Remove reflections lib in favor of ClassGraph

[smyrick]

📝 Description

There is a security issue with one of the dependencies of org.reflections:reflection:0.9.11. Instead of resolving the dep issue we should migrate away from this library since the last version was released in 2017.

https://github.com/classgraph/classgraph is an active supported library with reported faster implementation of reflection.

The security issue was in com.google.guava:guava:20.0 but since we were still using some guava code in our library I have added com.google.guava:guava:28-jre as an explicit dependency

🔗 Related Issues

Fixes #449

[codecov-io]

Codecov Report

Merging #450 into master will increase coverage by 0.01%.
The diff coverage is 100%.

@@             Coverage Diff              @@
##             master     #450      +/-   ##
============================================
+ Coverage     97.92%   97.94%   +0.01%     
- Complexity      326      328       +2     
============================================
  Files           106      106              
  Lines          1254     1265      +11     
  Branches        206      207       +1     
============================================
+ Hits           1228     1239      +11     
  Misses            7        7              
  Partials         19       19

Impacted Files	Coverage Δ	Complexity Δ
...om/expediagroup/graphql/generator/SubTypeMapper.kt	100% <100%> (ø)	5 <4> (+2)	⬆️
...oup/graphql/federation/FederatedSchemaGenerator.kt	100% <100%> (ø)	4 <2> (ø)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 0724ef9...087462b. Read the comment docs.

[dariuszkuc]

LGTM

[smyrick]

Not sure what is going on with GH actions builds pass locally and on travis.