From a247558be2c396f49734cc8eb800509845d84e12 Mon Sep 17 00:00:00 2001 From: Nico Koprowski Date: Mon, 13 Mar 2023 09:18:05 +0100 Subject: [PATCH 1/3] feat(App): update Spring Boot Starter parent version - Minor version upgrade from 3.0.2 -> 3.0.4 --- DEPENDENCIES | 158 +++++++++++++++++++++++++-------------------------- pom.xml | 4 +- 2 files changed, 81 insertions(+), 81 deletions(-) diff --git a/DEPENDENCIES b/DEPENDENCIES index d25d4032a..c3d0917f3 100644 --- a/DEPENDENCIES +++ b/DEPENDENCIES @@ -1,16 +1,16 @@ maven/mavencentral/ch.qos.logback/logback-classic/1.4.5, EPL-1.0 OR LGPL-2.1-only, approved, #3435 maven/mavencentral/ch.qos.logback/logback-core/1.4.5, EPL-1.0 OR LGPL-2.1-only, approved, #3373 maven/mavencentral/com.carrotsearch/hppc/0.8.1, Apache-2.0, approved, CQ22339 -maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.14.1, Apache-2.0, approved, #5303 -maven/mavencentral/com.fasterxml.jackson.core/jackson-core/2.14.1, Apache-2.0 AND MIT, approved, #4303 -maven/mavencentral/com.fasterxml.jackson.core/jackson-databind/2.14.1, Apache-2.0, approved, #4105 -maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-cbor/2.14.1, Apache-2.0, approved, #5922 -maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-smile/2.14.1, Apache-2.0, approved, clearlydefined -maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml/2.14.1, Apache-2.0, approved, #5933 -maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jdk8/2.14.1, Apache-2.0, approved, clearlydefined -maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jsr310/2.14.1, Apache-2.0, approved, #4699 -maven/mavencentral/com.fasterxml.jackson.module/jackson-module-kotlin/2.14.1, Apache-2.0, approved, #5927 -maven/mavencentral/com.fasterxml.jackson.module/jackson-module-parameter-names/2.14.1, Apache-2.0, approved, #5938 +maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.14.2, Apache-2.0, approved, #5303 +maven/mavencentral/com.fasterxml.jackson.core/jackson-core/2.14.2, Apache-2.0 AND MIT, approved, #4303 +maven/mavencentral/com.fasterxml.jackson.core/jackson-databind/2.14.2, Apache-2.0, approved, #4105 +maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-cbor/2.14.2, Apache-2.0, approved, #5922 +maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-smile/2.14.2, Apache-2.0, approved, clearlydefined +maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml/2.14.2, Apache-2.0, approved, #5933 +maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jdk8/2.14.2, Apache-2.0, approved, clearlydefined +maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jsr310/2.14.2, Apache-2.0, approved, #4699 +maven/mavencentral/com.fasterxml.jackson.module/jackson-module-kotlin/2.14.2, Apache-2.0, approved, #5927 +maven/mavencentral/com.fasterxml.jackson.module/jackson-module-parameter-names/2.14.2, Apache-2.0, approved, #5938 maven/mavencentral/com.fasterxml/classmate/1.5.1, Apache-2.0, approved, clearlydefined maven/mavencentral/com.github.spullara.mustache.java/compiler/0.9.10, Apache-2.0, approved, CQ14417 maven/mavencentral/com.github.stephenc.jcip/jcip-annotations/1.0-1, Apache-2.0, approved, CQ21949 @@ -26,29 +26,29 @@ maven/mavencentral/commons-codec/commons-codec/1.15, Apache-2.0 AND BSD-3-Clause maven/mavencentral/commons-logging/commons-logging/1.2, Apache-2.0, approved, CQ10162 maven/mavencentral/io.github.classgraph/classgraph/4.8.149, MIT, approved, CQ22530 maven/mavencentral/io.github.microutils/kotlin-logging-jvm/2.1.23, Apache-2.0, approved, clearlydefined -maven/mavencentral/io.micrometer/micrometer-commons/1.10.3, Apache-2.0, approved, clearlydefined -maven/mavencentral/io.micrometer/micrometer-core/1.10.3, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #6977 -maven/mavencentral/io.micrometer/micrometer-observation/1.10.3, Apache-2.0, approved, clearlydefined -maven/mavencentral/io.netty/netty-buffer/4.1.87.Final, Apache-2.0, approved, CQ21842 -maven/mavencentral/io.netty/netty-codec-dns/4.1.87.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-codec-http/4.1.87.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-codec-http2/4.1.87.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-codec-socks/4.1.87.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-codec/4.1.87.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-common/4.1.87.Final, Apache-2.0 AND MIT AND CC0-1.0, approved, CQ21843 -maven/mavencentral/io.netty/netty-handler-proxy/4.1.87.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-handler/4.1.87.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-resolver-dns-classes-macos/4.1.87.Final, Apache-2.0, approved, #6367 -maven/mavencentral/io.netty/netty-resolver-dns-native-macos/4.1.87.Final, , restricted, clearlydefined -maven/mavencentral/io.netty/netty-resolver-dns/4.1.87.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-resolver/4.1.87.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-transport-classes-epoll/4.1.87.Final, Apache-2.0, approved, #6366 -maven/mavencentral/io.netty/netty-transport-native-epoll/4.1.87.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-transport-native-unix-common/4.1.87.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.netty/netty-transport/4.1.87.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 -maven/mavencentral/io.projectreactor.netty/reactor-netty-core/1.1.2, Apache-2.0, approved, #5946 -maven/mavencentral/io.projectreactor.netty/reactor-netty-http/1.1.2, Apache-2.0, approved, #6999 -maven/mavencentral/io.projectreactor/reactor-core/3.5.2, Apache-2.0, approved, #5934 +maven/mavencentral/io.micrometer/micrometer-commons/1.10.4, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #7333 +maven/mavencentral/io.micrometer/micrometer-core/1.10.4, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #6977 +maven/mavencentral/io.micrometer/micrometer-observation/1.10.4, Apache-2.0, approved, #7331 +maven/mavencentral/io.netty/netty-buffer/4.1.89.Final, Apache-2.0, approved, CQ21842 +maven/mavencentral/io.netty/netty-codec-dns/4.1.89.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-codec-http/4.1.89.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-codec-http2/4.1.89.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-codec-socks/4.1.89.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-codec/4.1.89.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-common/4.1.89.Final, Apache-2.0 AND MIT AND CC0-1.0, approved, CQ21843 +maven/mavencentral/io.netty/netty-handler-proxy/4.1.89.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-handler/4.1.89.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-resolver-dns-classes-macos/4.1.89.Final, Apache-2.0, approved, #6367 +maven/mavencentral/io.netty/netty-resolver-dns-native-macos/4.1.89.Final, Apache-2.0, approved, #7004 +maven/mavencentral/io.netty/netty-resolver-dns/4.1.89.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-resolver/4.1.89.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-transport-classes-epoll/4.1.89.Final, Apache-2.0, approved, #6366 +maven/mavencentral/io.netty/netty-transport-native-epoll/4.1.89.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-transport-native-unix-common/4.1.89.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.netty/netty-transport/4.1.89.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 +maven/mavencentral/io.projectreactor.netty/reactor-netty-core/1.1.4, Apache-2.0, approved, #5946 +maven/mavencentral/io.projectreactor.netty/reactor-netty-http/1.1.4, Apache-2.0, approved, #6999 +maven/mavencentral/io.projectreactor/reactor-core/3.5.3, Apache-2.0, approved, #5934 maven/mavencentral/io.swagger.core.v3/swagger-annotations-jakarta/2.2.7, Apache-2.0, approved, #5947 maven/mavencentral/io.swagger.core.v3/swagger-core-jakarta/2.2.7, Apache-2.0, approved, #5929 maven/mavencentral/io.swagger.core.v3/swagger-models-jakarta/2.2.7, Apache-2.0, approved, #5919 @@ -91,10 +91,10 @@ maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-el/10.1.5, Apache-2.0, a maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-websocket/10.1.5, Apache-2.0, approved, clearlydefined maven/mavencentral/org.aspectj/aspectjweaver/1.9.19, EPL-1.0, approved, tools.aspectj maven/mavencentral/org.eclipse.parsson/parsson/1.0.0, EPL-2.0, approved, ee4j.parsson -maven/mavencentral/org.eclipse.tractusx/bpdm-common/3.0.3-SNAPSHOT, Apache-2.0, approved, automotive.tractusx +maven/mavencentral/org.eclipse.tractusx/bpdm-common/3.1.1-SNAPSHOT, Apache-2.0, approved, automotive.tractusx maven/mavencentral/org.flywaydb/flyway-core/8.5.12, Apache-2.0, approved, #2764 maven/mavencentral/org.hdrhistogram/HdrHistogram/2.1.12, , approved, CQ13192 -maven/mavencentral/org.hibernate.orm/hibernate-core/6.1.6.Final, LGPL-2.1-or-later AND (Apache-2.0 AND LGPL-2.1-only) AND (CC-PDDC AND LGPL-2.1-only) AND (EPL-2.0 OR BSD-3-Clause), approved, #5939 +maven/mavencentral/org.hibernate.orm/hibernate-core/6.1.7.Final, LGPL-2.1-or-later AND (Apache-2.0 AND LGPL-2.1-only) AND (CC-PDDC AND LGPL-2.1-only) AND (EPL-2.0 OR BSD-3-Clause), approved, #5939 maven/mavencentral/org.hibernate.validator/hibernate-validator/8.0.0.Final, Apache-2.0, approved, clearlydefined maven/mavencentral/org.jboss.logging/jboss-logging/3.5.0.Final, Apache-2.0, approved, clearlydefined maven/mavencentral/org.jetbrains.kotlin/kotlin-reflect/1.7.21, Apache-2.0, approved, clearlydefined @@ -124,49 +124,49 @@ maven/mavencentral/org.slf4j/slf4j-api/2.0.6, MIT, approved, #5915 maven/mavencentral/org.springdoc/springdoc-openapi-starter-common/2.0.0, Apache-2.0, approved, #5920 maven/mavencentral/org.springdoc/springdoc-openapi-starter-webmvc-api/2.0.0, Apache-2.0, approved, #5950 maven/mavencentral/org.springdoc/springdoc-openapi-starter-webmvc-ui/2.0.0, Apache-2.0, approved, #5923 -maven/mavencentral/org.springframework.boot/spring-boot-actuator-autoconfigure/3.0.2, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.boot/spring-boot-actuator/3.0.2, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.boot/spring-boot-autoconfigure/3.0.2, Apache-2.0, approved, #6981 -maven/mavencentral/org.springframework.boot/spring-boot-configuration-processor/3.0.2, Apache-2.0, approved, #6973 -maven/mavencentral/org.springframework.boot/spring-boot-starter-actuator/3.0.2, Apache-2.0, approved, #6983 -maven/mavencentral/org.springframework.boot/spring-boot-starter-aop/3.0.2, Apache-2.0, approved, #6965 -maven/mavencentral/org.springframework.boot/spring-boot-starter-data-jpa/3.0.2, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.boot/spring-boot-starter-jdbc/3.0.2, Apache-2.0, approved, #6974 -maven/mavencentral/org.springframework.boot/spring-boot-starter-json/3.0.2, Apache-2.0, approved, #7006 -maven/mavencentral/org.springframework.boot/spring-boot-starter-logging/3.0.2, Apache-2.0, approved, #6982 -maven/mavencentral/org.springframework.boot/spring-boot-starter-oauth2-client/3.0.2, Apache-2.0, approved, #5932 -maven/mavencentral/org.springframework.boot/spring-boot-starter-oauth2-resource-server/3.0.2, Apache-2.0, approved, #6967 -maven/mavencentral/org.springframework.boot/spring-boot-starter-reactor-netty/3.0.2, Apache-2.0, approved, #6989 -maven/mavencentral/org.springframework.boot/spring-boot-starter-security/3.0.2, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.boot/spring-boot-starter-tomcat/3.0.2, Apache-2.0, approved, #6987 -maven/mavencentral/org.springframework.boot/spring-boot-starter-validation/3.0.2, Apache-2.0, approved, #6971 -maven/mavencentral/org.springframework.boot/spring-boot-starter-web/3.0.2, Apache-2.0, approved, #5945 -maven/mavencentral/org.springframework.boot/spring-boot-starter-webflux/3.0.2, Apache-2.0, approved, #6986 -maven/mavencentral/org.springframework.boot/spring-boot-starter/3.0.2, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.boot/spring-boot/3.0.2, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.data/spring-data-commons/3.0.1, Apache-2.0, approved, #5943 -maven/mavencentral/org.springframework.data/spring-data-jpa/3.0.1, Apache-2.0, approved, #5935 -maven/mavencentral/org.springframework.security/spring-security-config/6.0.1, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.security/spring-security-core/6.0.1, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.security/spring-security-crypto/6.0.1, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.security/spring-security-oauth2-client/6.0.1, Apache-2.0, approved, #5931 -maven/mavencentral/org.springframework.security/spring-security-oauth2-core/6.0.1, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.security/spring-security-oauth2-jose/6.0.1, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.security/spring-security-oauth2-resource-server/6.0.1, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.security/spring-security-web/6.0.1, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework/spring-aop/6.0.4, Apache-2.0, approved, #5940 -maven/mavencentral/org.springframework/spring-aspects/6.0.4, Apache-2.0, approved, #5930 -maven/mavencentral/org.springframework/spring-beans/6.0.4, Apache-2.0, approved, #5937 -maven/mavencentral/org.springframework/spring-context/6.0.4, Apache-2.0, approved, #5936 -maven/mavencentral/org.springframework/spring-core/6.0.4, Apache-2.0 AND BSD-3-Clause, approved, #5948 -maven/mavencentral/org.springframework/spring-expression/6.0.4, Apache-2.0, approved, #3284 -maven/mavencentral/org.springframework/spring-jcl/6.0.4, Apache-2.0, approved, #3283 -maven/mavencentral/org.springframework/spring-jdbc/6.0.4, Apache-2.0, approved, #5924 -maven/mavencentral/org.springframework/spring-orm/6.0.4, Apache-2.0, approved, #5925 -maven/mavencentral/org.springframework/spring-tx/6.0.4, Apache-2.0, approved, #5926 -maven/mavencentral/org.springframework/spring-web/6.0.4, Apache-2.0, approved, #5942 -maven/mavencentral/org.springframework/spring-webflux/6.0.4, Apache-2.0, approved, #6964 -maven/mavencentral/org.springframework/spring-webmvc/6.0.4, Apache-2.0, approved, #5944 +maven/mavencentral/org.springframework.boot/spring-boot-actuator-autoconfigure/3.0.4, Apache-2.0, approved, #7336 +maven/mavencentral/org.springframework.boot/spring-boot-actuator/3.0.4, Apache-2.0, approved, #7334 +maven/mavencentral/org.springframework.boot/spring-boot-autoconfigure/3.0.4, Apache-2.0, approved, #6981 +maven/mavencentral/org.springframework.boot/spring-boot-configuration-processor/3.0.4, Apache-2.0, approved, #6973 +maven/mavencentral/org.springframework.boot/spring-boot-starter-actuator/3.0.4, Apache-2.0, approved, #6983 +maven/mavencentral/org.springframework.boot/spring-boot-starter-aop/3.0.4, Apache-2.0, approved, #6965 +maven/mavencentral/org.springframework.boot/spring-boot-starter-data-jpa/3.0.4, Apache-2.0, approved, #7351 +maven/mavencentral/org.springframework.boot/spring-boot-starter-jdbc/3.0.4, Apache-2.0, approved, #6974 +maven/mavencentral/org.springframework.boot/spring-boot-starter-json/3.0.4, Apache-2.0, approved, #7006 +maven/mavencentral/org.springframework.boot/spring-boot-starter-logging/3.0.4, Apache-2.0, approved, #6982 +maven/mavencentral/org.springframework.boot/spring-boot-starter-oauth2-client/3.0.4, Apache-2.0, approved, #5932 +maven/mavencentral/org.springframework.boot/spring-boot-starter-oauth2-resource-server/3.0.4, Apache-2.0, approved, #6967 +maven/mavencentral/org.springframework.boot/spring-boot-starter-reactor-netty/3.0.4, Apache-2.0, approved, #6989 +maven/mavencentral/org.springframework.boot/spring-boot-starter-security/3.0.4, Apache-2.0, approved, #7329 +maven/mavencentral/org.springframework.boot/spring-boot-starter-tomcat/3.0.4, Apache-2.0, approved, #6987 +maven/mavencentral/org.springframework.boot/spring-boot-starter-validation/3.0.4, Apache-2.0, approved, #6971 +maven/mavencentral/org.springframework.boot/spring-boot-starter-web/3.0.4, Apache-2.0, approved, #5945 +maven/mavencentral/org.springframework.boot/spring-boot-starter-webflux/3.0.4, Apache-2.0, approved, #6986 +maven/mavencentral/org.springframework.boot/spring-boot-starter/3.0.4, Apache-2.0, approved, #7330 +maven/mavencentral/org.springframework.boot/spring-boot/3.0.4, Apache-2.0, approved, #7327 +maven/mavencentral/org.springframework.data/spring-data-commons/3.0.3, Apache-2.0, approved, #5943 +maven/mavencentral/org.springframework.data/spring-data-jpa/3.0.3, Apache-2.0, approved, #5935 +maven/mavencentral/org.springframework.security/spring-security-config/6.0.2, Apache-2.0, approved, #7338 +maven/mavencentral/org.springframework.security/spring-security-core/6.0.2, Apache-2.0, approved, #7325 +maven/mavencentral/org.springframework.security/spring-security-crypto/6.0.2, Apache-2.0 AND ISC, approved, #7326 +maven/mavencentral/org.springframework.security/spring-security-oauth2-client/6.0.2, Apache-2.0, approved, #5931 +maven/mavencentral/org.springframework.security/spring-security-oauth2-core/6.0.2, Apache-2.0, approved, #7324 +maven/mavencentral/org.springframework.security/spring-security-oauth2-jose/6.0.2, Apache-2.0, approved, #7337 +maven/mavencentral/org.springframework.security/spring-security-oauth2-resource-server/6.0.2, Apache-2.0, approved, #7335 +maven/mavencentral/org.springframework.security/spring-security-web/6.0.2, Apache-2.0, approved, #7328 +maven/mavencentral/org.springframework/spring-aop/6.0.6, Apache-2.0, approved, #5940 +maven/mavencentral/org.springframework/spring-aspects/6.0.6, Apache-2.0, approved, #5930 +maven/mavencentral/org.springframework/spring-beans/6.0.6, Apache-2.0, approved, #5937 +maven/mavencentral/org.springframework/spring-context/6.0.6, Apache-2.0, approved, #5936 +maven/mavencentral/org.springframework/spring-core/6.0.6, Apache-2.0 AND BSD-3-Clause, approved, #5948 +maven/mavencentral/org.springframework/spring-expression/6.0.6, Apache-2.0, approved, #3284 +maven/mavencentral/org.springframework/spring-jcl/6.0.6, Apache-2.0, approved, #3283 +maven/mavencentral/org.springframework/spring-jdbc/6.0.6, Apache-2.0, approved, #5924 +maven/mavencentral/org.springframework/spring-orm/6.0.6, Apache-2.0, approved, #5925 +maven/mavencentral/org.springframework/spring-tx/6.0.6, Apache-2.0, approved, #5926 +maven/mavencentral/org.springframework/spring-web/6.0.6, Apache-2.0, approved, #5942 +maven/mavencentral/org.springframework/spring-webflux/6.0.6, Apache-2.0, approved, #6964 +maven/mavencentral/org.springframework/spring-webmvc/6.0.6, Apache-2.0, approved, #5944 maven/mavencentral/org.webjars/swagger-ui/4.15.5, Apache-2.0 AND MIT, approved, #5921 maven/mavencentral/org.webjars/webjars-locator-core/0.52, MIT, approved, clearlydefined -maven/mavencentral/org.yaml/snakeyaml/1.33, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.yaml/snakeyaml/2.0, Apache-2.0 AND (Apache-2.0 AND BSD-3-Clause AND EPL-1.0 AND GPL-2.0-or-later AND LGPL-2.1-or-later), restricted, #7275 diff --git a/pom.xml b/pom.xml index 9aa9c50c9..13d6c8fc1 100644 --- a/pom.xml +++ b/pom.xml @@ -33,7 +33,7 @@ org.springframework.boot spring-boot-starter-parent - 3.0.2 + 3.0.4 bpdm-pool-api @@ -53,7 +53,7 @@ 2.35.0 3.1.1 3.23.1 - 3.0.0 + 3.0.4 catenax-ng https://sonarcloud.io product-bpdm From b583d9448c49778977d3bc83de3d58c8b8d5e54e Mon Sep 17 00:00:00 2001 From: Nico Koprowski Date: Mon, 13 Mar 2023 09:20:15 +0100 Subject: [PATCH 2/3] feat(App): override snakeyaml dependency version - Forced usage of snakeyaml 2.0 mitigates security issue CVE-2022-1471 --- pom.xml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/pom.xml b/pom.xml index 13d6c8fc1..1353e0289 100644 --- a/pom.xml +++ b/pom.xml @@ -121,6 +121,12 @@ kotlin-logging-jvm ${kotlinlogging.version} + + + org.yaml + snakeyaml + 2.0 + com.github.tomakehurst wiremock-jre8-standalone From 835949253cd38e3184ff91a470cfaacb35784f5e Mon Sep 17 00:00:00 2001 From: Nico Koprowski Date: Fri, 17 Mar 2023 10:10:44 +0100 Subject: [PATCH 3/3] docs(dependencies): updated IP information for used dependencies --- DEPENDENCIES | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/DEPENDENCIES b/DEPENDENCIES index c3d0917f3..b3a8dbc1b 100644 --- a/DEPENDENCIES +++ b/DEPENDENCIES @@ -91,7 +91,9 @@ maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-el/10.1.5, Apache-2.0, a maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-websocket/10.1.5, Apache-2.0, approved, clearlydefined maven/mavencentral/org.aspectj/aspectjweaver/1.9.19, EPL-1.0, approved, tools.aspectj maven/mavencentral/org.eclipse.parsson/parsson/1.0.0, EPL-2.0, approved, ee4j.parsson -maven/mavencentral/org.eclipse.tractusx/bpdm-common/3.1.1-SNAPSHOT, Apache-2.0, approved, automotive.tractusx +maven/mavencentral/org.eclipse.tractusx/bpdm-common/3.2.0-SNAPSHOT, Apache-2.0, approved, automotive.tractusx +maven/mavencentral/org.eclipse.tractusx/bpdm-gate-api/3.2.0-SNAPSHOT, Apache-2.0, approved, automotive.tractusx +maven/mavencentral/org.eclipse.tractusx/bpdm-pool-api/3.2.0-SNAPSHOT, Apache-2.0, approved, automotive.tractusx maven/mavencentral/org.flywaydb/flyway-core/8.5.12, Apache-2.0, approved, #2764 maven/mavencentral/org.hdrhistogram/HdrHistogram/2.1.12, , approved, CQ13192 maven/mavencentral/org.hibernate.orm/hibernate-core/6.1.7.Final, LGPL-2.1-or-later AND (Apache-2.0 AND LGPL-2.1-only) AND (CC-PDDC AND LGPL-2.1-only) AND (EPL-2.0 OR BSD-3-Clause), approved, #5939 @@ -169,4 +171,4 @@ maven/mavencentral/org.springframework/spring-webflux/6.0.6, Apache-2.0, approve maven/mavencentral/org.springframework/spring-webmvc/6.0.6, Apache-2.0, approved, #5944 maven/mavencentral/org.webjars/swagger-ui/4.15.5, Apache-2.0 AND MIT, approved, #5921 maven/mavencentral/org.webjars/webjars-locator-core/0.52, MIT, approved, clearlydefined -maven/mavencentral/org.yaml/snakeyaml/2.0, Apache-2.0 AND (Apache-2.0 AND BSD-3-Clause AND EPL-1.0 AND GPL-2.0-or-later AND LGPL-2.1-or-later), restricted, #7275 +maven/mavencentral/org.yaml/snakeyaml/2.0, Apache-2.0 AND (Apache-2.0 OR BSD-3-Clause OR EPL-1.0 OR GPL-2.0-or-later OR LGPL-2.1-or-later), approved, #7275