Bump classgraph from 4.8.78 to 4.8.86

[dependabot-preview]

Bumps classgraph from 4.8.78 to 4.8.86.

Release notes

Sourced from classgraph's releases.

classgraph-4.8.86

In solidarity with worldwide protests demanding an end to racial injustice and racism, all methods of ClassGraph containing the words "whitelist" and "blacklist" have been renamed to instead use the words "accept" and "reject" respectively. (The old methods are still in place for compatibility, but they have been marked as deprecated.)

Some may object to this change as an over-sensitization or racialization of terms that were never inherently racial in nature. The terms "whitelist" or "blacklist" may not bring to mind racially-oriented connotations to many people. However, these terms originated in a time when the very words "white" and "black" had even stronger discriminatory connotations than they have now:

From https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6148600/ :

In this context, it is worth examining the origins of the term “blacklist” from the Douglas Harper Etymology Dictionary, which states that its origin and history is:

n.

also black-list, black list, “list of persons who have incurred suspicion,” 1610s, from black (adj.), here indicative of disgrace, censure, punishment (attested from 1590s, in black book) + list (n.). Specifically of employers’ list of workers considered troublesome (usually for union activity) is from 1888. As a verb, from 1718. Related: Blacklisted; blacklisting.

It is notable that the first recorded use of the term occurs at the time of mass enslavement and forced deportation of Africans to work in European-held colonies in the Americas.

May we soon see concrete progress towards a world free of racism, prejudice and injustice.

-- Luke Hutchison (ClassGraph creator and maintainer)

classgraph-4.8.85

Fix a package root prefix duplication issue with Spring Boot executable jars (#435, thanks to @michael-simons for reporting).

classgraph-4.8.84

Fixed two bugs:

• Regression: jar:, jar://, jar:file:, and jar:file:// URL handling was broken (#434, thanks to @alexsuter for reporting).
• jrt: URLs should not have a jar: prefix added to them, or use a ! to separate the module URI from the path within the module (#433, thanks to @GedMarc for reporting).

classgraph-4.8.83

Don't override the classpath when deserializing a ScanResult from JSON -- just use the classpath of the caller. (This will produce fewer surprises than overriding the classpath, although be aware that the contents of the ScanResult may not match the classes available in the classpath after deserialization.) (#431, thanks to @fluxroot)

classgraph-4.8.82

Fix a JSON serialization bug (#431 -- thanks to @fluxroot for reporting).

classgraph-4.8.81

Fix an exception in the JSON deserializer (#431) -- thanks to @fluxroot for reporting.

classgraph-4.8.80

Fixed #430, which covers limitations of the with ResourceList item consumer API, when the consumer needs to be able to throw IOException. (Thanks to @mike-neck for reporting the issue.)

• Added three new classes:
  • ResourceList#ByteArrayConsumerThrowsIOException
  • ResourceList#InputStreamConsumerThrowsIOException
  • ResourceList#ByteBufferConsumerThrowsIOException
• Deprecated:
  • ResourceList#forEachByteArray(ByteArrayConsumer consumer, boolean ignoreIOExceptions)
  • ResourceList#forEachByteArray(final ByteArrayConsumer consumer)
  • ResourceList#forEachInputStream(InputStreamConsumer consumer, boolean ignoreIOExceptions)
  • ResourceList#forEachInputStream(InputStreamConsumer consumer)
  • ResourceList#forEachByteBuffer(ByteBufferConsumer consumer, boolean ignoreIOExceptions)

... (truncated)

Commits

• 4e06e2f [maven-release-plugin] prepare release classgraph-4.8.86
• a2e059f Bump version back down
• 78e26d5 [maven-release-plugin] prepare for next development iteration
• 2ff2234 [maven-release-plugin] prepare release classgraph-4.8.86
• 1f81a3d Whitelist -> Accept; Blacklist -> Reject
• 4e8ae64 [maven-release-plugin] prepare for next development iteration
• 1362b24 [maven-release-plugin] prepare release classgraph-4.8.85
• 58d4457 Strip automatic package root suffix if present (#435)
• 7c45b26 Get rid of unnecessary path "BOOT-INF/lib-provided/"
• 20597b2 Set fail-fast:false
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[coveralls]

Coverage remained the same at 81.834% when pulling 00cb55a on dependabot/maven/io.github.classgraph-classgraph-4.8.86 into d3cbcc2 on master.