Bump classgraph from 4.8.106 to 4.8.112

[dependabot]

Bumps classgraph from 4.8.106 to 4.8.112.

Release notes

Sourced from classgraph's releases.

classgraph-4.8.112

• Added a secure version of DocumentBuilderFactory and XPATHFactory to prevent XXE (XML External Entity) attack when reading pom.xml file (#539, thanks to @​kshitizg for the pull request!).

classgraph-4.8.111

Allow globs when accepting/rejecting specific classes, e.g. new ClassGraph().acceptClasses("*.*Suffix") (#536, thanks to @​cushon for the request!)

classgraph-4.8.110

Add method AnnotationInfo#getParameterValues(boolean includeDefaultValues) so that defaults don't have to be included (#535, thanks to @​zerikv for requesting).

classgraph-4.8.109

Add support for Quarkus 1.13's new classloader. Thanks to @​itmrat01 for the code contribution! (#531, #532).

classgraph-4.8.108

JDK 11 classfile format compatibility fix (JDK 11 added a constant pool tag, and the classfile can't be read without knowing how long the corresponding constant pool entry is expected to be). (#527, thanks to @​haoyuf for reporting.)

classgraph-4.8.107

Fix classloader detection for TomEE JAX-RS endpoints (#515, thanks to @​Restage for detailed assistance in debugging this weird issue!).

Commits

• b3bddc7 [maven-release-plugin] prepare release classgraph-4.8.112
• 5e32b91 Source > Cleanup
• 2a5dbf7 Update README.md
• 5d8d61d Update README.md
• 2531599 Merge pull request #539 from kshitizg/latest
• 681362a Adding SecureDocumentBuilderFactory & SecureXPATHFactory to prevent XXE( XML ...
• 71ba4a2 [maven-release-plugin] prepare for next development iteration
• 4aeda58 [maven-release-plugin] prepare release classgraph-4.8.111
• 2022d94 Update JavaDoc
• f191ba9 Merge branch 'latest' of https://github.com/classgraph/classgraph into latest
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #20.