Bump classgraph from 4.8.106 to 4.8.114

[dependabot]

Bumps classgraph from 4.8.106 to 4.8.114.

Release notes

Sourced from classgraph's releases.

classgraph-4.8.114

Fixed bug where short constant values (e.g. short-typed annotation parameter values) were always being read as zero. Thanks to @​liangzengle for reporting the bug and tracing it right down to the source line that needed to be fixed!

classgraph-4.8.113

• Don't throw IllegalArgumentException if ClassInfo#getClassesImplementing() or ScanResult#getClassesImplementing() are called for a non-interface class.
• Don't throw IllegalArgumentException if ClassInfo#getClassesWithAnnotation() or ScanResult#getClassesWithAnnotation() are called for a non-annotation class.

#543, thanks to @​parttimenerd for the request.

classgraph-4.8.112

• Added a secure version of DocumentBuilderFactory and XPATHFactory to prevent XXE (XML External Entity) attack when reading pom.xml file (#539, thanks to @​kshitizg for the pull request!).

classgraph-4.8.111

Allow globs when accepting/rejecting specific classes, e.g. new ClassGraph().acceptClasses("*.*Suffix") (#536, thanks to @​cushon for the request!)

classgraph-4.8.110

Add method AnnotationInfo#getParameterValues(boolean includeDefaultValues) so that defaults don't have to be included (#535, thanks to @​zerikv for requesting).

classgraph-4.8.109

Add support for Quarkus 1.13's new classloader. Thanks to @​itmrat01 for the code contribution! (#531, #532).

classgraph-4.8.108

JDK 11 classfile format compatibility fix (JDK 11 added a constant pool tag, and the classfile can't be read without knowing how long the corresponding constant pool entry is expected to be). (#527, thanks to @​haoyuf for reporting.)

classgraph-4.8.107

Fix classloader detection for TomEE JAX-RS endpoints (#515, thanks to @​Restage for detailed assistance in debugging this weird issue!).

Commits

• 68dcf10 [maven-release-plugin] prepare release classgraph-4.8.114
• e0557fe Fix reading of short values from constant pool table (#548)
• 984d35c Merge pull request #546 from classgraph/dependabot/maven/org.slf4j-slf4j-jdk1...
• c5bb5e3 Merge pull request #547 from classgraph/dependabot/maven/org.slf4j-slf4j-api-...
• a978187 Bump slf4j-api from 2.0.0-alpha3 to 2.0.0-alpha4
• b9b93e5 Bump slf4j-jdk14 from 2.0.0-alpha3 to 2.0.0-alpha4
• 69caa9a Merge pull request #545 from classgraph/dependabot/maven/org.slf4j-slf4j-jdk1...
• a4224bb Merge pull request #544 from classgraph/dependabot/maven/org.slf4j-slf4j-api-...
• cb4fa77 Bump slf4j-jdk14 from 2.0.0-alpha2 to 2.0.0-alpha3
• 0dff2ef Bump slf4j-api from 2.0.0-alpha2 to 2.0.0-alpha3
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #25.