[orc] branch main updated: ORC-1319: Upgrade byte-buddy to 1.12.19

Fri, 25 Nov 2022 23:50:42 -0800 

This is an automated email from the ASF dual-hosted git repository.

william pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/orc.git


The following commit(s) were added to refs/heads/main by this push:
     new ec99a83ea ORC-1319: Upgrade byte-buddy to 1.12.19
ec99a83ea is described below

commit ec99a83ea189573e52dc36a0e502e94df43241b4
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Fri Nov 25 23:50:25 2022 -0800

    ORC-1319: Upgrade byte-buddy to 1.12.19
    
    Bumps [byte-buddy](https://github.com/raphw/byte-buddy) from 1.12.16 to 
1.12.19.
    <details>
    <summary>Release notes</summary>
    <p><em>Sourced from <a 
href="https://github.com/raphw/byte-buddy/releases";>byte-buddy's 
releases</a>.</em></p>
    <blockquote>
    <h2>Byte Buddy 1.12.19</h2>
    <ul>
    <li>Avoid possible lock through circular class loading of 
<code>TypeDescription</code> subtypes.</li>
    <li>Avoid access error when using unsafe API on Java 17 with an active 
security manager.</li>
    <li>Close URL class loader used in Gradle plugin.</li>
    </ul>
    <h2>Byte Buddy 1.12.18</h2>
    <ul>
    <li>Allow writing to field from enter <code>Advice</code> in constructor, 
as byte code allows it.</li>
    <li>Refactor Android plugin processor to avoid skipping local classes.</li>
    <li>Improve staleness filter for Maven plugin.</li>
    <li>Fix incorrect resolution of custom bound invokedynamic values in 
<code>Advice</code>.</li>
    </ul>
    <h2>Byte Buddy 1.12.17</h2>
    <ul>
    <li>Use decorating <code>EntryPoint</code> in Android Gradle plugin.</li>
    <li>Introduce <code>PatchMode</code> on <code>AgentBuilder</code> patching 
to allow for control over overlap.</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Changelog</summary>
    <p><em>Sourced from <a 
href="https://github.com/raphw/byte-buddy/blob/master/release-notes.md";>byte-buddy's
 changelog</a>.</em></p>
    <blockquote>
    <h2>Byte Buddy release notes</h2>
    <h3>11. October 2022: version 1.12.18</h3>
    <ul>
    <li>Allow writing to field from enter <code>Advice</code> in constructor, 
as byte code allows it.</li>
    <li>Refactor Android plugin processor to avoid skipping local classes.</li>
    <li>Improve staleness filter for Maven plugin.</li>
    <li>Fix incorrect resolution of custom bound <em>invokedynamic</em> values 
in <code>Advice</code>.</li>
    </ul>
    <h3>21. September 2022: version 1.12.17</h3>
    <ul>
    <li>Use decorating <code>EntryPoint</code> in Android Gradle plugin.</li>
    <li>Introduce <code>PatchMode</code> on <code>AgentBuilder</code> patching 
to allow for control over overlap.</li>
    </ul>
    </blockquote>
    </details>
    <details>
    <summary>Commits</summary>
    <ul>
    <li><a 
href="https://github.com/raphw/byte-buddy/commit/c93425a1e92bd246c053968512226ff391c54b5c";><code>c93425a</code></a>
 [maven-release-plugin] prepare release byte-buddy-1.12.19</li>
    <li><a 
href="https://github.com/raphw/byte-buddy/commit/b1f4e9b4ee3af704d1eb2ca9083a10b429d2a802";><code>b1f4e9b</code></a>
 [release] New release</li>
    <li><a 
href="https://github.com/raphw/byte-buddy/commit/8d17e3a2a3ee4bb85b5f1cae829ddaea5e5ee147";><code>8d17e3a</code></a>
 Merge pull request <a 
href="https://github-redirect.dependabot.com/raphw/byte-buddy/issues/1359";>#1359</a>
 from eyalkoren/protection-domain</li>
    <li><a 
href="https://github.com/raphw/byte-buddy/commit/c57139e69cbaae155eba59194d787e58e0a9e215";><code>c57139e</code></a>
 Using explicit ProtectionDomain in dynamically loaded classes</li>
    <li><a 
href="https://github.com/raphw/byte-buddy/commit/ff8be9a91bf92d8e53517e276c29ac67c8c36236";><code>ff8be9a</code></a>
 Attempt cloning protection domain from accessible object to avoid security 
ma...</li>
    <li><a 
href="https://github.com/raphw/byte-buddy/commit/6fe45f76efa6e084efdeb3a937088cd1da79b9b6";><code>6fe45f7</code></a>
 Make s in message optional.</li>
    <li><a 
href="https://github.com/raphw/byte-buddy/commit/902350124381f387362385a2a6c160a649d2fbe3";><code>9023501</code></a>
 Fix scope of summary variable.</li>
    <li><a 
href="https://github.com/raphw/byte-buddy/commit/02091f13f40fe5c29926c4976e166f162d704ac2";><code>02091f1</code></a>
 Update codeql-analysis.yml</li>
    <li><a 
href="https://github.com/raphw/byte-buddy/commit/628b6a90c503192f9987fc488421a19d7d331bd5";><code>628b6a9</code></a>
 Close class loader in Gradle plugin, if possible.</li>
    <li><a 
href="https://github.com/raphw/byte-buddy/commit/9a818565255791fed4d88c369a4dd3938693ff4c";><code>9a81856</code></a>
 Remove unused import.</li>
    <li>Additional commits viewable in <a 
href="https://github.com/raphw/byte-buddy/compare/byte-buddy-1.12.16...byte-buddy-1.12.19";>compare
 view</a></li>
    </ul>
    </details>
    <br />
    
    [![Dependabot compatibility 
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=net.bytebuddy:byte-buddy&package-manager=maven&previous-version=1.12.16&new-version=1.12.19)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
    
    Dependabot will resolve any conflicts with this PR as long as you don't 
alter it yourself. You can also trigger a rebase manually by commenting 
`dependabot rebase`.
    
    [//]: # (dependabot-automerge-start)
    [//]: # (dependabot-automerge-end)
    
    ---
    
    <details>
    <summary>Dependabot commands and options</summary>
    <br />
    
    You can trigger Dependabot actions by commenting on this PR:
    - `dependabot rebase` will rebase this PR
    - `dependabot recreate` will recreate this PR, overwriting any edits that 
have been made to it
    - `dependabot merge` will merge this PR after your CI passes on it
    - `dependabot squash and merge` will squash and merge this PR after your CI 
passes on it
    - `dependabot cancel merge` will cancel a previously requested merge and 
block automerging
    - `dependabot reopen` will reopen this PR if it is closed
    - `dependabot close` will close this PR and stop Dependabot recreating it. 
You can achieve the same result by closing it manually
    - `dependabot ignore this major version` will close this PR and stop 
Dependabot creating any more for this major version (unless you reopen the PR 
or upgrade to it yourself)
    - `dependabot ignore this minor version` will close this PR and stop 
Dependabot creating any more for this minor version (unless you reopen the PR 
or upgrade to it yourself)
    - `dependabot ignore this dependency` will close this PR and stop 
Dependabot creating any more for this dependency (unless you reopen the PR or 
upgrade to it yourself)
    
    </details>
    
    Closes #1322 from 
dependabot[bot]/dependabot/maven/java/net.bytebuddy-byte-buddy-1.12.19.
    
    Authored-by: dependabot[bot] 
<49699333+dependabot[bot]@users.noreply.github.com>
    Signed-off-by: William Hyun <[email protected]>
---
 java/pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/java/pom.xml b/java/pom.xml
index 6fa1b6e5b..93685b984 100644
--- a/java/pom.xml
+++ b/java/pom.xml
@@ -904,7 +904,7 @@
       <dependency>
         <groupId>net.bytebuddy</groupId>
         <artifactId>byte-buddy</artifactId>
-        <version>1.12.16</version>
+        <version>1.12.19</version>
         <scope>test</scope>
       </dependency>
       <dependency>

Reply via email to