You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@orc.apache.org by wi...@apache.org on 2022/11/26 07:50:35 UTC

[orc] branch main updated: ORC-1319: Upgrade byte-buddy to 1.12.19

This is an automated email from the ASF dual-hosted git repository.

william pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/orc.git


The following commit(s) were added to refs/heads/main by this push:
     new ec99a83ea ORC-1319: Upgrade byte-buddy to 1.12.19
ec99a83ea is described below

commit ec99a83ea189573e52dc36a0e502e94df43241b4
Author: dependabot[bot] <49...@users.noreply.github.com>
AuthorDate: Fri Nov 25 23:50:25 2022 -0800

    ORC-1319: Upgrade byte-buddy to 1.12.19
    
    Bumps [byte-buddy](https://github.com/raphw/byte-buddy) from 1.12.16 to 1.12.19.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a href="https://github.com/raphw/byte-buddy/releases">byte-buddy's releases</a>.</em></p>
    <blockquote>
    <h2>Byte Buddy 1.12.19</h2>
    <ul>
    <li>Avoid possible lock through circular class loading of <code>TypeDescription</code> subtypes.</li>
    <li>Avoid access error when using unsafe API on Java 17 with an active security manager.</li>
    <li>Close URL class loader used in Gradle plugin.</li>
    </ul>
    <h2>Byte Buddy 1.12.18</h2>
    <ul>
    <li>Allow writing to field from enter <code>Advice</code> in constructor, as byte code allows it.</li>
    <li>Refactor Android plugin processor to avoid skipping local classes.</li>
    <li>Improve staleness filter for Maven plugin.</li>
    <li>Fix incorrect resolution of custom bound invokedynamic values in <code>Advice</code>.</li>
    </ul>
    <h2>Byte Buddy 1.12.17</h2>
    <ul>
    <li>Use decorating <code>EntryPoint</code> in Android Gradle plugin.</li>
    <li>Introduce <code>PatchMode</code> on <code>AgentBuilder</code> patching to allow for control over overlap.</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a href="https://github.com/raphw/byte-buddy/blob/master/release-notes.md">byte-buddy's changelog</a>.</em></p>
    <blockquote>
    <h2>Byte Buddy release notes</h2>
    <h3>11. October 2022: version 1.12.18</h3>
    <ul>
    <li>Allow writing to field from enter <code>Advice</code> in constructor, as byte code allows it.</li>
    <li>Refactor Android plugin processor to avoid skipping local classes.</li>
    <li>Improve staleness filter for Maven plugin.</li>
    <li>Fix incorrect resolution of custom bound <em>invokedynamic</em> values in <code>Advice</code>.</li>
    </ul>
    <h3>21. September 2022: version 1.12.17</h3>
    <ul>
    <li>Use decorating <code>EntryPoint</code> in Android Gradle plugin.</li>
    <li>Introduce <code>PatchMode</code> on <code>AgentBuilder</code> patching to allow for control over overlap.</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a href="https://github.com/raphw/byte-buddy/commit/c93425a1e92bd246c053968512226ff391c54b5c"><code>c93425a</code></a> [maven-release-plugin] prepare release byte-buddy-1.12.19</li>
    <li><a href="https://github.com/raphw/byte-buddy/commit/b1f4e9b4ee3af704d1eb2ca9083a10b429d2a802"><code>b1f4e9b</code></a> [release] New release</li>
    <li><a href="https://github.com/raphw/byte-buddy/commit/8d17e3a2a3ee4bb85b5f1cae829ddaea5e5ee147"><code>8d17e3a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/raphw/byte-buddy/issues/1359">#1359</a> from eyalkoren/protection-domain</li>
    <li><a href="https://github.com/raphw/byte-buddy/commit/c57139e69cbaae155eba59194d787e58e0a9e215"><code>c57139e</code></a> Using explicit ProtectionDomain in dynamically loaded classes</li>
    <li><a href="https://github.com/raphw/byte-buddy/commit/ff8be9a91bf92d8e53517e276c29ac67c8c36236"><code>ff8be9a</code></a> Attempt cloning protection domain from accessible object to avoid security ma...</li>
    <li><a href="https://github.com/raphw/byte-buddy/commit/6fe45f76efa6e084efdeb3a937088cd1da79b9b6"><code>6fe45f7</code></a> Make s in message optional.</li>
    <li><a href="https://github.com/raphw/byte-buddy/commit/902350124381f387362385a2a6c160a649d2fbe3"><code>9023501</code></a> Fix scope of summary variable.</li>
    <li><a href="https://github.com/raphw/byte-buddy/commit/02091f13f40fe5c29926c4976e166f162d704ac2"><code>02091f1</code></a> Update codeql-analysis.yml</li>
    <li><a href="https://github.com/raphw/byte-buddy/commit/628b6a90c503192f9987fc488421a19d7d331bd5"><code>628b6a9</code></a> Close class loader in Gradle plugin, if possible.</li>
    <li><a href="https://github.com/raphw/byte-buddy/commit/9a818565255791fed4d88c369a4dd3938693ff4c"><code>9a81856</code></a> Remove unused import.</li>
    <li>Additional commits viewable in <a href="https://github.com/raphw/byte-buddy/compare/byte-buddy-1.12.16...byte-buddy-1.12.19">compare view</a></li>
    </ul>
    </details>
    <br />
    
    [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=net.bytebuddy:byte-buddy&package-manager=maven&previous-version=1.12.16&new-version=1.12.19)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `dependabot rebase` will rebase this PR
    - `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
    - `dependabot merge` will merge this PR after your CI passes on it
    - `dependabot squash and merge` will squash and merge this PR after your CI passes on it
    - `dependabot cancel merge` will cancel a previously requested merge and block automerging
    - `dependabot reopen` will reopen this PR if it is closed
    - `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    - `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    - `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    - `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    
    </details>
    
    Closes #1322 from dependabot[bot]/dependabot/maven/java/net.bytebuddy-byte-buddy-1.12.19.
    
    Authored-by: dependabot[bot] <49...@users.noreply.github.com>
    Signed-off-by: William Hyun <wi...@apache.org>
---
 java/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/pom.xml b/java/pom.xml
index 6fa1b6e5b..93685b984 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -904,7 +904,7 @@
       <dependency>
         <groupId>net.bytebuddy</groupId>
         <artifactId>byte-buddy</artifactId>
-        <version>1.12.16</version>
+        <version>1.12.19</version>
         <scope>test</scope>
       </dependency>
       <dependency>