You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@orc.apache.org by wi...@apache.org on 2022/11/26 07:50:35 UTC
[orc] branch main updated: ORC-1319: Upgrade byte-buddy to 1.12.19
This is an automated email from the ASF dual-hosted git repository.
william pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/orc.git
The following commit(s) were added to refs/heads/main by this push:
new ec99a83ea ORC-1319: Upgrade byte-buddy to 1.12.19
ec99a83ea is described below
commit ec99a83ea189573e52dc36a0e502e94df43241b4
Author: dependabot[bot] <49...@users.noreply.github.com>
AuthorDate: Fri Nov 25 23:50:25 2022 -0800
ORC-1319: Upgrade byte-buddy to 1.12.19
Bumps [byte-buddy](https://github.com/raphw/byte-buddy) from 1.12.16 to 1.12.19.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/raphw/byte-buddy/releases">byte-buddy's releases</a>.</em></p>
<blockquote>
<h2>Byte Buddy 1.12.19</h2>
<ul>
<li>Avoid possible lock through circular class loading of <code>TypeDescription</code> subtypes.</li>
<li>Avoid access error when using unsafe API on Java 17 with an active security manager.</li>
<li>Close URL class loader used in Gradle plugin.</li>
</ul>
<h2>Byte Buddy 1.12.18</h2>
<ul>
<li>Allow writing to field from enter <code>Advice</code> in constructor, as byte code allows it.</li>
<li>Refactor Android plugin processor to avoid skipping local classes.</li>
<li>Improve staleness filter for Maven plugin.</li>
<li>Fix incorrect resolution of custom bound invokedynamic values in <code>Advice</code>.</li>
</ul>
<h2>Byte Buddy 1.12.17</h2>
<ul>
<li>Use decorating <code>EntryPoint</code> in Android Gradle plugin.</li>
<li>Introduce <code>PatchMode</code> on <code>AgentBuilder</code> patching to allow for control over overlap.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/raphw/byte-buddy/blob/master/release-notes.md">byte-buddy's changelog</a>.</em></p>
<blockquote>
<h2>Byte Buddy release notes</h2>
<h3>11. October 2022: version 1.12.18</h3>
<ul>
<li>Allow writing to field from enter <code>Advice</code> in constructor, as byte code allows it.</li>
<li>Refactor Android plugin processor to avoid skipping local classes.</li>
<li>Improve staleness filter for Maven plugin.</li>
<li>Fix incorrect resolution of custom bound <em>invokedynamic</em> values in <code>Advice</code>.</li>
</ul>
<h3>21. September 2022: version 1.12.17</h3>
<ul>
<li>Use decorating <code>EntryPoint</code> in Android Gradle plugin.</li>
<li>Introduce <code>PatchMode</code> on <code>AgentBuilder</code> patching to allow for control over overlap.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/raphw/byte-buddy/commit/c93425a1e92bd246c053968512226ff391c54b5c"><code>c93425a</code></a> [maven-release-plugin] prepare release byte-buddy-1.12.19</li>
<li><a href="https://github.com/raphw/byte-buddy/commit/b1f4e9b4ee3af704d1eb2ca9083a10b429d2a802"><code>b1f4e9b</code></a> [release] New release</li>
<li><a href="https://github.com/raphw/byte-buddy/commit/8d17e3a2a3ee4bb85b5f1cae829ddaea5e5ee147"><code>8d17e3a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/raphw/byte-buddy/issues/1359">#1359</a> from eyalkoren/protection-domain</li>
<li><a href="https://github.com/raphw/byte-buddy/commit/c57139e69cbaae155eba59194d787e58e0a9e215"><code>c57139e</code></a> Using explicit ProtectionDomain in dynamically loaded classes</li>
<li><a href="https://github.com/raphw/byte-buddy/commit/ff8be9a91bf92d8e53517e276c29ac67c8c36236"><code>ff8be9a</code></a> Attempt cloning protection domain from accessible object to avoid security ma...</li>
<li><a href="https://github.com/raphw/byte-buddy/commit/6fe45f76efa6e084efdeb3a937088cd1da79b9b6"><code>6fe45f7</code></a> Make s in message optional.</li>
<li><a href="https://github.com/raphw/byte-buddy/commit/902350124381f387362385a2a6c160a649d2fbe3"><code>9023501</code></a> Fix scope of summary variable.</li>
<li><a href="https://github.com/raphw/byte-buddy/commit/02091f13f40fe5c29926c4976e166f162d704ac2"><code>02091f1</code></a> Update codeql-analysis.yml</li>
<li><a href="https://github.com/raphw/byte-buddy/commit/628b6a90c503192f9987fc488421a19d7d331bd5"><code>628b6a9</code></a> Close class loader in Gradle plugin, if possible.</li>
<li><a href="https://github.com/raphw/byte-buddy/commit/9a818565255791fed4d88c369a4dd3938693ff4c"><code>9a81856</code></a> Remove unused import.</li>
<li>Additional commits viewable in <a href="https://github.com/raphw/byte-buddy/compare/byte-buddy-1.12.16...byte-buddy-1.12.19">compare view</a></li>
</ul>
</details>
<br />
[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=net.bytebuddy:byte-buddy&package-manager=maven&previous-version=1.12.16&new-version=1.12.19)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `dependabot rebase` will rebase this PR
- `dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `dependabot merge` will merge this PR after your CI passes on it
- `dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `dependabot cancel merge` will cancel a previously requested merge and block automerging
- `dependabot reopen` will reopen this PR if it is closed
- `dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Closes #1322 from dependabot[bot]/dependabot/maven/java/net.bytebuddy-byte-buddy-1.12.19.
Authored-by: dependabot[bot] <49...@users.noreply.github.com>
Signed-off-by: William Hyun <wi...@apache.org>
---
java/pom.xml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/java/pom.xml b/java/pom.xml
index 6fa1b6e5b..93685b984 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -904,7 +904,7 @@
<dependency>
<groupId>net.bytebuddy</groupId>
<artifactId>byte-buddy</artifactId>
- <version>1.12.16</version>
+ <version>1.12.19</version>
<scope>test</scope>
</dependency>
<dependency>