Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
The RabbitMQ Java client library allows Java applications to interface with RabbitMQ.
License:
AL 2.0: https://www.apache.org/licenses/LICENSE-2.0.html
GPL v2: https://www.gnu.org/licenses/gpl-2.0.txt
MPL 2.0: https://www.mozilla.org/en-US/MPL/2.0/
File Path: /home/runner/.m2/repository/com/rabbitmq/amqp-client/5.26.0/amqp-client-5.26.0.jar MD5: dc4cfb959236b1b23226d381a6040d36 SHA1: e2bb667eb2878704f1bd82d069f38530727e45a2 SHA256:2e201b3f7fd26883c2845278aba1ecaaaf97be15d23d4cabf8e7e0b9a611b62e Referenced In Project/Scope: RealLifeDeveloper Common:compile amqp-client-5.26.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
File Path: /home/runner/.m2/repository/org/antlr/antlr4-runtime/4.13.2/antlr4-runtime-4.13.2.jar MD5: eecf1908f0cfff10f8bb82878b5ca401 SHA1: fc3db6d844df652a3d5db31c87fa12757f13691d SHA256:dd3e8a13a2d669bf84fb8d834de35ce4875f27157698d206241ec8488aadcaf7 Referenced In Project/Scope: RealLifeDeveloper Common:compile antlr4-runtime-4.13.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.data/spring-data-jpa@3.5.4
checker-qual contains annotations (type qualifiers) that a programmerwrites to specify Java code for type-checking by the Checker Framework.
License:
The MIT License: http://opensource.org/licenses/MIT
File Path: /home/runner/.m2/repository/org/checkerframework/checker-qual/3.51.0/checker-qual-3.51.0.jar MD5: b81aa2c190b3172c1f805e51f516e6a6 SHA1: 535289ef12f45b4c3da9a9003844ee7c17cbb4fc SHA256:8e91676dc916804bd12f7909e7f5dc07646cc98220147a8b5fea7ff42bd6ff4a Referenced In Project/Scope: RealLifeDeveloper Common:provided checker-qual-3.51.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
File Path: /home/runner/.m2/repository/com/google/errorprone/error_prone_annotations/2.41.0/error_prone_annotations-2.41.0.jar MD5: 75e3b25da8b8a2136463c4674f5e49bf SHA1: 4381275efdef6ddfae38f002c31e84cd001c97f0 SHA256:a56e782b5b50811ac204073a355a21d915a2107fce13ec711331ad036f660fcc Referenced In Project/Scope: RealLifeDeveloper Common:compile error_prone_annotations-2.41.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.google.code.gson/gson@2.13.2
File Path: /home/runner/.m2/repository/com/google/code/gson/gson/2.13.2/gson-2.13.2.jar MD5: a2c47e14ce5e956105458fe455f5d542 SHA1: 48b8230771e573b54ce6e867a9001e75977fe78e SHA256:dd0ce1b55a3ed2080cb70f9c655850cda86c206862310009dcb5e5c95265a5e0 Referenced In Project/Scope: RealLifeDeveloper Common:compile gson-2.13.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
Core annotations used for value types, used by Jackson data binding package.
License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-annotations/2.20/jackson-annotations-2.20.jar MD5: b901def3c20752817f27130e4b8d6640 SHA1: 6a5e7291ea3f2b590a7ce400adb7b3aea4d7e12c SHA256:959a2ffb2d591436f51f183c6a521fc89347912f711bf0cae008cdf045d95319 Referenced In Project/Scope: RealLifeDeveloper Common:compile jackson-annotations-2.20.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.fasterxml.jackson.jakarta.rs/jackson-jakarta-rs-json-provider@2.20.0
Core Jackson processing abstractions (aka Streaming API), implementation for JSON
License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.20.0/jackson-core-2.20.0.jar MD5: 3536b524a7106dae1b4feb71e6f5ff74 SHA1: 3c97f7fad069f7cfae639d790bd93d6a0b2dff31 SHA256:bc0cf46075877201f8406ee7de2741ae7df6c066f5f0457bd80632a718c06e72 Referenced In Project/Scope: RealLifeDeveloper Common:compile jackson-core-2.20.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.fasterxml.jackson.jakarta.rs/jackson-jakarta-rs-json-provider@2.20.0
General data-binding functionality for Jackson: works on core streaming API
License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.20.0/jackson-databind-2.20.0.jar MD5: 7e33b9e657f74f0f95fe2c881e2f8f76 SHA1: f0a5e62fbd21285e9a5498a60dccb097e1ef793b SHA256:a70e146a6bf2cba4f9cd367169787f50adcfbb57122bc2e9c8390cd0b397ac30 Referenced In Project/Scope: RealLifeDeveloper Common:compile jackson-databind-2.20.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.fasterxml.jackson.jakarta.rs/jackson-jakarta-rs-json-provider@2.20.0
Pile of code that is shared by all Jackson-based Jakarta-RS
providers.
License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/fasterxml/jackson/jakarta/rs/jackson-jakarta-rs-base/2.20.0/jackson-jakarta-rs-base-2.20.0.jar MD5: a2f983c0072ed34eb510df58c817157f SHA1: 795df8231c1397b3a6f2afc1c4c1ffe0969feae5 SHA256:60e645162189abd2b932b9c341acf41358338a65fb4511875fb91f3a175c1ce1 Referenced In Project/Scope: RealLifeDeveloper Common:compile jackson-jakarta-rs-base-2.20.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.fasterxml.jackson.jakarta.rs/jackson-jakarta-rs-json-provider@2.20.0
Functionality to handle JSON input/output for Jakarta-RS implementations
(like Jersey and RESTeasy) using standard Jackson data binding.
License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/fasterxml/jackson/jakarta/rs/jackson-jakarta-rs-json-provider/2.20.0/jackson-jakarta-rs-json-provider-2.20.0.jar MD5: 659f360d2efbd2cd5cf8b1460071a075 SHA1: 69aae0e5cbde3ff0d8de936236e4a65813f55a7b SHA256:08bb58d39195737917637aea6df02ed09d3175f2fd0c1fe7ad34d1ab9775f438 Referenced In Project/Scope: RealLifeDeveloper Common:compile jackson-jakarta-rs-json-provider-2.20.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
Support for using Jakarta XML Bind (aka JAXB 3.0) annotations as an alternative
to "native" Jackson annotations, for configuring data-binding.
License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/fasterxml/jackson/module/jackson-module-jakarta-xmlbind-annotations/2.20.0/jackson-module-jakarta-xmlbind-annotations-2.20.0.jar MD5: e54f4ad2d6db571945386deeb44c14c7 SHA1: ebb6e8e61dc8fabbceafedb6770d52a43440b8b4 SHA256:27904cd0d790259286816a4caa613eaac54f21eb0b227a38df0a3230737d8cb3 Referenced In Project/Scope: RealLifeDeveloper Common:compile jackson-module-jakarta-xmlbind-annotations-2.20.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.fasterxml.jackson.jakarta.rs/jackson-jakarta-rs-json-provider@2.20.0
File Path: /home/runner/.m2/repository/jakarta/activation/jakarta.activation-api/2.1.3/jakarta.activation-api-2.1.3.jar MD5: 76e7b680375ea9f40f3ddbd702efcd25 SHA1: fa165bd70cda600368eee31555222776a46b881f SHA256:01b176d718a169263e78290691fc479977186bcc6b333487325084d6586f4627 Referenced In Project/Scope: RealLifeDeveloper Common:compile jakarta.activation-api-2.1.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.fasterxml.jackson.jakarta.rs/jackson-jakarta-rs-json-provider@2.20.0
File Path: /home/runner/.m2/repository/jakarta/annotation/jakarta.annotation-api/3.0.0/jakarta.annotation-api-3.0.0.jar MD5: 7faffaab962918da4cf5ddfd76609dd2 SHA1: 54f928fadec906a99d558536756d171917b9d936 SHA256:b01f55552284cfb149411e64eabca75e942d26d2e1786b32914250e4330afaa2 Referenced In Project/Scope: RealLifeDeveloper Common:compile jakarta.annotation-api-3.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.data/spring-data-jpa@3.5.4
Eclipse Public License v. 2.0: http://www.eclipse.org/legal/epl-2.0
Eclipse Distribution License v. 1.0: http://www.eclipse.org/org/documents/edl-v10.php
File Path: /home/runner/.m2/repository/jakarta/persistence/jakarta.persistence-api/3.2.0/jakarta.persistence-api-3.2.0.jar MD5: 79acec18d202797dcba1fff596a47684 SHA1: bb75a113f3fa191c2c7ee7b206d8e674251b3129 SHA256:be8a26b0e75c84c1b7600f759256fbc68d60333d89ec0ce3f784fc3ffa09aa8c Referenced In Project/Scope: RealLifeDeveloper Common:compile jakarta.persistence-api-3.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
File Path: /home/runner/.m2/repository/jakarta/servlet/jakarta.servlet-api/6.1.0/jakarta.servlet-api-6.1.0.jar MD5: 314c930b3e40ac1abc3529c7c9942f09 SHA1: 1169a246913fe3823782af7943e7a103634867c5 SHA256:8a31f465f3593bf2351531a5c952014eb839da96a605b5825b93dd54714c48c4 Referenced In Project/Scope: RealLifeDeveloper Common:provided jakarta.servlet-api-6.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
File Path: /home/runner/.m2/repository/jakarta/ws/rs/jakarta.ws.rs-api/4.0.0/jakarta.ws.rs-api-4.0.0.jar MD5: 9b7cc90c000f193157d60d95caf45972 SHA1: c27a67f84ca491efcb3fa68f4df926e8a110069e SHA256:6368b126cbcf34e694bb9ba5b9fe3e5040b7acea7ce622e636d698bb085fd2a6 Referenced In Project/Scope: RealLifeDeveloper Common:provided jakarta.ws.rs-api-4.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
File Path: /home/runner/.m2/repository/jakarta/xml/bind/jakarta.xml.bind-api/4.0.2/jakarta.xml.bind-api-4.0.2.jar MD5: 0c8f9991081def819435c3ff36e4d93f SHA1: 6cd5a999b834b63238005b7144136379dc36cad2 SHA256:0d6bcfe47763e85047acf7c398336dc84ff85ebcad0a7cb6f3b9d3e981245406 Referenced In Project/Scope: RealLifeDeveloper Common:compile jakarta.xml.bind-api-4.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.hibernate.orm/hibernate-core@7.1.1.Final
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar MD5: dd83accb899363c32b07d7a1b2e4ce40 SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7 Referenced In Project/Scope: RealLifeDeveloper Common:provided jsr305-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.4
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/kafka/kafka-clients/3.8.1/kafka-clients-3.8.1.jar MD5: 439e11bddafaa80e634a55409d719552 SHA1: fd79e3aa252c6d818334e9c0bac8166b426e498c SHA256:d6d8c4ad7ab00c6adb03ad9ad7188af32fa7c5de62ca1d8625e086512987a584 Referenced In Project/Scope: RealLifeDeveloper Common:compile kafka-clients-3.8.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.kafka/spring-kafka@3.3.9
A possible security vulnerability has been identified in Apache Kafka.
This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config
and a SASL-based security protocol, which has been possible on Kafka clusters since Apache Kafka 2.0.0 (Kafka Connect 2.3.0).
When configuring the broker via config file or AlterConfig command, or connector via the Kafka Kafka Connect REST API, an authenticated operator can set the `sasl.jaas.config`
property for any of the connector's Kafka clients to "com.sun.security.auth.module.LdapLoginModule", which can be done via the
`producer.override.sasl.jaas.config`, `consumer.override.sasl.jaas.config`, or `admin.override.sasl.jaas.config` properties.
This will allow the server to connect to the attacker's LDAP server
and deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server.
Attacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath.
Since Apache Kafka 3.0.0, users are allowed to specify these properties in connector configurations for Kafka Connect clusters running with out-of-the-box
configurations. Before Apache Kafka 3.0.0, users may not specify these properties unless the Kafka Connect cluster has been reconfigured with a connector
client override policy that permits them.
Since Apache Kafka 3.9.1/4.0.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage
in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule" are disabled in Apache Kafka Connect 3.9.1/4.0.0.
We advise the Kafka users to validate connector configurations and only allow trusted LDAP configurations. Also examine connector dependencies for
vulnerable versions and either upgrade their connectors, upgrading that specific dependency, or removing the connectors as options for remediation. Finally,
in addition to leveraging the "org.apache.kafka.disallowed.login.modules" system property, Kafka Connect users can also implement their own connector
client config override policy, which can be used to control which Kafka client properties can be overridden directly in a connector config and which cannot.
A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url". Apache Kafka allows clients to read an arbitrary file and return the content in the error log, or sending requests to an unintended location. In applications where Apache Kafka Clients configurations can be specified by an untrusted party, attackers may use the "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url" configuratin to read arbitrary contents of the disk and environment variables or make requests to an unintended location. In particular, this flaw may be used in Apache Kafka Connect to escalate from REST API access to filesystem/environment/URL access, which may be undesirable in certain environments, including SaaS products.
Since Apache Kafka 3.9.1/4.0.0, we have added a system property ("-Dorg.apache.kafka.sasl.oauthbearer.allowed.urls") to set the allowed urls in SASL JAAS configuration. In 3.9.1, it accepts all urls by default for backward compatibility. However in 4.0.0 and newer, the default value is empty list and users have to set the allowed urls explicitly.
A versatile, industrial-grade, and reference implementation of the Log4j API.
It bundles a rich set of components to assist various use cases:
Appenders targeting files, network sockets, databases, SMTP servers;
Layouts that can render CSV, HTML, JSON, Syslog, etc. formatted outputs;
Filters that can be configured using log event rates, regular expressions, scripts, time, etc.
It contains several extension points to introduce custom components, if needed.
File Path: /home/runner/.m2/repository/org/apache/logging/log4j/log4j-core/2.25.1/log4j-core-2.25.1.jar MD5: ec95ac453934a56229ace160e28aa791 SHA1: 32b3a228d5a30a4528b6c7354fe6cff9524d89e7 SHA256:78c232747855464b182f0abf78a99a22c88d4d270ff585343dab55576d7420e2 Referenced In Project/Scope: RealLifeDeveloper Common:compile log4j-core-2.25.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
File Path: /home/runner/.m2/repository/ch/qos/logback/logback-core/1.5.18/logback-core-1.5.18.jar MD5: 10bcea83842beead15f072799b9c923d SHA1: 6c0375624f6f36b4e089e2488ba21334a11ef13f SHA256:85139e7b57b464f8e5e36326dd81317648bed199ccc4f98cd42585f8d7571027 Referenced In Project/Scope: RealLifeDeveloper Common:compile logback-core-1.5.18.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!
License:
The MIT License: https://projectlombok.org/LICENSE
File Path: /home/runner/.m2/repository/org/projectlombok/lombok/1.18.40/lombok-1.18.40.jar MD5: 2d434bde0d5697e593f19d965c611250 SHA1: 398c6d2d7c42c96b65e78d2ddc9be0058c163453 SHA256:b764c3a1b0c86748c9e2e80d64e03d45402ce3edeb631fa81e30a56bffa6daf3 Referenced In Project/Scope: RealLifeDeveloper Common:provided lombok-1.18.40.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
Java ports and bindings of the LZ4 compression algorithm and the xxHash hashing algorithm
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/lz4/lz4-java/1.8.0/lz4-java-1.8.0.jar MD5: 936a927700aa8fc3b75d21d7571171f6 SHA1: 4b986a99445e49ea5fbf5d149c4b63f6ed6c6780 SHA256:d74a3334fb35195009b338a951f918203d6bbca3d1d359033dc33edd1cadc9ef Referenced In Project/Scope: RealLifeDeveloper Common:runtime lz4-java-1.8.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.kafka/spring-kafka@3.3.9
File Path: /home/runner/.m2/repository/org/commonjava/googlecode/markdown4j/markdown4j/2.2-cj-1.1/markdown4j-2.2-cj-1.1.jar MD5: ab033e59e040e34bb79bb2220b0b7207 SHA1: 9e920737c365f0a7985d2050bb99a7edd36b6e19 SHA256:28eb991f702c6d85d6cafd68c24d1ce841d1f5c995c943f25aedb433c0c13f60 Referenced In Project/Scope: RealLifeDeveloper Common:compile markdown4j-2.2-cj-1.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/io/micrometer/micrometer-commons/1.15.4/micrometer-commons-1.15.4.jar MD5: dce057f497778156adf8d890d4f6ee35 SHA1: f73f10deeee5700b15c2f0f41ae79e2689b39613 SHA256:d9971273957d7cd695887cbc680772b75844bfcf3fa7017189171683798b9181 Referenced In Project/Scope: RealLifeDeveloper Common:compile micrometer-commons-1.15.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework/spring-context@6.2.11
File Path: /home/runner/.m2/repository/org/osgi/org.osgi.annotation.versioning/1.1.2/org.osgi.annotation.versioning-1.1.2.jar MD5: a61b3b8d09c85ad296c61e21bf77ec70 SHA1: dc3cd4ec96c0b3c5459fe00694bd73a816ecf93e SHA256:f51f235e80df8ffbc30ef1b557b6ea38a696632d675404ec117e952978b8b863 Referenced In Project/Scope: RealLifeDeveloper Common:provided org.osgi.annotation.versioning-1.1.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
Evidence
Type
Source
Name
Value
Confidence
Vendor
file
name
org.osgi.annotation.versioning
High
Vendor
jar
package name
annotation
Highest
Vendor
jar
package name
osgi
Highest
Vendor
jar
package name
versioning
Highest
Vendor
Manifest
automatic-module-name
org.osgi.annotation.versioning
Medium
Vendor
Manifest
bundle-copyright
Copyright (c) Contributors to the Eclipse Foundation
Low
Vendor
Manifest
bundle-developers
osgi; email=osgi-wg@eclipse.org; name="OSGi Working Group"; organization="Eclipse Foundation"; organizationUrl="https://www.osgi.org/"
Low
Vendor
Manifest
bundle-docurl
https://docs.osgi.org/
Low
Vendor
Manifest
bundle-symbolicname
org.osgi.annotation.versioning
Medium
Vendor
Manifest
git-descriptor
r8-cmpn-final
Low
Vendor
Manifest
git-sha
db39ce672917cadce15aad14a33795cbed7e8791
Low
Vendor
pom
artifactid
org.osgi.annotation.versioning
Highest
Vendor
pom
artifactid
osgi.annotation.versioning
Low
Vendor
pom
developer email
osgi-wg@eclipse.org
Low
Vendor
pom
developer id
osgi
Medium
Vendor
pom
developer name
OSGi Working Group
Medium
Vendor
pom
developer org
Eclipse Foundation
Medium
Vendor
pom
developer org URL
https://www.osgi.org/
Medium
Vendor
pom
groupid
org.osgi
Highest
Vendor
pom
name
org.osgi:org.osgi.annotation.versioning
High
Vendor
pom
organization name
Eclipse Foundation
High
Vendor
pom
url
https://docs.osgi.org/
Highest
Product
file
name
org.osgi.annotation.versioning
High
Product
jar
package name
annotation
Highest
Product
jar
package name
osgi
Highest
Product
jar
package name
versioning
Highest
Product
Manifest
automatic-module-name
org.osgi.annotation.versioning
Medium
Product
Manifest
bundle-copyright
Copyright (c) Contributors to the Eclipse Foundation
Low
Product
Manifest
bundle-developers
osgi; email=osgi-wg@eclipse.org; name="OSGi Working Group"; organization="Eclipse Foundation"; organizationUrl="https://www.osgi.org/"
File Path: /home/runner/.m2/repository/org/slf4j/slf4j-api/2.0.17/slf4j-api-2.0.17.jar MD5: b6480d114a23683498ac3f746f959d2f SHA1: d9e58ac9c7779ba3bf8142aff6c830617a7fe60f SHA256:7b751d952061954d5abfed7181c1f645d336091b679891591d63329c622eb832 Referenced In Project/Scope: RealLifeDeveloper Common:compile slf4j-api-2.0.17.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
File Path: /home/runner/.m2/repository/org/xerial/snappy/snappy-java/1.1.10.5/snappy-java-1.1.10.5.jar MD5: a52ffcdbbe525b486237a7098e5c5ff7 SHA1: ac605269f3598506196e469f1fb0d7ed5c55059e SHA256:0f3f1857ed33116583f480b4df5c0218836c47bfbc9c6221c0d73f356decf37b Referenced In Project/Scope: RealLifeDeveloper Common:runtime snappy-java-1.1.10.5.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.kafka/spring-kafka@3.3.9
GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html
File Path: /home/runner/.m2/repository/com/github/spotbugs/spotbugs-annotations/4.9.4/spotbugs-annotations-4.9.4.jar MD5: e0a648c2d3d3acdff414402175407a94 SHA1: 071d1be50e7c79317f2cb599b1da571dc5fcd8bf SHA256:85973144dd267fbeb15721cf99febb75c662c18e01b1a794cd6b4860a810f90b Referenced In Project/Scope: RealLifeDeveloper Common:provided spotbugs-annotations-4.9.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/org/springframework/spring-core/6.2.11/spring-core-6.2.11.jar MD5: 51868fd20036bc3bb237bf06c327dd22 SHA1: 0f4860eb6ea92abb8ae6c5e82e2e7efc395cef8d SHA256:a1de6ff2d88c05442468360b89f881b77ff7a393b8cd5b1d5758756b2e247f8a Referenced In Project/Scope: RealLifeDeveloper Common:compile spring-core-6.2.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework/spring-context@6.2.11
Core Spring concepts underpinning every Spring Data module.
File Path: /home/runner/.m2/repository/org/springframework/data/spring-data-commons/3.5.4/spring-data-commons-3.5.4.jar MD5: aaa31b985d10f0d128d2400237d8166c SHA1: b61f6528cb8b39b471775a4b27f0437f6646f1e6 SHA256:03295fe2e3c60931d46153136b4d8008d9d2e0bd8c7a058ddbfbc5e96779ca0c Referenced In Project/Scope: RealLifeDeveloper Common:compile spring-data-commons-3.5.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.data/spring-data-jpa@3.5.4
File Path: /home/runner/.m2/repository/org/springframework/data/spring-data-jpa/3.5.4/spring-data-jpa-3.5.4.jar MD5: 4b07aa3463690622494ca3f5fbc15d2e SHA1: abd37141d1bd52283aac0d962d6efa1d4d72424b SHA256:acb41799f540043275c60713b72445e9bf5b4a58faf2ce5716ca9dc993d5b2e3 Referenced In Project/Scope: RealLifeDeveloper Common:compile spring-data-jpa-3.5.4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/springframework/kafka/spring-kafka/3.3.9/spring-kafka-3.3.9.jar MD5: bfaccefab55b934de1ae11a32748106d SHA1: 784ce910bb5671c21a4e7318bfa709893eb73da3 SHA256:5c05c7c574857fb985490ccf1130b8db0be7aff3458335c769134c44ab7cfa41 Referenced In Project/Scope: RealLifeDeveloper Common:compile spring-kafka-3.3.9.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
Spring Retry provides an abstraction around retrying failed operations, with an
emphasis on declarative control of the process and policy-based behaviour that is
easy to extend and customize. For instance, you can configure a plain POJO
operation to retry if it fails, based on the type of exception, and with a fixed
or exponential backoff.
File Path: /home/runner/.m2/repository/org/springframework/retry/spring-retry/2.0.12/spring-retry-2.0.12.jar MD5: a396632dbe08ae5e1b6c77c49677f6d1 SHA1: 62a14736086ffd6f382f0df3bf066a5a34f174fa SHA256:15e5b238080e05b97d7603472887d658fc018340539b3f0777bc92445bf91dad Referenced In Project/Scope: RealLifeDeveloper Common:compile spring-retry-2.0.12.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.kafka/spring-kafka@3.3.9
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/org/springframework/security/spring-security-core/6.5.3/spring-security-core-6.5.3.jar MD5: 3e6d04732dcc386f495b20baf1eaf5fa SHA1: 1f526b23fad4f4db5c8cc1c30eed7abb82d32702 SHA256:eebd37ff370289f51ac84b082297639c905bddf45931b40909802201ddadbe32 Referenced In Project/Scope: RealLifeDeveloper Common:compile spring-security-core-6.5.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /home/runner/.m2/repository/org/springframework/spring-web/6.2.11/spring-web-6.2.11.jar MD5: 1c8824b95942c7ebf65d21284a123219 SHA1: e590ac3e1aaea2d34a5ccb5c25ad84acbada8468 SHA256:b8a7000ac68dea59f208148bf40a1e02cf3f1f6c120e9eb6696d7d46f57d7ed0 Referenced In Project/Scope: RealLifeDeveloper Common:compile spring-web-6.2.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/tomcat/tomcat-jdbc/11.0.11/tomcat-jdbc-11.0.11.jar MD5: bd609a157bae8a33c3897a4fcce344f8 SHA1: 6ad9ba7164d78eb59873e7b6bae083cb33d8cac7 SHA256:57cd966e085f8873a2d26f13b8f77248c5fe6bfeda151f322b740104b65aeee3 Referenced In Project/Scope: RealLifeDeveloper Common:compile tomcat-jdbc-11.0.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.reallifedeveloper/rld-common@2.1.10
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /home/runner/.m2/repository/org/apache/tomcat/tomcat-juli/11.0.11/tomcat-juli-11.0.11.jar MD5: 937a45fda5d52c9bd9a74ed35db99c59 SHA1: 7c6f3c32c40e68db828c66cb99478c2358ff7557 SHA256:25013c954a1cdd8da2daf1214dcdee7e89598ee093c8677ab3633bb065310825 Referenced In Project/Scope: RealLifeDeveloper Common:compile tomcat-juli-11.0.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.tomcat/tomcat-jdbc@11.0.11
File Path: /home/runner/.m2/repository/com/github/luben/zstd-jni/1.5.6-4/zstd-jni-1.5.6-4.jar MD5: 808e96f7bc2d4a3c5f68e95786f74cc9 SHA1: ba9e303e0b5e94cdd0017390d7d8c06f47fd61f7 SHA256:793ca8734aa15687e7e64564eab8b6ae9ee2720eae27aa663074682144b1c386 Referenced In Project/Scope: RealLifeDeveloper Common:runtime zstd-jni-1.5.6-4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.springframework.kafka/spring-kafka@3.3.9