > * If an annotation definition contained multiple parameters, and more than one of them had a default value, all but the last default value was being dropped. This is now fixed so all default values are read.

Commits

- See full diff in [compare view](https://github.com/classgraph/classgraph/commits)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Automerge options (never/patch/minor, and dev/runtime dependencies) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) Finally, you can contact us by mentioning @dependabot.

[dependabot-preview[bot]]

Superseded by #54.