Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all ):
dependency-check version : 12.1.0Report Generated On : Thu, 7 Aug 2025 07:43:53 GMTDependencies Scanned : 82 (82 unique)Vulnerable Dependencies : 4 Vulnerabilities Found : 5Vulnerabilities Suppressed : 0 ... NVD API Last Checked : 2025-08-07T07:43:40ZNVD API Last Modified : 2025-08-07T07:15:38ZSummary Display:
Showing Vulnerable Dependencies (click to show all) Description:
Implementation License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /home/runner/.m2/repository/org/eclipse/angus/angus-activation/2.0.2/angus-activation-2.0.2.jar
MD5: 42bba74155dc773eca277ee7a16f74be
SHA1: 41f1e0ddd157c856926ed149ab837d110955a9fc
SHA256: 6dd3bcffc22bce83b07376a0e2e094e4964a3195d4118fb43e380ef35436cc1e
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:runtime
angus-activation-2.0.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.glassfish.jaxb/jaxb-runtime@4.0.5
Evidence Type Source Name Value Confidence Vendor file name angus-activation High Vendor jar package name activation Highest Vendor jar package name angus Highest Vendor jar package name eclipse Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname angus-activation Medium Vendor Manifest extension-name org.eclipse.angus Medium Vendor Manifest implementation-build-id 2.0.2-RELEASE-c08e320 Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest provide-capability osgi.serviceloader;osgi.serviceloader="jakarta.activation.spi.MailcapRegistryProvider",osgi.serviceloader;osgi.serviceloader="jakarta.activation.spi.MimeTypeRegistryProvider" Low Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid angus-activation Highest Vendor pom artifactid angus-activation Low Vendor pom groupid org.eclipse.angus Highest Vendor pom name Angus Activation Registries High Vendor pom parent-artifactid angus-activation-project Low Product file name angus-activation High Product jar package name activation Highest Product jar package name angus Highest Product jar package name eclipse Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Angus Activation Registries Medium Product Manifest bundle-symbolicname angus-activation Medium Product Manifest extension-name org.eclipse.angus Medium Product Manifest implementation-build-id 2.0.2-RELEASE-c08e320 Low Product Manifest Implementation-Title Angus Activation Registries High Product Manifest provide-capability osgi.serviceloader;osgi.serviceloader="jakarta.activation.spi.MailcapRegistryProvider",osgi.serviceloader;osgi.serviceloader="jakarta.activation.spi.MimeTypeRegistryProvider" Low Product Manifest specification-title Jakarta Activation Specification Medium Product pom artifactid angus-activation Highest Product pom groupid org.eclipse.angus Highest Product pom name Angus Activation Registries High Product pom parent-artifactid angus-activation-project Medium Version file version 2.0.2 High Version Manifest Bundle-Version 2.0.2 High Version pom version 2.0.2 Highest
File Path: /home/runner/.m2/repository/org/codehaus/mojo/animal-sniffer-annotations/1.14/animal-sniffer-annotations-1.14.jarMD5: 9d42e46845c874f1710a9f6a741f6c14SHA1: 775b7e22fb10026eed3f86e8dc556dfafe35f2d5SHA256: 2068320bd6bad744c3673ab048f67e30bef8f518996fa380033556600669905dReferenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:providedanimal-sniffer-annotations-1.14.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name animal-sniffer-annotations High Vendor jar package name animal_sniffer Low Vendor jar package name codehaus Highest Vendor jar package name codehaus Low Vendor jar package name mojo Highest Vendor jar package name mojo Low Vendor pom artifactid animal-sniffer-annotations Highest Vendor pom artifactid animal-sniffer-annotations Low Vendor pom groupid org.codehaus.mojo Highest Vendor pom name Animal Sniffer Annotations High Vendor pom parent-artifactid animal-sniffer-parent Low Product file name animal-sniffer-annotations High Product jar package name animal_sniffer Low Product jar package name codehaus Highest Product jar package name ignorejrerequirement Low Product jar package name mojo Highest Product jar package name mojo Low Product pom artifactid animal-sniffer-annotations Highest Product pom groupid org.codehaus.mojo Highest Product pom name Animal Sniffer Annotations High Product pom parent-artifactid animal-sniffer-parent Medium Version file version 1.14 High Version pom version 1.14 Highest
Description:
AOP Alliance License:
Public Domain File Path: /home/runner/.m2/repository/aopalliance/aopalliance/1.0/aopalliance-1.0.jar
MD5: 04177054e180d09e3998808efa0401c7
SHA1: 0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8
SHA256: 0addec670fedcd3f113c5c8091d783280d23f75e3acb841b61a9cdb079376a08
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:provided
aopalliance-1.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven/maven-core@3.8.1
Evidence Type Source Name Value Confidence Vendor file name aopalliance High Vendor jar package name aop Highest Vendor jar package name aopalliance Highest Vendor jar package name aopalliance Low Vendor jar package name intercept Low Vendor pom artifactid aopalliance Highest Vendor pom artifactid aopalliance Low Vendor pom groupid aopalliance Highest Vendor pom name AOP alliance High Vendor pom url http://aopalliance.sourceforge.net Highest Product file name aopalliance High Product jar package name aop Highest Product jar package name aopalliance Highest Product jar package name intercept Low Product pom artifactid aopalliance Highest Product pom groupid aopalliance Highest Product pom name AOP alliance High Product pom url http://aopalliance.sourceforge.net Medium Version file version 1.0 High Version pom version 1.0 Highest
Description:
Checker Qual is the set of annotations (qualifiers) and supporting classes
used by the Checker Framework to type check Java source code. Please
see artifact:
org.checkerframework:checker
License:
GNU General Public License, version 2 (GPL2), with the classpath exception: http://www.gnu.org/software/classpath/license.html
The MIT License: http://opensource.org/licenses/MIT File Path: /home/runner/.m2/repository/org/checkerframework/checker-compat-qual/2.0.0/checker-compat-qual-2.0.0.jar
MD5: b6fb2610dacd211a3e2c3d8af1b60d0f
SHA1: fc89b03860d11d6213d0154a62bcd1c2f69b9efa
SHA256: a40b2ce6d8551e5b90b1bf637064303f32944d61b52ab2014e38699df573941b
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:provided
checker-compat-qual-2.0.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven/maven-core@3.8.1
Evidence Type Source Name Value Confidence Vendor file name checker-compat-qual High Vendor jar package name checker Highest Vendor jar package name checkerframework Highest Vendor jar package name org Highest Vendor Manifest implementation-url http://checkerframework.org/ Low Vendor pom artifactid checker-compat-qual Highest Vendor pom artifactid checker-compat-qual Low Vendor pom developer email dbro@cs.washington.edu Low Vendor pom developer email jburke@cs.washington.edu Low Vendor pom developer email jthaine@cs.washington.edu Low Vendor pom developer email mcarthur@cs.washington.edu Low Vendor pom developer email mernst@cs.washington.edu Low Vendor pom developer email smillst@cs.washington.edu Low Vendor pom developer email wdietl@uwaterloo.ca Low Vendor pom developer id Dan Brown <dbro@cs.washington.edu< Medium Vendor pom developer id David McArthur <mcarthur@cs.washington.edu< Medium Vendor pom developer id Javier Thaine <jthaine@cs.washington.edu< Medium Vendor pom developer id jonathangburke@gmail.com Medium Vendor pom developer id Michael Ernst <mernst@cs.washington.edu> Medium Vendor pom developer id Suzanne Millstein <smillst@cs.washington.edu> Medium Vendor pom developer id wmdietl Medium Vendor pom developer name Dan Brown Medium Vendor pom developer name David McArthur Medium Vendor pom developer name Jonathan G. Burke Medium Vendor pom developer name Michael Ernst Medium Vendor pom developer name Suzanne Millstein Medium Vendor pom developer name Werner M. Dietl Medium Vendor pom developer org University of Washington Medium Vendor pom developer org University of Washington PLSE Group Medium Vendor pom developer org University of Waterloo Medium Vendor pom developer org URL http://uwaterloo.ca/ Medium Vendor pom developer org URL https://www.cs.washington.edu/ Medium Vendor pom developer org URL https://www.cs.washington.edu/research/plse/ Medium Vendor pom groupid org.checkerframework Highest Vendor pom name Checker Qual High Vendor pom url http://checkerframework.org Highest Product file name checker-compat-qual High Product jar package name checker Highest Product jar package name checkerframework Highest Product jar package name org Highest Product Manifest implementation-url http://checkerframework.org/ Low Product pom artifactid checker-compat-qual Highest Product pom developer email dbro@cs.washington.edu Low Product pom developer email jburke@cs.washington.edu Low Product pom developer email jthaine@cs.washington.edu Low Product pom developer email mcarthur@cs.washington.edu Low Product pom developer email mernst@cs.washington.edu Low Product pom developer email smillst@cs.washington.edu Low Product pom developer email wdietl@uwaterloo.ca Low Product pom developer id Dan Brown <dbro@cs.washington.edu< Low Product pom developer id David McArthur <mcarthur@cs.washington.edu< Low Product pom developer id Javier Thaine <jthaine@cs.washington.edu< Low Product pom developer id jonathangburke@gmail.com Low Product pom developer id Michael Ernst <mernst@cs.washington.edu> Low Product pom developer id Suzanne Millstein <smillst@cs.washington.edu> Low Product pom developer id wmdietl Low Product pom developer name Dan Brown Low Product pom developer name David McArthur Low Product pom developer name Jonathan G. Burke Low Product pom developer name Michael Ernst Low Product pom developer name Suzanne Millstein Low Product pom developer name Werner M. Dietl Low Product pom developer org University of Washington Low Product pom developer org University of Washington PLSE Group Low Product pom developer org University of Waterloo Low Product pom developer org URL http://uwaterloo.ca/ Low Product pom developer org URL https://www.cs.washington.edu/ Low Product pom developer org URL https://www.cs.washington.edu/research/plse/ Low Product pom groupid org.checkerframework Highest Product pom name Checker Qual High Product pom url http://checkerframework.org Medium Version file version 2.0.0 High Version Manifest Implementation-Version 2.0.0 High Version pom version 2.0.0 Highest
Description:
checker-qual contains annotations (type qualifiers) that a programmerwrites to specify Java code for type-checking by the Checker Framework. License:
The MIT License: http://opensource.org/licenses/MIT File Path: /home/runner/.m2/repository/org/checkerframework/checker-qual/3.49.5/checker-qual-3.49.5.jar
MD5: a6525c2747603fb3ec22d18c4adc7419
SHA1: f0d119b5a4adb4164e9d6fa9fd3ffa5d0e458963
SHA256: 508c83c62c344f6f7ee28f47b88a8797d6116d043bfd1ca0576c828dd1df2880
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:provided
checker-qual-3.49.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.reallifedeveloper/jdepend-maven-plugin@1.0.1
Evidence Type Source Name Value Confidence Vendor file name checker-qual High Vendor jar package name checker Highest Vendor jar package name checkerframework Highest Vendor jar package name framework Highest Vendor jar package name qual Highest Vendor Manifest bundle-symbolicname checker-qual Medium Vendor Manifest implementation-url https://checkerframework.org Low Vendor pom artifactid checker-qual Highest Vendor pom artifactid checker-qual Low Vendor pom developer email mernst@cs.washington.edu Low Vendor pom developer email smillst@cs.washington.edu Low Vendor pom developer id mernst Medium Vendor pom developer id smillst Medium Vendor pom developer name Michael Ernst Medium Vendor pom developer name Suzanne Millstein Medium Vendor pom developer org University of Washington Medium Vendor pom developer org URL https://www.cs.washington.edu/ Medium Vendor pom groupid org.checkerframework Highest Vendor pom name Checker Qual High Vendor pom url https://checkerframework.org/ Highest Product file name checker-qual High Product jar package name checker Highest Product jar package name checkerframework Highest Product jar package name framework Highest Product jar package name qual Highest Product Manifest Bundle-Name checker-qual Medium Product Manifest bundle-symbolicname checker-qual Medium Product Manifest implementation-url https://checkerframework.org Low Product pom artifactid checker-qual Highest Product pom developer email mernst@cs.washington.edu Low Product pom developer email smillst@cs.washington.edu Low Product pom developer id mernst Low Product pom developer id smillst Low Product pom developer name Michael Ernst Low Product pom developer name Suzanne Millstein Low Product pom developer org University of Washington Low Product pom developer org URL https://www.cs.washington.edu/ Low Product pom groupid org.checkerframework Highest Product pom name Checker Qual High Product pom url https://checkerframework.org/ Medium Version file version 3.49.5 High Version Manifest Bundle-Version 3.49.5 High Version Manifest Implementation-Version 3.49.5 High Version pom version 3.49.5 Highest
Description:
Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-beanutils/commons-beanutils/1.9.4/commons-beanutils-1.9.4.jar
MD5: 07dc532ee316fe1f2f0323e9bd2f8df4
SHA1: d52b9abcd97f38c81342bb7e7ae1eee9b73cba51
SHA256: 7d938c81789028045c08c065e94be75fc280527620d5bd62b519d5838532368a
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
commons-beanutils-1.9.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name commons-beanutils High Vendor jar package name apache Highest Vendor jar package name beanutils Highest Vendor jar package name commons Highest Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-beanutils/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-beanutils Medium Vendor Manifest implementation-build UNKNOWN_BRANCH@r??????; 2019-07-28 22:14:44+0000 Low Vendor Manifest implementation-url https://commons.apache.org/proper/commons-beanutils/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-beanutils Highest Vendor pom artifactid commons-beanutils Low Vendor pom developer email britter@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dion@apache.org Low Vendor pom developer email epugh@apache.org Low Vendor pom developer email geirm@apache.org Low Vendor pom developer email ggregory@apache.org Low Vendor pom developer email jcarman@apache.org Low Vendor pom developer email jconlon@apache.org Low Vendor pom developer email jstrachan@apache.org Low Vendor pom developer email morgand@apache.org Low Vendor pom developer email mvdb@apache.org Low Vendor pom developer email niallp@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer email scolebourne@apache.org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email stain@apache.org Low Vendor pom developer email tobrien@apache.org Low Vendor pom developer email yoavs@apache.org Low Vendor pom developer id britter Medium Vendor pom developer id chtompki Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dion Medium Vendor pom developer id epugh Medium Vendor pom developer id geirm Medium Vendor pom developer id ggregory Medium Vendor pom developer id jcarman Medium Vendor pom developer id jconlon Medium Vendor pom developer id jstrachan Medium Vendor pom developer id morgand Medium Vendor pom developer id mvdb Medium Vendor pom developer id niallp Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id scolebourne Medium Vendor pom developer id skitching Medium Vendor pom developer id stain Medium Vendor pom developer id tobrien Medium Vendor pom developer id yoavs Medium Vendor pom developer name Benedikt Ritter Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name David Eric Pugh Medium Vendor pom developer name Dion Gillard Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Geir Magnusson Jr. Medium Vendor pom developer name James Carman Medium Vendor pom developer name James Strachan Medium Vendor pom developer name John E. Conlon Medium Vendor pom developer name Martin van den Bemt Medium Vendor pom developer name Morgan James Delagrange Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer name Stian Soiland-Reyes Medium Vendor pom developer name Tim O'Brien Medium Vendor pom developer name Yoav Shapira Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom groupid commons-beanutils Highest Vendor pom name Apache Commons BeanUtils High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-beanutils/ Highest Product file name commons-beanutils High Product jar package name apache Highest Product jar package name beanutils Highest Product jar package name commons Highest Product Manifest bundle-docurl https://commons.apache.org/proper/commons-beanutils/ Low Product Manifest Bundle-Name Apache Commons BeanUtils Medium Product Manifest bundle-symbolicname org.apache.commons.commons-beanutils Medium Product Manifest implementation-build UNKNOWN_BRANCH@r??????; 2019-07-28 22:14:44+0000 Low Product Manifest Implementation-Title Apache Commons BeanUtils High Product Manifest implementation-url https://commons.apache.org/proper/commons-beanutils/ Low Product Manifest specification-title Apache Commons BeanUtils Medium Product pom artifactid commons-beanutils Highest Product pom developer email britter@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email craigmcc@apache.org Low Product pom developer email dion@apache.org Low Product pom developer email epugh@apache.org Low Product pom developer email geirm@apache.org Low Product pom developer email ggregory@apache.org Low Product pom developer email jcarman@apache.org Low Product pom developer email jconlon@apache.org Low Product pom developer email jstrachan@apache.org Low Product pom developer email morgand@apache.org Low Product pom developer email mvdb@apache.org Low Product pom developer email niallp@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer email scolebourne@apache.org Low Product pom developer email skitching@apache.org Low Product pom developer email stain@apache.org Low Product pom developer email tobrien@apache.org Low Product pom developer email yoavs@apache.org Low Product pom developer id britter Low Product pom developer id chtompki Low Product pom developer id craigmcc Low Product pom developer id dion Low Product pom developer id epugh Low Product pom developer id geirm Low Product pom developer id ggregory Low Product pom developer id jcarman Low Product pom developer id jconlon Low Product pom developer id jstrachan Low Product pom developer id morgand Low Product pom developer id mvdb Low Product pom developer id niallp Low Product pom developer id rdonkin Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id scolebourne Low Product pom developer id skitching Low Product pom developer id stain Low Product pom developer id tobrien Low Product pom developer id yoavs Low Product pom developer name Benedikt Ritter Low Product pom developer name Craig McClanahan Low Product pom developer name David Eric Pugh Low Product pom developer name Dion Gillard Low Product pom developer name Gary Gregory Low Product pom developer name Geir Magnusson Jr. Low Product pom developer name James Carman Low Product pom developer name James Strachan Low Product pom developer name John E. Conlon Low Product pom developer name Martin van den Bemt Low Product pom developer name Morgan James Delagrange Low Product pom developer name Niall Pemberton Low Product pom developer name Rob Tompkins Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Stephen Colebourne Low Product pom developer name Stian Soiland-Reyes Low Product pom developer name Tim O'Brien Low Product pom developer name Yoav Shapira Low Product pom developer org The Apache Software Foundation Low Product pom groupid commons-beanutils Highest Product pom name Apache Commons BeanUtils High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-beanutils/ Medium Version file version 1.9.4 High Version Manifest Bundle-Version 1.9.4 High Version Manifest Implementation-Version 1.9.4 High Version pom parent-version 1.9.4 Low Version pom version 1.9.4 Highest
CVE-2025-48734 suppress
Improper Access Control vulnerability in Apache Commons.
A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. However this protection was not enabled by default. PropertyUtilsBean (and consequently BeanUtilsBean) now disallows declared class level property access by default.
Releases 1.11.0 and 2.0.0-M2 address a potential security issue when accessing enum properties in an uncontrolled way. If an application using Commons BeanUtils passes property paths from an external source directly to the getProperty() method of PropertyUtilsBean, an attacker can access the enum’s class loader via the “declaredClass” property available on all Java “enum” objects. Accessing the enum’s “declaredClass” allows remote attackers to access the ClassLoader and execute arbitrary code. The same issue exists with PropertyUtilsBean.getNestedProperty().
Starting in versions 1.11.0 and 2.0.0-M2 a special BeanIntrospector suppresses the “declaredClass” property. Note that this new BeanIntrospector is enabled by default, but you can disable it to regain the old behavior; see section 2.5 of the user's guide and the unit tests.
This issue affects Apache Commons BeanUtils 1.x before 1.11.0, and 2.x before 2.0.0-M2.Users of the artifact commons-beanutils:commons-beanutils
1.x are recommended to upgrade to version 1.11.0, which fixes the issue.
Users of the artifact org.apache.commons:commons-beanutils2
2.x are recommended to upgrade to version 2.0.0-M2, which fixes the issue. CWE-284 Improper Access Control, NVD-CWE-Other
CVSSv3:
Base Score: HIGH (8.8) Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
Description:
The Apache Commons Codec component contains encoder and decoders for
various formats such as Base16, Base32, Base64, digest, and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-codec/commons-codec/1.16.1/commons-codec-1.16.1.jar
MD5: 6c5be822d8d3fa61c3b54c4c8978dfdc
SHA1: 47bd4d333fba53406f6c6c51884ddbca435c8862
SHA256: ec87bfb55f22cbd1b21e2190eeda28b2b312ed2a431ee49fbdcc01812d04a5e4
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
commons-codec-1.16.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name commons-codec High Vendor jar package name apache Highest Vendor jar package name codec Highest Vendor jar package name commons Highest Vendor jar package name digest Highest Vendor jar package name encoder Highest Vendor Manifest automatic-module-name org.apache.commons.codec Medium Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-codec/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-codec Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-codec Highest Vendor pom artifactid commons-codec Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email dgraham@apache.org Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email jon@collab.net Low Vendor pom developer email julius@apache.org Low Vendor pom developer email mattsicker@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@totalsync.com Low Vendor pom developer email tn@apache.org Low Vendor pom developer email tobrien@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id chtompki Medium Vendor pom developer id dgraham Medium Vendor pom developer id dlr Medium Vendor pom developer id ggregory Medium Vendor pom developer id jon Medium Vendor pom developer id julius Medium Vendor pom developer id mattsicker Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id tn Medium Vendor pom developer id tobrien Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name David Graham Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name Jon S. Stevens Medium Vendor pom developer name Julius Davies Medium Vendor pom developer name Matt Sicker Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer name Tim OBrien Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL http://juliusdavies.ca/ Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-codec Highest Vendor pom name Apache Commons Codec High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-codec/ Highest Product file name commons-codec High Product jar package name apache Highest Product jar package name codec Highest Product jar package name commons Highest Product jar package name digest Highest Product jar package name encoder Highest Product Manifest automatic-module-name org.apache.commons.codec Medium Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-codec/ Low Product Manifest Bundle-Name Apache Commons Codec Medium Product Manifest bundle-symbolicname org.apache.commons.commons-codec Medium Product Manifest Implementation-Title Apache Commons Codec High Product Manifest multi-release true Low Product Manifest specification-title Apache Commons Codec Medium Product pom artifactid commons-codec Highest Product pom developer email bayard@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email dgraham@apache.org Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email ggregory at apache.org Low Product pom developer email jon@collab.net Low Product pom developer email julius@apache.org Low Product pom developer email mattsicker@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@totalsync.com Low Product pom developer email tn@apache.org Low Product pom developer email tobrien@apache.org Low Product pom developer id bayard Low Product pom developer id chtompki Low Product pom developer id dgraham Low Product pom developer id dlr Low Product pom developer id ggregory Low Product pom developer id jon Low Product pom developer id julius Low Product pom developer id mattsicker Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id tn Low Product pom developer id tobrien Low Product pom developer name Daniel Rall Low Product pom developer name David Graham Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name Jon S. Stevens Low Product pom developer name Julius Davies Low Product pom developer name Matt Sicker Low Product pom developer name Rob Tompkins Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Thomas Neidhart Low Product pom developer name Tim OBrien Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL http://juliusdavies.ca/ Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-codec Highest Product pom name Apache Commons Codec High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-codec/ Medium Version file version 1.16.1 High Version Manifest Bundle-Version 1.16.1 High Version Manifest Implementation-Version 1.16.1 High Version pom parent-version 1.16.1 Low Version pom version 1.16.1 Highest
Description:
Types that extend and augment the Java Collections Framework. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-collections/commons-collections/3.2.2/commons-collections-3.2.2.jar
MD5: f54a8510f834a1a57166970bfc982e94
SHA1: 8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
SHA256: eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
commons-collections-3.2.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name commons-collections High Vendor jar package name apache Highest Vendor jar package name collections Highest Vendor jar package name commons Highest Vendor Manifest bundle-docurl http://commons.apache.org/collections/ Low Vendor Manifest bundle-symbolicname org.apache.commons.collections Medium Vendor Manifest implementation-build tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100 Low Vendor Manifest implementation-url http://commons.apache.org/collections/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-collections Highest Vendor pom artifactid commons-collections Low Vendor pom developer id amamment Medium Vendor pom developer id bayard Medium Vendor pom developer id craigmcc Medium Vendor pom developer id geirm Medium Vendor pom developer id jcarman Medium Vendor pom developer id matth Medium Vendor pom developer id morgand Medium Vendor pom developer id psteitz Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id scolebourne Medium Vendor pom developer name Arun M. Thomas Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name Geir Magnusson Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Carman Medium Vendor pom developer name Matthew Hawthorne Medium Vendor pom developer name Morgan Delagrange Medium Vendor pom developer name Phil Steitz Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom groupid commons-collections Highest Vendor pom name Apache Commons Collections High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/collections/ Highest Product file name commons-collections High Product jar package name apache Highest Product jar package name collections Highest Product jar package name commons Highest Product Manifest bundle-docurl http://commons.apache.org/collections/ Low Product Manifest Bundle-Name Apache Commons Collections Medium Product Manifest bundle-symbolicname org.apache.commons.collections Medium Product Manifest implementation-build tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100 Low Product Manifest Implementation-Title Apache Commons Collections High Product Manifest implementation-url http://commons.apache.org/collections/ Low Product Manifest specification-title Apache Commons Collections Medium Product pom artifactid commons-collections Highest Product pom developer id amamment Low Product pom developer id bayard Low Product pom developer id craigmcc Low Product pom developer id geirm Low Product pom developer id jcarman Low Product pom developer id matth Low Product pom developer id morgand Low Product pom developer id psteitz Low Product pom developer id rdonkin Low Product pom developer id rwaldhoff Low Product pom developer id scolebourne Low Product pom developer name Arun M. Thomas Low Product pom developer name Craig McClanahan Low Product pom developer name Geir Magnusson Low Product pom developer name Henri Yandell Low Product pom developer name James Carman Low Product pom developer name Matthew Hawthorne Low Product pom developer name Morgan Delagrange Low Product pom developer name Phil Steitz Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Stephen Colebourne Low Product pom groupid commons-collections Highest Product pom name Apache Commons Collections High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/collections/ Medium Version file version 3.2.2 High Version Manifest Bundle-Version 3.2.2 High Version Manifest Implementation-Version 3.2.2 High Version pom parent-version 3.2.2 Low Version pom version 3.2.2 Highest
Description:
Apache Commons Compress defines an API for working with
compression and archive formats. These include bzip2, gzip, pack200,
LZMA, XZ, Snappy, traditional Unix Compress, DEFLATE, DEFLATE64, LZ4,
Brotli, Zstandard and ar, cpio, jar, tar, zip, dump, 7z, arj.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/commons/commons-compress/1.26.1/commons-compress-1.26.1.jar
MD5: 7af7d22a7280508327d809b183114a92
SHA1: 44331c1130c370e726a2e1a3e6fba6d2558ef04a
SHA256: 27bb5d40f37c3bb7205b4a0540247df057715e9f6cbbd97d626ab8b50318bb04
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
commons-compress-1.26.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name commons-compress High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name compress Highest Vendor Manifest automatic-module-name org.apache.commons.compress Medium Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-compress/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-compress Medium Vendor Manifest extension-name org.apache.commons.compress Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest multi-release true Low Vendor Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-compress Highest Vendor pom artifactid commons-compress Low Vendor pom developer email bodewig at apache.org Low Vendor pom developer email chtompki at apache.org Low Vendor pom developer email damjan at apache.org Low Vendor pom developer email ebourg at apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email grobmeier at apache.org Low Vendor pom developer email julius at apache.org Low Vendor pom developer email peterlee at apache.org Low Vendor pom developer email sebb at apache.org Low Vendor pom developer email tcurdt at apache.org Low Vendor pom developer id bodewig Medium Vendor pom developer id chtompki Medium Vendor pom developer id damjan Medium Vendor pom developer id ebourg Medium Vendor pom developer id ggregory Medium Vendor pom developer id grobmeier Medium Vendor pom developer id julius Medium Vendor pom developer id peterlee Medium Vendor pom developer id sebb Medium Vendor pom developer id tcurdt Medium Vendor pom developer name Christian Grobmeier Medium Vendor pom developer name Damjan Jovanovic Medium Vendor pom developer name Emmanuel Bourg Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Julius Davies Medium Vendor pom developer name Peter Alfred Lee Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Sebastian Bazley Medium Vendor pom developer name Stefan Bodewig Medium Vendor pom developer name Torsten Curdt Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Compress High Vendor pom parent-artifactid commons-parent Low Vendor pom url https://commons.apache.org/proper/commons-compress/ Highest Product file name commons-compress High Product jar package name 9 Highest Product jar package name apache Highest Product jar package name commons Highest Product jar package name compress Highest Product Manifest automatic-module-name org.apache.commons.compress Medium Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-compress/ Low Product Manifest Bundle-Name Apache Commons Compress Medium Product Manifest bundle-symbolicname org.apache.commons.commons-compress Medium Product Manifest extension-name org.apache.commons.compress Medium Product Manifest Implementation-Title Apache Commons Compress High Product Manifest multi-release true Low Product Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Product Manifest specification-title Apache Commons Compress Medium Product pom artifactid commons-compress Highest Product pom developer email bodewig at apache.org Low Product pom developer email chtompki at apache.org Low Product pom developer email damjan at apache.org Low Product pom developer email ebourg at apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email grobmeier at apache.org Low Product pom developer email julius at apache.org Low Product pom developer email peterlee at apache.org Low Product pom developer email sebb at apache.org Low Product pom developer email tcurdt at apache.org Low Product pom developer id bodewig Low Product pom developer id chtompki Low Product pom developer id damjan Low Product pom developer id ebourg Low Product pom developer id ggregory Low Product pom developer id grobmeier Low Product pom developer id julius Low Product pom developer id peterlee Low Product pom developer id sebb Low Product pom developer id tcurdt Low Product pom developer name Christian Grobmeier Low Product pom developer name Damjan Jovanovic Low Product pom developer name Emmanuel Bourg Low Product pom developer name Gary Gregory Low Product pom developer name Julius Davies Low Product pom developer name Peter Alfred Lee Low Product pom developer name Rob Tompkins Low Product pom developer name Sebastian Bazley Low Product pom developer name Stefan Bodewig Low Product pom developer name Torsten Curdt Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Compress High Product pom parent-artifactid commons-parent Medium Product pom url https://commons.apache.org/proper/commons-compress/ Medium Version file version 1.26.1 High Version Manifest Bundle-Version 1.26.1 High Version Manifest Implementation-Version 1.26.1 High Version pom parent-version 1.26.1 Low Version pom version 1.26.1 Highest
Description:
The Apache Commons Digester package lets you configure an XML to Java
object mapping module which triggers certain actions called rules whenever
a particular pattern of nested XML elements is recognized.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/commons/commons-digester3/3.2/commons-digester3-3.2.jar
MD5: 41d2c62c7aedafa7a3627794abc83f71
SHA1: c3f68c5ff25ec5204470fd8fdf4cb8feff5e8a79
SHA256: 1c150e3d2df4b4237b47e28fea2079fb0da324578d5cca6a5fed2e37a62082ec
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
commons-digester3-3.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name commons-digester3 High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name digester Highest Vendor jar package name digester3 Highest Vendor jar package name rules Highest Vendor Manifest bundle-docurl http://commons.apache.org/digester/ Low Vendor Manifest bundle-symbolicname org.apache.commons.digester Medium Vendor Manifest implementation-build tags/DIGESTER3_3_2_RC2@r1212807; 2011-12-10 15:57:06+0100 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-digester3 Highest Vendor pom artifactid commons-digester3 Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email jfarcand@apache.org Low Vendor pom developer email jstrachan@apache.org Low Vendor pom developer email jvanzyl@apache.org Low Vendor pom developer email mbenson AT apache DOT org Low Vendor pom developer email rahul AT apache DOT org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email sanders@totalsync.com Low Vendor pom developer email simonetripodi AT apache DOT org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email tobrien@apache.org Low Vendor pom developer id craigmcc Medium Vendor pom developer id jfarcand Medium Vendor pom developer id jstrachan Medium Vendor pom developer id jvanzyl Medium Vendor pom developer id mbenson Medium Vendor pom developer id rahul Medium Vendor pom developer id rdonkin Medium Vendor pom developer id sanders Medium Vendor pom developer id simonetripodi Medium Vendor pom developer id skitching Medium Vendor pom developer id tobrien Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name James Strachan Medium Vendor pom developer name Jason van Zyl Medium Vendor pom developer name Jean-Francois Arcand Medium Vendor pom developer name Matt Benson Medium Vendor pom developer name Rahul Akolkar Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Simone Tripodi Medium Vendor pom developer name Tim OBrien Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Digester High Vendor pom parent-artifactid commons-parent Low Vendor pom url http://commons.apache.org/digester/ Highest Product file name commons-digester3 High Product jar package name apache Highest Product jar package name commons Highest Product jar package name digester Highest Product jar package name digester3 Highest Product jar package name rules Highest Product Manifest bundle-docurl http://commons.apache.org/digester/ Low Product Manifest Bundle-Name Apache Commons Digester Medium Product Manifest bundle-symbolicname org.apache.commons.digester Medium Product Manifest implementation-build tags/DIGESTER3_3_2_RC2@r1212807; 2011-12-10 15:57:06+0100 Low Product Manifest Implementation-Title Apache Commons Digester High Product Manifest specification-title Apache Commons Digester Medium Product pom artifactid commons-digester3 Highest Product pom developer email craigmcc@apache.org Low Product pom developer email jfarcand@apache.org Low Product pom developer email jstrachan@apache.org Low Product pom developer email jvanzyl@apache.org Low Product pom developer email mbenson AT apache DOT org Low Product pom developer email rahul AT apache DOT org Low Product pom developer email rdonkin@apache.org Low Product pom developer email sanders@totalsync.com Low Product pom developer email simonetripodi AT apache DOT org Low Product pom developer email skitching@apache.org Low Product pom developer email tobrien@apache.org Low Product pom developer id craigmcc Low Product pom developer id jfarcand Low Product pom developer id jstrachan Low Product pom developer id jvanzyl Low Product pom developer id mbenson Low Product pom developer id rahul Low Product pom developer id rdonkin Low Product pom developer id sanders Low Product pom developer id simonetripodi Low Product pom developer id skitching Low Product pom developer id tobrien Low Product pom developer name Craig McClanahan Low Product pom developer name James Strachan Low Product pom developer name Jason van Zyl Low Product pom developer name Jean-Francois Arcand Low Product pom developer name Matt Benson Low Product pom developer name Rahul Akolkar Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Simone Tripodi Low Product pom developer name Tim OBrien Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Digester High Product pom parent-artifactid commons-parent Medium Product pom url http://commons.apache.org/digester/ Medium Version file version 3.2 High Version Manifest Implementation-Version 3.2 High Version pom parent-version 3.2 Low Version pom version 3.2 Highest
Description:
The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-io/commons-io/2.11.0/commons-io-2.11.0.jar
MD5: 3b4b7ccfaeceeac240b804839ee1a1ca
SHA1: a2503f302b11ebde7ebc3df41daebe0e4eea3689
SHA256: 961b2f6d87dbacc5d54abf45ab7a6e2495f89b75598962d8c723cea9bc210908
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
commons-io-2.11.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name commons-io High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name file Highest Vendor jar package name io Highest Vendor Manifest automatic-module-name org.apache.commons.io Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-io/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-io Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-io Highest Vendor pom artifactid commons-io Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email dion@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email jeremias@apache.org Low Vendor pom developer email jochen.wiedmann@gmail.com Low Vendor pom developer email krosenvold@apache.org Low Vendor pom developer email martinc@apache.org Low Vendor pom developer email matth@apache.org Low Vendor pom developer email nicolaken@apache.org Low Vendor pom developer email roxspring@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id dion Medium Vendor pom developer id ggregory Medium Vendor pom developer id jeremias Medium Vendor pom developer id jochen Medium Vendor pom developer id jukka Medium Vendor pom developer id krosenvold Medium Vendor pom developer id martinc Medium Vendor pom developer id matth Medium Vendor pom developer id niallp Medium Vendor pom developer id nicolaken Medium Vendor pom developer id roxspring Medium Vendor pom developer id sanders Medium Vendor pom developer id scolebourne Medium Vendor pom developer name dIon Gillard Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name Jeremias Maerki Medium Vendor pom developer name Jochen Wiedmann Medium Vendor pom developer name Jukka Zitting Medium Vendor pom developer name Kristian Rosenvold Medium Vendor pom developer name Martin Cooper Medium Vendor pom developer name Matthew Hawthorne Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Nicola Ken Barozzi Medium Vendor pom developer name Rob Oxspring Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-io Highest Vendor pom name Apache Commons IO High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-io/ Highest Product file name commons-io High Product jar package name apache Highest Product jar package name commons Highest Product jar package name file Highest Product jar package name io Highest Product Manifest automatic-module-name org.apache.commons.io Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-io/ Low Product Manifest Bundle-Name Apache Commons IO Medium Product Manifest bundle-symbolicname org.apache.commons.commons-io Medium Product Manifest Implementation-Title Apache Commons IO High Product Manifest specification-title Apache Commons IO Medium Product pom artifactid commons-io Highest Product pom developer email bayard@apache.org Low Product pom developer email dion@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email jeremias@apache.org Low Product pom developer email jochen.wiedmann@gmail.com Low Product pom developer email krosenvold@apache.org Low Product pom developer email martinc@apache.org Low Product pom developer email matth@apache.org Low Product pom developer email nicolaken@apache.org Low Product pom developer email roxspring@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer id bayard Low Product pom developer id dion Low Product pom developer id ggregory Low Product pom developer id jeremias Low Product pom developer id jochen Low Product pom developer id jukka Low Product pom developer id krosenvold Low Product pom developer id martinc Low Product pom developer id matth Low Product pom developer id niallp Low Product pom developer id nicolaken Low Product pom developer id roxspring Low Product pom developer id sanders Low Product pom developer id scolebourne Low Product pom developer name dIon Gillard Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name Jeremias Maerki Low Product pom developer name Jochen Wiedmann Low Product pom developer name Jukka Zitting Low Product pom developer name Kristian Rosenvold Low Product pom developer name Martin Cooper Low Product pom developer name Matthew Hawthorne Low Product pom developer name Niall Pemberton Low Product pom developer name Nicola Ken Barozzi Low Product pom developer name Rob Oxspring Low Product pom developer name Scott Sanders Low Product pom developer name Stephen Colebourne Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-io Highest Product pom name Apache Commons IO High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-io/ Medium Version file version 2.11.0 High Version Manifest Bundle-Version 2.11.0 High Version Manifest Implementation-Version 2.11.0 High Version pom parent-version 2.11.0 Low Version pom version 2.11.0 Highest
CVE-2024-47554 suppress
Uncontrolled Resource Consumption vulnerability in Apache Commons IO.
The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.
This issue affects Apache Commons IO: from 2.0 before 2.14.0.
Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue. CWE-400 Uncontrolled Resource Consumption
CVSSv3:
Base Score: MEDIUM (4.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L/E:2.8/RC:R/MAV:A References:
Vulnerable Software & Versions: (show all )
Description:
Apache Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
The code is tested using the latest revision of the JDK for supported
LTS releases: 8, 11, 17 and 21 currently.
See https://github.com/apache/commons-lang/blob/master/.github/workflows/maven.yml
Please ensure your build environment is up-to-date and kindly report any build issues.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/commons/commons-lang3/3.18.0/commons-lang3-3.18.0.jar
MD5: 48b9886957920a4cdb602780ca345087
SHA1: fb14946f0e39748a6571de0635acbe44e7885491
SHA256: 4eeeae8d20c078abb64b015ec158add383ac581571cddc45c68f0c9ae0230720
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
commons-lang3-3.18.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven/maven-core@3.8.1
Evidence Type Source Name Value Confidence Vendor file name commons-lang3 High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name lang3 Highest Vendor Manifest automatic-module-name org.apache.commons.lang3 Medium Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-lang/ Low Vendor Manifest bundle-symbolicname org.apache.commons.lang3 Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-lang3 Highest Vendor pom artifactid commons-lang3 Low Vendor pom developer email bayard@apache.org Low Vendor pom developer email britter@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email djones@apache.org Low Vendor pom developer email dlr@finemaltcoding.com Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email jcarman@apache.org Low Vendor pom developer email joerg.schaible@gmx.de Low Vendor pom developer email lguibert@apache.org Low Vendor pom developer email oheger@apache.org Low Vendor pom developer email pbenedict@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email scolebourne@joda.org Low Vendor pom developer email stevencaswell@apache.org Low Vendor pom developer id bayard Medium Vendor pom developer id britter Medium Vendor pom developer id chtompki Medium Vendor pom developer id djones Medium Vendor pom developer id dlr Medium Vendor pom developer id fredrik Medium Vendor pom developer id ggregory Medium Vendor pom developer id jcarman Medium Vendor pom developer id joehni Medium Vendor pom developer id lguibert Medium Vendor pom developer id mbenson Medium Vendor pom developer id niallp Medium Vendor pom developer id oheger Medium Vendor pom developer id pbenedict Medium Vendor pom developer id rdonkin Medium Vendor pom developer id scaswell Medium Vendor pom developer id scolebourne Medium Vendor pom developer name Benedikt Ritter Medium Vendor pom developer name Daniel Rall Medium Vendor pom developer name Duncan Jones Medium Vendor pom developer name Fredrik Westermarck Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Henri Yandell Medium Vendor pom developer name James Carman Medium Vendor pom developer name Joerg Schaible Medium Vendor pom developer name Loic Guibert Medium Vendor pom developer name Matt Benson Medium Vendor pom developer name Niall Pemberton Medium Vendor pom developer name Oliver Heger Medium Vendor pom developer name Paul Benedict Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Stephen Colebourne Medium Vendor pom developer name Steven Caswell Medium Vendor pom developer org Carman Consulting, Inc. Medium Vendor pom developer org CollabNet, Inc. Medium Vendor pom developer org SITA ATS Ltd Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Lang High Vendor pom parent-artifactid commons-parent Low Vendor pom url https://commons.apache.org/proper/commons-lang/ Highest Product file name commons-lang3 High Product jar package name apache Highest Product jar package name commons Highest Product jar package name lang3 Highest Product Manifest automatic-module-name org.apache.commons.lang3 Medium Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-lang/ Low Product Manifest Bundle-Name Apache Commons Lang Medium Product Manifest bundle-symbolicname org.apache.commons.lang3 Medium Product Manifest Implementation-Title Apache Commons Lang High Product Manifest multi-release true Low Product Manifest specification-title Apache Commons Lang Medium Product pom artifactid commons-lang3 Highest Product pom developer email bayard@apache.org Low Product pom developer email britter@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email djones@apache.org Low Product pom developer email dlr@finemaltcoding.com Low Product pom developer email ggregory at apache.org Low Product pom developer email jcarman@apache.org Low Product pom developer email joerg.schaible@gmx.de Low Product pom developer email lguibert@apache.org Low Product pom developer email oheger@apache.org Low Product pom developer email pbenedict@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email scolebourne@joda.org Low Product pom developer email stevencaswell@apache.org Low Product pom developer id bayard Low Product pom developer id britter Low Product pom developer id chtompki Low Product pom developer id djones Low Product pom developer id dlr Low Product pom developer id fredrik Low Product pom developer id ggregory Low Product pom developer id jcarman Low Product pom developer id joehni Low Product pom developer id lguibert Low Product pom developer id mbenson Low Product pom developer id niallp Low Product pom developer id oheger Low Product pom developer id pbenedict Low Product pom developer id rdonkin Low Product pom developer id scaswell Low Product pom developer id scolebourne Low Product pom developer name Benedikt Ritter Low Product pom developer name Daniel Rall Low Product pom developer name Duncan Jones Low Product pom developer name Fredrik Westermarck Low Product pom developer name Gary Gregory Low Product pom developer name Henri Yandell Low Product pom developer name James Carman Low Product pom developer name Joerg Schaible Low Product pom developer name Loic Guibert Low Product pom developer name Matt Benson Low Product pom developer name Niall Pemberton Low Product pom developer name Oliver Heger Low Product pom developer name Paul Benedict Low Product pom developer name Rob Tompkins Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Stephen Colebourne Low Product pom developer name Steven Caswell Low Product pom developer org Carman Consulting, Inc. Low Product pom developer org CollabNet, Inc. Low Product pom developer org SITA ATS Ltd Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Lang High Product pom parent-artifactid commons-parent Medium Product pom url https://commons.apache.org/proper/commons-lang/ Medium Version file version 3.18.0 High Version Manifest Bundle-Version 3.18.0 High Version Manifest Implementation-Version 3.18.0 High Version pom parent-version 3.18.0 Low Version pom version 3.18.0 Highest
Description:
Apache Commons Logging is a thin adapter allowing configurable bridging to other,
well known logging systems. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-logging/commons-logging/1.2/commons-logging-1.2.jar
MD5: 040b4b4d8eac886f6b4a2a3bd2f31b00
SHA1: 4bfc12adfe4842bf07b657f0369c4cb522955686
SHA256: daddea1ea0be0f56978ab3006b8ac92834afeefbd9b7e4e6316fca57df0fa636
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
commons-logging-1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name commons-logging High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name logging Highest Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-logging/ Low Vendor Manifest bundle-symbolicname org.apache.commons.logging Medium Vendor Manifest implementation-build tags/LOGGING_1_2_RC2@r1608092; 2014-07-05 20:11:44+0200 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-logging Highest Vendor pom artifactid commons-logging Low Vendor pom developer email baliuka@apache.org Low Vendor pom developer email costin@apache.org Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dennisl@apache.org Low Vendor pom developer email donaldp@apache.org Low Vendor pom developer email morgand@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email rsitze@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email tn@apache.org Low Vendor pom developer id baliuka Medium Vendor pom developer id bstansberry Medium Vendor pom developer id costin Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dennisl Medium Vendor pom developer id donaldp Medium Vendor pom developer id morgand Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rsitze Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id skitching Medium Vendor pom developer id tn Medium Vendor pom developer name Brian Stansberry Medium Vendor pom developer name Costin Manolache Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name Dennis Lundberg Medium Vendor pom developer name Juozas Baliuka Medium Vendor pom developer name Morgan Delagrange Medium Vendor pom developer name Peter Donald Medium Vendor pom developer name Richard Sitze Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer org Apache Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom groupid commons-logging Highest Vendor pom name Apache Commons Logging High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/proper/commons-logging/ Highest Product file name commons-logging High Product jar package name apache Highest Product jar package name commons Highest Product jar package name logging Highest Product Manifest bundle-docurl http://commons.apache.org/proper/commons-logging/ Low Product Manifest Bundle-Name Apache Commons Logging Medium Product Manifest bundle-symbolicname org.apache.commons.logging Medium Product Manifest implementation-build tags/LOGGING_1_2_RC2@r1608092; 2014-07-05 20:11:44+0200 Low Product Manifest Implementation-Title Apache Commons Logging High Product Manifest specification-title Apache Commons Logging Medium Product pom artifactid commons-logging Highest Product pom developer email baliuka@apache.org Low Product pom developer email costin@apache.org Low Product pom developer email craigmcc@apache.org Low Product pom developer email dennisl@apache.org Low Product pom developer email donaldp@apache.org Low Product pom developer email morgand@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email rsitze@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer email skitching@apache.org Low Product pom developer email tn@apache.org Low Product pom developer id baliuka Low Product pom developer id bstansberry Low Product pom developer id costin Low Product pom developer id craigmcc Low Product pom developer id dennisl Low Product pom developer id donaldp Low Product pom developer id morgand Low Product pom developer id rdonkin Low Product pom developer id rsitze Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id skitching Low Product pom developer id tn Low Product pom developer name Brian Stansberry Low Product pom developer name Costin Manolache Low Product pom developer name Craig McClanahan Low Product pom developer name Dennis Lundberg Low Product pom developer name Juozas Baliuka Low Product pom developer name Morgan Delagrange Low Product pom developer name Peter Donald Low Product pom developer name Richard Sitze Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Thomas Neidhart Low Product pom developer org Apache Low Product pom developer org The Apache Software Foundation Low Product pom groupid commons-logging Highest Product pom name Apache Commons Logging High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/proper/commons-logging/ Medium Version file version 1.2 High Version Manifest Implementation-Version 1.2 High Version pom parent-version 1.2 Low Version pom version 1.2 Highest
Description:
Apache Commons Text is a set of utility functions and reusable components for the purpose of processing
and manipulating text that should be of use in a Java environment.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/commons/commons-text/1.12.0/commons-text-1.12.0.jar
MD5: 544add6fbc8d4b100b07c3692d08099e
SHA1: 66aa90dc099701c4d3b14bd256c328f592ccf0d6
SHA256: de023257ff166044a56bd1aa9124e843cd05dac5806cc705a9311f3556d5a15f
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
commons-text-1.12.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name commons-text High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name text Highest Vendor Manifest automatic-module-name org.apache.commons.text Medium Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-text Low Vendor Manifest bundle-symbolicname org.apache.commons.text Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-text Highest Vendor pom artifactid commons-text Low Vendor pom developer email britter@apache.org Low Vendor pom developer email chtompki@apache.org Low Vendor pom developer email djones@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email kinow@apache.org Low Vendor pom developer id britter Medium Vendor pom developer id chtompki Medium Vendor pom developer id djones Medium Vendor pom developer id ggregory Medium Vendor pom developer id kinow Medium Vendor pom developer name Benedikt Ritter Medium Vendor pom developer name Bruno P. Kinoshita Medium Vendor pom developer name Duncan Jones Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Rob Tompkins Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid org.apache.commons Highest Vendor pom name Apache Commons Text High Vendor pom parent-artifactid commons-parent Low Vendor pom url https://commons.apache.org/proper/commons-text Highest Product file name commons-text High Product jar package name apache Highest Product jar package name commons Highest Product jar package name text Highest Product Manifest automatic-module-name org.apache.commons.text Medium Product Manifest build-jdk-spec 17 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-text Low Product Manifest Bundle-Name Apache Commons Text Medium Product Manifest bundle-symbolicname org.apache.commons.text Medium Product Manifest Implementation-Title Apache Commons Text High Product Manifest multi-release true Low Product Manifest specification-title Apache Commons Text Medium Product pom artifactid commons-text Highest Product pom developer email britter@apache.org Low Product pom developer email chtompki@apache.org Low Product pom developer email djones@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email kinow@apache.org Low Product pom developer id britter Low Product pom developer id chtompki Low Product pom developer id djones Low Product pom developer id ggregory Low Product pom developer id kinow Low Product pom developer name Benedikt Ritter Low Product pom developer name Bruno P. Kinoshita Low Product pom developer name Duncan Jones Low Product pom developer name Gary Gregory Low Product pom developer name Rob Tompkins Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid org.apache.commons Highest Product pom name Apache Commons Text High Product pom parent-artifactid commons-parent Medium Product pom url https://commons.apache.org/proper/commons-text Medium Version file version 1.12.0 High Version Manifest Bundle-Version 1.12.0 High Version Manifest Implementation-Version 1.12.0 High Version pom parent-version 1.12.0 Low Version pom version 1.12.0 Highest
Description:
Doxia core classes and interfaces. File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-core/2.0.0/doxia-core-2.0.0.jarMD5: c0fb5fa304380a070a896e79a62b6932SHA1: 6b8dd422ff321fdbf32a0196b85cce3d63cfe68cSHA256: 939183cf5ced6741745b2475a4adf78ca85885ee0dad6dae28dd3f25bd447ff3Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compiledoxia-core-2.0.0.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name doxia-core High Vendor jar package name apache Highest Vendor jar package name doxia Highest Vendor jar package name maven Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid doxia-core Highest Vendor pom artifactid doxia-core Low Vendor pom groupid org.apache.maven.doxia Highest Vendor pom name Doxia :: Core High Vendor pom parent-artifactid doxia Low Product file name doxia-core High Product jar package name apache Highest Product jar package name doxia Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Doxia :: Core High Product Manifest specification-title Doxia :: Core Medium Product pom artifactid doxia-core Highest Product pom groupid org.apache.maven.doxia Highest Product pom name Doxia :: Core High Product pom parent-artifactid doxia Medium Version file version 2.0.0 High Version Manifest Implementation-Version 2.0.0 High Version pom version 2.0.0 Highest
Description:
A collection of tools to help the integration of Doxia Sitetools in Maven plugins. File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-integration-tools/2.0.0/doxia-integration-tools-2.0.0.jarMD5: b8e18118b11a20e0ddc66b235989682eSHA1: ce08d289ed826416983860fb2adced6dd7ade550SHA256: 4aee72f9b30b507964c2f52b63f70e7b41fb9d957359cb5dc13c428abb4b6189Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compiledoxia-integration-tools-2.0.0.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name doxia-integration-tools High Vendor jar package name apache Highest Vendor jar package name doxia Highest Vendor jar package name maven Highest Vendor jar package name tools Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid doxia-integration-tools Highest Vendor pom artifactid doxia-integration-tools Low Vendor pom groupid org.apache.maven.doxia Highest Vendor pom name Doxia Sitetools :: Integration Tools High Vendor pom parent-artifactid doxia-sitetools Low Product file name doxia-integration-tools High Product jar package name apache Highest Product jar package name doxia Highest Product jar package name maven Highest Product jar package name tools Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Doxia Sitetools :: Integration Tools High Product Manifest specification-title Doxia Sitetools :: Integration Tools Medium Product pom artifactid doxia-integration-tools Highest Product pom groupid org.apache.maven.doxia Highest Product pom name Doxia Sitetools :: Integration Tools High Product pom parent-artifactid doxia-sitetools Medium Version file version 2.0.0 High Version Manifest Implementation-Version 2.0.0 High Version pom version 2.0.0 Highest
Description:
A Doxia module for Almost Plain Text source documents.
APT format is supported both as source and target formats. File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-module-apt/2.0.0/doxia-module-apt-2.0.0.jarMD5: f6613830c1f558b909b32d3e3e271911SHA1: 0505b4e8d57eb3f8c3d66adcca85ce09311742baSHA256: f4a846c448ca85358279184a310f6ee3f46fa39688f74a72961c1bfe222f28a6Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:runtimedoxia-module-apt-2.0.0.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name doxia-module-apt High Vendor jar package name apache Highest Vendor jar package name doxia Highest Vendor jar package name maven Highest Vendor jar package name module Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid doxia-module-apt Highest Vendor pom artifactid doxia-module-apt Low Vendor pom groupid org.apache.maven.doxia Highest Vendor pom name Doxia :: APT Module High Vendor pom parent-artifactid doxia-modules Low Product file name doxia-module-apt High Product jar package name apache Highest Product jar package name doxia Highest Product jar package name maven Highest Product jar package name module Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Doxia :: APT Module High Product Manifest specification-title Doxia :: APT Module Medium Product pom artifactid doxia-module-apt Highest Product pom groupid org.apache.maven.doxia Highest Product pom name Doxia :: APT Module High Product pom parent-artifactid doxia-modules Medium Version file version 2.0.0 High Version Manifest Implementation-Version 2.0.0 High Version pom version 2.0.0 Highest
Description:
A Doxia module for Xdoc source documents.
Xdoc format is supported both as source and target formats. File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-module-xdoc/2.0.0/doxia-module-xdoc-2.0.0.jarMD5: dd12065dc641017da7006cb39f0490e5SHA1: fe3a51c0226cb7cdfdcc97b73681f6ee80fad72cSHA256: 7956aca14f8adbc48bac86b218701dd44cc990063a69edbfca363b105994a474Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:runtimedoxia-module-xdoc-2.0.0.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name doxia-module-xdoc High Vendor jar package name apache Highest Vendor jar package name doxia Highest Vendor jar package name maven Highest Vendor jar package name module Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid doxia-module-xdoc Highest Vendor pom artifactid doxia-module-xdoc Low Vendor pom groupid org.apache.maven.doxia Highest Vendor pom name Doxia :: XDoc Module High Vendor pom parent-artifactid doxia-modules Low Product file name doxia-module-xdoc High Product jar package name apache Highest Product jar package name doxia Highest Product jar package name maven Highest Product jar package name module Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Doxia :: XDoc Module High Product Manifest specification-title Doxia :: XDoc Module Medium Product pom artifactid doxia-module-xdoc Highest Product pom groupid org.apache.maven.doxia Highest Product pom name Doxia :: XDoc Module High Product pom parent-artifactid doxia-modules Medium Version file version 2.0.0 High Version Manifest Implementation-Version 2.0.0 High Version pom version 2.0.0 Highest
Description:
A Doxia module for Xhtml5 source documents.
Xhtml5 format is supported both as source and target formats. File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-module-xhtml5/2.0.0/doxia-module-xhtml5-2.0.0.jarMD5: 2369dd687d9b13d115157299d09ca7d4SHA1: 15fbcfe42e0a50eb33adbc061c9b4db84ec0470eSHA256: c91557679a0eb9fde3175055628ceb7b8fd5ab6d308340770d236fb06265dc26Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compiledoxia-module-xhtml5-2.0.0.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name doxia-module-xhtml5 High Vendor jar package name apache Highest Vendor jar package name doxia Highest Vendor jar package name maven Highest Vendor jar package name module Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid doxia-module-xhtml5 Highest Vendor pom artifactid doxia-module-xhtml5 Low Vendor pom groupid org.apache.maven.doxia Highest Vendor pom name Doxia :: XHTML5 Module High Vendor pom parent-artifactid doxia-modules Low Product file name doxia-module-xhtml5 High Product jar package name apache Highest Product jar package name doxia Highest Product jar package name maven Highest Product jar package name module Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Doxia :: XHTML5 Module High Product Manifest specification-title Doxia :: XHTML5 Module Medium Product pom artifactid doxia-module-xhtml5 Highest Product pom groupid org.apache.maven.doxia Highest Product pom name Doxia :: XHTML5 Module High Product pom parent-artifactid doxia-modules Medium Version file version 2.0.0 High Version Manifest Implementation-Version 2.0.0 High Version pom version 2.0.0 Highest
Description:
Doxia Sink API. File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-sink-api/2.0.0/doxia-sink-api-2.0.0.jarMD5: 0ac989158733a584c6b82e6ab1edc8ecSHA1: d767d78857c1fb3cbd21ae3a7870894476ecb0fcSHA256: fba33eaee3b01547bcd14b05ebc37f7dacef1819ad9ee7a5b27899afd3472cf4Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compiledoxia-sink-api-2.0.0.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name doxia-sink-api High Vendor jar package name apache Highest Vendor jar package name doxia Highest Vendor jar package name maven Highest Vendor jar package name sink Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid doxia-sink-api Highest Vendor pom artifactid doxia-sink-api Low Vendor pom groupid org.apache.maven.doxia Highest Vendor pom name Doxia :: Sink API High Vendor pom parent-artifactid doxia Low Product file name doxia-sink-api High Product jar package name apache Highest Product jar package name doxia Highest Product jar package name maven Highest Product jar package name sink Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Doxia :: Sink API High Product Manifest specification-title Doxia :: Sink API Medium Product pom artifactid doxia-sink-api Highest Product pom groupid org.apache.maven.doxia Highest Product pom name Doxia :: Sink API High Product pom parent-artifactid doxia Medium Version file version 2.0.0 High Version Manifest Implementation-Version 2.0.0 High Version pom version 2.0.0 Highest
Description:
The Site Model handles the descriptor for sites, also known as site.xml. File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-site-model/2.0.0/doxia-site-model-2.0.0.jarMD5: 4da689094c6e4a2d6457d21ce959ac42SHA1: 6a43c5b58b9acbf789618efdda23d5cb9fb0981fSHA256: f6ec9ef75a41d1b826e5ecf02d92c5de90a6bc70ea93d5340988703223bf2205Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compiledoxia-site-model-2.0.0.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name doxia-site-model High Vendor jar package name apache Highest Vendor jar package name doxia Highest Vendor jar package name maven Highest Vendor jar package name site Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid doxia-site-model Highest Vendor pom artifactid doxia-site-model Low Vendor pom groupid org.apache.maven.doxia Highest Vendor pom name Doxia Sitetools :: Site Model High Vendor pom parent-artifactid doxia-sitetools Low Product file name doxia-site-model High Product jar package name apache Highest Product jar package name doxia Highest Product jar package name maven Highest Product jar package name site Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Doxia Sitetools :: Site Model High Product Manifest specification-title Doxia Sitetools :: Site Model Medium Product pom artifactid doxia-site-model Highest Product pom groupid org.apache.maven.doxia Highest Product pom name Doxia Sitetools :: Site Model High Product pom parent-artifactid doxia-sitetools Medium Version file version 2.0.0 High Version Manifest Implementation-Version 2.0.0 High Version pom version 2.0.0 Highest
Description:
The Site Renderer handles the rendering of sites, merging site model with document content. File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-site-renderer/2.0.0/doxia-site-renderer-2.0.0.jarMD5: 0af057ade4d5bc3b41a06cf1100bbd93SHA1: b68214ec1d3250a4594f598f054977d961e66ac8SHA256: 6cdee370194f4b9f742d12ef46528042f480d9bdf3de832de2792e1ae9ffc68dReferenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compiledoxia-site-renderer-2.0.0.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name doxia-site-renderer High Vendor jar package name apache Highest Vendor jar package name doxia Highest Vendor jar package name maven Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid doxia-site-renderer Highest Vendor pom artifactid doxia-site-renderer Low Vendor pom groupid org.apache.maven.doxia Highest Vendor pom name Doxia Sitetools :: Site Renderer High Vendor pom parent-artifactid doxia-sitetools Low Product file name doxia-site-renderer High Product jar package name apache Highest Product jar package name doxia Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Doxia Sitetools :: Site Renderer High Product Manifest specification-title Doxia Sitetools :: Site Renderer Medium Product pom artifactid doxia-site-renderer Highest Product pom groupid org.apache.maven.doxia Highest Product pom name Doxia Sitetools :: Site Renderer High Product pom parent-artifactid doxia-sitetools Medium Version file version 2.0.0 High Version Manifest Implementation-Version 2.0.0 High Version pom version 2.0.0 Highest
Description:
The Skin Model defines metadata for Doxia Sitetools skins. File Path: /home/runner/.m2/repository/org/apache/maven/doxia/doxia-skin-model/2.0.0/doxia-skin-model-2.0.0.jarMD5: 9daee5a484a8a9cb32b2fe6cfea42531SHA1: 86913a4d7f1acbf26d426c97adecb18e21938ebfSHA256: 3ced0d90353f49e8eb1458f54664b93ec117d79b9789a576da41e2f6f99723e0Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compiledoxia-skin-model-2.0.0.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name doxia-skin-model High Vendor jar package name apache Highest Vendor jar package name doxia Highest Vendor jar package name maven Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid doxia-skin-model Highest Vendor pom artifactid doxia-skin-model Low Vendor pom groupid org.apache.maven.doxia Highest Vendor pom name Doxia Sitetools :: Skin Model High Vendor pom parent-artifactid doxia-sitetools Low Product file name doxia-skin-model High Product jar package name apache Highest Product jar package name doxia Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Doxia Sitetools :: Skin Model High Product Manifest specification-title Doxia Sitetools :: Skin Model Medium Product pom artifactid doxia-skin-model Highest Product pom groupid org.apache.maven.doxia Highest Product pom name Doxia Sitetools :: Skin Model High Product pom parent-artifactid doxia-sitetools Medium Version file version 2.0.0 High Version Manifest Implementation-Version 2.0.0 High Version pom version 2.0.0 Highest
License:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/errorprone/error_prone_annotations/2.1.3/error_prone_annotations-2.1.3.jar
MD5: 97504b36cf871722d81a4b9e114f2a16
SHA1: 39b109f2cd352b2d71b52a3b5a1a9850e1dc304b
SHA256: 03d0329547c13da9e17c634d1049ea2ead093925e290567e1a364fd6b1fc7ff8
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:provided
error_prone_annotations-2.1.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven/maven-core@3.8.1
Evidence Type Source Name Value Confidence Vendor file name error_prone_annotations High Vendor jar package name annotations Highest Vendor jar package name annotations Low Vendor jar package name errorprone Highest Vendor jar package name errorprone Low Vendor jar package name google Highest Vendor jar package name google Low Vendor pom artifactid error_prone_annotations Highest Vendor pom artifactid error_prone_annotations Low Vendor pom groupid com.google.errorprone Highest Vendor pom name error-prone annotations High Vendor pom parent-artifactid error_prone_parent Low Product file name error_prone_annotations High Product jar package name annotations Highest Product jar package name annotations Low Product jar package name errorprone Highest Product jar package name errorprone Low Product jar package name google Highest Product pom artifactid error_prone_annotations Highest Product pom groupid com.google.errorprone Highest Product pom name error-prone annotations High Product pom parent-artifactid error_prone_parent Medium Version file version 2.1.3 High Version pom version 2.1.3 Highest
Description:
Guava is a suite of core and expanded libraries that include
utility classes, google's collections, io classes, and much
much more.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/guava/guava/25.1-android/guava-25.1-android.jar
MD5: b506eaec680c6d92d5f063fa1d57956d
SHA1: bdaab946ca5ad20253502d873ba0c3313d141036
SHA256: f7b8f8fed176b9cf6831b98cb07320d7fbe91d99b29999f752c3821dfe45bdc8
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:provided
guava-25.1-android.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven/maven-core@3.8.1
Evidence Type Source Name Value Confidence Vendor file name guava High Vendor jar package name common Highest Vendor jar package name google Highest Vendor Manifest automatic-module-name com.google.common Medium Vendor Manifest bundle-docurl https://github.com/google/guava/ Low Vendor Manifest bundle-symbolicname com.google.guava Medium Vendor pom artifactid guava Highest Vendor pom artifactid guava Low Vendor pom groupid com.google.guava Highest Vendor pom name Guava: Google Core Libraries for Java High Vendor pom parent-artifactid guava-parent Low Product file name guava High Product jar package name common Highest Product jar package name google Highest Product Manifest automatic-module-name com.google.common Medium Product Manifest bundle-docurl https://github.com/google/guava/ Low Product Manifest Bundle-Name Guava: Google Core Libraries for Java Medium Product Manifest bundle-symbolicname com.google.guava Medium Product pom artifactid guava Highest Product pom groupid com.google.guava Highest Product pom name Guava: Google Core Libraries for Java High Product pom parent-artifactid guava-parent Medium Version pom version 25.1-android Highest
CVE-2023-2976 suppress
Use of Java's default temporary directory for file creation in `FileBackedOutputStream` in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class.
Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows. CWE-552 Files or Directories Accessible to External Parties
CVSSv3:
Base Score: HIGH (7.1) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:1.8/RC:R/MAV:A References:
Vulnerable Software & Versions:
CVE-2020-8908 suppress
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
CWE-378 Creation of Temporary File With Insecure Permissions, CWE-732 Incorrect Permission Assignment for Critical Resource
CVSSv3:
Base Score: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:1.8/RC:R/MAV:A CVSSv2:
Base Score: LOW (2.1) Vector: /AV:L/AC:L/Au:N/C:P/I:N/A:N References:
OSSINDEX - [CVE-2020-8908] CWE-379: Creation of Temporary File in Directory with Incorrect Permissions OSSIndex - https://github.com/google/guava/issues/4011 af854a3a-2127-422b-91ae-364da2661108 - EXPLOIT,PATCH,THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - ISSUE_TRACKING,PATCH,THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - PATCH,THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - PATCH,THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - PATCH,THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - PATCH,THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - PATCH,THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY af854a3a-2127-422b-91ae-364da2661108 - THIRD_PARTY_ADVISORY cve-coordination@google.com - EXPLOIT,PATCH,THIRD_PARTY_ADVISORY cve-coordination@google.com - ISSUE_TRACKING,PATCH,THIRD_PARTY_ADVISORY cve-coordination@google.com - PATCH,THIRD_PARTY_ADVISORY cve-coordination@google.com - PATCH,THIRD_PARTY_ADVISORY cve-coordination@google.com - PATCH,THIRD_PARTY_ADVISORY cve-coordination@google.com - PATCH,THIRD_PARTY_ADVISORY cve-coordination@google.com - PATCH,THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY cve-coordination@google.com - THIRD_PARTY_ADVISORY Vulnerable Software & Versions: (show all )
Description:
Guice is a lightweight dependency injection framework for Java 6 and above License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/inject/guice/4.2.1/guice-4.2.1-no_aop.jar
MD5: 57c18dbf01a6ef7fa4da3fb594cd243e
SHA1: 41e5ab52ec65e60b6c0ced947becf7ba96402645
SHA256: 158fd8f52d2a4b4ce4293ac2b833bb2427f5ddfe30df4ae0fd4675a1038a3b79
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:provided
guice-4.2.1-no_aop.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven/maven-core@3.8.1
Evidence Type Source Name Value Confidence Vendor file name guice High Vendor jar package name google Highest Vendor jar package name google Low Vendor jar package name guice Highest Vendor jar package name inject Highest Vendor jar package name inject Low Vendor jar package name internal Low Vendor Manifest automatic-module-name com.google.guice Medium Vendor Manifest bundle-copyright Copyright (C) 2006 Google Inc. Low Vendor Manifest bundle-docurl https://github.com/google/guice Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Vendor Manifest bundle-symbolicname com.google.inject Medium Vendor Manifest eclipse-extensibleapi true Low Vendor pom artifactid guice Highest Vendor pom groupid com.google.inject Highest Product file name guice High Product jar package name dependency Highest Product jar package name google Highest Product jar package name guice Highest Product jar package name inject Highest Product jar package name inject Low Product jar package name internal Low Product Manifest automatic-module-name com.google.guice Medium Product Manifest bundle-copyright Copyright (C) 2006 Google Inc. Low Product Manifest bundle-docurl https://github.com/google/guice Low Product Manifest Bundle-Name guice Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Product Manifest bundle-symbolicname com.google.inject Medium Product Manifest eclipse-extensibleapi true Low Product pom artifactid guice Highest Version file version 4.2.1 High Version pom version 4.2.1 Highest
Description:
istack common utility code License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /home/runner/.m2/repository/com/sun/istack/istack-commons-runtime/4.1.2/istack-commons-runtime-4.1.2.jar
MD5: 535154ef647af2a52478c4debec93659
SHA1: 18ec117c85f3ba0ac65409136afa8e42bc74e739
SHA256: 7fd6792361f4dd00f8c56af4a20cecc0066deea4a8f3dec38348af23fc2296ee
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
istack-commons-runtime-4.1.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.glassfish.jaxb/jaxb-runtime@4.0.5
Evidence Type Source Name Value Confidence Vendor file name istack-commons-runtime High Vendor jar package name istack Highest Vendor jar package name sun Highest Vendor jar (hint) package name oracle Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname com.sun.istack.commons-runtime Medium Vendor Manifest implementation-build-id 4.1.2 - 343a28e Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id com.sun.istack Medium Vendor pom artifactid istack-commons-runtime Highest Vendor pom artifactid istack-commons-runtime Low Vendor pom groupid com.sun.istack Highest Vendor pom name istack common utility code runtime High Vendor pom parent-artifactid istack-commons Low Product file name istack-commons-runtime High Product jar package name istack Highest Product jar package name sun Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name istack common utility code runtime Medium Product Manifest bundle-symbolicname com.sun.istack.commons-runtime Medium Product Manifest implementation-build-id 4.1.2 - 343a28e Low Product pom artifactid istack-commons-runtime Highest Product pom groupid com.sun.istack Highest Product pom name istack common utility code runtime High Product pom parent-artifactid istack-commons Medium Version file version 4.1.2 High Version Manifest Bundle-Version 4.1.2 High Version Manifest implementation-build-id 4.1.2 Low Version pom version 4.1.2 Highest
Description:
A set of annotations that provide additional information to the J2ObjC
translator to modify the result of translation.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/j2objc/j2objc-annotations/1.1/j2objc-annotations-1.1.jar
MD5: 49ae3204bb0bb9b2ac77062641f4a6d7
SHA1: ed28ded51a8b1c6b112568def5f4b455e6809019
SHA256: 2994a7eb78f2710bd3d3bfb639b2c94e219cedac0d4d084d516e78c16dddecf6
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:provided
j2objc-annotations-1.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven/maven-core@3.8.1
Evidence Type Source Name Value Confidence Vendor file name j2objc-annotations High Vendor jar package name annotations Highest Vendor jar package name annotations Low Vendor jar package name google Highest Vendor jar package name google Low Vendor jar package name j2objc Highest Vendor jar package name j2objc Low Vendor pom artifactid j2objc-annotations Highest Vendor pom artifactid j2objc-annotations Low Vendor pom groupid com.google.j2objc Highest Vendor pom name J2ObjC Annotations High Vendor pom url google/j2objc/ Highest Product file name j2objc-annotations High Product jar package name annotations Highest Product jar package name annotations Low Product jar package name google Highest Product jar package name j2objc Highest Product jar package name j2objc Low Product pom artifactid j2objc-annotations Highest Product pom groupid com.google.j2objc Highest Product pom name J2ObjC Annotations High Product pom url google/j2objc/ High Version file version 1.1 High Version pom version 1.1 Highest
Description:
Specification License:
EDL 1.0: http://www.eclipse.org/org/documents/edl-v10.php File Path: /home/runner/.m2/repository/jakarta/activation/jakarta.activation-api/2.1.3/jakarta.activation-api-2.1.3.jar
MD5: 76e7b680375ea9f40f3ddbd702efcd25
SHA1: fa165bd70cda600368eee31555222776a46b881f
SHA256: 01b176d718a169263e78290691fc479977186bcc6b333487325084d6586f4627
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
jakarta.activation-api-2.1.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.glassfish.jaxb/jaxb-runtime@4.0.5
Evidence Type Source Name Value Confidence Vendor file name jakarta.activation-api High Vendor jar package name activation Highest Vendor jar package name jakarta Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname jakarta.activation-api Medium Vendor Manifest extension-name jakarta.activation Medium Vendor Manifest implementation-build-id 7f7d358 Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid jakarta.activation-api Highest Vendor pom artifactid jakarta.activation-api Low Vendor pom developer email bill.shannon@oracle.com Low Vendor pom developer id shannon Medium Vendor pom developer name Bill Shannon Medium Vendor pom developer org Oracle Medium Vendor pom groupid jakarta.activation Highest Vendor pom name Jakarta Activation API High Vendor pom parent-artifactid project Low Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor pom url jakartaee/jaf-api Highest Vendor pom (hint) developer org sun Medium Product file name jakarta.activation-api High Product jar package name activation Highest Product jar package name jakarta Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Jakarta Activation API Medium Product Manifest bundle-symbolicname jakarta.activation-api Medium Product Manifest extension-name jakarta.activation Medium Product Manifest implementation-build-id 7f7d358 Low Product Manifest Implementation-Title Jakarta Activation API High Product Manifest specification-title Jakarta Activation Specification Medium Product pom artifactid jakarta.activation-api Highest Product pom developer email bill.shannon@oracle.com Low Product pom developer id shannon Low Product pom developer name Bill Shannon Low Product pom developer org Oracle Low Product pom groupid jakarta.activation Highest Product pom name Jakarta Activation API High Product pom parent-artifactid project Medium Product pom parent-groupid org.eclipse.ee4j Medium Product pom url jakartaee/jaf-api High Version file version 2.1.3 High Version Manifest Bundle-Version 2.1.3 High Version pom parent-version 2.1.3 Low Version pom version 2.1.3 Highest
Description:
Jakarta XML Binding API 4.0 Design Specification License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /home/runner/.m2/repository/jakarta/xml/bind/jakarta.xml.bind-api/4.0.2/jakarta.xml.bind-api-4.0.2.jar
MD5: 0c8f9991081def819435c3ff36e4d93f
SHA1: 6cd5a999b834b63238005b7144136379dc36cad2
SHA256: 0d6bcfe47763e85047acf7c398336dc84ff85ebcad0a7cb6f3b9d3e981245406
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
jakarta.xml.bind-api-4.0.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.glassfish.jaxb/jaxb-runtime@4.0.5
Evidence Type Source Name Value Confidence Vendor file name jakarta.xml.bind-api High Vendor jar package name bind Highest Vendor jar package name jakarta Highest Vendor jar package name xml Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname jakarta.xml.bind-api Medium Vendor Manifest extension-name jakarta.xml.bind Medium Vendor Manifest implementation-build-id ca43d8b Low Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid jakarta.xml.bind-api Highest Vendor pom artifactid jakarta.xml.bind-api Low Vendor pom groupid jakarta.xml.bind Highest Vendor pom name Jakarta XML Binding API High Vendor pom parent-artifactid jakarta.xml.bind-api-parent Low Product file name jakarta.xml.bind-api High Product jar package name bind Highest Product jar package name jakarta Highest Product jar package name xml Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Jakarta XML Binding API Medium Product Manifest bundle-symbolicname jakarta.xml.bind-api Medium Product Manifest extension-name jakarta.xml.bind Medium Product Manifest implementation-build-id ca43d8b Low Product pom artifactid jakarta.xml.bind-api Highest Product pom groupid jakarta.xml.bind Highest Product pom name Jakarta XML Binding API High Product pom parent-artifactid jakarta.xml.bind-api-parent Medium Version file version 4.0.2 High Version Manifest Bundle-Version 4.0.2 High Version Manifest Implementation-Version 4.0.2 High Version pom version 4.0.2 Highest
Description:
The javax.inject API License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/javax/inject/javax.inject/1/javax.inject-1.jar
MD5: 289075e48b909e9e74e6c915b3631d2e
SHA1: 6975da39a7040257bd51d21a231b76c915872d38
SHA256: 91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
javax.inject-1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven/maven-core@3.8.1
Evidence Type Source Name Value Confidence Vendor file name javax.inject-1 High Vendor jar package name inject Highest Vendor jar package name inject Low Vendor jar package name javax Highest Vendor jar package name javax Low Vendor pom artifactid javax.inject Highest Vendor pom artifactid javax.inject Low Vendor pom groupid javax.inject Highest Vendor pom name javax.inject High Vendor pom url http://code.google.com/p/atinject/ Highest Product file name javax.inject-1 High Product jar package name inject Highest Product jar package name inject Low Product jar package name javax Highest Product pom artifactid javax.inject Highest Product pom groupid javax.inject Highest Product pom name javax.inject High Product pom url http://code.google.com/p/atinject/ Medium Version file version 1 Medium Version pom version 1 Highest
Description:
JAXB Core module. Contains sources required by XJC, JXC and Runtime modules. License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /home/runner/.m2/repository/org/glassfish/jaxb/jaxb-core/4.0.5/jaxb-core-4.0.5.jar
MD5: ab09aef6bebd4438b0a02707881801e4
SHA1: 007b4b11ea5542eea4ad55e1080b23be436795b3
SHA256: ad3fd9bf00de3eda9859f70b6cfb011e2fe9904804e16a2665092888ece0fdca
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
jaxb-core-4.0.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.glassfish.jaxb/jaxb-runtime@4.0.5
Evidence Type Source Name Value Confidence Vendor file name jaxb-core High Vendor jar package name core Highest Vendor jar package name glassfish Highest Vendor jar package name jaxb Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname org.glassfish.jaxb.core Medium Vendor Manifest git-revision cb19596 Low Vendor Manifest implementation-build-id 4.0.5 - cb19596 Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id org.glassfish.jaxb Medium Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid jaxb-core Highest Vendor pom artifactid jaxb-core Low Vendor pom groupid org.glassfish.jaxb Highest Vendor pom name JAXB Core High Vendor pom parent-artifactid jaxb-parent Low Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor pom url https://eclipse-ee4j.github.io/jaxb-ri/ Highest Product file name jaxb-core High Product jar package name core Highest Product jar package name glassfish Highest Product jar package name jaxb Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name JAXB Core Medium Product Manifest bundle-symbolicname org.glassfish.jaxb.core Medium Product Manifest git-revision cb19596 Low Product Manifest implementation-build-id 4.0.5 - cb19596 Low Product Manifest Implementation-Title Eclipse Implementation of JAXB High Product Manifest specification-title Jakarta XML Binding Medium Product pom artifactid jaxb-core Highest Product pom groupid org.glassfish.jaxb Highest Product pom name JAXB Core High Product pom parent-artifactid jaxb-parent Medium Product pom parent-groupid com.sun.xml.bind.mvn Medium Product pom url https://eclipse-ee4j.github.io/jaxb-ri/ Medium Version file version 4.0.5 High Version Manifest build-version 4.0.5 Medium Version Manifest Bundle-Version 4.0.5 High Version Manifest implementation-build-id 4.0.5 Low Version pom version 4.0.5 Highest
Description:
JAXB (JSR 222) Reference Implementation License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: /home/runner/.m2/repository/org/glassfish/jaxb/jaxb-runtime/4.0.5/jaxb-runtime-4.0.5.jar
MD5: c7384f1f95b8a8e15291485ff9dbe4f3
SHA1: ca84c2a7169b5293e232b9d00d1e4e36d4c3914a
SHA256: 485d8940e76373a7f300815ea5504bf5b726c234425ad30971019d133124cca4
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
jaxb-runtime-4.0.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.reallifedeveloper/jdepend-maven-plugin@1.0.1
Evidence Type Source Name Value Confidence Vendor file name jaxb-runtime High Vendor jar package name glassfish Highest Vendor jar package name jaxb Highest Vendor jar package name runtime Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname org.glassfish.jaxb.runtime Medium Vendor Manifest git-revision cb19596 Low Vendor Manifest implementation-build-id 4.0.5 - cb19596 Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id org.glassfish.jaxb Medium Vendor Manifest provide-capability osgi.serviceloader;osgi.serviceloader="jakarta.xml.bind.JAXBContextFactory" Low Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid jaxb-runtime Highest Vendor pom artifactid jaxb-runtime Low Vendor pom groupid org.glassfish.jaxb Highest Vendor pom name JAXB Runtime High Vendor pom parent-artifactid jaxb-runtime-parent Low Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor pom url https://eclipse-ee4j.github.io/jaxb-ri/ Highest Product file name jaxb-runtime High Product jar package name glassfish Highest Product jar package name jaxb Highest Product jar package name runtime Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name JAXB Runtime Medium Product Manifest bundle-symbolicname org.glassfish.jaxb.runtime Medium Product Manifest git-revision cb19596 Low Product Manifest implementation-build-id 4.0.5 - cb19596 Low Product Manifest Implementation-Title Eclipse Implementation of JAXB High Product Manifest provide-capability osgi.serviceloader;osgi.serviceloader="jakarta.xml.bind.JAXBContextFactory" Low Product Manifest specification-title Jakarta XML Binding Medium Product pom artifactid jaxb-runtime Highest Product pom groupid org.glassfish.jaxb Highest Product pom name JAXB Runtime High Product pom parent-artifactid jaxb-runtime-parent Medium Product pom parent-groupid com.sun.xml.bind.mvn Medium Product pom url https://eclipse-ee4j.github.io/jaxb-ri/ Medium Version file version 4.0.5 High Version Manifest build-version 4.0.5 Medium Version Manifest Bundle-Version 4.0.5 High Version Manifest implementation-build-id 4.0.5 Low Version pom version 4.0.5 Highest
Description:
Tools and configuration for RealLifeDeveloper projects that are only used at build-time, not runtime File Path: /home/runner/.m2/repository/com/reallifedeveloper/jdepend/3.0.1/jdepend-3.0.1.jar/META-INF/maven/com.reallifedeveloper/rld-build-tools/pom.xmlMD5: 6435700811ac9a4569c9a3b96ad1e708SHA1: dffc5ce57433746fb57742929ef9ae50a91b723eSHA256: 972e7788876e8b6753401898b7338e7973d3e9ddc13c045e9b3b24767accf817Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid rld-build-tools Low Vendor pom groupid com.reallifedeveloper Highest Vendor pom name RealLifeDeveloper Build Tools High Vendor pom parent-artifactid rld-parent Low Product pom artifactid rld-build-tools Highest Product pom groupid com.reallifedeveloper Highest Product pom name RealLifeDeveloper Build Tools High Product pom parent-artifactid rld-parent Medium Version pom parent-version 2.0.27 Low Version pom version 2.0.27 Highest
Description:
A Java package dependency analyzer that generates design quality metrics. File Path: /home/runner/.m2/repository/com/reallifedeveloper/jdepend/3.0.1/jdepend-3.0.1.jarMD5: ab08e7008759ac5e150185e76994d9a7SHA1: ab483be2dffee99cdd43aac9f646cc19bc266e12SHA256: d875d3ca54581fa214f45a4345526fcef006545ff53b22d9d81568c607806477Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compilejdepend-3.0.1.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name jdepend High Vendor jar package name jdepend Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest build-tool-jdk-spec 17 Low Vendor pom artifactid jdepend Highest Vendor pom artifactid jdepend Low Vendor pom groupid com.reallifedeveloper Highest Vendor pom name JDepend High Vendor pom parent-artifactid rld-parent Low Product file name jdepend High Product jar package name jdepend Highest Product Manifest build-jdk-spec 17 Low Product Manifest build-tool-jdk-spec 17 Low Product pom artifactid jdepend Highest Product pom groupid com.reallifedeveloper Highest Product pom name JDepend High Product pom parent-artifactid rld-parent Medium Version file version 3.0.1 High Version pom parent-version 3.0.1 Low Version pom version 3.0.1 Highest
Description:
Java 7+ toolkit to quickly develop RFC 4627 JSON compatible applications. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/github/cliftonlabs/json-simple/3.0.2/json-simple-3.0.2.jar
MD5: 148c0d1bdc1bcb24394627d6930ee9ad
SHA1: 2337afdb06134a12fc0239299c3ceb2e9c209516
SHA256: fda65a9ad0e1ac0c88987106e89aa4d8b2a2495e7e042371efa83813f65b7295
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
json-simple-3.0.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name json-simple High Vendor jar package name cliftonlabs Highest Vendor jar package name github Highest Vendor Manifest implementation-url https://cliftonlabs.github.io/json-simple/ Low Vendor Manifest Implementation-Vendor-Id com.github.cliftonlabs Medium Vendor pom artifactid json-simple Highest Vendor pom artifactid json-simple Low Vendor pom developer email davin.loegering@cliftonlabs.com Low Vendor pom developer name Davin Loegering Medium Vendor pom developer name Yidong Fang Medium Vendor pom developer org Clifton Labs Medium Vendor pom developer org URL https://cliftonlabs.com Medium Vendor pom groupid com.github.cliftonlabs Highest Vendor pom name JSON.simple High Vendor pom url https://cliftonlabs.github.io/json-simple/ Highest Product file name json-simple High Product jar package name cliftonlabs Highest Product jar package name github Highest Product Manifest Implementation-Title JSON.simple High Product Manifest implementation-url https://cliftonlabs.github.io/json-simple/ Low Product Manifest specification-title JSON.simple Medium Product pom artifactid json-simple Highest Product pom developer email davin.loegering@cliftonlabs.com Low Product pom developer name Davin Loegering Low Product pom developer name Yidong Fang Low Product pom developer org Clifton Labs Low Product pom developer org URL https://cliftonlabs.com Low Product pom groupid com.github.cliftonlabs Highest Product pom name JSON.simple High Product pom url https://cliftonlabs.github.io/json-simple/ Medium Version file version 3.0.2 High Version Manifest Implementation-Version 3.0.2 High Version pom version 3.0.2 Highest
Description:
JSR305 Annotations for Findbugs License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256: 766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:provided
jsr305-3.0.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.3
Evidence Type Source Name Value Confidence Vendor file name jsr305 High Vendor Manifest bundle-symbolicname org.jsr-305 Medium Vendor pom artifactid jsr305 Highest Vendor pom artifactid jsr305 Low Vendor pom groupid com.google.code.findbugs Highest Vendor pom name FindBugs-jsr305 High Vendor pom url http://findbugs.sourceforge.net/ Highest Product file name jsr305 High Product Manifest Bundle-Name FindBugs-jsr305 Medium Product Manifest bundle-symbolicname org.jsr-305 Medium Product pom artifactid jsr305 Highest Product pom groupid com.google.code.findbugs Highest Product pom name FindBugs-jsr305 High Product pom url http://findbugs.sourceforge.net/ Medium Version file version 3.0.2 High Version Manifest Bundle-Version 3.0.2 High Version pom version 3.0.2 Highest
Description:
Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more! License:
The MIT License: https://projectlombok.org/LICENSE File Path: /home/runner/.m2/repository/org/projectlombok/lombok/1.18.38/lombok-1.18.38.jar
MD5: 789cacd8d3969e9d23e6e6baec747f70
SHA1: 57f8f5e02e92a30fd21b80cbd426a4172b5f8e29
SHA256: 1e1e427c36ff63c44fd30ef292d9e773ea3154460ab6265d3fed7e6f5bc50fb9
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:provided
lombok-1.18.38.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.reallifedeveloper/jdepend-maven-plugin@1.0.1
Evidence Type Source Name Value Confidence Vendor file name lombok High Vendor jar package name java Highest Vendor jar package name lombok Highest Vendor jar package name tostring Highest Vendor Manifest automatic-module-name lombok Medium Vendor Manifest can-redefine-classes true Low Vendor pom artifactid lombok Highest Vendor pom artifactid lombok Low Vendor pom developer email reinier@projectlombok.org Low Vendor pom developer email roel@projectlombok.org Low Vendor pom developer id rspilker Medium Vendor pom developer id rzwitserloot Medium Vendor pom developer name Reinier Zwitserloot Medium Vendor pom developer name Roel Spilker Medium Vendor pom groupid org.projectlombok Highest Vendor pom name Project Lombok High Vendor pom url https://projectlombok.org Highest Product file name lombok High Product jar package name java Highest Product jar package name lombok Highest Product jar package name tostring Highest Product Manifest automatic-module-name lombok Medium Product Manifest can-redefine-classes true Low Product pom artifactid lombok Highest Product pom developer email reinier@projectlombok.org Low Product pom developer email roel@projectlombok.org Low Product pom developer id rspilker Low Product pom developer id rzwitserloot Low Product pom developer name Reinier Zwitserloot Low Product pom developer name Roel Spilker Low Product pom groupid org.projectlombok Highest Product pom name Project Lombok High Product pom url https://projectlombok.org Medium Version file version 1.18.38 High Version Manifest lombok-version 1.18.38 Medium Version pom version 1.18.38 Highest
File Path: /home/runner/.m2/repository/org/projectlombok/lombok/1.18.38/lombok-1.18.38.jar/lombok/launch/mavenEcjBootstrapAgent.jarMD5: 885d5d6be90a5dcd4b82cdf741e3f31aSHA1: e1f7f1779f40157fd0b984c1bc32a0cb45cae66eSHA256: 74a80a6ee84e5c6fe497dfcc46a46dbe30578525e747eb531e918ee0750c8da9Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:provided
Evidence Type Source Name Value Confidence Vendor file name mavenEcjBootstrapAgent High Vendor jar package name launch Low Vendor jar package name lombok Low Vendor Manifest can-redefine-classes true Low Product file name mavenEcjBootstrapAgent High Product jar package name launch Low Product Manifest can-redefine-classes true Low
Description:
Provides utility methods for creating JARs and other archive files from a Maven project. File Path: /home/runner/.m2/repository/org/apache/maven/maven-archiver/3.6.2/maven-archiver-3.6.2.jarMD5: 742b3136d8ff1fcb66f5fd7f3c267c8dSHA1: a2d949d87fed6db197cc3cceec93012dd2317ca0SHA256: 1f895a587df4844d9b7565e8e9a6352afe1d55532458a0dbeb746bc1d02e9216Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compilemaven-archiver-3.6.2.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name maven-archiver High Vendor jar package name apache Highest Vendor jar package name archiver Highest Vendor jar package name maven Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-archiver Highest Vendor pom artifactid maven-archiver Low Vendor pom groupid org.apache.maven Highest Vendor pom name Apache Maven Archiver High Vendor pom parent-artifactid maven-shared-components Low Vendor pom parent-groupid org.apache.maven.shared Medium Product file name maven-archiver High Product jar package name apache Highest Product jar package name archiver Highest Product jar package name maven Highest Product Manifest build-jdk-spec 21 Low Product Manifest Implementation-Title Apache Maven Archiver High Product Manifest specification-title Apache Maven Archiver Medium Product pom artifactid maven-archiver Highest Product pom groupid org.apache.maven Highest Product pom name Apache Maven Archiver High Product pom parent-artifactid maven-shared-components Medium Product pom parent-groupid org.apache.maven.shared Medium Version file version 3.6.2 High Version Manifest Implementation-Version 3.6.2 High Version pom parent-version 3.6.2 Low Version pom version 3.6.2 Highest
File Path: /home/runner/.m2/repository/org/apache/maven/maven-artifact/3.8.1/maven-artifact-3.8.1.jarMD5: 6f07d7c18fb630df205d8175fe37b74eSHA1: 114a2dd16c4c568bf0ca57719b83f2685dcc5734SHA256: 9dbd3db15ac4816471e72981cb06ef90f3ffa8be6628dddf7135f7bd69bee0c0Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:providedmaven-artifact-3.8.1.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name maven-artifact High Vendor jar package name apache Highest Vendor jar package name artifact Highest Vendor jar package name maven Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-artifact Highest Vendor pom artifactid maven-artifact Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Artifact High Vendor pom parent-artifactid maven Low Product file name maven-artifact High Product jar package name apache Highest Product jar package name artifact Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Artifact High Product Manifest specification-title Maven Artifact Medium Product pom artifactid maven-artifact Highest Product pom groupid org.apache.maven Highest Product pom name Maven Artifact High Product pom parent-artifactid maven Medium Version file version 3.8.1 High Version Manifest Implementation-Version 3.8.1 High Version pom version 3.8.1 Highest
Description:
Support for descriptor builders (model, setting, toolchains) File Path: /home/runner/.m2/repository/org/apache/maven/maven-builder-support/3.8.1/maven-builder-support-3.8.1.jarMD5: d1d482b18586dc57c903a4287efb05d9SHA1: 2a8e161cdc4b4652bd16ea23416d8b4ce199e6ecSHA256: 04ca8710b375c30bdb78964c24d665b866bc0f096cc2a93c82aa43f9e331c36bReferenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:providedmaven-builder-support-3.8.1.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name maven-builder-support High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-builder-support Highest Vendor pom artifactid maven-builder-support Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Builder Support High Vendor pom parent-artifactid maven Low Product file name maven-builder-support High Product jar package name apache Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Builder Support High Product Manifest specification-title Maven Builder Support Medium Product pom artifactid maven-builder-support Highest Product pom groupid org.apache.maven Highest Product pom name Maven Builder Support High Product pom parent-artifactid maven Medium Version file version 3.8.1 High Version Manifest Implementation-Version 3.8.1 High Version pom version 3.8.1 Highest
Description:
Maven Core classes. File Path: /home/runner/.m2/repository/org/apache/maven/maven-core/3.8.1/maven-core-3.8.1.jarMD5: 630efac8a27da101575c2ef3cedde585SHA1: caadfcf49d88b5308a0f1383f830c51c75eb4ba7SHA256: 50e99191d72e17bebe3f9c9293ff14a23f3b508bfa0bae0643a7dd3fc2e5e627Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:providedmaven-core-3.8.1.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name maven-core High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-core Highest Vendor pom artifactid maven-core Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Core High Vendor pom parent-artifactid maven Low Product file name maven-core High Product jar package name apache Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Core High Product Manifest specification-title Maven Core Medium Product pom artifactid maven-core Highest Product pom groupid org.apache.maven Highest Product pom name Maven Core High Product pom parent-artifactid maven Medium Version file version 3.8.1 High Version Manifest Implementation-Version 3.8.1 High Version pom version 3.8.1 Highest
Description:
Model for Maven POM (Project Object Model) File Path: /home/runner/.m2/repository/org/apache/maven/maven-model/3.8.1/maven-model-3.8.1.jarMD5: 93da32dac44197743c9c77c85bcd6505SHA1: 377c770fb1534f936fb22eb74e694506666ff329SHA256: 9e008629cefa5ddc9e5e2628adb467416ced250591e30dea7103f37f513b3b13Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:providedmaven-model-3.8.1.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name maven-model High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name model Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-model Highest Vendor pom artifactid maven-model Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Model High Vendor pom parent-artifactid maven Low Product file name maven-model High Product jar package name apache Highest Product jar package name maven Highest Product jar package name model Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Model High Product Manifest specification-title Maven Model Medium Product pom artifactid maven-model Highest Product pom groupid org.apache.maven Highest Product pom name Maven Model High Product pom parent-artifactid maven Medium Version file version 3.8.1 High Version Manifest Implementation-Version 3.8.1 High Version pom version 3.8.1 Highest
Description:
The effective model builder, with inheritance, profile activation, interpolation, ... File Path: /home/runner/.m2/repository/org/apache/maven/maven-model-builder/3.8.1/maven-model-builder-3.8.1.jarMD5: 17f9c840f8ad3e0118142675fa2df09cSHA1: 248ff5c96aa0d112cf7d3578f8cdc02f9ab3a158SHA256: 60efee1229626229c13febb6d6c1949120c6ab55ced0e9ce16cd167a0056b8e1Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:providedmaven-model-builder-3.8.1.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name maven-model-builder High Vendor jar package name apache Highest Vendor jar package name inheritance Highest Vendor jar package name interpolation Highest Vendor jar package name maven Highest Vendor jar package name model Highest Vendor jar package name profile Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-model-builder Highest Vendor pom artifactid maven-model-builder Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Model Builder High Vendor pom parent-artifactid maven Low Product file name maven-model-builder High Product jar package name apache Highest Product jar package name inheritance Highest Product jar package name interpolation Highest Product jar package name maven Highest Product jar package name model Highest Product jar package name profile Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Model Builder High Product Manifest specification-title Maven Model Builder Medium Product pom artifactid maven-model-builder Highest Product pom groupid org.apache.maven Highest Product pom name Maven Model Builder High Product pom parent-artifactid maven Medium Version file version 3.8.1 High Version Manifest Implementation-Version 3.8.1 High Version pom version 3.8.1 Highest
Description:
Java annotations to use in Mojos File Path: /home/runner/.m2/repository/org/apache/maven/plugin-tools/maven-plugin-annotations/3.15.1/maven-plugin-annotations-3.15.1.jarMD5: 0723da1364961f527fbfce10c8b9c7ddSHA1: ca287d08819d5d87f3a06b8f065a79eb33c3ecc3SHA256: b58bcb3a1f362f6e1efa2772064026bb3d4ad92e6f43a1812d8d2886489912f5Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:providedmaven-plugin-annotations-3.15.1.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name maven-plugin-annotations High Vendor jar package name annotations Highest Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-plugin-annotations Highest Vendor pom artifactid maven-plugin-annotations Low Vendor pom groupid org.apache.maven.plugin-tools Highest Vendor pom name Maven Plugin Tools Java Annotations High Vendor pom parent-artifactid maven-plugin-tools Low Product file name maven-plugin-annotations High Product jar package name annotations Highest Product jar package name apache Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Plugin Tools Java Annotations High Product Manifest specification-title Maven Plugin Tools Java Annotations Medium Product pom artifactid maven-plugin-annotations Highest Product pom groupid org.apache.maven.plugin-tools Highest Product pom name Maven Plugin Tools Java Annotations High Product pom parent-artifactid maven-plugin-tools Medium Version file version 3.15.1 High Version Manifest Implementation-Version 3.15.1 High Version pom version 3.15.1 Highest
Description:
The API for plugins - Mojos - development. File Path: /home/runner/.m2/repository/org/apache/maven/maven-plugin-api/3.8.1/maven-plugin-api-3.8.1.jarMD5: 5e3a5eaf677472d948b598bfcefaf650SHA1: 4591d6f1c12e8ab942c08b9aba3e46b19c82ec37SHA256: 9a2d71722c8c18db748195925e725359e4e87d6722b602a0e54095e91a7f30d3Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:providedmaven-plugin-api-3.8.1.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name maven-plugin-api High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name plugin Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-plugin-api Highest Vendor pom artifactid maven-plugin-api Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Plugin API High Vendor pom parent-artifactid maven Low Product file name maven-plugin-api High Product jar package name apache Highest Product jar package name maven Highest Product jar package name plugin Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Plugin API High Product Manifest specification-title Maven Plugin API Medium Product pom artifactid maven-plugin-api Highest Product pom groupid org.apache.maven Highest Product pom name Maven Plugin API High Product pom parent-artifactid maven Medium Version file version 3.8.1 High Version Manifest Implementation-Version 3.8.1 High Version pom version 3.8.1 Highest
Description:
API to manage report generation. File Path: /home/runner/.m2/repository/org/apache/maven/reporting/maven-reporting-api/4.0.0/maven-reporting-api-4.0.0.jarMD5: 9c49fcb81d69bb5ec513d624c181fc05SHA1: d3ad7e3d03463b5bd77e7d3ce94539cc723c8dfbSHA256: cb2cbde3c9c7288f7398a250dcf3c90cf92714cff301f22b298e1091b5def33cReferenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compilemaven-reporting-api-4.0.0.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name maven-reporting-api High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name reporting Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-reporting-api Highest Vendor pom artifactid maven-reporting-api Low Vendor pom groupid org.apache.maven.reporting Highest Vendor pom name Apache Maven Reporting API High Vendor pom parent-artifactid maven-shared-components Low Vendor pom parent-groupid org.apache.maven.shared Medium Product file name maven-reporting-api High Product jar package name apache Highest Product jar package name maven Highest Product jar package name reporting Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Apache Maven Reporting API High Product Manifest specification-title Apache Maven Reporting API Medium Product pom artifactid maven-reporting-api Highest Product pom groupid org.apache.maven.reporting Highest Product pom name Apache Maven Reporting API High Product pom parent-artifactid maven-shared-components Medium Product pom parent-groupid org.apache.maven.shared Medium Version file version 4.0.0 High Version Manifest Implementation-Version 4.0.0 High Version pom parent-version 4.0.0 Low Version pom version 4.0.0 Highest
Description:
Abstract classes to manage report generation. File Path: /home/runner/.m2/repository/org/apache/maven/reporting/maven-reporting-impl/4.0.0/maven-reporting-impl-4.0.0.jarMD5: 302ed7d914dc813380d361d1acb83c2fSHA1: d3753b5c13a873a5ddb71f404c6fe1179a4688c2SHA256: e9e70fdb26ff8b1f15435e3a68866a25c85b1694007e0fbdfe84e48e946fe463Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compilemaven-reporting-impl-4.0.0.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name maven-reporting-impl High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name reporting Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-reporting-impl Highest Vendor pom artifactid maven-reporting-impl Low Vendor pom groupid org.apache.maven.reporting Highest Vendor pom name Apache Maven Reporting Implementation High Vendor pom parent-artifactid maven-shared-components Low Vendor pom parent-groupid org.apache.maven.shared Medium Product file name maven-reporting-impl High Product jar package name apache Highest Product jar package name maven Highest Product jar package name reporting Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Apache Maven Reporting Implementation High Product Manifest specification-title Apache Maven Reporting Implementation Medium Product pom artifactid maven-reporting-impl Highest Product pom groupid org.apache.maven.reporting Highest Product pom name Apache Maven Reporting Implementation High Product pom parent-artifactid maven-shared-components Medium Product pom parent-groupid org.apache.maven.shared Medium Version file version 4.0.0 High Version Manifest Implementation-Version 4.0.0 High Version pom parent-version 4.0.0 Low Version pom version 4.0.0 Highest
Description:
Per-directory local and remote repository metadata. File Path: /home/runner/.m2/repository/org/apache/maven/maven-repository-metadata/3.8.1/maven-repository-metadata-3.8.1.jarMD5: 59afcf5c3312ac8e2a7f4a1301d35690SHA1: 99b73104d88a8392132ee3e406c934eb955f13dbSHA256: ed400ae8d4782e8b865571637c5244e3b79fea4829b8a0870c714c1094f2dda5Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:providedmaven-repository-metadata-3.8.1.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name maven-repository-metadata High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name repository Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-repository-metadata Highest Vendor pom artifactid maven-repository-metadata Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Repository Metadata Model High Vendor pom parent-artifactid maven Low Product file name maven-repository-metadata High Product jar package name apache Highest Product jar package name maven Highest Product jar package name repository Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Repository Metadata Model High Product Manifest specification-title Maven Repository Metadata Model Medium Product pom artifactid maven-repository-metadata Highest Product pom groupid org.apache.maven Highest Product pom name Maven Repository Metadata Model High Product pom parent-artifactid maven Medium Version file version 3.8.1 High Version Manifest Implementation-Version 3.8.1 High Version pom version 3.8.1 Highest
Description:
The application programming interface for the repository system.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-api/1.4.1/maven-resolver-api-1.4.1.jar
MD5: 4566dcb75f3d95fcc4c2fc83ae562f71
SHA1: ceee6b7ea1bc252afa585fa32f76c2cda206bdcd
SHA256: 33dc67306cc95da14e5444e8b494d967924abf1d01bae1894676164cbd3f6112
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
maven-resolver-api-1.4.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name maven-resolver-api High Vendor jar package name artifact Highest Vendor jar package name repository Highest Vendor Manifest automatic-module-name org.apache.maven.resolver Medium Vendor Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-api/ Low Vendor Manifest bundle-symbolicname org.apache.maven.resolver.api Medium Vendor Manifest implementation-url https://maven.apache.org/resolver/maven-resolver-api/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.maven.resolver Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-resolver-api Highest Vendor pom artifactid maven-resolver-api Low Vendor pom groupid org.apache.maven.resolver Highest Vendor pom name Maven Artifact Resolver API High Vendor pom parent-artifactid maven-resolver Low Product file name maven-resolver-api High Product jar package name artifact Highest Product jar package name repository Highest Product Manifest automatic-module-name org.apache.maven.resolver Medium Product Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-api/ Low Product Manifest Bundle-Name Maven Artifact Resolver API Medium Product Manifest bundle-symbolicname org.apache.maven.resolver.api Medium Product Manifest Implementation-Title Maven Artifact Resolver API High Product Manifest implementation-url https://maven.apache.org/resolver/maven-resolver-api/ Low Product Manifest specification-title Maven Artifact Resolver API Medium Product pom artifactid maven-resolver-api Highest Product pom groupid org.apache.maven.resolver Highest Product pom name Maven Artifact Resolver API High Product pom parent-artifactid maven-resolver Medium Version file version 1.4.1 High Version Manifest Bundle-Version 1.4.1 High Version Manifest Implementation-Version 1.4.1 High Version pom version 1.4.1 Highest
Description:
An implementation of the repository system.
License:
"Apache License, Version 2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-impl/1.6.2/maven-resolver-impl-1.6.2.jar
MD5: d454a27ece69773aefbb9fa38ed96890
SHA1: c9aa1af0ba818a2d96bfba135cd03c1ae0e4834d
SHA256: 8b0d90817b0f078435034b17a9837f2548006f3f6ae84a6e9884a14617a255e3
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:provided
maven-resolver-impl-1.6.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven/maven-core@3.8.1
Evidence Type Source Name Value Confidence Vendor file name maven-resolver-impl High Vendor jar package name impl Highest Vendor Manifest automatic-module-name org.apache.maven.resolver.impl Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-developers rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Chair";timezone="Europe/Amsterdam",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Member";timezone="+1",krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Melbourne",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Vendor Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-impl/ Low Vendor Manifest bundle-symbolicname org.apache.maven.resolver.impl Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-resolver-impl Highest Vendor pom artifactid maven-resolver-impl Low Vendor pom groupid org.apache.maven.resolver Highest Vendor pom name Maven Artifact Resolver Implementation High Vendor pom parent-artifactid maven-resolver Low Product file name maven-resolver-impl High Product jar package name impl Highest Product Manifest automatic-module-name org.apache.maven.resolver.impl Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-developers rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Chair";timezone="Europe/Amsterdam",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Member";timezone="+1",krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Melbourne",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Product Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-impl/ Low Product Manifest Bundle-Name Maven Artifact Resolver Implementation Medium Product Manifest bundle-symbolicname org.apache.maven.resolver.impl Medium Product Manifest Implementation-Title Maven Artifact Resolver Implementation High Product Manifest specification-title Maven Artifact Resolver Implementation Medium Product pom artifactid maven-resolver-impl Highest Product pom groupid org.apache.maven.resolver Highest Product pom name Maven Artifact Resolver Implementation High Product pom parent-artifactid maven-resolver Medium Version file version 1.6.2 High Version Manifest Bundle-Version 1.6.2 High Version Manifest Implementation-Version 1.6.2 High Version pom version 1.6.2 Highest
Description:
Extensions to Maven Resolver for utilizing Maven POM and repository metadata. File Path: /home/runner/.m2/repository/org/apache/maven/maven-resolver-provider/3.8.1/maven-resolver-provider-3.8.1.jarMD5: 14b2e340c01e51b8d8b3ce21ee1740fdSHA1: 4d94465cf8c69afddd7cdf5d741f179e1c82930cSHA256: 2359c5d77be9c55b5b0ca8a4098eb69b90e1388057287508c7e776b662aaf3ebReferenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:providedmaven-resolver-provider-3.8.1.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name maven-resolver-provider High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name repository Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-resolver-provider Highest Vendor pom artifactid maven-resolver-provider Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Artifact Resolver Provider High Vendor pom parent-artifactid maven Low Product file name maven-resolver-provider High Product jar package name apache Highest Product jar package name maven Highest Product jar package name repository Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Artifact Resolver Provider High Product Manifest specification-title Maven Artifact Resolver Provider Medium Product pom artifactid maven-resolver-provider Highest Product pom groupid org.apache.maven Highest Product pom name Maven Artifact Resolver Provider High Product pom parent-artifactid maven Medium Version file version 3.8.1 High Version Manifest Implementation-Version 3.8.1 High Version pom version 3.8.1 Highest
Description:
The service provider interface for repository system implementations and repository connectors.
License:
"Apache License, Version 2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-spi/1.6.2/maven-resolver-spi-1.6.2.jar
MD5: f8f2bdd73f9ef6fbc76059ccb9d2d844
SHA1: 7b382f1b0f5f8ba4341c4d1566a475e138590965
SHA256: 23295e2133110a7fcda07b780d573e591dd88f4f5f33e6d3bbcdeeefe717b11f
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:provided
maven-resolver-spi-1.6.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven/maven-core@3.8.1
Evidence Type Source Name Value Confidence Vendor file name maven-resolver-spi High Vendor jar package name spi Highest Vendor Manifest automatic-module-name org.apache.maven.resolver.spi Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-developers rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Chair";timezone="Europe/Amsterdam",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Member";timezone="+1",krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Melbourne",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Vendor Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-spi/ Low Vendor Manifest bundle-symbolicname org.apache.maven.resolver.spi Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-resolver-spi Highest Vendor pom artifactid maven-resolver-spi Low Vendor pom groupid org.apache.maven.resolver Highest Vendor pom name Maven Artifact Resolver SPI High Vendor pom parent-artifactid maven-resolver Low Product file name maven-resolver-spi High Product jar package name spi Highest Product Manifest automatic-module-name org.apache.maven.resolver.spi Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-developers rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Chair";timezone="Europe/Amsterdam",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Member";timezone="+1",krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Melbourne",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Product Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-spi/ Low Product Manifest Bundle-Name Maven Artifact Resolver SPI Medium Product Manifest bundle-symbolicname org.apache.maven.resolver.spi Medium Product Manifest Implementation-Title Maven Artifact Resolver SPI High Product Manifest specification-title Maven Artifact Resolver SPI Medium Product pom artifactid maven-resolver-spi Highest Product pom groupid org.apache.maven.resolver Highest Product pom name Maven Artifact Resolver SPI High Product pom parent-artifactid maven-resolver Medium Version file version 1.6.2 High Version Manifest Bundle-Version 1.6.2 High Version Manifest Implementation-Version 1.6.2 High Version pom version 1.6.2 Highest
Description:
A collection of utility classes to ease usage of the repository system.
License:
"Apache License, Version 2.0";link="https://www.apache.org/licenses/LICENSE-2.0.txt" File Path: /home/runner/.m2/repository/org/apache/maven/resolver/maven-resolver-util/1.6.2/maven-resolver-util-1.6.2.jar
MD5: ec451c7de95a655e835c2937077958e2
SHA1: 677d11365527d7c47051fc0be81fad20f75f5b74
SHA256: f99b7444e47e5fc3b66dc2409b73f9e4d0e4d4cd6dfa724dc1a552e4fbd7fde2
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:provided
maven-resolver-util-1.6.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven/maven-core@3.8.1
Evidence Type Source Name Value Confidence Vendor file name maven-resolver-util High Vendor jar package name artifact Highest Vendor jar package name repository Highest Vendor jar package name util Highest Vendor Manifest automatic-module-name org.apache.maven.resolver.util Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-developers rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Chair";timezone="Europe/Amsterdam",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Member";timezone="+1",krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Melbourne",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Vendor Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-util/ Low Vendor Manifest bundle-symbolicname org.apache.maven.resolver.util Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-resolver-util Highest Vendor pom artifactid maven-resolver-util Low Vendor pom groupid org.apache.maven.resolver Highest Vendor pom name Maven Artifact Resolver Utilities High Vendor pom parent-artifactid maven-resolver Low Product file name maven-resolver-util High Product jar package name artifact Highest Product jar package name repository Highest Product jar package name util Highest Product Manifest automatic-module-name org.apache.maven.resolver.util Medium Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-developers rfscholte;email="rfscholte@apache.org";name="Robert Scholte";roles="PMC Chair";timezone="Europe/Amsterdam",aheritier;email="aheritier@apache.org";name="Arnaud Héritier";roles="PMC Member";timezone="+1",andham;email="andham@apache.org";name="Anders Hammar";roles="PMC Member";timezone="+1",baerrach;email="baerrach@apache.org";name="Barrie Treloar";roles="PMC Member";timezone="Australia/Adelaide",bimargulies;email="bimargulies@apache.org";name="Benson Margulies";roles="PMC Member";timezone="America/New_York",brianf;email="brianf@apache.org";name="Brian Fox";organization=Sonatype;roles="PMC Member";timezone=-5,cstamas;email="cstamas@apache.org";name="Tamas Cservenak";roles="PMC Member";timezone="+1",dennisl;email="dennisl@apache.org";name="Dennis Lundberg";organization=ASF;roles="PMC Member";timezone="+1",dkulp;email="dkulp@apache.org";name="Daniel Kulp";organization=ASF;roles="PMC Member";timezone=-5,evenisse;email="evenisse@apache.org";name="Emmanuel Venisse";organization=ASF;roles="PMC Member";timezone="+1",gboue;email="gboue@apache.org";name="Guillaume Boué";roles="PMC Member";timezone="Europe/Paris",hboutemy;email="hboutemy@apache.org";name="Hervé Boutemy";organization=ASF;roles="PMC Member";timezone="Europe/Paris",ifedorenko;email="igor@ifedorenko.com";name="Igor Fedorenko";organization=Sonatype;roles="PMC Member";timezone=-5,jvanzyl;email="jason@maven.org";name="Jason van Zyl";roles="PMC Member";timezone=-5,khmarbaise;email="khmarbaise@apache.org";name="Karl Heinz Marbaise";roles="PMC Member";timezone="+1",krosenvold;email="krosenvold@apache.org";name="Kristian Rosenvold";roles="PMC Member";timezone="+1",mkleint;name="Milos Kleint";roles="PMC Member",olamy;email="olamy@apache.org";name="Olivier Lamy";roles="PMC Member";timezone="Australia/Melbourne",michaelo;email="michaelo@apache.org";name="Michael Osipov";roles="PMC Member";timezone="Europe/Berlin",rgoers;email="rgoers@apache.org";name="Ralph Goers";organization=Intuit;roles="PMC Member";timezone=-8,stephenc;email="stephenc@apache.org";name="Stephen Connolly";roles="PMC Member";timezone=0,struberg;email="struberg@apache.org";name="Mark Struberg";roles="PMC Member",tibordigana;email="tibordigana@apache.org";name="Tibor Digaňa";roles="PMC Member";timezone="Europe/Bratislava",vsiveton;email="vsiveton@apache.org";name="Vincent Siveton";organization=ASF;roles="PMC Member";timezone=-5,wfay;email="wfay@apache.org";name="Wayne Fay";organization=ASF;roles="PMC Member";timezone=-6,adangel;email="adangel@apache.org";name="Andreas Dangel";roles=Committer;timezone="Europe/Berlin",bdemers;email="bdemers@apache.org";name="Brian Demers";organization=Sonatype;roles=Committer;timezone=-5,bellingard;name="Fabrice Bellingard";roles=Committer,bentmann;email="bentmann@apache.org";name="Benjamin Bentmann";organization=Sonatype;roles=Committer;timezone="+1",chrisgwarp;email="chrisgwarp@apache.org";name="Chris Graham";roles=Committer;timezone="Australia/Melbourne",dantran;email="dantran@apache.org";name="Dan Tran";roles=Committer;timezone=-8,dbradicich;email="dbradicich@apache.org";name="Damian Bradicich";organization=Sonatype;roles=Committer;timezone=-5,brett;email="brett@apache.org";name="Brett Porter";organization=ASF;roles=Committer;timezone="+10",dfabulich;email="dfabulich@apache.org";name="Daniel Fabulich";roles=Committer;timezone=-8,eolivelli;email="eolivelli@apache.org";name="Enrico Olivelli";organization=Diennea;roles=Committer;timezone="Europe/Rome",fgiust;email="fgiust@apache.org";name="Fabrizio Giustina";organization=openmind;roles=Committer;timezone="+1",godin;email="godin@apache.org";name="Evgeny Mandrikov";organization=SonarSource;roles=Committer;timezone="+3",handyande;email="handyande@apache.org";name="Andrew Williams";roles=Committer;timezone=0,imod;email="imod@apache.org";name="Dominik Bartholdi";roles=Committer;timezone="Europe/Zurich",jjensen;name="Jeff Jensen";roles=Committer,ltheussl;email="ltheussl@apache.org";name="Lukas Theussl";roles=Committer;timezone="+1",markh;email="markh@apache.org";name="Mark Hobson";roles=Committer;timezone=0,mauro;name="Mauro Talevi";roles=Committer,mfriedenhagen;email="mfriedenhagen@apache.org";name="Mirko Friedenhagen";roles=Committer;timezone="+1",mmoser;email="mmoser@apache.org";name="Manfred Moser";roles=Committer;timezone=-8,nicolas;name="Nicolas de Loof";roles=Committer,oching;name="Maria Odea B. Ching";roles=Committer,pgier;email="pgier@apache.org";name="Paul Gier";organization="Red Hat";roles=Committer;timezone=-6,ptahchiev;email="ptahchiev@apache.org";name="Petar Tahchiev";roles=Committer;timezone="+2",rafale;email="rafale@apache.org";name="Raphaël Piéroni";organization=Dexem;roles=Committer;timezone="+1",schulte;email="schulte@apache.org";name="Christian Schulte";roles=Committer;timezone="Europe/Berlin",snicoll;email="snicoll@apache.org";name="Stephane Nicoll";roles=Committer;timezone="+1",simonetripodi;email="simonetripodi@apache.org";name="Simone Tripodi";roles=Committer;timezone="+1",sor;email="sor@apache.org";name="Christian Stein";roles=Committer;timezone="Europe/Berlin",tchemit;email="tchemit@apache.org";name="Tony Chemit";organization=CodeLutin;roles=Committer;timezone="Europe/Paris",vmassol;email="vmassol@apache.org";name="Vincent Massol";organization=ASF;roles=Committer;timezone="+1",slachiewicz;email="slachiewicz@apache.org";name="Sylwester Lachiewicz";roles=Committer;timezone="Europe/Warsaw",elharo;email="elharo@apache.org";name="Elliotte Rusty Harold";roles=Committer;timezone="America/New_York",agudian;email="agudian@apache.org";name="Andreas Gudian";roles=Emeritus;timezone="Europe/Berlin",aramirez;name="Allan Q. Ramirez";roles=Emeritus,bayard;name="Henri Yandell";roles=Emeritus,carlos;email="carlos@apache.org";name="Carlos Sanchez";organization=ASF;roles=Emeritus;timezone="+1",chrisjs;name="Chris Stevenson";roles=Emeritus,dblevins;name="David Blevins";roles=Emeritus,dlr;name="Daniel Rall";roles=Emeritus,epunzalan;email="epunzalan@apache.org";name="Edwin Punzalan";roles=Emeritus;timezone=-8,felipeal;name="Felipe Leme";roles=Emeritus,jdcasey;email="jdcasey@apache.org";name="John Casey";organization=ASF;roles=Emeritus;timezone=-6,jmcconnell;email="jmcconnell@apache.org";name="Jesse McConnell";organization=ASF;roles=Emeritus;timezone=-6,joakime;email="joakime@apache.org";name="Joakim Erdfelt";organization=ASF;roles=Emeritus;timezone=-5,jruiz;email="jruiz@apache.org";name="Johnny Ruiz III";roles=Emeritus,jstrachan;name="James Strachan";roles=Emeritus,jtolentino;email="jtolentino@apache.org";name="Ernesto Tolentino Jr.";organization=ASF;roles=Emeritus;timezone="+8",kenney;email="kenney@apache.org";name="Kenney Westerhof";organization=Neonics;roles=Emeritus;timezone="+1",mperham;email="mperham@gmail.com";name="Mike Perham";organization=IBM;roles=Emeritus;timezone=-6,ogusakov;name="Oleg Gusakov";roles=Emeritus,pschneider;email="pschneider@gmail.com";name="Patrick Schneider";roles=Emeritus;timezone=-6,rinku;name="Rahul Thakur";roles=Emeritus,shinobu;name="Shinobu Kuwai";roles=Emeritus,smorgrav;name="Torbjorn Eikli Smorgrav";roles=Emeritus,trygvis;email="trygvis@apache.org";name="Trygve Laugstol";organization=ASF;roles=Emeritus;timezone="+1",wsmoak;email="wsmoak@apache.org";name="Wendy Smoak";roles=Emeritus;timezone=-7 Low Product Manifest bundle-docurl https://maven.apache.org/resolver/maven-resolver-util/ Low Product Manifest Bundle-Name Maven Artifact Resolver Utilities Medium Product Manifest bundle-symbolicname org.apache.maven.resolver.util Medium Product Manifest Implementation-Title Maven Artifact Resolver Utilities High Product Manifest specification-title Maven Artifact Resolver Utilities Medium Product pom artifactid maven-resolver-util Highest Product pom groupid org.apache.maven.resolver Highest Product pom name Maven Artifact Resolver Utilities High Product pom parent-artifactid maven-resolver Medium Version file version 1.6.2 High Version Manifest Bundle-Version 1.6.2 High Version Manifest Implementation-Version 1.6.2 High Version pom version 1.6.2 Highest
Description:
Maven Settings model. File Path: /home/runner/.m2/repository/org/apache/maven/maven-settings/3.8.1/maven-settings-3.8.1.jarMD5: eb2e8cd2094f68d017fe3e258a656b29SHA1: 2b752b5cee9b50fa5d76d2c2472be92d75d1b86cSHA256: 413d89684e8b0500cad5ae694957d118cf8bfa2a684c874a6f865b38cd6ac12eReferenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:providedmaven-settings-3.8.1.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name maven-settings High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name settings Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-settings Highest Vendor pom artifactid maven-settings Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Settings High Vendor pom parent-artifactid maven Low Product file name maven-settings High Product jar package name apache Highest Product jar package name maven Highest Product jar package name settings Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Settings High Product Manifest specification-title Maven Settings Medium Product pom artifactid maven-settings Highest Product pom groupid org.apache.maven Highest Product pom name Maven Settings High Product pom parent-artifactid maven Medium Version file version 3.8.1 High Version Manifest Implementation-Version 3.8.1 High Version pom version 3.8.1 Highest
Description:
The effective settings builder, with inheritance and password decryption. File Path: /home/runner/.m2/repository/org/apache/maven/maven-settings-builder/3.8.1/maven-settings-builder-3.8.1.jarMD5: 08a032261f6547165b66c8a4db06abcaSHA1: 8d2640151332af903d1092760f43d2326a249554SHA256: 6b7cf72a8b1061866e9c90c4293d508113aaaff5742151fb9024153726b69751Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:providedmaven-settings-builder-3.8.1.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name maven-settings-builder High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name settings Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-settings-builder Highest Vendor pom artifactid maven-settings-builder Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Settings Builder High Vendor pom parent-artifactid maven Low Product file name maven-settings-builder High Product jar package name apache Highest Product jar package name maven Highest Product jar package name settings Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Maven Settings Builder High Product Manifest specification-title Maven Settings Builder Medium Product pom artifactid maven-settings-builder Highest Product pom groupid org.apache.maven Highest Product pom name Maven Settings Builder High Product pom parent-artifactid maven Medium Version file version 3.8.1 High Version Manifest Implementation-Version 3.8.1 High Version pom version 3.8.1 Highest
Description:
Shared utilities for use by Maven core and plugins File Path: /home/runner/.m2/repository/org/apache/maven/shared/maven-shared-utils/3.4.2/maven-shared-utils-3.4.2.jarMD5: 53a038f77a81cb5816ad2b1c7daa8711SHA1: bfa28296272a5915b08de9f11f34a94b0a818fd0SHA256: b613357e1bad4dfc1dead801691c9460f9585fe7c6b466bc25186212d7d18487Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compilemaven-shared-utils-3.4.2.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name maven-shared-utils High Vendor jar package name apache Highest Vendor jar package name maven Highest Vendor jar package name shared Highest Vendor jar package name utils Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-shared-utils Highest Vendor pom artifactid maven-shared-utils Low Vendor pom groupid org.apache.maven.shared Highest Vendor pom name Apache Maven Shared Utils High Vendor pom parent-artifactid maven-shared-components Low Product file name maven-shared-utils High Product jar package name apache Highest Product jar package name maven Highest Product jar package name shared Highest Product jar package name utils Highest Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Apache Maven Shared Utils High Product Manifest specification-title Apache Maven Shared Utils Medium Product pom artifactid maven-shared-utils Highest Product pom groupid org.apache.maven.shared Highest Product pom name Apache Maven Shared Utils High Product pom parent-artifactid maven-shared-components Medium Version file version 3.4.2 High Version Manifest Implementation-Version 3.4.2 High Version pom parent-version 3.4.2 Low Version pom version 3.4.2 Highest
License:
http://www.eclipse.org/legal/epl-v10.html File Path: /home/runner/.m2/repository/org/eclipse/sisu/org.eclipse.sisu.inject/0.3.4/org.eclipse.sisu.inject-0.3.4.jar
MD5: edf3eedbd99a0cd38c259a2daa2ea702
SHA1: fc3be144183f54dc6f5c55e34462c1c2d89d7d96
SHA256: 8c0e6aa7f35593016f2c5e78b604b57f023cdaca3561fe2fe36f2b5dbbae1d16
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
org.eclipse.sisu.inject-0.3.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven/maven-core@3.8.1
Evidence Type Source Name Value Confidence Vendor file name org.eclipse.sisu.inject High Vendor jar package name eclipse Highest Vendor jar package name inject Highest Vendor jar package name sisu Highest Vendor Manifest bundle-copyright Copyright (c) 2010, 2015 Sonatype, Inc. and others Low Vendor Manifest bundle-docurl http://www.eclipse.org/sisu/ Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Vendor Manifest bundle-symbolicname org.eclipse.sisu.inject;singleton:=true Medium Vendor pom artifactid eclipse.sisu.inject Low Vendor pom artifactid org.eclipse.sisu.inject Highest Vendor pom groupid org.eclipse.sisu Highest Vendor pom parent-artifactid sisu-inject Low Product file name org.eclipse.sisu.inject High Product jar package name eclipse Highest Product jar package name inject Highest Product jar package name sisu Highest Product jar package name sonatype Highest Product Manifest bundle-copyright Copyright (c) 2010, 2015 Sonatype, Inc. and others Low Product Manifest bundle-docurl http://www.eclipse.org/sisu/ Low Product Manifest Bundle-Name Sisu-Inject (Incubation) Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Product Manifest bundle-symbolicname org.eclipse.sisu.inject;singleton:=true Medium Product pom artifactid eclipse.sisu.inject Highest Product pom artifactid org.eclipse.sisu.inject Highest Product pom groupid org.eclipse.sisu Highest Product pom parent-artifactid sisu-inject Medium Version file version 0.3.4 High Version Manifest Bundle-Version 0.3.4 High Version pom version 0.3.4 Highest
Description:
Plexus-JSR330 adapter; adds Plexus support to the Sisu-Inject container License:
"Eclipse Public License, Version 2.0";link="https://www.eclipse.org/legal/epl-v20.html" File Path: /home/runner/.m2/repository/org/eclipse/sisu/org.eclipse.sisu.plexus/0.9.0.M3/org.eclipse.sisu.plexus-0.9.0.M3.jar
MD5: 964e7bc9837b270566f18b87af65f5d7
SHA1: b493c7abcc6e04fa0a6a20d489a3db0395c76f70
SHA256: c99674d3773e26154885661711f0b6d63aa5008f5cc99227a236756d4ad9de5e
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
org.eclipse.sisu.plexus-0.9.0.M3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name org.eclipse.sisu.plexus High Vendor jar package name eclipse Highest Vendor jar package name plexus Highest Vendor jar package name sisu Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-copyright Copyright (c) 2010-present Sonatype, Inc. and others Low Vendor Manifest bundle-developers mcculls;name="Stuart McCulloch",cstamas;name="Tamas Cservenak",kwin;name="Konrad Windszus" Low Vendor Manifest bundle-docurl http://www.eclipse.org/sisu/ Low Vendor Manifest bundle-symbolicname org.eclipse.sisu.plexus;singleton:=true Medium Vendor pom artifactid eclipse.sisu.plexus Low Vendor pom artifactid org.eclipse.sisu.plexus Highest Vendor pom groupid org.eclipse.sisu Highest Vendor pom parent-artifactid sisu-inject Low Product file name org.eclipse.sisu.plexus High Product jar package name eclipse Highest Product jar package name plexus Highest Product jar package name sisu Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-copyright Copyright (c) 2010-present Sonatype, Inc. and others Low Product Manifest bundle-developers mcculls;name="Stuart McCulloch",cstamas;name="Tamas Cservenak",kwin;name="Konrad Windszus" Low Product Manifest bundle-docurl http://www.eclipse.org/sisu/ Low Product Manifest Bundle-Name Sisu-Plexus (Incubation) Medium Product Manifest bundle-symbolicname org.eclipse.sisu.plexus;singleton:=true Medium Product pom artifactid eclipse.sisu.plexus Highest Product pom artifactid org.eclipse.sisu.plexus Highest Product pom groupid org.eclipse.sisu Highest Product pom parent-artifactid sisu-inject Medium Version Manifest Bundle-Version 0.9.0.M3 High Version pom version 0.9.0.M3 Highest
File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-archiver/4.9.2/plexus-archiver-4.9.2.jarMD5: 408c466d4a20a02f4a2428a4f003ca13SHA1: a03ed402ef8468c1d1bda368d7213cad67f16a71SHA256: a837bd7d73291564dc8e8c826de0fede75896527a35bdcddb77b0545ee656a4cReferenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compileplexus-archiver-4.9.2.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name plexus-archiver High Vendor jar package name archiver Highest Vendor jar package name codehaus Highest Vendor jar package name plexus Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest Implementation-Vendor Codehaus Plexus High Vendor Manifest specification-vendor Codehaus Plexus Low Vendor pom artifactid plexus-archiver Highest Vendor pom artifactid plexus-archiver Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Archiver Component High Vendor pom parent-artifactid plexus Low Vendor pom url https://codehaus-plexus.github.io/plexus-archiver/ Highest Product file name plexus-archiver High Product jar package name archiver Highest Product jar package name codehaus Highest Product jar package name plexus Highest Product Manifest build-jdk-spec 21 Low Product Manifest Implementation-Title Plexus Archiver Component High Product Manifest specification-title Plexus Archiver Component Medium Product pom artifactid plexus-archiver Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Archiver Component High Product pom parent-artifactid plexus Medium Product pom url https://codehaus-plexus.github.io/plexus-archiver/ Medium Version file version 4.9.2 High Version Manifest Implementation-Version 4.9.2 High Version pom parent-version 4.9.2 Low Version pom version 4.9.2 Highest
File Path: /home/runner/.m2/repository/org/sonatype/plexus/plexus-cipher/1.4/plexus-cipher-1.4.jarMD5: 7b2d6fcf0d5800d5b1ce09d98d98dcafSHA1: 50ade46f23bb38cd984b4ec560c46223432aac38SHA256: 5a15fdba22669e0fdd06e10dcce6320879e1f7398fbc910cd0677b50672a78c4Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:providedplexus-cipher-1.4.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name plexus-cipher High Vendor jar package name cipher Highest Vendor jar package name components Low Vendor jar package name plexus Highest Vendor jar package name plexus Low Vendor jar package name sonatype Highest Vendor jar package name sonatype Low Vendor pom artifactid plexus-cipher Highest Vendor pom artifactid plexus-cipher Low Vendor pom groupid org.sonatype.plexus Highest Vendor pom name Plexus Cipher: encryption/decryption Component High Vendor pom parent-artifactid spice-parent Low Vendor pom parent-groupid org.sonatype.spice Medium Vendor pom url http://spice.sonatype.org/ Highest Vendor pom url http://spice.sonatype.org/${project.artifactId} Highest Product file name plexus-cipher High Product jar package name cipher Highest Product jar package name cipher Low Product jar package name components Low Product jar package name plexus Highest Product jar package name plexus Low Product jar package name sonatype Highest Product pom artifactid plexus-cipher Highest Product pom groupid org.sonatype.plexus Highest Product pom name Plexus Cipher: encryption/decryption Component High Product pom parent-artifactid spice-parent Medium Product pom parent-groupid org.sonatype.spice Medium Product pom url http://spice.sonatype.org/ Medium Product pom url http://spice.sonatype.org/${project.artifactId} Medium Version file version 1.4 High Version pom parent-version 1.4 Low Version pom version 1.4 Highest
Description:
A class loader framework License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-classworlds/2.6.0/plexus-classworlds-2.6.0.jar
MD5: 67e722b27e3a33b33c1b263b99dd7c43
SHA1: 8587e80fcb38e70b70fae8d5914b6376bfad6259
SHA256: 52f77c5ec49f787c9c417ebed5d6efd9922f44a202f217376e4f94c0d74f3549
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
plexus-classworlds-2.6.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven/maven-plugin-api@3.8.1
Evidence Type Source Name Value Confidence Vendor file name plexus-classworlds High Vendor jar package name classworlds Highest Vendor jar package name codehaus Highest Vendor jar package name plexus Highest Vendor Manifest bundle-docurl http://codehaus-plexus.github.io/ Low Vendor Manifest bundle-symbolicname org.codehaus.plexus.classworlds Medium Vendor pom artifactid plexus-classworlds Highest Vendor pom artifactid plexus-classworlds Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Classworlds High Vendor pom parent-artifactid plexus Low Product file name plexus-classworlds High Product jar package name classworlds Highest Product jar package name codehaus Highest Product jar package name plexus Highest Product Manifest bundle-docurl http://codehaus-plexus.github.io/ Low Product Manifest Bundle-Name Plexus Classworlds Medium Product Manifest bundle-symbolicname org.codehaus.plexus.classworlds Medium Product pom artifactid plexus-classworlds Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Classworlds High Product pom parent-artifactid plexus Medium Version file version 2.6.0 High Version Manifest Bundle-Version 2.6.0 High Version pom parent-version 2.6.0 Low Version pom version 2.6.0 Highest
Description:
Plexus Component "Java 5" Annotations, to describe plexus components properties in java sources with
standard annotations instead of javadoc annotations.
File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-component-annotations/2.1.0/plexus-component-annotations-2.1.0.jarMD5: 141fd7a2ae613cb17d25ecd54b43eb3fSHA1: 2f2147a6cc6a119a1b51a96f31d45c557f6244b9SHA256: bde3617ce9b5bcf9584126046080043af6a4b3baea40a3b153f02e7bbc32acacReferenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compileplexus-component-annotations-2.1.0.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name plexus-component-annotations High Vendor jar package name annotations Highest Vendor jar package name codehaus Highest Vendor jar package name codehaus Low Vendor jar package name component Highest Vendor jar package name component Low Vendor jar package name plexus Highest Vendor jar package name plexus Low Vendor pom artifactid plexus-component-annotations Highest Vendor pom artifactid plexus-component-annotations Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus :: Component Annotations High Vendor pom parent-artifactid plexus-containers Low Product file name plexus-component-annotations High Product jar package name annotations Highest Product jar package name annotations Low Product jar package name codehaus Highest Product jar package name component Highest Product jar package name component Low Product jar package name plexus Highest Product jar package name plexus Low Product pom artifactid plexus-component-annotations Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus :: Component Annotations High Product pom parent-artifactid plexus-containers Medium Version file version 2.1.0 High Version pom version 2.1.0 Highest
File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-i18n/1.0-beta-10/plexus-i18n-1.0-beta-10.jarMD5: 7f36c0459c853750c627f682ec7bcf52SHA1: 27506f59e54cc80b8c28b977c2bcd0478094e0ccSHA256: b87f25b512ffafcafbf4a05ab943812e9c6915291370c6b46016eb3836886c41Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compileplexus-i18n-1.0-beta-10.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name plexus-i18n High Vendor jar package name codehaus Highest Vendor jar package name codehaus Low Vendor jar package name i18n Highest Vendor jar package name i18n Low Vendor jar package name plexus Highest Vendor jar package name plexus Low Vendor pom artifactid plexus-i18n Highest Vendor pom artifactid plexus-i18n Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus I18N Component High Vendor pom parent-artifactid plexus-components Low Product file name plexus-i18n High Product jar package name codehaus Highest Product jar package name i18n Highest Product jar package name i18n Low Product jar package name plexus Highest Product jar package name plexus Low Product pom artifactid plexus-i18n Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus I18N Component High Product pom parent-artifactid plexus-components Medium Version pom parent-version 1.0-beta-10 Low Version pom version 1.0-beta-10 Highest
Description:
The Plexus project provides a full software stack for creating and executing software projects. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-interpolation/1.27/plexus-interpolation-1.27.jar
MD5: c2edbe0dbc934692794aaeac6006055a
SHA1: 8dc73f4ff5eafcbb7ec035ba54736e828b272533
SHA256: 3fb4fb6143fdf964024c3cb738551524b9ea84e5c211cd660c559ad0703e5230
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
plexus-interpolation-1.27.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name plexus-interpolation High Vendor jar package name codehaus Highest Vendor jar package name interpolation Highest Vendor jar package name plexus Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://codehaus-plexus.github.io/ Low Vendor Manifest bundle-symbolicname org.codehaus.plexus.interpolation Medium Vendor pom artifactid plexus-interpolation Highest Vendor pom artifactid plexus-interpolation Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Interpolation API High Vendor pom parent-artifactid plexus Low Product file name plexus-interpolation High Product jar package name codehaus Highest Product jar package name interpolation Highest Product jar package name plexus Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://codehaus-plexus.github.io/ Low Product Manifest Bundle-Name Plexus Interpolation API Medium Product Manifest bundle-symbolicname org.codehaus.plexus.interpolation Medium Product pom artifactid plexus-interpolation Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Interpolation API High Product pom parent-artifactid plexus Medium Version file version 1.27 High Version pom parent-version 1.27 Low Version pom version 1.27 Highest
File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-io/3.4.2/plexus-io-3.4.2.jarMD5: 77515ce571e8169c13220c506ad177a4SHA1: 40deb3076e4597f1ef973dc794f3a510fa3a942dSHA256: 6ba7fb0db6bfa348c248df3f983ae31318e9c14f35a86a932af5ffd7450aa62aReferenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compileplexus-io-3.4.2.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name plexus-io High Vendor jar package name codehaus Highest Vendor jar package name components Highest Vendor jar package name io Highest Vendor jar package name plexus Highest Vendor Manifest build-jdk-spec 21 Low Vendor pom artifactid plexus-io Highest Vendor pom artifactid plexus-io Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus IO Components High Vendor pom parent-artifactid plexus Low Product file name plexus-io High Product jar package name codehaus Highest Product jar package name components Highest Product jar package name io Highest Product jar package name plexus Highest Product Manifest build-jdk-spec 21 Low Product pom artifactid plexus-io Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus IO Components High Product pom parent-artifactid plexus Medium Version file version 3.4.2 High Version pom parent-version 3.4.2 Low Version pom version 3.4.2 Highest
File Path: /home/runner/.m2/repository/org/sonatype/plexus/plexus-sec-dispatcher/1.4/plexus-sec-dispatcher-1.4.jarMD5: 0a46e5bc9bc2fbd3b68091066aff2737SHA1: 43fde524e9b94c883727a9fddb8669181b890ea7SHA256: da73e32b58132e64daf12269fd9d011c0b303f234840f179908725a632b6b57cReferenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:providedplexus-sec-dispatcher-1.4.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name plexus-sec-dispatcher High Vendor jar package name components Low Vendor jar package name plexus Highest Vendor jar package name plexus Low Vendor jar package name sec Highest Vendor jar package name sonatype Highest Vendor jar package name sonatype Low Vendor pom artifactid plexus-sec-dispatcher Highest Vendor pom artifactid plexus-sec-dispatcher Low Vendor pom groupid org.sonatype.plexus Highest Vendor pom name Plexus Security Dispatcher Component High Vendor pom parent-artifactid spice-parent Low Vendor pom parent-groupid org.sonatype.spice Medium Vendor pom url http://spice.sonatype.org/ Highest Vendor pom url http://spice.sonatype.org/${project.artifactId} Highest Product file name plexus-sec-dispatcher High Product jar package name components Low Product jar package name plexus Highest Product jar package name plexus Low Product jar package name sec Highest Product jar package name sec Low Product jar package name sonatype Highest Product pom artifactid plexus-sec-dispatcher Highest Product pom groupid org.sonatype.plexus Highest Product pom name Plexus Security Dispatcher Component High Product pom parent-artifactid spice-parent Medium Product pom parent-groupid org.sonatype.spice Medium Product pom url http://spice.sonatype.org/ Medium Product pom url http://spice.sonatype.org/${project.artifactId} Medium Version file version 1.4 High Version pom parent-version 1.4 Low Version pom version 1.4 Highest
Description:
A collection of various utility classes to ease working with strings, files, command lines and
more. File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-utils/4.0.1/plexus-utils-4.0.1.jarMD5: 0fa4c6aabfa676c4a1a1bf0c7473f684SHA1: 2162c639aa9b081ef2a0be9d41643513e284bf99SHA256: 96b9cc44439191d2d0635974e2d44e768736b4fb2abcb65f94cd95e41912fa8bReferenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compileplexus-utils-4.0.1.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name plexus-utils High Vendor jar package name codehaus Highest Vendor jar package name org Highest Vendor jar package name plexus Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest Implementation-Vendor Codehaus Plexus High Vendor Manifest multi-release true Low Vendor Manifest specification-vendor Codehaus Plexus Low Vendor pom artifactid plexus-utils Highest Vendor pom artifactid plexus-utils Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Common Utilities High Vendor pom parent-artifactid plexus Low Vendor pom url https://codehaus-plexus.github.io/plexus-utils/ Highest Product file name plexus-utils High Product jar package name codehaus Highest Product jar package name org Highest Product jar package name plexus Highest Product Manifest build-jdk-spec 21 Low Product Manifest Implementation-Title Plexus Common Utilities High Product Manifest multi-release true Low Product Manifest specification-title Plexus Common Utilities Medium Product pom artifactid plexus-utils Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Common Utilities High Product pom parent-artifactid plexus Medium Product pom url https://codehaus-plexus.github.io/plexus-utils/ Medium Version file version 4.0.1 High Version Manifest Implementation-Version 4.0.1 High Version pom parent-version 4.0.1 Low Version pom version 4.0.1 Highest
File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-velocity/2.2.0/plexus-velocity-2.2.0.jarMD5: fd4bb44db19036ab360720360f09dcccSHA1: 75a983b74a4c0adcd0751528ff397ae308ef6d0cSHA256: 3e7e902f492c973cf210ddb8267843a3b65e83f5067467e2f4d9af0051f6b8b9Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compileplexus-velocity-2.2.0.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name plexus-velocity High Vendor jar package name codehaus Highest Vendor jar package name plexus Highest Vendor jar package name velocity Highest Vendor Manifest build-jdk-spec 23 Low Vendor Manifest Implementation-Vendor Codehaus Plexus High Vendor Manifest specification-vendor Codehaus Plexus Low Vendor pom artifactid plexus-velocity Highest Vendor pom artifactid plexus-velocity Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Velocity Component High Vendor pom parent-artifactid plexus Low Product file name plexus-velocity High Product jar package name codehaus Highest Product jar package name plexus Highest Product jar package name velocity Highest Product Manifest build-jdk-spec 23 Low Product Manifest Implementation-Title Plexus Velocity Component High Product Manifest specification-title Plexus Velocity Component Medium Product pom artifactid plexus-velocity Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus Velocity Component High Product pom parent-artifactid plexus Medium Version file version 2.2.0 High Version Manifest Implementation-Version 2.2.0 High Version pom parent-version 2.2.0 Low Version pom version 2.2.0 Highest
Description:
A collection of various utility classes to ease working with XML in Maven 3. File Path: /home/runner/.m2/repository/org/codehaus/plexus/plexus-xml/3.0.1/plexus-xml-3.0.1.jarMD5: cd868918ebc742350840124ea4422ab0SHA1: b0e73c21402f03c2765674b8dede21673b3288cfSHA256: c1a510a87a62bd2d74ac1472dd31c3f9e9b0b8b8568f37d77c0f135415bebd05Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compileplexus-xml-3.0.1.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name plexus-xml High Vendor jar package name codehaus Highest Vendor jar package name plexus Highest Vendor jar package name xml Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest Implementation-Vendor Codehaus Plexus High Vendor Manifest specification-vendor Codehaus Plexus Low Vendor pom artifactid plexus-xml Highest Vendor pom artifactid plexus-xml Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus XML Utilities High Vendor pom parent-artifactid plexus Low Vendor pom url https://codehaus-plexus.github.io/plexus-xml/ Highest Product file name plexus-xml High Product jar package name codehaus Highest Product jar package name plexus Highest Product jar package name xml Highest Product Manifest build-jdk-spec 21 Low Product Manifest Implementation-Title Plexus XML Utilities High Product Manifest specification-title Plexus XML Utilities Medium Product pom artifactid plexus-xml Highest Product pom groupid org.codehaus.plexus Highest Product pom name Plexus XML Utilities High Product pom parent-artifactid plexus Medium Product pom url https://codehaus-plexus.github.io/plexus-xml/ Medium Version file version 3.0.1 High Version Manifest Implementation-Version 3.0.1 High Version pom parent-version 3.0.1 Low Version pom version 3.0.1 Highest
Description:
The slf4j API License:
https://opensource.org/license/mit File Path: /home/runner/.m2/repository/org/slf4j/slf4j-api/2.0.17/slf4j-api-2.0.17.jar
MD5: b6480d114a23683498ac3f746f959d2f
SHA1: d9e58ac9c7779ba3bf8142aff6c830617a7fe60f
SHA256: 7b751d952061954d5abfed7181c1f645d336091b679891591d63329c622eb832
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
slf4j-api-2.0.17.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.reallifedeveloper/rld-build-tools@2.0.29
Evidence Type Source Name Value Confidence Vendor file name slf4j-api High Vendor jar package name slf4j Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl http://www.slf4j.org Low Vendor Manifest bundle-symbolicname slf4j.api Medium Vendor Manifest multi-release true Low Vendor pom artifactid slf4j-api Highest Vendor pom artifactid slf4j-api Low Vendor pom groupid org.slf4j Highest Vendor pom name SLF4J API Module High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name slf4j-api High Product jar package name slf4j Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl http://www.slf4j.org Low Product Manifest Bundle-Name SLF4J API Module Medium Product Manifest bundle-symbolicname slf4j.api Medium Product Manifest Implementation-Title slf4j-api High Product Manifest multi-release true Low Product pom artifactid slf4j-api Highest Product pom groupid org.slf4j Highest Product pom name SLF4J API Module High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 2.0.17 High Version Manifest Bundle-Version 2.0.17 High Version Manifest Implementation-Version 2.0.17 High Version pom version 2.0.17 Highest
Description:
Port of Snappy to Java License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.html File Path: /home/runner/.m2/repository/org/iq80/snappy/snappy/0.4/snappy-0.4.jar
MD5: f0792d1dbe7f90d8b34c7c19961e0073
SHA1: a42b2d92a89efd35bb14738000dabcac6bd07a8d
SHA256: 46a0c87d504ce9d6063e1ff6e4d20738feb49d8abf85b5071a7d18df4f11bac9
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
snappy-0.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name snappy High Vendor jar package name iq80 Highest Vendor jar package name iq80 Low Vendor jar package name snappy Highest Vendor jar package name snappy Low Vendor pom artifactid snappy Highest Vendor pom artifactid snappy Low Vendor pom developer email dain@iq80.com Low Vendor pom developer email david@acz.org Low Vendor pom developer id dain Medium Vendor pom developer id electrum Medium Vendor pom developer name Dain Sundstrom Medium Vendor pom developer name David Phillips Medium Vendor pom groupid org.iq80.snappy Highest Vendor pom name snappy High Vendor pom url http://github.com/dain/snappy Highest Product file name snappy High Product jar package name iq80 Highest Product jar package name snappy Highest Product jar package name snappy Low Product pom artifactid snappy Highest Product pom developer email dain@iq80.com Low Product pom developer email david@acz.org Low Product pom developer id dain Low Product pom developer id electrum Low Product pom developer name Dain Sundstrom Low Product pom developer name David Phillips Low Product pom groupid org.iq80.snappy Highest Product pom name snappy High Product pom url http://github.com/dain/snappy Medium Version file version 0.4 High Version pom version 0.4 Highest
CVE-2024-36124 suppress
iq80 Snappy is a compression/decompression library. When uncompressing certain data, Snappy tries to read outside the bounds of the given byte arrays. Because Snappy uses the JDK class `sun.misc.Unsafe` to speed up memory access, no additional bounds checks are performed and this has similar security consequences as out-of-bounds access in C or C++, namely it can lead to non-deterministic behavior or crash the JVM. iq80 Snappy is not actively maintained anymore. As quick fix users can upgrade to version 0.5.
CWE-125 Out-of-bounds Read
CVSSv3:
Base Score: MEDIUM (5.3) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:3.9/RC:R/MAV:A References:
Vulnerable Software & Versions:
Description:
Annotations the SpotBugs tool supports License:
GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html File Path: /home/runner/.m2/repository/com/github/spotbugs/spotbugs-annotations/4.9.3/spotbugs-annotations-4.9.3.jar
MD5: 6149845e438bd5a34ebaf81f8bc9e243
SHA1: 4d362bffcfdfd734999e94d7d98fde678aae71cf
SHA256: 13532bfe2f45fcd491432221df72d9cd0efb8f987c9245e12befa192c8925ce3
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:provided
spotbugs-annotations-4.9.3.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.reallifedeveloper/jdepend-maven-plugin@1.0.1
Evidence Type Source Name Value Confidence Vendor file name spotbugs-annotations High Vendor Manifest automatic-module-name com.github.spotbugs.annotations Medium Vendor Manifest bundle-requiredexecutionenvironment JavaSE-11 Low Vendor Manifest bundle-symbolicname spotbugs-annotations Medium Vendor pom artifactid spotbugs-annotations Highest Vendor pom artifactid spotbugs-annotations Low Vendor pom developer email andreas.sewe@codetrails.com Low Vendor pom developer email dbrosius@mebigfatguy.com Low Vendor pom developer email loskutov@gmx.de Low Vendor pom developer email skypencil@gmail.com Low Vendor pom developer id henrik242 Medium Vendor pom developer id iloveeclipse Medium Vendor pom developer id jsotuyod Medium Vendor pom developer id KengoTODA Medium Vendor pom developer id mebigfatguy Medium Vendor pom developer id sewe Medium Vendor pom developer id ThrawnCA Medium Vendor pom developer name Andreas Sewe Medium Vendor pom developer name Andrey Loskutov Medium Vendor pom developer name Dave Brosius Medium Vendor pom developer name Juan Martín Sotuyo Dodero Medium Vendor pom developer name Kengo TODA Medium Vendor pom groupid com.github.spotbugs Highest Vendor pom name SpotBugs Annotations High Vendor pom url https://spotbugs.github.io/ Highest Product file name spotbugs-annotations High Product Manifest automatic-module-name com.github.spotbugs.annotations Medium Product Manifest Bundle-Name spotbugs-annotations Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-11 Low Product Manifest bundle-symbolicname spotbugs-annotations Medium Product pom artifactid spotbugs-annotations Highest Product pom developer email andreas.sewe@codetrails.com Low Product pom developer email dbrosius@mebigfatguy.com Low Product pom developer email loskutov@gmx.de Low Product pom developer email skypencil@gmail.com Low Product pom developer id henrik242 Low Product pom developer id iloveeclipse Low Product pom developer id jsotuyod Low Product pom developer id KengoTODA Low Product pom developer id mebigfatguy Low Product pom developer id sewe Low Product pom developer id ThrawnCA Low Product pom developer name Andreas Sewe Low Product pom developer name Andrey Loskutov Low Product pom developer name Dave Brosius Low Product pom developer name Juan Martín Sotuyo Dodero Low Product pom developer name Kengo TODA Low Product pom groupid com.github.spotbugs Highest Product pom name SpotBugs Annotations High Product pom url https://spotbugs.github.io/ Medium Version file version 4.9.3 High Version Manifest Bundle-Version 4.9.3 High Version pom version 4.9.3 Highest
Description:
TXW is a library that allows you to write XML documents.
File Path: /home/runner/.m2/repository/org/glassfish/jaxb/txw2/4.0.5/txw2-4.0.5.jarMD5: 2f5aa7dbd5e326562cff6ce720a1485aSHA1: f36a4ef12120a9bb06d766d6a0e54b144fd7ed98SHA256: 917355bc451481f30d043b24d123110517966af34383901773882810dca480e5Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compiletxw2-4.0.5.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name txw2 High Vendor jar package name sun Highest Vendor jar package name txw Highest Vendor jar package name txw2 Highest Vendor jar package name xml Highest Vendor jar (hint) package name oracle Highest Vendor Manifest git-revision cb19596 Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id org.eclipse Medium Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid txw2 Highest Vendor pom artifactid txw2 Low Vendor pom groupid org.glassfish.jaxb Highest Vendor pom name TXW2 Runtime High Vendor pom parent-artifactid jaxb-txw-parent Low Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor pom url https://eclipse-ee4j.github.io/jaxb-ri/ Highest Product file name txw2 High Product jar package name sun Highest Product jar package name txw Highest Product jar package name txw2 Highest Product jar package name xml Highest Product Manifest git-revision cb19596 Low Product Manifest Implementation-Title Eclipse Implementation of JAXB High Product Manifest specification-title Jakarta XML Binding Medium Product pom artifactid txw2 Highest Product pom groupid org.glassfish.jaxb Highest Product pom name TXW2 Runtime High Product pom parent-artifactid jaxb-txw-parent Medium Product pom parent-groupid com.sun.xml.bind.mvn Medium Product pom url https://eclipse-ee4j.github.io/jaxb-ri/ Medium Version file version 4.0.5 High Version Manifest build-version 4.0.5 Medium Version pom version 4.0.5 Highest
Description:
Apache Velocity is a general purpose template engine. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/velocity/velocity-engine-core/2.4/velocity-engine-core-2.4.jar
MD5: 8dc3c7a26823ee88253f7aa9250c094e
SHA1: 55dfc20bbc4968cf70c5ae5165b5b0324e0067d9
SHA256: 1bf78c2ade46f209bf93ebe72ed2af5b989ca7a1de0a015fc1b92a62f56b6549
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compile
velocity-engine-core-2.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name velocity-engine-core High Vendor jar package name apache Highest Vendor jar package name velocity Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.apache.org/ Low Vendor Manifest bundle-symbolicname org.apache.velocity.engine-core Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid velocity-engine-core Highest Vendor pom artifactid velocity-engine-core Low Vendor pom groupid org.apache.velocity Highest Vendor pom name Apache Velocity - Engine High Vendor pom parent-artifactid velocity-engine-parent Low Product file name velocity-engine-core High Product jar package name apache Highest Product jar package name template Highest Product jar package name velocity Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.apache.org/ Low Product Manifest Bundle-Name Apache Velocity - Engine Medium Product Manifest bundle-symbolicname org.apache.velocity.engine-core Medium Product Manifest Implementation-Title Apache Velocity - Engine High Product Manifest specification-title Apache Velocity - Engine Medium Product pom artifactid velocity-engine-core Highest Product pom groupid org.apache.velocity Highest Product pom name Apache Velocity - Engine High Product pom parent-artifactid velocity-engine-parent Medium Version file version 2.4 High Version Manifest Implementation-Version 2.4 High Version pom version 2.4 Highest
Description:
Generic tools that can be used in any context. File Path: /home/runner/.m2/repository/org/apache/velocity/tools/velocity-tools-generic/3.1/velocity-tools-generic-3.1.jarMD5: 76f13879ead8693fd4d5751a8a236089SHA1: 07aaa49086a64cd9dab967a8437cc03abbfad655SHA256: 8258cfdcaa16127f35ffe610a3fa4f76b7ebe51b88922c73c4ee39ce8f378ce5Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:compilevelocity-tools-generic-3.1.jar is in the transitive dependency tree of the listed items. Included by:
Evidence Type Source Name Value Confidence Vendor file name velocity-tools-generic High Vendor jar package name apache Highest Vendor jar package name generic Highest Vendor jar package name tools Highest Vendor jar package name velocity Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid velocity-tools-generic Highest Vendor pom artifactid velocity-tools-generic Low Vendor pom groupid org.apache.velocity.tools Highest Vendor pom name Apache Velocity Tools - Generic tools High Vendor pom parent-artifactid velocity-tools-parent Low Product file name velocity-tools-generic High Product jar package name apache Highest Product jar package name generic Highest Product jar package name tools Highest Product jar package name velocity Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Apache Velocity Tools - Generic tools High Product Manifest specification-title Apache Velocity Tools - Generic tools Medium Product pom artifactid velocity-tools-generic Highest Product pom groupid org.apache.velocity.tools Highest Product pom name Apache Velocity Tools - Generic tools High Product pom parent-artifactid velocity-tools-parent Medium Version file version 3.1 High Version Manifest Implementation-Version 3.1 High Version pom version 3.1 Highest
Description:
XZ data compression License:
Public Domain File Path: /home/runner/.m2/repository/org/tukaani/xz/1.9/xz-1.9.jar
MD5: 57c2fbfeb55e307ccae52e5322082e02
SHA1: 1ea4bec1a921180164852c65006d928617bd2caf
SHA256: 211b306cfc44f8f96df3a0a3ddaf75ba8c5289eed77d60d72f889bb855f535e5
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:runtime
xz-1.9.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name xz High Vendor jar package name tukaani Highest Vendor jar package name xz Highest Vendor Manifest bundle-docurl https://tukaani.org/xz/java.html Low Vendor Manifest bundle-symbolicname org.tukaani.xz Medium Vendor Manifest implementation-url https://tukaani.org/xz/java.html Low Vendor Manifest multi-release true Low Vendor pom artifactid xz Highest Vendor pom artifactid xz Low Vendor pom developer email lasse.collin@tukaani.org Low Vendor pom developer name Lasse Collin Medium Vendor pom groupid org.tukaani Highest Vendor pom name XZ for Java High Vendor pom url https://tukaani.org/xz/java.html Highest Product file name xz High Product jar package name tukaani Highest Product jar package name xz Highest Product Manifest bundle-docurl https://tukaani.org/xz/java.html Low Product Manifest Bundle-Name XZ data compression Medium Product Manifest bundle-symbolicname org.tukaani.xz Medium Product Manifest Implementation-Title XZ data compression High Product Manifest implementation-url https://tukaani.org/xz/java.html Low Product Manifest multi-release true Low Product pom artifactid xz Highest Product pom developer email lasse.collin@tukaani.org Low Product pom developer name Lasse Collin Low Product pom groupid org.tukaani Highest Product pom name XZ for Java High Product pom url https://tukaani.org/xz/java.html Medium Version file version 1.9 High Version Manifest Bundle-Version 1.9 High Version Manifest Implementation-Version 1.9 High Version pom version 1.9 Highest
Description:
JNI bindings for Zstd native library that provides fast and high compression lossless algorithm for Java and all JVM languages. License:
BSD 2-Clause License: https://opensource.org/licenses/BSD-2-Clause File Path: /home/runner/.m2/repository/com/github/luben/zstd-jni/1.5.5-11/zstd-jni-1.5.5-11.jar
MD5: 00977099d76d2c01a7b19263375ee42e
SHA1: ca6ab366315e179dd80645aad4a60bab959c6523
SHA256: d75b2ced6059f81ad23e021c554259b906b6c4f2991cb772409827569ead4c1a
Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:runtime
zstd-jni-1.5.5-11.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.apache.maven.reporting/maven-reporting-impl@4.0.0
Evidence Type Source Name Value Confidence Vendor file name zstd-jni High Vendor jar package name github Highest Vendor jar package name luben Highest Vendor jar package name zstd Highest Vendor Manifest automatic-module-name com.github.luben.zstd_jni Medium Vendor Manifest bundle-nativecode darwin/x86_64/libzstd-jni-1.5.5-11.dylib;osname=MacOS;osname=MacOSX;processor=x86_64,darwin/aarch64/libzstd-jni-1.5.5-11.dylib;osname=MacOS;osname=MacOSX;processor=aarch64,freebsd/amd64/libzstd-jni-1.5.5-11.so;osname=FreeBSD;processor=amd64,freebsd/i386/libzstd-jni-1.5.5-11.so;osname=FreeBSD;processor=i386,linux/aarch64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=aarch64,linux/amd64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=amd64,linux/arm/libzstd-jni-1.5.5-11.so;osname=Linux;processor=arm,linux/i386/libzstd-jni-1.5.5-11.so;osname=Linux;processor=i386,linux/mips64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=mips64,linux/loongarch64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=loongarch64,linux/ppc64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=ppc64,linux/ppc64le/libzstd-jni-1.5.5-11.so;osname=Linux;processor=ppc64le,linux/riscv64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=riscv64,linux/s390x/libzstd-jni-1.5.5-11.so;osname=Linux;processor=s390x,win/amd64/libzstd-jni-1.5.5-11.dll;osname=Win32;processor=amd64,win/aarch64/libzstd-jni-1.5.5-11.dll;osname=Win32;processor=aarch64,win/x86/libzstd-jni-1.5.5-11.dll;osname=Win32;processor=x86 Low Vendor Manifest bundle-symbolicname com.github.luben.zstd-jni Medium Vendor Manifest Implementation-Vendor com.github.luben High Vendor Manifest Implementation-Vendor-Id com.github.luben Medium Vendor Manifest specification-vendor com.github.luben Low Vendor pom artifactid zstd-jni Highest Vendor pom artifactid zstd-jni Low Vendor pom developer email karavelov@gmail.com Low Vendor pom developer id karavelov Medium Vendor pom developer name Luben Karavelov Medium Vendor pom developer org com.github.luben Medium Vendor pom developer org URL https://github.com/luben Medium Vendor pom groupid com.github.luben Highest Vendor pom name zstd-jni High Vendor pom organization name com.github.luben High Vendor pom url luben/zstd-jni Highest Product file name zstd-jni High Product jar package name github Highest Product jar package name luben Highest Product jar package name zstd Highest Product Manifest automatic-module-name com.github.luben.zstd_jni Medium Product Manifest Bundle-Name zstd-jni Medium Product Manifest bundle-nativecode darwin/x86_64/libzstd-jni-1.5.5-11.dylib;osname=MacOS;osname=MacOSX;processor=x86_64,darwin/aarch64/libzstd-jni-1.5.5-11.dylib;osname=MacOS;osname=MacOSX;processor=aarch64,freebsd/amd64/libzstd-jni-1.5.5-11.so;osname=FreeBSD;processor=amd64,freebsd/i386/libzstd-jni-1.5.5-11.so;osname=FreeBSD;processor=i386,linux/aarch64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=aarch64,linux/amd64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=amd64,linux/arm/libzstd-jni-1.5.5-11.so;osname=Linux;processor=arm,linux/i386/libzstd-jni-1.5.5-11.so;osname=Linux;processor=i386,linux/mips64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=mips64,linux/loongarch64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=loongarch64,linux/ppc64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=ppc64,linux/ppc64le/libzstd-jni-1.5.5-11.so;osname=Linux;processor=ppc64le,linux/riscv64/libzstd-jni-1.5.5-11.so;osname=Linux;processor=riscv64,linux/s390x/libzstd-jni-1.5.5-11.so;osname=Linux;processor=s390x,win/amd64/libzstd-jni-1.5.5-11.dll;osname=Win32;processor=amd64,win/aarch64/libzstd-jni-1.5.5-11.dll;osname=Win32;processor=aarch64,win/x86/libzstd-jni-1.5.5-11.dll;osname=Win32;processor=x86 Low Product Manifest bundle-symbolicname com.github.luben.zstd-jni Medium Product Manifest Implementation-Title zstd-jni High Product Manifest specification-title zstd-jni Medium Product pom artifactid zstd-jni Highest Product pom developer email karavelov@gmail.com Low Product pom developer id karavelov Low Product pom developer name Luben Karavelov Low Product pom developer org com.github.luben Low Product pom developer org URL https://github.com/luben Low Product pom groupid com.github.luben Highest Product pom name zstd-jni High Product pom organization name com.github.luben Low Product pom url luben/zstd-jni High Version Manifest Implementation-Version 1.5.5-11 High Version pom version 1.5.5-11 Highest
File Path: /home/runner/.m2/repository/com/github/luben/zstd-jni/1.5.5-11/zstd-jni-1.5.5-11.jar/win/aarch64/libzstd-jni-1.5.5-11.dllMD5: 3c42e914725869f2ad90eb3ddb418524SHA1: fdd7d968eb3a348f6bf562b298b3a165e0e73e4eSHA256: c368030edfc9f9caf92b89b832e65c84d29757a35df4641decd907e4f0229a59Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:runtime
Evidence Type Source Name Value Confidence Vendor file name libzstd-jni High Product file name libzstd-jni High Version file name libzstd-jni Medium Version file version 1.5.5.11 High
File Path: /home/runner/.m2/repository/com/github/luben/zstd-jni/1.5.5-11/zstd-jni-1.5.5-11.jar/win/amd64/libzstd-jni-1.5.5-11.dllMD5: 1521a503cd2ed6d7547e6c7e6abb229cSHA1: 9330785beba7881cc72c7f68cc87537a9a11cfc9SHA256: 8f753fa694b1c60651e79cedd916268e6c4034e921a61633a8f2ad934817edd2Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:runtime
Evidence Type Source Name Value Confidence Vendor file name libzstd-jni High Product file name libzstd-jni High Version file name libzstd-jni Medium Version file version 1.5.5.11 High
File Path: /home/runner/.m2/repository/com/github/luben/zstd-jni/1.5.5-11/zstd-jni-1.5.5-11.jar/win/x86/libzstd-jni-1.5.5-11.dllMD5: f73208a58a031c84e5dee99a15f865ffSHA1: 8e91341f71ee4a73e1c94b80ae1c846a663e0d61SHA256: 8173736b15a732f2be19137fe0ff2336d416c8c60b914e9600f3a5012584f9d1Referenced In Project/Scope: RealLifeDeveloper JDepend Maven Plugin:runtime
Evidence Type Source Name Value Confidence Vendor file name libzstd-jni High Product file name libzstd-jni High Version file name libzstd-jni Medium Version file version 1.5.5.11 High