Bump asm from 7.0 to 8.0.1

[dependabot-preview]

Bumps asm from 7.0 to 8.0.1.

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)

[jhejderup]

Bumping org.ow2.asm:asm from 7.0 to 8.0.1 introduces new changes to 5 functions called by 4 functions in this project. Below are example call stacks that will be impacted after the update:

• 
  Sample Affected Call Path(s)

  org.mutabilitydetector.asm.typehierarchy.TypeHierarchy.<clinit>
  
        at: org.objectweb.asm.Type.getType
  
        at: org.objectweb.asm.Type.getDescriptor
  
        at: org.objectweb.asm.Type.appendDescriptor
  
  

  Changed Dependency Function(s)

  • 
    • Delete Invocation in If (L641)
    • Delete LocalVariable in If (L635)
    • Delete LocalVariable in If (L636)
    • Delete For in If (L637)
    • Insert Invocation in If (L644)
    • Move VariableRead in Invocation (L635) to Invocation (L644)
    • Move Literal in Invocation (L641) to Invocation (L644)
    • Move Invocation in If (L634) to Invocation (L644)
• 
  Sample Affected Call Path(s)

  org.mutabilitydetector.asm.typehierarchy.TypeHierarchyReader.obtainHierarchyOf
  
        at: org.objectweb.asm.ClassReader.getInterfaces
  
        at: org.objectweb.asm.ClassReader.readUnsignedShort
  
  

  Changed Dependency Function(s)

  • 
    • Update FieldRead in LocalVariable (L3352) to LocalVariable (L3567)
    • Update LocalVariable in Method (L3352) to Method (L3567)
    • Update VariableRead in Return (L3378) to Return (L3568)
    • Update VariableRead in Return (L3353) to Return (L3568)
    • Move BinaryOperator in Return (L3378) to Return (L3568)
• 
  Sample Affected Call Path(s)

  org.mutabilitydetector.asm.typehierarchy.TypeHierarchyReader.reader
  
        at: org.objectweb.asm.ClassReader.<init>
  
        at: org.objectweb.asm.ClassReader.<init>
  
        at: org.objectweb.asm.ClassReader.<init>
  
        at: org.objectweb.asm.ClassReader.<init>
  
        at: org.objectweb.asm.ClassReader.readShort
  
  

  Changed Dependency Function(s)

  • 
    • Update VariableRead in Return (L3365) to Return (L3580)
    • Update FieldRead in LocalVariable (L3364) to LocalVariable (L3579)
    • Update LocalVariable in Method (L3364) to Method (L3579)
    • Update VariableRead in Return (L3365) to Return (L3580)
    • Move Parameter in Method (L3340) to Method (L3578)
• 
  Sample Affected Call Path(s)

  org.mutabilitydetector.asm.NonClassloadingClassWriter.<init>
  
        at: org.objectweb.asm.ClassWriter.<init>
  
        at: org.objectweb.asm.SymbolTable.<init>
  
        at: org.objectweb.asm.ClassReader.readByte
  
  

  Changed Dependency Function(s)

  • 
    • Update FieldRead in Return (L3341) to Return (L3556)
    • Move Parameter in Method (L3363) to Method (L3555)
  • 

---

Give this issue a 👍 if it is useful, 👎 if it is not, and 👀if neutral.

[jhejderup]

We conducted a short code review based on the information above with the conclusion that this update is non-problematic and seems safe to update for the following reasons:

• org.objectweb.asm.ClassReader.{readUnsignedShort, readShort, readByte, readInt} have changed variable names and no other changes. (In GumTree/Spoon, combinations of Update and Move operations of ASTs typically translates into variable changes).

• org.objectweb.asm.appendDescriptor is a simple refactoring.

Does this analysis seem correct and reasonable for this update request?

About us

We are a group of university researchers trying to make automated dependency services more useful and user-friendly for OSS projects. Our goal is to make changelog information more contextual and personalized. If you want to reach out to us, drop @jhejderup a message.

[dependabot-preview]

Superseded by #38.