dependabot[bot] opened a new pull request, #45: URL: https://github.com/apache/logging-log4j-audit/pull/45
Bumps [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy) from 1.6.6 to 1.14.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/raphw/byte-buddy/releases";>net.bytebuddy:byte-buddy's releases</a>.</em></p> <blockquote> <h2>Byte Buddy 1.14.9</h2> <ul> <li>Update ASM to version 9.6</li> <li>Support Android plugin to support APG version 7.4</li> </ul> <h2>Byte Buddy 1.14.8</h2> <ul> <li>Correctly read versions from class file that would use both bytes.</li> <li>Fix Byte Buddy Gradle plugin for Gradle 8.3+.</li> <li>Correct field and static method access on subtypes in <code>MemberSubstitution</code>.</li> <li>Support APK 7.4+ versions in Byte Buddy Gradle for Android plugin.</li> </ul> <h2>Byte Buddy 1.14.7</h2> <ul> <li>Correctly read minor version from class file.</li> <li>Catch type resolution errors when applying <code>Plugin.Engine</code>.</li> </ul> <h2>Byte Buddy 1.14.6</h2> <ul> <li>Add <code>PatchMode.SUBSTITUTE</code> and <code>ResettableClassFileTransformer.Substitutable</code> for in-order patching.</li> <li>Allow for explicit specification og differential matcher when patching an <code>AgentBuilder</code>.</li> <li>Add platform loader to locator for build plugins.</li> <li>Correctly resolve accessors for fields with capitalized first letter.</li> <li>Make jars for Android read-only as newer versions require it.</li> </ul> <h2>Byte Buddy 1.14.5</h2> <ul> <li>Avoid use of location if agent argument separator is contained.</li> <li>Allow failure of member substitution if no element is separated.</li> <li>Allow retry in case of parallel class injection.</li> </ul> <h2>Byte Buddy 1.14.4</h2> <ul> <li>Include instrumented type and auxiliary types in <code>TypePool</code> that is passed to <code>TypeWriter</code>.</li> </ul> <h2>Byte Buddy 1.14.3</h2> <ul> <li>Make <code>MethodGraph.Compiler</code> failsafe when processing incomplete methods.</li> <li>Update ASM.</li> </ul> <h2>Byte Buddy 1.14.2</h2> <ul> <li>Fix offset mapping for local variable array remapping in <code>Advice</code>.</li> <li>Add possibility to specify an index for <code>skipOn</code> and <code>repeatOn</code> which resolves the checked value from a returned array.</li> </ul> <h2>Byte Buddy 1.14.1</h2> <ul> <li>Add <em>extended</em> scope for Maven Byte Buddy plugin to include all non-test-dependencies.</li> </ul> <h2>Byte Buddy 1.14.0</h2> <ul> <li>Add <code>Step.Factory.ForDelegation</code> in <code>MemberSubstitution</code> that allows for delegation similar to <code>MethodDelegation</code> but in-code.</li> <li>Add handlers for <code>MethodDelegation</code> and <code>Advice</code> that leverage method handles for field access and self-invocation.</li> <li>Add <code>Step.Factory</code> for type assignment that allows casting the return value from a previous step to another type.</li> <li>Avoid usage of <code>URL</code> class loader as it is deprecated, and use newer method if available.</li> </ul> <h2>Byte Buddy 1.13.0</h2> <ul> <li>Complete <code>MemberSubstitution</code> API which now retains the original instruction for invocation.</li> <li>Allow excluding methods from a <code>MethodGraph.Compiler</code> using an <code>ElementMatcher</code>.</li> <li>Add a filtering <code>ClassFileLocator</code>.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/raphw/byte-buddy/blob/master/release-notes.md";>net.bytebuddy:byte-buddy's changelog</a>.</em></p> <blockquote> <h3>9. October 2023: version 1.14.9</h3> <ul> <li>Update ASM to version 9.6</li> <li>Support Android plugin to support APG version 7.4</li> </ul> <h3>15. September 2023: version 1.14.8</h3> <ul> <li>Correctly read versions from class file that would use both bytes.</li> <li>Fix Byte Buddy Gradle plugin for Gradle 8.3+.</li> <li>Correct field and static method access on subtypes in <code>MemberSubstitution</code>.</li> <li>Support APK 7.4+ versions in Byte Buddy Gradle for Android plugin.</li> </ul> <h3>28. August 2023: version 1.14.7</h3> <ul> <li>Correctly read minor version from class file.</li> <li>Catch type resolution errors when applying <code>Plugin.Engine</code>.</li> </ul> <h3>15. August 2023: version 1.14.6</h3> <ul> <li>Add <code>PatchMode.SUBSTITUTE</code> and <code>ResettableClassFileTransformer.Substitutable</code> for in-order patching.</li> <li>Allow for explicit specification og differential matcher when patching an <code>AgentBuilder</code>.</li> <li>Add platform loader to locator for build plugins.</li> <li>Correctly resolve accessors for fields with capitalized first letter.</li> <li>Make jars for Android read-only as newer versions require it.</li> </ul> <h3>1. June 2023: version 1.14.5</h3> <ul> <li>Avoid use of location if agent argument separator is contained.</li> <li>Allow failure of member substitution if no element is separated.</li> <li>Allow retry in case of parallel class injection.</li> </ul> <h3>11. April 2023: version 1.14.4</h3> <ul> <li>Include instrumented type and auxiliary types in <code>TypePool</code> that is passed to <code>TypeWriter</code>.</li> </ul> <h3>13. March 2023: version 1.14.3</h3> <ul> <li>Make <code>MethodGraph.Compiler</code> failsafe when processing incomplete methods.</li> <li>Update ASM.</li> </ul> <h3>13. March 2023: version 1.14.2</h3> <ul> <li>Fix offset mapping for local variable array remapping in <code>Advice</code>.</li> <li>Add possibility to specify an index for <code>skipOn</code> and <code>repeatOn</code> which resolves the checked value from a returned array.</li> </ul> <h3>7. March 2023: version 1.14.1</h3> <ul> <li>Add <em>extended</em> scope for Maven Byte Buddy plugin to include all non-test-dependencies.</li> </ul> <h3>18. February 2023: version 1.14.0</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/raphw/byte-buddy/commit/3bca41c5a9bef8e295c368527578b1ee38191b89";><code>3bca41c</code></a> [maven-release-plugin] prepare release byte-buddy-1.14.9</li> <li><a href="https://github.com/raphw/byte-buddy/commit/b0f9594e84a4d9a32dd98dcf992bf775ae49cfb7";><code>b0f9594</code></a> [release] Release new version</li> <li><a href="https://github.com/raphw/byte-buddy/commit/aa8b160bf4d461d33a6f53bcb23f436adbe839ef";><code>aa8b160</code></a> Remove non-available versions.</li> <li><a href="https://github.com/raphw/byte-buddy/commit/82014e3801dd24afa32f024b3cb6c7d52d78a106";><code>82014e3</code></a> Small cleanups.</li> <li><a href="https://github.com/raphw/byte-buddy/commit/949553246785e0ec4497498a71ba1fdb41c2e516";><code>9495532</code></a> Enhanced android testing (<a href="https://redirect.github.com/raphw/byte-buddy/issues/1538";>#1538</a>)</li> <li><a href="https://github.com/raphw/byte-buddy/commit/fe96422fe20ef8c286e2e766c9c2e00d6c725124";><code>fe96422</code></a> Fix up configuration.</li> <li><a href="https://github.com/raphw/byte-buddy/commit/d5977235dd734dd10e6ebf13925ecc629f2eb829";><code>d597723</code></a> Clean up Android fixes.</li> <li><a href="https://github.com/raphw/byte-buddy/commit/a9013065d3d6b8beedbceb2ffffc5d21bbcadeda";><code>a901306</code></a> Clean up Android fixes.</li> <li><a href="https://github.com/raphw/byte-buddy/commit/2c7d58de18f31e0ce50cb5d70f21c23efe7fbc2f";><code>2c7d58d</code></a> Enhanced agp 7.4 instrumentation (<a href="https://redirect.github.com/raphw/byte-buddy/issues/1537";>#1537</a>)</li> <li><a href="https://github.com/raphw/byte-buddy/commit/cf79ad1c3f96096d1e32fa595cad4ac24836cdca";><code>cf79ad1</code></a> Update ASM and include new versions.</li> <li>Additional commits viewable in <a href="https://github.com/raphw/byte-buddy/compare/byte-buddy-1.6.6...byte-buddy-1.14.9";>compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
