Bump classgraph from 4.8.105 to 4.8.138

[dependabot]

Bumps classgraph from 4.8.105 to 4.8.138.

Release notes

Sourced from classgraph's releases.

classgraph-4.8.138

• Added two methods (thanks to @​FranGomezVenegas for requesting these, #608):

  • FieldInfoList ClassInfo#getEnumConstants(): returns all the enum constants of an enum class as FieldInfo objects (without loading the enum class).
  • List<Object> ClassInfo#getEnumConstantObjects(): returns all the enum constants of an enum class as objects of the same type as the enum (after loading the enum class and initializing enum constants).

• Mitigate log4j2 vulnerability CVE-2021-44228: ClassGraph does not use log4j2, but does use the built-in Java logging framework, which may be redirected to the log4j2 framework by the calling environment. To be safe, ClassGraph now builds in a protection against this critical vulnerability.

classgraph-4.8.137

Fix illegal access warning on Adopt JDK for most usage (#605, thanks to @​UlrichLohrmann for the report)

classgraph-4.8.136

Contribution by @​tkrautinger (#604):

• ClassInfo: Added isPrivate(), isProtected()
• MethodInfo: Added isPrivate(), isProtected(), isAbstract(), isStrict()
• FieldInfo: Added isPrivate(), isProtected(), isSynthetic(), isEnum()

classgraph-4.8.135

• Fixed issue with resources remaining marked as open after close() was called on an InputStream opened on a module resource (#600 and #602, thanks to @​chrisr3)
• Added Resource#readCloseable() that returns a CloseableByteBuffer that calls Resource#close() when CloseableByteBuffer#close() is called. (#600)

classgraph-4.8.134

Fixes a resource leak (ClassfileReader#close() wasn't closing the underlying resource). Thanks to @​chrisr3 for isolating the problem, and for providing a pull request complete with unit test! (#600)

classgraph-4.8.133

Fix a regression for in the OSGi manifest entries introduced in the previous version, 4.8.132 (#598, thanks to @​Roman-Skripka for the pull request).

classgraph-4.8.132

Fix a regression with OSGi runtime dependencies of ClassGraph (#597, thanks to @​tobias-- for the pull request).

classgraph-4.8.131

Catch unchecked exceptions and errors SecurityException, IllegalArgumentException and IOError in more places when dealing with Path and URI objects, to prevent issues when running with a security manager. Thanks to @​elkman for the pull request. (#594).

classgraph-4.8.130

Allow enableSystemJarsAndModules() to be used in conjunction with overrideClasspath() or overrideClassLoaders() (#592, thanks to @​roxspring for this contribution!).

classgraph-4.8.129

Add the ability to find resources by path glob by calling ScanResult#getResourcesMatchingWildcard(String wildcardString) (#588, thanks to @​jjlin for the request):

• ** matches zero or more characters
• * matches zero or more characters other than /
• ? matches any one character
• Any other valid Java regexp syntax is supported, such as character ranges in square brackets ([a-c]), with the exception of ., which is interpreted as a literal dot character (the single-character wildcard syntax is replaced with ?, as shown above).

classgraph-4.8.128

Optimize reflection by caching fields and methods of introspected classes by name.

classgraph-4.8.127

Fix illegal reflective access warning on stderr in JDK 11 (#579, thanks to @​josephlbarnett for reporting).

... (truncated)

Commits

• ace4dfe [maven-release-plugin] prepare release classgraph-4.8.138
• 752c3fb Merge branch 'latest' of https://github.com/classgraph/classgraph into latest
• 1c8adca Improve test
• 04223e8 Add getEnumConstantObjects() (#608)
• 1028925 Source > Format
• e84c7df Merge pull request #611 from classgraph/dependabot/maven/io.github.toolfactor...
• 1fbc68f Fix comments and names
• 0ee47aa Fix prev checkin
• c0ea4f1 Merge branch 'latest' of https://github.com/classgraph/classgraph into latest
• f9eaae7 Mitigate log4j2 vulnerability CVE-2021-44228, if log4j is the logger
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #155.