Skip to content

deps(deps-dev): bump net.bytebuddy:byte-buddy from 1.18.10 to 1.18.11 in the maven-minor-patch group across 1 directory#310

Merged
DemchaAV merged 2 commits into
developfrom
dependabot/maven/develop/maven-minor-patch-cd440a9549
Jul 6, 2026
Merged

deps(deps-dev): bump net.bytebuddy:byte-buddy from 1.18.10 to 1.18.11 in the maven-minor-patch group across 1 directory#310
DemchaAV merged 2 commits into
developfrom
dependabot/maven/develop/maven-minor-patch-cd440a9549

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps the maven-minor-patch group with 1 update in the / directory: net.bytebuddy:byte-buddy.

Updates net.bytebuddy:byte-buddy from 1.18.10 to 1.18.11

Release notes

Sourced from net.bytebuddy:byte-buddy's releases.

Byte Buddy 1.18.11

  • Add SBOM to published artifacts.
  • Check for traversable paths injected into class files as a rather hypothetical attack vector.
Changelog

Sourced from net.bytebuddy:byte-buddy's changelog.

2. July 2026: version 1.18.11

  • Add SBOM to published artifacts.
  • Check for traversable paths injected into class files as a rather hypothetical attack vector.
Commits
  • 88dd0a3 [publish] Releasing Byte Buddy 1.18.11
  • 46fcade [release] Release new version
  • 6a68de6 Prevent path traversal from crafted type names when writing class files to fo...
  • 9ba4ab6 Pin ClusterFuzzLite base image and actions by hash.
  • dd4f81e Add SBOM to build.
  • 7dd9a0d Update internal Byte Buddy and release notes
  • d6b3e15 [publish] Start next development iteration 1.18.11-SNAPSHOT
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the maven-minor-patch group with 1 update in the / directory: [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy).


Updates `net.bytebuddy:byte-buddy` from 1.18.10 to 1.18.11
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](raphw/byte-buddy@byte-buddy-1.18.10...byte-buddy-1.18.11)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-version: 1.18.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency maven Java/Maven dependency updates labels Jul 6, 2026
@dependabot dependabot Bot requested a review from DemchaAV as a code owner July 6, 2026 04:29
@dependabot dependabot Bot added dependencies Pull requests that update a dependency maven Java/Maven dependency updates labels Jul 6, 2026
@DemchaAV DemchaAV merged commit a298d55 into develop Jul 6, 2026
11 checks passed
@DemchaAV DemchaAV deleted the dependabot/maven/develop/maven-minor-patch-cd440a9549 branch July 6, 2026 07:10
DemchaAV added a commit that referenced this pull request Jul 6, 2026
* fix(engine): contain long inline-code within its column (#307)

* fix(engine): break over-wide inline-code tokens within their column

Long code tokens with no whitespace — package coordinates, FQCNs, URLs
like org.junit.jupiter:junit-jupiter:5.10.2 — overflowed a paragraph or
table cell instead of wrapping, drawing over the neighbouring content.
All three paragraph wrap paths placed a lone over-wide token as-is, and
highlight-chip words were never broken at all.

Route an over-wide token through a new breakLongToken helper on the plain,
inline, and markdown wrap paths. It breaks at soft seams (. : / -) so
coordinates and URLs split at readable boundaries, and char-splits any
segment still too wide as a last resort. Highlight-chip words break the
same way while keeping one rounded fill per visual fragment: the split
pieces retain the run's highlight group and background, with the outer
padding on the first and last fragment only and the break seams open.

Tokens that already fit follow the unchanged fast path, so existing prose
and layouts are byte-identical (full suite green, no snapshot drift).

* feat(engine): size AUTO table columns to composed cell content

A composed table cell (DocumentTableCell.node(...)) contributed no natural
width, so an AUTO column holding only composed content collapsed toward zero
and its child — an inline-code chip, say — was laid out at a near-zero width.

Measure a composed cell's intrinsic content width in resolveNaturalColumnWidths
and feed it into the AUTO column's natural width, reusing the same
prepare-to-measure pattern as RowSlots.intrinsicColumnWidths. The child is
measured against the table's inner width, so one cell can never demand more
than the table can give. Only single-column composed cells in AUTO columns are
measured; plain-text cells, FIXED columns and spanning cells are unchanged, so
a chip in a FIXED column keeps its declared width and breaks inside it.

As with plain-text AUTO columns, a table too narrow for the summed intrinsic
width of its AUTO columns still reports "exceeds available width".

* docs(examples): add inline-code column-wrap example + CHANGELOG entry

InlineCodeColumnWrapExample renders a long inlineCode(...) coordinate breaking
at its . : / - seams inside a narrow fixed column and fitting on one line in an
auto column, registered in GenerateAllExamples with a committed preview PDF and
a README quick-reference row. CHANGELOG v1.9.1 documents the chip-overflow fix
and the auto-column sizing.

* deps(deps-dev): bump net.bytebuddy:byte-buddy (#310)

Bumps the maven-minor-patch group with 1 update in the / directory: [net.bytebuddy:byte-buddy](https://github.com/raphw/byte-buddy).


Updates `net.bytebuddy:byte-buddy` from 1.18.10 to 1.18.11
- [Release notes](https://github.com/raphw/byte-buddy/releases)
- [Changelog](https://github.com/raphw/byte-buddy/blob/master/release-notes.md)
- [Commits](raphw/byte-buddy@byte-buddy-1.18.10...byte-buddy-1.18.11)

---
updated-dependencies:
- dependency-name: net.bytebuddy:byte-buddy
  dependency-version: 1.18.11
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: maven-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Artem Demchyshyn <132658418+DemchaAV@users.noreply.github.com>

* refactor(engine): extract TokenBreaking from TextFlowSupport (#313)

* refactor(engine): extract TokenBreaking from TextFlowSupport

The token-breaking family — breakLongToken, softBreakSegments, splitLongToken
and fitCharacters — was pure string logic reachable only through breakLongToken
from the three wrap loops, yet covered only end-to-end via the paragraph render
tests. Move it verbatim into a package-private TokenBreaking; TextFlowSupport
now calls TokenBreaking.breakLongToken(...) at its three wrap sites. Behaviour is
unchanged (methods lifted as-is) and the wrap file drops ~125 lines.

Add TokenBreakingTest: direct coverage of seam segmentation, greedy packing, the
char-level fallback and the min-one-char guarantee, driven by a deterministic
fixed-width measurement double so the assertions do not depend on font metrics.

* refactor(engine): harden the TokenBreaking helper surface

Guard softBreakSegments against null/empty (splitLongToken already did, and both
are now package-visible directly-callable entry points), add the @author tag to
match the sibling layout helpers, and cover the null/empty and fits-whole edges
directly in TokenBreakingTest.

* fix(web): keep showcase modal action buttons on one line

In the lightbox header the action buttons could shrink to their min-content
(the longest word) and wrap ("Open"/"PDF" on two lines) whenever the card title
was long enough to squeeze them — so the buttons looked inconsistent between
cards. Give .example-action white-space: nowrap + flex-shrink: 0 and .lightbox-
actions flex-shrink: 0 so the buttons keep a stable single-line size, and give
.lightbox-title min-width: 0 so a long title wraps instead of compressing them.

* fix(examples): keep the deck version pill on one line for qualified versions

The banner pill renders "v" + the stamped project version inside a fixed
96pt rounded rect. A dev/pre-release qualifier ("2.0.0-SNAPSHOT",
"2.0.0-beta.1") is wider than the pill, and the engine now wraps long
tokens at their "." / "-" seams, so the pill broke onto two lines and
shifted the title-page layout. Show the base version only ("v2.0.0") —
the footer keeps the full qualified version — so the pill geometry stays
stable across dev and release stamps.

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency maven Java/Maven dependency updates

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant