Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all ):
dependency-check version : 12.1.9Report Generated On : Wed, 12 Nov 2025 14:39:35 GMTDependencies Scanned : 56 (33 unique)Vulnerable Dependencies : 0 Vulnerabilities Found : 0Vulnerabilities Suppressed : 0 ... NVD API Last Checked : 2025-11-12T14:12:02ZNVD API Last Modified : 2025-11-12T13:43:42ZSummary Summary of Vulnerable Dependencies (click to show all)
Description:
A high performance caching library License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/github/ben-manes/caffeine/caffeine/3.2.2/caffeine-3.2.2.jar
MD5: 202a61e2492ad488df931367241a110c
SHA1: 8b0a31cb57ac00e18161d5586759912bd2637398
SHA256: c74a6c72221dfb76eb92f2bb40108ea561a7da2f315dc3b1e64afa8f077f210c
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile caffeine-3.2.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT Evidence Type Source Name Value Confidence Vendor file name caffeine High Vendor jar package name benmanes Highest Vendor jar package name cache Highest Vendor jar package name caffeine Highest Vendor jar package name github Highest Vendor Manifest automatic-module-name com.github.benmanes.caffeine Medium Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-symbolicname com.github.ben-manes.caffeine Medium Vendor pom artifactid caffeine Highest Vendor pom artifactid caffeine Low Vendor pom developer email ben.manes@gmail.com Low Vendor pom developer id ben-manes Medium Vendor pom developer name Ben Manes Medium Vendor pom groupid com.github.ben-manes.caffeine Highest Vendor pom name Caffeine cache High Vendor pom url ben-manes/caffeine Highest Product file name caffeine High Product jar package name benmanes Highest Product jar package name cache Highest Product jar package name caffeine Highest Product jar package name github Highest Product Manifest automatic-module-name com.github.benmanes.caffeine Medium Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name com.github.ben-manes.caffeine Medium Product Manifest bundle-symbolicname com.github.ben-manes.caffeine Medium Product Manifest Implementation-Title A high performance caching library High Product pom artifactid caffeine Highest Product pom developer email ben.manes@gmail.com Low Product pom developer id ben-manes Low Product pom developer name Ben Manes Low Product pom groupid com.github.ben-manes.caffeine Highest Product pom name Caffeine cache High Product pom url ben-manes/caffeine High Version file version 3.2.2 High Version Manifest Bundle-Version 3.2.2 High Version Manifest Implementation-Version 3.2.2 High Version pom version 3.2.2 Highest
pkg:maven/com.github.ben-manes.caffeine/caffeine@3.2.2 (Confidence :High) Description:
checker-qual contains annotations (type qualifiers) that a programmerwrites to specify Java code for type-checking by the Checker Framework. License:
The MIT License: http://opensource.org/licenses/MIT File Path: /home/runner/.m2/repository/org/checkerframework/checker-qual/3.52.0/checker-qual-3.52.0.jar
MD5: d7eeaac6d7810375c2484fd4faeb2f69
SHA1: 9c17f496846ab1fca8975c6a50ceac0b3bbe63f0
SHA256: 0b5bb1a4bdc4e4b1217482fe598efcaab4e1fba7b37f9412639178fc8116fc05
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile checker-qual-3.52.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.hazendaz.jmockit/jmockit@2.0.0 pkg:maven/com.github.hazendaz.jmockit/jmockit@2.0.0 Evidence Type Source Name Value Confidence Vendor file name checker-qual High Vendor jar package name checker Highest Vendor jar package name checkerframework Highest Vendor jar package name framework Highest Vendor jar package name qual Highest Vendor Manifest bundle-symbolicname checker-qual Medium Vendor Manifest implementation-url https://checkerframework.org Low Vendor pom artifactid checker-qual Highest Vendor pom artifactid checker-qual Low Vendor pom developer email mernst@cs.washington.edu Low Vendor pom developer email smillst@cs.washington.edu Low Vendor pom developer id mernst Medium Vendor pom developer id smillst Medium Vendor pom developer name Michael Ernst Medium Vendor pom developer name Suzanne Millstein Medium Vendor pom developer org University of Washington Medium Vendor pom developer org URL https://www.cs.washington.edu/ Medium Vendor pom groupid org.checkerframework Highest Vendor pom name Checker Qual High Vendor pom url https://checkerframework.org/ Highest Product file name checker-qual High Product jar package name checker Highest Product jar package name checkerframework Highest Product jar package name framework Highest Product jar package name qual Highest Product Manifest Bundle-Name checker-qual Medium Product Manifest bundle-symbolicname checker-qual Medium Product Manifest implementation-url https://checkerframework.org Low Product pom artifactid checker-qual Highest Product pom developer email mernst@cs.washington.edu Low Product pom developer email smillst@cs.washington.edu Low Product pom developer id mernst Low Product pom developer id smillst Low Product pom developer name Michael Ernst Low Product pom developer name Suzanne Millstein Low Product pom developer org University of Washington Low Product pom developer org URL https://www.cs.washington.edu/ Low Product pom groupid org.checkerframework Highest Product pom name Checker Qual High Product pom url https://checkerframework.org/ Medium Version file version 3.52.0 High Version Manifest Bundle-Version 3.52.0 High Version Manifest Implementation-Version 3.52.0 High Version pom version 3.52.0 Highest
pkg:maven/org.checkerframework/checker-qual@3.52.0 (Confidence :High) Description:
WAFFLE JNA Jakarta Pakage implementation License:
MIT https://raw.github.com/Waffle/waffle/master/LICENSE File Path: /home/runner/work/waffle/waffle/Source/JNA/waffle-jna-jakarta/pom.xml
Referenced In Projects/Scopes: waffle-spring-boot-starter3 waffle-spring-boot-autoconfigure3 com.github.waffle:waffle-jna-jakarta:3.6.0-SNAPSHOT is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-boot-starter3@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-boot-autoconfigure3@3.6.0-SNAPSHOT Evidence Type Source Name Value Confidence Vendor file name pom High Vendor project artifactid waffle-jna-jakarta Low Vendor project groupid com.github.waffle Highest Product file name pom High Product project artifactid waffle-jna-jakarta Highest Product project groupid com.github.waffle Low
pkg:maven/com.github.waffle/waffle-jna-jakarta@3.6.0-SNAPSHOT (Confidence :Highest) Description:
Spring Boot Autoconfigure for WAFFLE License:
MIT https://raw.github.com/Waffle/waffle/master/LICENSE File Path: /home/runner/work/waffle/waffle/Source/JNA/waffle-spring-boot3/waffle-spring-boot-autoconfigure3/pom.xml
Referenced In Project/Scope: waffle-spring-boot-starter3
com.github.waffle:waffle-spring-boot-autoconfigure3:3.6.0-SNAPSHOT is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-boot-starter3@3.6.0-SNAPSHOT
Evidence Type Source Name Value Confidence Vendor file name pom High Vendor project artifactid waffle-spring-boot-autoconfigure3 Low Vendor project groupid com.github.waffle Highest Product file name pom High Product project artifactid waffle-spring-boot-autoconfigure3 Highest Product project groupid com.github.waffle Low
pkg:maven/com.github.waffle/waffle-spring-boot-autoconfigure3@3.6.0-SNAPSHOT (Confidence :Highest) Description:
Spring Security 6 integration for WAFFLE License:
MIT https://raw.github.com/Waffle/waffle/master/LICENSE File Path: /home/runner/work/waffle/waffle/Source/JNA/waffle-spring-security6/pom.xml
Referenced In Projects/Scopes: waffle-spring-boot-starter3 waffle-spring-boot-autoconfigure3 com.github.waffle:waffle-spring-security6:3.6.0-SNAPSHOT is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-boot-autoconfigure3@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-boot-starter3@3.6.0-SNAPSHOT Evidence Type Source Name Value Confidence Vendor file name pom High Vendor project artifactid waffle-spring-security6 Low Vendor project groupid com.github.waffle Highest Product file name pom High Product project artifactid waffle-spring-security6 Highest Product project groupid com.github.waffle Low
pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT (Confidence :Highest) Description:
Apache Commons Logging is a thin adapter allowing configurable bridging to other,
well-known logging systems. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/commons-logging/commons-logging/1.3.5/commons-logging-1.3.5.jar
MD5: 9ca067b073153c86c2da350c0f2cdf70
SHA1: a3fcc5d3c29b2b03433aa2d2f2d2c1b1638924a1
SHA256: 6d7a744e4027649fbb50895df9497d109f98c766a637062fe8d2eabbb3140ba4
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile commons-logging-1.3.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-boot-autoconfigure3@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-boot-autoconfigure3@3.6.0-SNAPSHOT Evidence Type Source Name Value Confidence Vendor file name commons-logging High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor jar package name logging Highest Vendor Manifest automatic-module-name org.apache.commons.logging Medium Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-logging/ Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-logging Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release true Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid commons-logging Highest Vendor pom artifactid commons-logging Low Vendor pom developer email baliuka@apache.org Low Vendor pom developer email costin@apache.org Low Vendor pom developer email craigmcc@apache.org Low Vendor pom developer email dennisl@apache.org Low Vendor pom developer email donaldp@apache.org Low Vendor pom developer email ggregory at apache.org Low Vendor pom developer email morgand@apache.org Low Vendor pom developer email rdonkin@apache.org Low Vendor pom developer email rsitze@apache.org Low Vendor pom developer email rwaldhoff@apache.org Low Vendor pom developer email sanders@apache.org Low Vendor pom developer email skitching@apache.org Low Vendor pom developer email tn@apache.org Low Vendor pom developer id baliuka Medium Vendor pom developer id bstansberry Medium Vendor pom developer id costin Medium Vendor pom developer id craigmcc Medium Vendor pom developer id dennisl Medium Vendor pom developer id donaldp Medium Vendor pom developer id ggregory Medium Vendor pom developer id morgand Medium Vendor pom developer id rdonkin Medium Vendor pom developer id rsitze Medium Vendor pom developer id rwaldhoff Medium Vendor pom developer id sanders Medium Vendor pom developer id skitching Medium Vendor pom developer id tn Medium Vendor pom developer name Brian Stansberry Medium Vendor pom developer name Costin Manolache Medium Vendor pom developer name Craig McClanahan Medium Vendor pom developer name Dennis Lundberg Medium Vendor pom developer name Gary Gregory Medium Vendor pom developer name Juozas Baliuka Medium Vendor pom developer name Morgan Delagrange Medium Vendor pom developer name Peter Donald Medium Vendor pom developer name Richard Sitze Medium Vendor pom developer name Robert Burrell Donkin Medium Vendor pom developer name Rodney Waldhoff Medium Vendor pom developer name Scott Sanders Medium Vendor pom developer name Simon Kitching Medium Vendor pom developer name Thomas Neidhart Medium Vendor pom developer org Apache Medium Vendor pom developer org The Apache Software Foundation Medium Vendor pom developer org URL https://www.apache.org/ Medium Vendor pom groupid commons-logging Highest Vendor pom name Apache Commons Logging High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url https://commons.apache.org/proper/commons-logging/ Highest Product file name commons-logging High Product jar package name apache Highest Product jar package name commons Highest Product jar package name logging Highest Product Manifest automatic-module-name org.apache.commons.logging Medium Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://commons.apache.org/proper/commons-logging/ Low Product Manifest Bundle-Name Apache Commons Logging Medium Product Manifest bundle-symbolicname org.apache.commons.commons-logging Medium Product Manifest Implementation-Title Apache Commons Logging High Product Manifest multi-release true Low Product Manifest specification-title Apache Commons Logging Medium Product pom artifactid commons-logging Highest Product pom developer email baliuka@apache.org Low Product pom developer email costin@apache.org Low Product pom developer email craigmcc@apache.org Low Product pom developer email dennisl@apache.org Low Product pom developer email donaldp@apache.org Low Product pom developer email ggregory at apache.org Low Product pom developer email morgand@apache.org Low Product pom developer email rdonkin@apache.org Low Product pom developer email rsitze@apache.org Low Product pom developer email rwaldhoff@apache.org Low Product pom developer email sanders@apache.org Low Product pom developer email skitching@apache.org Low Product pom developer email tn@apache.org Low Product pom developer id baliuka Low Product pom developer id bstansberry Low Product pom developer id costin Low Product pom developer id craigmcc Low Product pom developer id dennisl Low Product pom developer id donaldp Low Product pom developer id ggregory Low Product pom developer id morgand Low Product pom developer id rdonkin Low Product pom developer id rsitze Low Product pom developer id rwaldhoff Low Product pom developer id sanders Low Product pom developer id skitching Low Product pom developer id tn Low Product pom developer name Brian Stansberry Low Product pom developer name Costin Manolache Low Product pom developer name Craig McClanahan Low Product pom developer name Dennis Lundberg Low Product pom developer name Gary Gregory Low Product pom developer name Juozas Baliuka Low Product pom developer name Morgan Delagrange Low Product pom developer name Peter Donald Low Product pom developer name Richard Sitze Low Product pom developer name Robert Burrell Donkin Low Product pom developer name Rodney Waldhoff Low Product pom developer name Scott Sanders Low Product pom developer name Simon Kitching Low Product pom developer name Thomas Neidhart Low Product pom developer org Apache Low Product pom developer org The Apache Software Foundation Low Product pom developer org URL https://www.apache.org/ Low Product pom groupid commons-logging Highest Product pom name Apache Commons Logging High Product pom parent-artifactid commons-parent Medium Product pom parent-groupid org.apache.commons Medium Product pom url https://commons.apache.org/proper/commons-logging/ Medium Version file version 1.3.5 High Version Manifest Bundle-Version 1.3.5 High Version Manifest Implementation-Version 1.3.5 High Version pom parent-version 1.3.5 Low Version pom version 1.3.5 Highest
pkg:maven/commons-logging/commons-logging@1.3.5 (Confidence :High) Description:
Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time. License:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/errorprone/error_prone_annotations/2.44.0/error_prone_annotations-2.44.0.jar
MD5: 11d0ff18fb88d4e4c48a4347e9e4a1e0
SHA1: bbbf88e1d12da9c6f7f204ca78a55446654ce7e1
SHA256: bcf738a525e546c926a233d0a169cf7eafcf703fe81ac9d6994f7244eda29052
Referenced In Projects/Scopes: waffle-spring-boot-starter3:provided waffle-spring-boot3:provided waffle-spring-boot-autoconfigure3:provided error_prone_annotations-2.44.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-boot-autoconfigure3@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-boot-starter3@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-boot3@3.6.0-SNAPSHOT Evidence Type Source Name Value Confidence Vendor file name error_prone_annotations High Vendor jar package name annotations Highest Vendor jar package name errorprone Highest Vendor jar package name google Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl https://errorprone.info/error_prone_annotations Low Vendor Manifest bundle-symbolicname com.google.errorprone.annotations Medium Vendor Manifest multi-release true Low Vendor pom artifactid error_prone_annotations Highest Vendor pom artifactid error_prone_annotations Low Vendor pom groupid com.google.errorprone Highest Vendor pom name error-prone annotations High Vendor pom parent-artifactid error_prone_parent Low Product file name error_prone_annotations High Product jar package name annotations Highest Product jar package name errorprone Highest Product jar package name google Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl https://errorprone.info/error_prone_annotations Low Product Manifest Bundle-Name error-prone annotations Medium Product Manifest bundle-symbolicname com.google.errorprone.annotations Medium Product Manifest multi-release true Low Product pom artifactid error_prone_annotations Highest Product pom groupid com.google.errorprone Highest Product pom name error-prone annotations High Product pom parent-artifactid error_prone_parent Medium Version file version 2.44.0 High Version Manifest Bundle-Version 2.44.0 High Version pom version 2.44.0 Highest
pkg:maven/com.google.errorprone/error_prone_annotations@2.44.0 (Confidence :High) Description:
A set of annotations that provide additional information to the J2ObjC
translator to modify the result of translation.
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/j2objc/j2objc-annotations/3.1/j2objc-annotations-3.1.jar
MD5: abe8bd3abff622b9a8b15c3a737aa741
SHA1: a892ca9507839bbdb900d64310ac98256cab992f
SHA256: 84d3a150518485f8140ea99b8a985656749629f6433c92b80c75b36aba3b099b
Referenced In Projects/Scopes: waffle-spring-boot-starter3:provided waffle-spring-boot3:provided waffle-spring-boot-autoconfigure3:provided j2objc-annotations-3.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-boot-autoconfigure3@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-boot3@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-boot-starter3@3.6.0-SNAPSHOT Evidence Type Source Name Value Confidence Vendor file name j2objc-annotations High Vendor jar package name annotations Highest Vendor jar package name google Highest Vendor jar package name j2objc Highest Vendor Manifest build-jdk-spec 22 Low Vendor Manifest multi-release true Low Vendor pom artifactid j2objc-annotations Highest Vendor pom artifactid j2objc-annotations Low Vendor pom developer email tball@google.com Low Vendor pom developer id tomball Medium Vendor pom developer name Tom Ball Medium Vendor pom developer org Google Medium Vendor pom developer org URL https://www.google.com Medium Vendor pom groupid com.google.j2objc Highest Vendor pom name J2ObjC Annotations High Vendor pom url google/j2objc/ Highest Product file name j2objc-annotations High Product jar package name annotations Highest Product jar package name google Highest Product jar package name j2objc Highest Product Manifest build-jdk-spec 22 Low Product Manifest multi-release true Low Product pom artifactid j2objc-annotations Highest Product pom developer email tball@google.com Low Product pom developer id tomball Low Product pom developer name Tom Ball Low Product pom developer org Google Low Product pom developer org URL https://www.google.com Low Product pom groupid com.google.j2objc Highest Product pom name J2ObjC Annotations High Product pom url google/j2objc/ High Version file version 3.1 High Version pom version 3.1 Highest
pkg:maven/com.google.j2objc/j2objc-annotations@3.1 (Confidence :High) Description:
Core Jackson processing abstractions (aka Streaming API), implementation for JSON License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-core/2.19.2/jackson-core-2.19.2.jar
MD5: b3843578b0753a9a685eea819dea3ab7
SHA1: 50f3b4bd59b9ff51a0ed493e7b5abaf5c39709bf
SHA256: aa77eaf29293a868c47372194f7c5287d77d9370b04ea25d3fffc1e4904b5880
Referenced In Project/Scope: waffle-spring-boot-autoconfigure3:compile
jackson-core-2.19.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.7
Evidence Type Source Name Value Confidence Vendor file name jackson-core High Vendor jar package name base Highest Vendor jar package name com Highest Vendor jar package name core Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor jar package name json Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-core Highest Vendor pom artifactid jackson-core Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name Jackson-core High Vendor pom parent-artifactid jackson-base Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson-core Highest Product file name jackson-core High Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name base Highest Product jar package name com Highest Product jar package name core Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product jar package name json Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Product Manifest Bundle-Name Jackson-core Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Product Manifest Implementation-Title Jackson-core High Product Manifest multi-release true Low Product Manifest specification-title Jackson-core Medium Product pom artifactid jackson-core Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name Jackson-core High Product pom parent-artifactid jackson-base Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson-core High Version file version 2.19.2 High Version Manifest Bundle-Version 2.19.2 High Version Manifest Implementation-Version 2.19.2 High Version pom version 2.19.2 Highest
Related Dependencies jackson-annotations-2.19.2.jarFile Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-annotations/2.19.2/jackson-annotations-2.19.2.jar MD5: 99b71c4cebb9dae38ae925ac7ab0574f SHA1: 0c5381f11988ae3d424b197a26087d86067b6d7d SHA256: e516743a316dcf83c572ffc9cb6e8c5e8c134880c8c5155b02f7b34e9c5dc3cf pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.19.2 jackson-datatype-jdk8-2.19.2.jarFile Path: /home/runner/.m2/repository/com/fasterxml/jackson/datatype/jackson-datatype-jdk8/2.19.2/jackson-datatype-jdk8-2.19.2.jar MD5: 284d3188bc0c31d0bddf63ce34b4eace SHA1: a720d3946c3a1ab04b780f3b3163d62eee6948a0 SHA256: 6055fef10756e8bd1b0e8807aa1d881338c63ca95d59271e1da4922b9a17581e pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jdk8@2.19.2 jackson-datatype-jsr310-2.19.2.jarFile Path: /home/runner/.m2/repository/com/fasterxml/jackson/datatype/jackson-datatype-jsr310/2.19.2/jackson-datatype-jsr310-2.19.2.jar MD5: d7696f657f85fa3664f2a5fbd91febc2 SHA1: 72e73f048b36d9df82aef146bf8b2ae63b2e28e2 SHA256: 9709f43e0fa5625633ee66db6c078fb1e8c7ca02092696ba95ea785dbf0fa6a1 pkg:maven/com.fasterxml.jackson.datatype/jackson-datatype-jsr310@2.19.2 jackson-module-parameter-names-2.19.2.jarFile Path: /home/runner/.m2/repository/com/fasterxml/jackson/module/jackson-module-parameter-names/2.19.2/jackson-module-parameter-names-2.19.2.jar MD5: 001bf7f1db8b0d32fcf74a358e054f7b SHA1: 3c4ce467c11364c72ec4967c570fd5a2d1be1d0b SHA256: 5cafef98759b40a418631e91257930a5e30abc162d9a690c1e365dbbdacdfecb pkg:maven/com.fasterxml.jackson.module/jackson-module-parameter-names@2.19.2 pkg:maven/com.fasterxml.jackson.core/jackson-core@2.19.2 (Confidence :High) cpe:2.3:a:fasterxml:jackson-modules-java8:2.19.2:*:*:*:*:*:*:* (Confidence :Low) suppress Description:
General data-binding functionality for Jackson: works on core streaming API License:
The Apache Software License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/fasterxml/jackson/core/jackson-databind/2.19.2/jackson-databind-2.19.2.jar
MD5: 856506e1d49091e89599a3ef34990597
SHA1: 46509399d28f57ca32c6bb4b0d4e10e8f062051e
SHA256: 0a1bd4e9b0d670e632d40ee8c625ad376233502f03c2f5889baea95d025b47a7
Referenced In Project/Scope: waffle-spring-boot-autoconfigure3:compile
jackson-databind-2.19.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.7
Evidence Type Source Name Value Confidence Vendor file name jackson-databind High Vendor jar package name databind Highest Vendor jar package name fasterxml Highest Vendor jar package name jackson Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Vendor Manifest Implementation-Vendor FasterXML High Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor Manifest multi-release true Low Vendor Manifest specification-vendor FasterXML Low Vendor pom artifactid jackson-databind Highest Vendor pom artifactid jackson-databind Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor pom name jackson-databind High Vendor pom parent-artifactid jackson-base Low Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor pom url FasterXML/jackson Highest Product file name jackson-databind High Product hint analyzer product java8 Highest Product hint analyzer product modules Highest Product jar package name databind Highest Product jar package name fasterxml Highest Product jar package name jackson Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson Low Product Manifest Bundle-Name jackson-databind Medium Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Product Manifest Implementation-Title jackson-databind High Product Manifest multi-release true Low Product Manifest specification-title jackson-databind Medium Product pom artifactid jackson-databind Highest Product pom groupid com.fasterxml.jackson.core Highest Product pom name jackson-databind High Product pom parent-artifactid jackson-base Medium Product pom parent-groupid com.fasterxml.jackson Medium Product pom url FasterXML/jackson High Version file version 2.19.2 High Version Manifest Bundle-Version 2.19.2 High Version Manifest Implementation-Version 2.19.2 High Version pom version 2.19.2 Highest
Description:
Jakarta Annotations API License:
EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html File Path: /home/runner/.m2/repository/jakarta/annotation/jakarta.annotation-api/2.1.1/jakarta.annotation-api-2.1.1.jar
MD5: 5dac2f68e8288d0add4dc92cb161711d
SHA1: 48b9bda22b091b1f48b13af03fe36db3be6e1ae3
SHA256: 5f65fdaf424eee2b55e1d882ba9bb376be93fb09b37b808be6e22e8851c909fe
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile jakarta.annotation-api-2.1.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter@3.5.7 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.7 Evidence Type Source Name Value Confidence Vendor file name jakarta.annotation-api High Vendor jar package name annotation Highest Vendor jar package name jakarta Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname jakarta.annotation-api Medium Vendor Manifest extension-name jakarta.annotation Medium Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom artifactid jakarta.annotation-api Highest Vendor pom artifactid jakarta.annotation-api Low Vendor pom developer name Dmitry Kornilov Medium Vendor pom developer name Linda De Michiel Medium Vendor pom developer org Oracle Corp. Medium Vendor pom groupid jakarta.annotation Highest Vendor pom name Jakarta Annotations API High Vendor pom parent-artifactid project Low Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor pom url https://projects.eclipse.org/projects/ee4j.ca Highest Product file name jakarta.annotation-api High Product jar package name annotation Highest Product jar package name jakarta Highest Product Manifest build-jdk-spec 11 Low Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Jakarta Annotations API Medium Product Manifest bundle-symbolicname jakarta.annotation-api Medium Product Manifest extension-name jakarta.annotation Medium Product pom artifactid jakarta.annotation-api Highest Product pom developer name Dmitry Kornilov Low Product pom developer name Linda De Michiel Low Product pom developer org Oracle Corp. Low Product pom groupid jakarta.annotation Highest Product pom name Jakarta Annotations API High Product pom parent-artifactid project Medium Product pom parent-groupid org.eclipse.ee4j Medium Product pom url https://projects.eclipse.org/projects/ee4j.ca Medium Version file version 2.1.1 High Version Manifest Bundle-Version 2.1.1 High Version Manifest Implementation-Version 2.1.1 High Version pom parent-version 2.1.1 Low Version pom version 2.1.1 Highest
pkg:maven/jakarta.annotation/jakarta.annotation-api@2.1.1 (Confidence :High) cpe:2.3:a:oracle:projects:2.1.1:*:*:*:*:*:*:* (Confidence :Low) suppress Description:
Java Native Access License:
LGPL-2.1-or-later: https://www.gnu.org/licenses/old-licenses/lgpl-2.1
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.18.1/jna-5.18.1.jar
MD5: cb531ec131e1c68c045b5d45fe5b9878
SHA1: b27ba04287cc4abe769642fe8318d39fc89bf937
SHA256: 260c4b1e22b1db9e110ee441c4f13ce115f841fa48c41d78750986214b395557
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile jna-5.18.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT Evidence Type Source Name Value Confidence Vendor file name jna High Vendor jar package name jna Highest Vendor jar package name native Highest Vendor jar package name sun Highest Vendor jar (hint) package name oracle Highest Vendor Manifest automatic-module-name com.sun.jna Medium Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-category jni Low Vendor Manifest bundle-nativecode com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win32, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win32, com/sun/jna/win32-aarch64/jnidispatch.dll; processor=aarch64;osname=win32, com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win, com/sun/jna/win32-aarch64/jnidispatch.dll; processor=aarch64;osname=win, com/sun/jna/w32ce-arm/jnidispatch.dll; processor=arm;osname=wince, com/sun/jna/sunos-x86/libjnidispatch.so; processor=x86;osname=sunos, com/sun/jna/sunos-x86-64/libjnidispatch.so; processor=x86-64;osname=sunos, com/sun/jna/sunos-sparc/libjnidispatch.so; processor=sparc;osname=sunos, com/sun/jna/sunos-sparcv9/libjnidispatch.so; processor=sparcv9;osname=sunos, com/sun/jna/aix-ppc/libjnidispatch.a; processor=ppc;osname=aix, com/sun/jna/aix-ppc64/libjnidispatch.a; processor=ppc64;osname=aix, com/sun/jna/linux-ppc/libjnidispatch.so; processor=ppc;osname=linux, com/sun/jna/linux-ppc64/libjnidispatch.so; processor=ppc64;osname=linux, com/sun/jna/linux-ppc64le/libjnidispatch.so; processor=ppc64le;osname=linux, com/sun/jna/linux-x86/libjnidispatch.so; processor=x86;osname=linux, com/sun/jna/linux-x86-64/libjnidispatch.so; processor=x86-64;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm_le;osname=linux, com/sun/jna/linux-armel/libjnidispatch.so; processor=armel;osname=linux, com/sun/jna/linux-aarch64/libjnidispatch.so; processor=aarch64;osname=linux, com/sun/jna/linux-ia64/libjnidispatch.so; processor=ia64;osname=linux, com/sun/jna/linux-sparcv9/libjnidispatch.so; processor=sparcv9;osname=linux, com/sun/jna/linux-mips64el/libjnidispatch.so; processor=mips64el;osname=linux, com/sun/jna/linux-s390x/libjnidispatch.so; processor=S390x;osname=linux, com/sun/jna/linux-loongarch64/libjnidispatch.so; processor=loongarch64;osname=linux, com/sun/jna/linux-riscv64/libjnidispatch.so; processor=riscv64;osname=linux, com/sun/jna/dragonflybsd-x86-64/libjnidispatch.so; processor=x86-64;osname=dragonflybsd, com/sun/jna/freebsd-x86/libjnidispatch.so; processor=x86;osname=freebsd, com/sun/jna/freebsd-x86-64/libjnidispatch.so; processor=x86-64;osname=freebsd, com/sun/jna/freebsd-aarch64/libjnidispatch.so; processor=aarch64;osname=freebsd, com/sun/jna/freebsd-ppc64le/libjnidispatch.so; processor=ppc64le;osname=freebsd, com/sun/jna/freebsd-ppc64/libjnidispatch.so; processor=ppc64;osname=freebsd, com/sun/jna/openbsd-x86/libjnidispatch.so; processor=x86;osname=openbsd, com/sun/jna/openbsd-x86-64/libjnidispatch.so; processor=x86-64;osname=openbsd, com/sun/jna/darwin-ppc/libjnidispatch.jnilib; osname=macosx;processor=ppc, com/sun/jna/darwin-ppc64/libjnidispatch.jnilib; osname=macosx;processor=ppc64, com/sun/jna/darwin-x86/libjnidispatch.jnilib; osname=macosx;processor=x86, com/sun/jna/darwin-x86-64/libjnidispatch.jnilib; osname=macosx;processor=x86-64, com/sun/jna/darwin-aarch64/libjnidispatch.jnilib; osname=macosx;processor=aarch64 Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Vendor Manifest bundle-symbolicname com.sun.jna Medium Vendor Manifest Implementation-Vendor JNA Development Team High Vendor Manifest specification-vendor JNA Development Team Low Vendor pom artifactid jna Highest Vendor pom artifactid jna Low Vendor pom developer email mblaesing@doppel-helix.eu Low Vendor pom developer id twall Medium Vendor pom developer name Matthias Bläsing Medium Vendor pom developer name Timothy Wall Medium Vendor pom groupid net.java.dev.jna Highest Vendor pom name Java Native Access High Vendor pom url java-native-access/jna Highest Product file name jna High Product jar package name jna Highest Product jar package name library Highest Product jar package name native Highest Product jar package name sun Highest Product jar package name win32 Highest Product Manifest automatic-module-name com.sun.jna Medium Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-category jni Low Product Manifest Bundle-Name jna Medium Product Manifest bundle-nativecode com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win32, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win32, com/sun/jna/win32-aarch64/jnidispatch.dll; processor=aarch64;osname=win32, com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win, com/sun/jna/win32-x86-64/jnidispatch.dll; processor=x86-64;osname=win, com/sun/jna/win32-aarch64/jnidispatch.dll; processor=aarch64;osname=win, com/sun/jna/w32ce-arm/jnidispatch.dll; processor=arm;osname=wince, com/sun/jna/sunos-x86/libjnidispatch.so; processor=x86;osname=sunos, com/sun/jna/sunos-x86-64/libjnidispatch.so; processor=x86-64;osname=sunos, com/sun/jna/sunos-sparc/libjnidispatch.so; processor=sparc;osname=sunos, com/sun/jna/sunos-sparcv9/libjnidispatch.so; processor=sparcv9;osname=sunos, com/sun/jna/aix-ppc/libjnidispatch.a; processor=ppc;osname=aix, com/sun/jna/aix-ppc64/libjnidispatch.a; processor=ppc64;osname=aix, com/sun/jna/linux-ppc/libjnidispatch.so; processor=ppc;osname=linux, com/sun/jna/linux-ppc64/libjnidispatch.so; processor=ppc64;osname=linux, com/sun/jna/linux-ppc64le/libjnidispatch.so; processor=ppc64le;osname=linux, com/sun/jna/linux-x86/libjnidispatch.so; processor=x86;osname=linux, com/sun/jna/linux-x86-64/libjnidispatch.so; processor=x86-64;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm_le;osname=linux, com/sun/jna/linux-armel/libjnidispatch.so; processor=armel;osname=linux, com/sun/jna/linux-aarch64/libjnidispatch.so; processor=aarch64;osname=linux, com/sun/jna/linux-ia64/libjnidispatch.so; processor=ia64;osname=linux, com/sun/jna/linux-sparcv9/libjnidispatch.so; processor=sparcv9;osname=linux, com/sun/jna/linux-mips64el/libjnidispatch.so; processor=mips64el;osname=linux, com/sun/jna/linux-s390x/libjnidispatch.so; processor=S390x;osname=linux, com/sun/jna/linux-loongarch64/libjnidispatch.so; processor=loongarch64;osname=linux, com/sun/jna/linux-riscv64/libjnidispatch.so; processor=riscv64;osname=linux, com/sun/jna/dragonflybsd-x86-64/libjnidispatch.so; processor=x86-64;osname=dragonflybsd, com/sun/jna/freebsd-x86/libjnidispatch.so; processor=x86;osname=freebsd, com/sun/jna/freebsd-x86-64/libjnidispatch.so; processor=x86-64;osname=freebsd, com/sun/jna/freebsd-aarch64/libjnidispatch.so; processor=aarch64;osname=freebsd, com/sun/jna/freebsd-ppc64le/libjnidispatch.so; processor=ppc64le;osname=freebsd, com/sun/jna/freebsd-ppc64/libjnidispatch.so; processor=ppc64;osname=freebsd, com/sun/jna/openbsd-x86/libjnidispatch.so; processor=x86;osname=openbsd, com/sun/jna/openbsd-x86-64/libjnidispatch.so; processor=x86-64;osname=openbsd, com/sun/jna/darwin-ppc/libjnidispatch.jnilib; osname=macosx;processor=ppc, com/sun/jna/darwin-ppc64/libjnidispatch.jnilib; osname=macosx;processor=ppc64, com/sun/jna/darwin-x86/libjnidispatch.jnilib; osname=macosx;processor=x86, com/sun/jna/darwin-x86-64/libjnidispatch.jnilib; osname=macosx;processor=x86-64, com/sun/jna/darwin-aarch64/libjnidispatch.jnilib; osname=macosx;processor=aarch64 Low Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6 Low Product Manifest bundle-symbolicname com.sun.jna Medium Product Manifest Implementation-Title com.sun.jna High Product Manifest specification-title Java Native Access (JNA) Medium Product pom artifactid jna Highest Product pom developer email mblaesing@doppel-helix.eu Low Product pom developer id twall Low Product pom developer name Matthias Bläsing Low Product pom developer name Timothy Wall Low Product pom groupid net.java.dev.jna Highest Product pom name Java Native Access High Product pom url java-native-access/jna High Version file version 5.18.1 High Version Manifest Bundle-Version 5.18.1 High Version pom version 5.18.1 Highest
pkg:maven/net.java.dev.jna/jna@5.18.1 (Confidence :High) cpe:2.3:a:oracle:java_se:5.18.1:*:*:*:*:*:*:* (Confidence :Low) suppress File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.18.1/jna-5.18.1.jar/com/sun/jna/win32-aarch64/jnidispatch.dllMD5: 302945a811fd8e21bcdd5226c73b6f74SHA1: 6b05e299ff2b3eb3b7b7aeac44263f715693607cSHA256: b8f98be314234cf12b5b46c29652f70c0f6abb93ae19b63d3fe2692062aa699dReferenced In Projects/Scopes:
waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile Evidence Type Source Name Value Confidence Vendor file name jnidispatch High Product file name jnidispatch High
File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.18.1/jna-5.18.1.jar/com/sun/jna/win32-x86-64/jnidispatch.dllMD5: 2d2475f1f026dd54e9f3e787ae4f81daSHA1: 27ff882ac271db547aee520b38e3ba9aa91e136cSHA256: 5a7ff949f6d93d86491eb5b26b1cfc60051168a60622650224b89995ac420023Referenced In Projects/Scopes:
waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile Evidence Type Source Name Value Confidence Vendor file name jnidispatch High Product file name jnidispatch High
File Path: /home/runner/.m2/repository/net/java/dev/jna/jna/5.18.1/jna-5.18.1.jar/com/sun/jna/win32-x86/jnidispatch.dllMD5: 0caa1ef75a807f9dde05084fa2219a5cSHA1: 2f5e1cd82cde192905c7510ce99037b67d980640SHA256: 752d597cee7e95cb517327146bf42f124c0d6c0bc48b3ecc3b1b3b0531a52f44Referenced In Projects/Scopes:
waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile Evidence Type Source Name Value Confidence Vendor file name jnidispatch High Product file name jnidispatch High
Description:
Java Native Access Platform License:
LGPL-2.1-or-later: https://www.gnu.org/licenses/old-licenses/lgpl-2.1
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/net/java/dev/jna/jna-platform/5.18.1/jna-platform-5.18.1.jar
MD5: a7af00779ec98bfe22dfb07b1532830d
SHA1: dd817f391efc492041c9ae91127527c13750a789
SHA256: ad14c1b1ec4f43d396231219dfa635ebf828f738eac9f890ea1bc07795892d9a
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile jna-platform-5.18.1.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT Evidence Type Source Name Value Confidence Vendor file name jna-platform High Vendor jar package name jna Highest Vendor jar package name platform Highest Vendor jar package name sun Highest Vendor jar (hint) package name oracle Highest Vendor Manifest automatic-module-name com.sun.jna.platform Medium Vendor Manifest bundle-category jni Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.4 Low Vendor Manifest bundle-symbolicname com.sun.jna.platform Medium Vendor Manifest Implementation-Vendor JNA Development Team High Vendor Manifest specification-vendor JNA Development Team Low Vendor pom artifactid jna-platform Highest Vendor pom artifactid jna-platform Low Vendor pom developer email mblaesing@doppel-helix.eu Low Vendor pom developer id twall Medium Vendor pom developer name Matthias Bläsing Medium Vendor pom developer name Timothy Wall Medium Vendor pom groupid net.java.dev.jna Highest Vendor pom name Java Native Access Platform High Vendor pom url java-native-access/jna Highest Product file name jna-platform High Product jar package name jna Highest Product jar package name platform Highest Product jar package name sun Highest Product Manifest automatic-module-name com.sun.jna.platform Medium Product Manifest bundle-category jni Low Product Manifest Bundle-Name jna-platform Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.4 Low Product Manifest bundle-symbolicname com.sun.jna.platform Medium Product Manifest Implementation-Title com.sun.jna High Product Manifest specification-title Java Native Access (JNA) Medium Product pom artifactid jna-platform Highest Product pom developer email mblaesing@doppel-helix.eu Low Product pom developer id twall Low Product pom developer name Matthias Bläsing Low Product pom developer name Timothy Wall Low Product pom groupid net.java.dev.jna Highest Product pom name Java Native Access Platform High Product pom url java-native-access/jna High Version file version 5.18.1 High Version Manifest Bundle-Version 5.18.1 High Version pom version 5.18.1 Highest
pkg:maven/net.java.dev.jna/jna-platform@5.18.1 (Confidence :High) Description:
An artifact of well-named and well-specified annotations to power static analysis checks License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/jspecify/jspecify/1.0.0/jspecify-1.0.0.jar
MD5: 9133aba420d0ca3b001dbb6ae9992cf6
SHA1: 7425a601c1c7ec76645a78d22b8c6a627edee507
SHA256: 1fad6e6be7557781e4d33729d49ae1cdc8fdda6fe477bb0cc68ce351eafdfbab
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile jspecify-1.0.0.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT Evidence Type Source Name Value Confidence Vendor file name jspecify High Vendor jar package name annotations Highest Vendor jar package name jspecify Highest Vendor Manifest bundle-docurl https://jspecify.dev/docs/start-here Low Vendor Manifest bundle-symbolicname org.jspecify.jspecify Medium Vendor Manifest multi-release true Low Vendor pom artifactid jspecify Highest Vendor pom artifactid jspecify Low Vendor pom developer email kevinb9n@gmail.com Low Vendor pom developer id kevinb9n Medium Vendor pom developer name Kevin Bourrillion Medium Vendor pom groupid org.jspecify Highest Vendor pom name JSpecify annotations High Vendor pom url http://jspecify.org/ Highest Product file name jspecify High Product jar package name annotations Highest Product jar package name jspecify Highest Product Manifest bundle-docurl https://jspecify.dev/docs/start-here Low Product Manifest Bundle-Name JSpecify annotations Medium Product Manifest bundle-symbolicname org.jspecify.jspecify Medium Product Manifest multi-release true Low Product pom artifactid jspecify Highest Product pom developer email kevinb9n@gmail.com Low Product pom developer id kevinb9n Low Product pom developer name Kevin Bourrillion Low Product pom groupid org.jspecify Highest Product pom name JSpecify annotations High Product pom url http://jspecify.org/ Medium Version file version 1.0.0 High Version Manifest Bundle-Version 1.0.0 High Version Manifest Implementation-Version 1.0.0 High Version pom version 1.0.0 Highest
pkg:maven/org.jspecify/jspecify@1.0.0 (Confidence :High) Description:
JSR305 Annotations for Findbugs License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256: 766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Projects/Scopes: waffle-spring-boot-starter3:provided waffle-spring-boot3:provided waffle-spring-boot-autoconfigure3:provided jsr305-3.0.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.8 pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.8 pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.8 Evidence Type Source Name Value Confidence Vendor file name jsr305 High Vendor Manifest bundle-symbolicname org.jsr-305 Medium Vendor pom artifactid jsr305 Highest Vendor pom artifactid jsr305 Low Vendor pom groupid com.google.code.findbugs Highest Vendor pom name FindBugs-jsr305 High Vendor pom url http://findbugs.sourceforge.net/ Highest Product file name jsr305 High Product Manifest Bundle-Name FindBugs-jsr305 Medium Product Manifest bundle-symbolicname org.jsr-305 Medium Product pom artifactid jsr305 Highest Product pom groupid com.google.code.findbugs Highest Product pom name FindBugs-jsr305 High Product pom url http://findbugs.sourceforge.net/ Medium Version file version 3.0.2 High Version Manifest Bundle-Version 3.0.2 High Version pom version 3.0.2 Highest
pkg:maven/com.google.code.findbugs/jsr305@3.0.2 (Confidence :High) Description:
JUL to SLF4J bridge License:
https://opensource.org/license/mit File Path: /home/runner/.m2/repository/org/slf4j/jul-to-slf4j/2.0.17/jul-to-slf4j-2.0.17.jar
MD5: a42936c56611e4794c42908fb3d3a647
SHA1: 524cb6ccc2b68a57604750e1ab8b13b5a786a6aa
SHA256: a7afcd23b9cfd1475e55c94f943b808c5922035e7e2c2a5c65a487a4106bc538
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile jul-to-slf4j-2.0.17.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter@3.5.7 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.7 Evidence Type Source Name Value Confidence Vendor file name jul-to-slf4j High Vendor jar package name bridge Highest Vendor jar package name slf4j Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl http://www.slf4j.org Low Vendor Manifest bundle-symbolicname jul.to.slf4j Medium Vendor Manifest multi-release true Low Vendor pom artifactid jul-to-slf4j Highest Vendor pom artifactid jul-to-slf4j Low Vendor pom groupid org.slf4j Highest Vendor pom name JUL to SLF4J bridge High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name jul-to-slf4j High Product jar package name bridge Highest Product jar package name slf4j Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl http://www.slf4j.org Low Product Manifest Bundle-Name JUL to SLF4J bridge Medium Product Manifest bundle-symbolicname jul.to.slf4j Medium Product Manifest Implementation-Title jul-to-slf4j High Product Manifest multi-release true Low Product pom artifactid jul-to-slf4j Highest Product pom groupid org.slf4j Highest Product pom name JUL to SLF4J bridge High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 2.0.17 High Version Manifest Bundle-Version 2.0.17 High Version Manifest Implementation-Version 2.0.17 High Version pom version 2.0.17 Highest
pkg:maven/org.slf4j/jul-to-slf4j@2.0.17 (Confidence :High) Description:
The logging API of the Log4j project.
Library and application code can log through this API.
It contains a simple built-in implementation (`SimpleLogger`) for trivial use cases.
Production applications are recommended to use Log4j API in combination with a fully-fledged implementation, such as Log4j Core. License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/logging/log4j/log4j-api/2.25.2/log4j-api-2.25.2.jar
MD5: 4ad7b5c23d86eab187e599a826fa9254
SHA1: 292c1a2b1702f1e1e3adb13e1c57e5bff60335ff
SHA256: 9fd66c9fe0bea06fa9666c147989a46cafaa92b4a88753697d3945cc43338cbb
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile log4j-api-2.25.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter@3.5.7 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.7 Evidence Type Source Name Value Confidence Vendor file name log4j-api High Vendor jar package name apache Highest Vendor jar package name log4j Highest Vendor jar package name logging Highest Vendor jar package name org Highest Vendor jar package name simple Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-symbolicname org.apache.logging.log4j.api Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release true Low Vendor Manifest provide-capability osgi.service;objectClass:List="org.apache.logging.log4j.util.PropertySource";effective:=active,osgi.serviceloader;osgi.serviceloader="org.apache.logging.log4j.util.PropertySource";register:="org.apache.logging.log4j.util.EnvironmentPropertySource",osgi.serviceloader;osgi.serviceloader="org.apache.logging.log4j.util.PropertySource";register:="org.apache.logging.log4j.util.SystemPropertiesPropertySource" Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid log4j-api Highest Vendor pom artifactid log4j-api Low Vendor pom groupid org.apache.logging.log4j Highest Vendor pom name Apache Log4j API High Vendor pom parent-artifactid log4j Low Vendor pom url https://logging.apache.org/log4j/2.x/ Highest Product file name log4j-api High Product jar package name apache Highest Product jar package name log4j Highest Product jar package name logging Highest Product jar package name org Highest Product jar package name simple Highest Product jar package name util Highest Product Manifest build-jdk-spec 17 Low Product Manifest bundle-activationpolicy lazy Low Product Manifest Bundle-Name Apache Log4j API Medium Product Manifest bundle-symbolicname org.apache.logging.log4j.api Medium Product Manifest Implementation-Title Apache Log4j API High Product Manifest multi-release true Low Product Manifest provide-capability osgi.service;objectClass:List="org.apache.logging.log4j.util.PropertySource";effective:=active,osgi.serviceloader;osgi.serviceloader="org.apache.logging.log4j.util.PropertySource";register:="org.apache.logging.log4j.util.EnvironmentPropertySource",osgi.serviceloader;osgi.serviceloader="org.apache.logging.log4j.util.PropertySource";register:="org.apache.logging.log4j.util.SystemPropertiesPropertySource" Low Product Manifest specification-title Apache Log4j API Medium Product pom artifactid log4j-api Highest Product pom groupid org.apache.logging.log4j Highest Product pom name Apache Log4j API High Product pom parent-artifactid log4j Medium Product pom url https://logging.apache.org/log4j/2.x/ Medium Version file version 2.25.2 High Version Manifest Bundle-Version 2.25.2 High Version Manifest Implementation-Version 2.25.2 High Version pom version 2.25.2 Highest
Description:
Forwards the Log4j API calls to SLF4J.
(Refer to the `log4j-slf4j[2]-impl` artifacts for forwarding SLF4J to the Log4j API.) License:
Apache-2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/logging/log4j/log4j-to-slf4j/2.25.2/log4j-to-slf4j-2.25.2.jar
MD5: 381a456c8315d101e3e2ef33ec470654
SHA1: 3843798847a7623c1724a9522002233e14fcb0ff
SHA256: 529016f771a1df93c57c9a95dfab6790e58c109dfcc536029cc29d69514be452
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile log4j-to-slf4j-2.25.2.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.7 pkg:maven/org.springframework.boot/spring-boot-starter@3.5.7 Evidence Type Source Name Value Confidence Vendor file name log4j-to-slf4j High Vendor jar package name apache Highest Vendor jar package name logging Highest Vendor jar package name slf4j Highest Vendor Manifest build-jdk-spec 17 Low Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-symbolicname org.apache.logging.log4j.to.slf4j Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest multi-release false Low Vendor Manifest provide-capability osgi.service;objectClass:List="org.apache.logging.log4j.spi.Provider";effective:=active,osgi.serviceloader;osgi.serviceloader="org.apache.logging.log4j.spi.Provider";register:="org.apache.logging.slf4j.SLF4JProvider" Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid log4j-to-slf4j Highest Vendor pom artifactid log4j-to-slf4j Low Vendor pom groupid org.apache.logging.log4j Highest Vendor pom name Log4j API to SLF4J Adapter High Vendor pom parent-artifactid log4j Low Vendor pom url https://logging.apache.org/log4j/2.x/ Highest Product file name log4j-to-slf4j High Product jar package name apache Highest Product jar package name logging Highest Product jar package name slf4j Highest Product jar package name slf4jprovider Highest Product Manifest build-jdk-spec 17 Low Product Manifest bundle-activationpolicy lazy Low Product Manifest Bundle-Name Log4j API to SLF4J Adapter Medium Product Manifest bundle-symbolicname org.apache.logging.log4j.to.slf4j Medium Product Manifest Implementation-Title Log4j API to SLF4J Adapter High Product Manifest multi-release false Low Product Manifest provide-capability osgi.service;objectClass:List="org.apache.logging.log4j.spi.Provider";effective:=active,osgi.serviceloader;osgi.serviceloader="org.apache.logging.log4j.spi.Provider";register:="org.apache.logging.slf4j.SLF4JProvider" Low Product Manifest specification-title Log4j API to SLF4J Adapter Medium Product pom artifactid log4j-to-slf4j Highest Product pom groupid org.apache.logging.log4j Highest Product pom name Log4j API to SLF4J Adapter High Product pom parent-artifactid log4j Medium Product pom url https://logging.apache.org/log4j/2.x/ Medium Version file version 2.25.2 High Version Manifest Bundle-Version 2.25.2 High Version Manifest Implementation-Version 2.25.2 High Version pom version 2.25.2 Highest
pkg:maven/org.apache.logging.log4j/log4j-to-slf4j@2.25.2 (Confidence :High) Description:
logback-core module License:
http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html File Path: /home/runner/.m2/repository/ch/qos/logback/logback-core/1.5.20/logback-core-1.5.20.jar
MD5: 1ac95175bcce6f6747f755921d1c578f
SHA1: c5e87126a18d729240c683db179a9387b2daa632
SHA256: 29fe095bb7b7f850907aec3fddeb40c8d399d85e5680e8d3533e3da5d9aae917
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile logback-core-1.5.20.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter@3.5.7 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.7 Evidence Type Source Name Value Confidence Vendor file name logback-core High Vendor jar package name ch Highest Vendor jar package name core Highest Vendor jar package name logback Highest Vendor jar package name qos Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl http://www.qos.ch Low Vendor Manifest bundle-symbolicname ch.qos.logback.core Medium Vendor Manifest Implementation-Vendor QOS.ch High Vendor Manifest multi-release true Low Vendor Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Vendor Manifest specification-vendor QOS.ch Low Vendor pom artifactid logback-core Highest Vendor pom artifactid logback-core Low Vendor pom groupid ch.qos.logback Highest Vendor pom name Logback Core Module High Vendor pom parent-artifactid logback-parent Low Product file name logback-core High Product jar package name 21 Highest Product jar package name ch Highest Product jar package name core Highest Product jar package name logback Highest Product jar package name qos Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl http://www.qos.ch Low Product Manifest Bundle-Name Logback Core Module Medium Product Manifest bundle-symbolicname ch.qos.logback.core Medium Product Manifest Implementation-Title Logback Core Module High Product Manifest multi-release true Low Product Manifest originally-created-by Apache Maven Bundle Plugin 5.1.9 Low Product Manifest specification-title Logback Core Module Medium Product pom artifactid logback-core Highest Product pom groupid ch.qos.logback Highest Product pom name Logback Core Module High Product pom parent-artifactid logback-parent Medium Version file version 1.5.20 High Version Manifest Bundle-Version 1.5.20 High Version Manifest Implementation-Version 1.5.20 High Version pom version 1.5.20 Highest
Related Dependencies logback-classic-1.5.20.jarFile Path: /home/runner/.m2/repository/ch/qos/logback/logback-classic/1.5.20/logback-classic-1.5.20.jar MD5: 27d2420a33cc0b18abe75eb7c7c12b27 SHA1: 3db675c8bc2f791612721d177ba54021eed3ade9 SHA256: 1228db99e1af602e191a2b142252d8aaf68129e643c19e7f92137ce5f7209ad3 pkg:maven/ch.qos.logback/logback-classic@1.5.20 Description:
Module containing common code License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/io/micrometer/micrometer-commons/1.15.5/micrometer-commons-1.15.5.jar
MD5: faed40ee945d639bd7a5bfb9cf11a65a
SHA1: c7136877f2d8aed7627ef850f25ad2e6e71271dc
SHA256: 55fc55ec22f8e2965fa9a7c3521d4e5f1fc020bf236f919a12cbb68cafabf83f
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile micrometer-commons-1.15.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT Evidence Type Source Name Value Confidence Vendor file name micrometer-commons High Vendor jar package name common Highest Vendor jar package name io Highest Vendor jar package name micrometer Highest Vendor Manifest automatic-module-name micrometer.commons Medium Vendor Manifest branch HEAD Low Vendor Manifest build-date 2025-10-13_21:54:38 Low Vendor Manifest build-date-utc 2025-10-13T21:54:38.787771051Z Low Vendor Manifest build-host 7e0beef5e573 Low Vendor Manifest build-job deploy Low Vendor Manifest build-number 57194 Low Vendor Manifest build-timezone Etc/UTC Low Vendor Manifest build-url https://circleci.com/gh/micrometer-metrics/micrometer/57194 Low Vendor Manifest built-os Linux Low Vendor Manifest built-status release Low Vendor Manifest bundle-symbolicname micrometer-commons Medium Vendor Manifest change ce3a9e0 Low Vendor Manifest full-change ce3a9e0efcc9afaec80d0c2d3036cd570ad91f07 Low Vendor Manifest module-email tludwig@vmware.com Low Vendor Manifest module-origin micrometer-metrics/micrometer.git Low Vendor Manifest module-owner tludwig@vmware.com Low Vendor Manifest module-source /micrometer-commons Low Vendor pom artifactid micrometer-commons Highest Vendor pom artifactid micrometer-commons Low Vendor pom developer email tludwig@vmware.com Low Vendor pom developer id shakuzen Medium Vendor pom developer name Tommy Ludwig Medium Vendor pom groupid io.micrometer Highest Vendor pom name micrometer-commons High Vendor pom url micrometer-metrics/micrometer Highest Product file name micrometer-commons High Product jar package name common Highest Product jar package name io Highest Product jar package name micrometer Highest Product Manifest automatic-module-name micrometer.commons Medium Product Manifest branch HEAD Low Product Manifest build-date 2025-10-13_21:54:38 Low Product Manifest build-date-utc 2025-10-13T21:54:38.787771051Z Low Product Manifest build-host 7e0beef5e573 Low Product Manifest build-job deploy Low Product Manifest build-number 57194 Low Product Manifest build-timezone Etc/UTC Low Product Manifest build-url https://circleci.com/gh/micrometer-metrics/micrometer/57194 Low Product Manifest built-os Linux Low Product Manifest built-status release Low Product Manifest Bundle-Name micrometer-commons Medium Product Manifest bundle-symbolicname micrometer-commons Medium Product Manifest change ce3a9e0 Low Product Manifest full-change ce3a9e0efcc9afaec80d0c2d3036cd570ad91f07 Low Product Manifest Implementation-Title io.micrometer#micrometer-commons;1.15.5 High Product Manifest module-email tludwig@vmware.com Low Product Manifest module-origin micrometer-metrics/micrometer.git Low Product Manifest module-owner tludwig@vmware.com Low Product Manifest module-source /micrometer-commons Low Product pom artifactid micrometer-commons Highest Product pom developer email tludwig@vmware.com Low Product pom developer id shakuzen Low Product pom developer name Tommy Ludwig Low Product pom groupid io.micrometer Highest Product pom name micrometer-commons High Product pom url micrometer-metrics/micrometer High Version file version 1.15.5 High Version Manifest Bundle-Version 1.15.5 High Version Manifest Implementation-Version 1.15.5 High Version pom version 1.15.5 Highest
pkg:maven/io.micrometer/micrometer-commons@1.15.5 (Confidence :High) Description:
Module containing Observation related code License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/io/micrometer/micrometer-observation/1.15.5/micrometer-observation-1.15.5.jar
MD5: 2d5bc8b96be029c05d208082bc0d80f4
SHA1: 60956d6926392e0abef3d34dfcabdc4b013953c8
SHA256: 69fac03f20b5b6b4f90abcf463682e0134b21e27925b0e223f2c3a64ca04e0c3
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile micrometer-observation-1.15.5.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT Evidence Type Source Name Value Confidence Vendor file name micrometer-observation High Vendor jar package name io Highest Vendor jar package name micrometer Highest Vendor jar package name observation Highest Vendor Manifest automatic-module-name micrometer.observation Medium Vendor Manifest branch HEAD Low Vendor Manifest build-date 2025-10-13_21:54:39 Low Vendor Manifest build-date-utc 2025-10-13T21:54:39.128144245Z Low Vendor Manifest build-host 7e0beef5e573 Low Vendor Manifest build-job deploy Low Vendor Manifest build-number 57194 Low Vendor Manifest build-timezone Etc/UTC Low Vendor Manifest build-url https://circleci.com/gh/micrometer-metrics/micrometer/57194 Low Vendor Manifest built-os Linux Low Vendor Manifest built-status release Low Vendor Manifest bundle-symbolicname micrometer-observation Medium Vendor Manifest change ce3a9e0 Low Vendor Manifest full-change ce3a9e0efcc9afaec80d0c2d3036cd570ad91f07 Low Vendor Manifest module-email tludwig@vmware.com Low Vendor Manifest module-origin micrometer-metrics/micrometer.git Low Vendor Manifest module-owner tludwig@vmware.com Low Vendor Manifest module-source /micrometer-observation Low Vendor pom artifactid micrometer-observation Highest Vendor pom artifactid micrometer-observation Low Vendor pom developer email tludwig@vmware.com Low Vendor pom developer id shakuzen Medium Vendor pom developer name Tommy Ludwig Medium Vendor pom groupid io.micrometer Highest Vendor pom name micrometer-observation High Vendor pom url micrometer-metrics/micrometer Highest Product file name micrometer-observation High Product jar package name io Highest Product jar package name micrometer Highest Product jar package name observation Highest Product Manifest automatic-module-name micrometer.observation Medium Product Manifest branch HEAD Low Product Manifest build-date 2025-10-13_21:54:39 Low Product Manifest build-date-utc 2025-10-13T21:54:39.128144245Z Low Product Manifest build-host 7e0beef5e573 Low Product Manifest build-job deploy Low Product Manifest build-number 57194 Low Product Manifest build-timezone Etc/UTC Low Product Manifest build-url https://circleci.com/gh/micrometer-metrics/micrometer/57194 Low Product Manifest built-os Linux Low Product Manifest built-status release Low Product Manifest Bundle-Name micrometer-observation Medium Product Manifest bundle-symbolicname micrometer-observation Medium Product Manifest change ce3a9e0 Low Product Manifest full-change ce3a9e0efcc9afaec80d0c2d3036cd570ad91f07 Low Product Manifest Implementation-Title io.micrometer#micrometer-observation;1.15.5 High Product Manifest module-email tludwig@vmware.com Low Product Manifest module-origin micrometer-metrics/micrometer.git Low Product Manifest module-owner tludwig@vmware.com Low Product Manifest module-source /micrometer-observation Low Product pom artifactid micrometer-observation Highest Product pom developer email tludwig@vmware.com Low Product pom developer id shakuzen Low Product pom developer name Tommy Ludwig Low Product pom groupid io.micrometer Highest Product pom name micrometer-observation High Product pom url micrometer-metrics/micrometer High Version file version 1.15.5 High Version Manifest Bundle-Version 1.15.5 High Version Manifest Implementation-Version 1.15.5 High Version pom version 1.15.5 Highest
pkg:maven/io.micrometer/micrometer-observation@1.15.5 (Confidence :High) Description:
The slf4j API License:
https://opensource.org/license/mit File Path: /home/runner/.m2/repository/org/slf4j/slf4j-api/2.0.17/slf4j-api-2.0.17.jar
MD5: b6480d114a23683498ac3f746f959d2f
SHA1: d9e58ac9c7779ba3bf8142aff6c830617a7fe60f
SHA256: 7b751d952061954d5abfed7181c1f645d336091b679891591d63329c622eb832
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile slf4j-api-2.0.17.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.slf4j/slf4j-simple@2.0.17 pkg:maven/org.slf4j/slf4j-simple@2.0.17 Evidence Type Source Name Value Confidence Vendor file name slf4j-api High Vendor jar package name slf4j Highest Vendor Manifest build-jdk-spec 21 Low Vendor Manifest bundle-docurl http://www.slf4j.org Low Vendor Manifest bundle-symbolicname slf4j.api Medium Vendor Manifest multi-release true Low Vendor pom artifactid slf4j-api Highest Vendor pom artifactid slf4j-api Low Vendor pom groupid org.slf4j Highest Vendor pom name SLF4J API Module High Vendor pom parent-artifactid slf4j-parent Low Vendor pom url http://www.slf4j.org Highest Product file name slf4j-api High Product jar package name slf4j Highest Product Manifest build-jdk-spec 21 Low Product Manifest bundle-docurl http://www.slf4j.org Low Product Manifest Bundle-Name SLF4J API Module Medium Product Manifest bundle-symbolicname slf4j.api Medium Product Manifest Implementation-Title slf4j-api High Product Manifest multi-release true Low Product pom artifactid slf4j-api Highest Product pom groupid org.slf4j Highest Product pom name SLF4J API Module High Product pom parent-artifactid slf4j-parent Medium Product pom url http://www.slf4j.org Medium Version file version 2.0.17 High Version Manifest Bundle-Version 2.0.17 High Version Manifest Implementation-Version 2.0.17 High Version pom version 2.0.17 Highest
pkg:maven/org.slf4j/slf4j-api@2.0.17 (Confidence :High) Description:
YAML 1.1 parser and emitter for Java License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/yaml/snakeyaml/2.4/snakeyaml-2.4.jar
MD5: 29410ee3a987e3bff7b847933c591972
SHA1: e0666b825b796f85521f02360e77f4c92c5a7a07
SHA256: ef779af5d29a9dde8cc70ce0341f5c6f7735e23edff9685ceaa9d35359b7bb7f
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile snakeyaml-2.4.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter@3.5.7 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.7 Evidence Type Source Name Value Confidence Vendor file name snakeyaml High Vendor jar package name emitter Highest Vendor jar package name org Highest Vendor jar package name parser Highest Vendor jar package name snakeyaml Highest Vendor jar package name yaml Highest Vendor Manifest build-jdk-spec 11 Low Vendor Manifest bundle-symbolicname org.yaml.snakeyaml Medium Vendor Manifest multi-release true Low Vendor pom artifactid snakeyaml Highest Vendor pom artifactid snakeyaml Low Vendor pom developer email alexander.maslov@gmail.com Low Vendor pom developer email public.somov@gmail.com Low Vendor pom developer id asomov Medium Vendor pom developer id maslovalex Medium Vendor pom developer name Alexander Maslov Medium Vendor pom developer name Andrey Somov Medium Vendor pom groupid org.yaml Highest Vendor pom name SnakeYAML High Vendor pom url https://bitbucket.org/snakeyaml/snakeyaml Highest Product file name snakeyaml High Product jar package name emitter Highest Product jar package name org Highest Product jar package name parser Highest Product jar package name snakeyaml Highest Product jar package name yaml Highest Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name SnakeYAML Medium Product Manifest bundle-symbolicname org.yaml.snakeyaml Medium Product Manifest multi-release true Low Product pom artifactid snakeyaml Highest Product pom developer email alexander.maslov@gmail.com Low Product pom developer email public.somov@gmail.com Low Product pom developer id asomov Low Product pom developer id maslovalex Low Product pom developer name Alexander Maslov Low Product pom developer name Andrey Somov Low Product pom groupid org.yaml Highest Product pom name SnakeYAML High Product pom url https://bitbucket.org/snakeyaml/snakeyaml Medium Version file version 2.4 High Version pom version 2.4 Highest
Description:
Annotations the SpotBugs tool supports License:
GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html File Path: /home/runner/.m2/repository/com/github/spotbugs/spotbugs-annotations/4.9.8/spotbugs-annotations-4.9.8.jar
MD5: d4c2e7bd090be697ad409a4e75684a94
SHA1: ca4a2783a6123e67124fd7feb4caccd2e2ac9a73
SHA256: 6f69d6fe9c55a54dcb30e87d8fa2d5f52246af50d7a3445246d9539ef221be1c
Referenced In Projects/Scopes: waffle-spring-boot-starter3:provided waffle-spring-boot3:provided waffle-spring-boot-autoconfigure3:provided spotbugs-annotations-4.9.8.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-boot-starter3@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-boot-autoconfigure3@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-boot3@3.6.0-SNAPSHOT Evidence Type Source Name Value Confidence Vendor file name spotbugs-annotations High Vendor Manifest automatic-module-name com.github.spotbugs.annotations Medium Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-symbolicname spotbugs-annotations Medium Vendor pom artifactid spotbugs-annotations Highest Vendor pom artifactid spotbugs-annotations Low Vendor pom developer email andreas.sewe@codetrails.com Low Vendor pom developer email dbrosius@mebigfatguy.com Low Vendor pom developer email loskutov@gmx.de Low Vendor pom developer email skypencil@gmail.com Low Vendor pom developer id henrik242 Medium Vendor pom developer id iloveeclipse Medium Vendor pom developer id jsotuyod Medium Vendor pom developer id KengoTODA Medium Vendor pom developer id mebigfatguy Medium Vendor pom developer id sewe Medium Vendor pom developer id ThrawnCA Medium Vendor pom developer name Andreas Sewe Medium Vendor pom developer name Andrey Loskutov Medium Vendor pom developer name Dave Brosius Medium Vendor pom developer name Juan Martín Sotuyo Dodero Medium Vendor pom developer name Kengo TODA Medium Vendor pom groupid com.github.spotbugs Highest Vendor pom name SpotBugs Annotations High Vendor pom url https://spotbugs.github.io/ Highest Product file name spotbugs-annotations High Product Manifest automatic-module-name com.github.spotbugs.annotations Medium Product Manifest Bundle-Name spotbugs-annotations Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product Manifest bundle-symbolicname spotbugs-annotations Medium Product pom artifactid spotbugs-annotations Highest Product pom developer email andreas.sewe@codetrails.com Low Product pom developer email dbrosius@mebigfatguy.com Low Product pom developer email loskutov@gmx.de Low Product pom developer email skypencil@gmail.com Low Product pom developer id henrik242 Low Product pom developer id iloveeclipse Low Product pom developer id jsotuyod Low Product pom developer id KengoTODA Low Product pom developer id mebigfatguy Low Product pom developer id sewe Low Product pom developer id ThrawnCA Low Product pom developer name Andreas Sewe Low Product pom developer name Andrey Loskutov Low Product pom developer name Dave Brosius Low Product pom developer name Juan Martín Sotuyo Dodero Low Product pom developer name Kengo TODA Low Product pom groupid com.github.spotbugs Highest Product pom name SpotBugs Annotations High Product pom url https://spotbugs.github.io/ Medium Version file version 4.9.8 High Version Manifest Bundle-Version 4.9.8 High Version pom version 4.9.8 Highest
pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.8 (Confidence :High) Description:
Spring Boot License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /home/runner/.m2/repository/org/springframework/boot/spring-boot/3.5.7/spring-boot-3.5.7.jar
MD5: 8dde0afcd7a9e4964dd52e6482c9bfb3
SHA1: 6c9db579b4669ec4ad6444ca84775d193c513ae2
SHA256: fdb3611f0baaa3a55b59b69c420d3bffac45cfb8868aaec8d6ee64451fb68e08
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile spring-boot-3.5.7.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-boot-autoconfigure3@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-boot-autoconfigure3@3.6.0-SNAPSHOT Evidence Type Source Name Value Confidence Vendor file name spring-boot High Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name boot Highest Vendor jar package name springframework Highest Vendor Manifest automatic-module-name spring.boot Medium Vendor Manifest build-jdk-spec 17 Low Vendor pom artifactid spring-boot Highest Vendor pom artifactid spring-boot Low Vendor pom developer email ask@spring.io Low Vendor pom developer name Spring Medium Vendor pom developer org VMware, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.boot Highest Vendor pom name spring-boot High Vendor pom organization name VMware, Inc. High Vendor pom organization url https://spring.io Medium Vendor pom url https://spring.io/projects/spring-boot Highest Product file name spring-boot High Product jar package name boot Highest Product jar package name springframework Highest Product Manifest automatic-module-name spring.boot Medium Product Manifest build-jdk-spec 17 Low Product Manifest Implementation-Title Spring Boot High Product pom artifactid spring-boot Highest Product pom developer email ask@spring.io Low Product pom developer name Spring Low Product pom developer org VMware, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.boot Highest Product pom name spring-boot High Product pom organization name VMware, Inc. Low Product pom organization url https://spring.io Low Product pom url https://spring.io/projects/spring-boot Medium Version file version 3.5.7 High Version Manifest Implementation-Version 3.5.7 High Version pom version 3.5.7 Highest
Related Dependencies spring-boot-autoconfigure-3.5.7.jarFile Path: /home/runner/.m2/repository/org/springframework/boot/spring-boot-autoconfigure/3.5.7/spring-boot-autoconfigure-3.5.7.jar MD5: b70e19c423f66d83ba4b1ec60827f04f SHA1: 8a1918c778e52c21a102363536320d71289650b4 SHA256: 0f078fa10ab1deaf41f1aeb0133c08661d06592e7e50c7bcaafa9ec0b62b8a19 pkg:maven/org.springframework.boot/spring-boot-autoconfigure@3.5.7 spring-boot-configuration-processor-3.5.7.jarFile Path: /home/runner/.m2/repository/org/springframework/boot/spring-boot-configuration-processor/3.5.7/spring-boot-configuration-processor-3.5.7.jar MD5: 1281163a407730abdac18121fac0c655 SHA1: 18e7a39068a84cd401d758162a5a23a8b8b47b22 SHA256: 1f832e58e3ef6d9b3797840aff1c6f0d02db1703735c907ad6abbd6e0ae81135 pkg:maven/org.springframework.boot/spring-boot-configuration-processor@3.5.7 spring-boot-starter-3.5.7.jarFile Path: /home/runner/.m2/repository/org/springframework/boot/spring-boot-starter/3.5.7/spring-boot-starter-3.5.7.jar MD5: 1905e87cdf8d17c16ac551e0cc7eed4c SHA1: 0ea4a8ad9f4df7d94250d643aa278c3353cd88c5 SHA256: 8a8f83e8ff8970f20011655f149d7b1c78774bdd6cfe2decb8ba34597c61aa2f pkg:maven/org.springframework.boot/spring-boot-starter@3.5.7 spring-boot-starter-json-3.5.7.jarFile Path: /home/runner/.m2/repository/org/springframework/boot/spring-boot-starter-json/3.5.7/spring-boot-starter-json-3.5.7.jar MD5: 6ff3133aea1646dc82fab2976e7a9dd5 SHA1: 71784cc8ed3a1a2fdcfd54bda22ccbacf2232751 SHA256: 8defe005a82a669bbb7af87990c26f4e63d48c54355de7a0d5366087db49eaba pkg:maven/org.springframework.boot/spring-boot-starter-json@3.5.7 spring-boot-starter-logging-3.5.7.jarFile Path: /home/runner/.m2/repository/org/springframework/boot/spring-boot-starter-logging/3.5.7/spring-boot-starter-logging-3.5.7.jar MD5: 3ec1ba77239971afe582f42c9a70ce72 SHA1: 3d2f969f8fcf7ca6017425144fe88c4f49dd880b SHA256: 529947cd87c37ff95d7e8483104586dc4b91f0c71bd2efd6b110090e796407e7 pkg:maven/org.springframework.boot/spring-boot-starter-logging@3.5.7 spring-boot-starter-security-3.5.7.jarFile Path: /home/runner/.m2/repository/org/springframework/boot/spring-boot-starter-security/3.5.7/spring-boot-starter-security-3.5.7.jar MD5: 22c75bd4f12a7b7681cd456c7a0481fb SHA1: 6dee85a7ba008ff0dca8dbce5e68dca0c49a64cb SHA256: c7fc802ac2142c6c4cce2d820342b9ec4dc331ad0194e9ebbd65d7c6658faddc pkg:maven/org.springframework.boot/spring-boot-starter-security@3.5.7 spring-boot-starter-tomcat-3.5.7.jarFile Path: /home/runner/.m2/repository/org/springframework/boot/spring-boot-starter-tomcat/3.5.7/spring-boot-starter-tomcat-3.5.7.jar MD5: 49701df53d66e3696a88ba3f4afa7129 SHA1: 14dfae9a2c9f61fc382845959bc9f7b236840994 SHA256: 64d83ec48a3e3176e66e8feae6ae8c29e876e732566935a21c218f4aeddd71eb pkg:maven/org.springframework.boot/spring-boot-starter-tomcat@3.5.7 spring-boot-starter-web-3.5.7.jarFile Path: /home/runner/.m2/repository/org/springframework/boot/spring-boot-starter-web/3.5.7/spring-boot-starter-web-3.5.7.jar MD5: 58960749bb418f1b390d857f3e642c05 SHA1: b98c28da1fe667776698882c27f68630c2747b87 SHA256: 4743446ffa460d55cbf5fa9560fc07ef3fad8faa768653b88356365234874de2 pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.7 Description:
Spring Core License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /home/runner/.m2/repository/org/springframework/spring-core/6.2.12/spring-core-6.2.12.jar
MD5: 5495c7d311d73ddaf6fdf3d198b7bab1
SHA1: 298bd954610442d54b276f911d3490372ab62117
SHA256: bddc5a5be2d94191ebcfbadc672fa4d81e6ab51e38a9eaf41d5d035cb17548d4
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile spring-core-6.2.12.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT Evidence Type Source Name Value Confidence Vendor file name spring-core High Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name core Highest Vendor jar package name io Highest Vendor jar package name org Highest Vendor jar package name springframework Highest Vendor Manifest automatic-module-name spring.core Medium Vendor Manifest multi-release true Low Vendor pom artifactid spring-core Highest Vendor pom artifactid spring-core Low Vendor pom developer email juergen.hoeller@broadcom.com Low Vendor pom developer id jhoeller Medium Vendor pom developer name Juergen Hoeller Medium Vendor pom groupid org.springframework Highest Vendor pom name Spring Core High Vendor pom organization name Spring IO High Vendor pom organization url https://spring.io/projects/spring-framework Medium Vendor pom url spring-projects/spring-framework Highest Product file name spring-core High Product hint analyzer product springsource_spring_framework Highest Product jar package name core Highest Product jar package name io Highest Product jar package name org Highest Product jar package name springframework Highest Product Manifest automatic-module-name spring.core Medium Product Manifest Implementation-Title spring-core High Product Manifest multi-release true Low Product pom artifactid spring-core Highest Product pom developer email juergen.hoeller@broadcom.com Low Product pom developer id jhoeller Low Product pom developer name Juergen Hoeller Low Product pom groupid org.springframework Highest Product pom name Spring Core High Product pom organization name Spring IO Low Product pom organization url https://spring.io/projects/spring-framework Low Product pom url spring-projects/spring-framework High Version file version 6.2.12 High Version Manifest Implementation-Version 6.2.12 High Version pom version 6.2.12 Highest
Related Dependencies spring-aop-6.2.12.jarFile Path: /home/runner/.m2/repository/org/springframework/spring-aop/6.2.12/spring-aop-6.2.12.jar MD5: 6ecea775f714f6b6bd1b4b343b569e7c SHA1: 12d9001a3e38baf348c4c076efa3e4b7515f9048 SHA256: befc1dc092de62dab3aae3c7a0e11f797c6060fffc2121e1fe8fb95c94272655 pkg:maven/org.springframework/spring-aop@6.2.12 spring-beans-6.2.12.jarFile Path: /home/runner/.m2/repository/org/springframework/spring-beans/6.2.12/spring-beans-6.2.12.jar MD5: b62cee1286051fe95e73b12cfcdd3610 SHA1: 03f344e97550207fac50a5b3376cc9e59ecb02df SHA256: 26ab8ce28a42fe951b0a4ebaf8dbe97478effca833a7b2f51b45d6540fe7179f pkg:maven/org.springframework/spring-beans@6.2.12 spring-context-6.2.12.jarFile Path: /home/runner/.m2/repository/org/springframework/spring-context/6.2.12/spring-context-6.2.12.jar MD5: d9cb22af3ce728a9fa81a0fe1c7d2b2e SHA1: fdeff8060a111920fd38d5a23d48bc7b772d44c4 SHA256: 0439fb9cb09a8b8d04c4e37dcba592e489b690882c56940aa33b58cf3f0b69cb pkg:maven/org.springframework/spring-context@6.2.12 spring-expression-6.2.12.jarFile Path: /home/runner/.m2/repository/org/springframework/spring-expression/6.2.12/spring-expression-6.2.12.jar MD5: ad8ce92aee634b04833a31dd4a8cd936 SHA1: aa5033d9e583aafc972b205618de13c5242c9cf5 SHA256: 62e68f4f18b8c5580180de6ef8578b1d1fc170ed993b5a7d59b946b63e5ebefd pkg:maven/org.springframework/spring-expression@6.2.12 spring-web-6.2.12.jarFile Path: /home/runner/.m2/repository/org/springframework/spring-web/6.2.12/spring-web-6.2.12.jar MD5: 2bf493d1c575cb1b7b9cc62555fd010e SHA1: 58bdd67728631b561a8b9cf4249a0d990bb3ef88 SHA256: caff724ebb7c423696e1d2c7690245fbbafe218695b3a4479faa668af0400e6d pkg:maven/org.springframework/spring-web@6.2.12 spring-webmvc-6.2.12.jarFile Path: /home/runner/.m2/repository/org/springframework/spring-webmvc/6.2.12/spring-webmvc-6.2.12.jar MD5: 76568d2c80727099ee4b9f994a0f2588 SHA1: 550aea6677c8db7e7ad07b47068b57de4e1a13e9 SHA256: 530d3b2fd82c97ca4418bb4b200d7626f042cc2c78c705bdd5176dcc580c84e1 pkg:maven/org.springframework/spring-webmvc@6.2.12 Description:
Spring Security License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0 File Path: /home/runner/.m2/repository/org/springframework/security/spring-security-core/6.5.6/spring-security-core-6.5.6.jar
MD5: 7a549c420623a30a497c9ffdcf5f7642
SHA1: a1bc1afabfab5cbee9179c134f41d10b4351a001
SHA256: de6e1c73c13e06ece38264519d87f34fde5d4568ab765b9fd595dfe79108f5d2
Referenced In Projects/Scopes: waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile spring-security-core-6.5.6.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT pkg:maven/com.github.waffle/waffle-spring-security6@3.6.0-SNAPSHOT Evidence Type Source Name Value Confidence Vendor file name spring-security-core High Vendor hint analyzer vendor pivotal software Highest Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor jar package name core Highest Vendor jar package name security Highest Vendor jar package name springframework Highest Vendor Manifest automatic-module-name spring.security.core Medium Vendor pom artifactid spring-security-core Highest Vendor pom artifactid spring-security-core Low Vendor pom developer email info@pivotal.io Low Vendor pom developer name Pivotal Medium Vendor pom developer org Pivotal Software, Inc. Medium Vendor pom developer org URL https://www.spring.io Medium Vendor pom groupid org.springframework.security Highest Vendor pom name spring-security-core High Vendor pom organization name Pivotal Software, Inc. High Vendor pom organization url https://spring.io Medium Vendor pom url https://spring.io/projects/spring-security Highest Product file name spring-security-core High Product jar package name core Highest Product jar package name security Highest Product jar package name springframework Highest Product Manifest automatic-module-name spring.security.core Medium Product Manifest Implementation-Title spring-security-core High Product pom artifactid spring-security-core Highest Product pom developer email info@pivotal.io Low Product pom developer name Pivotal Low Product pom developer org Pivotal Software, Inc. Low Product pom developer org URL https://www.spring.io Low Product pom groupid org.springframework.security Highest Product pom name spring-security-core High Product pom organization name Pivotal Software, Inc. Low Product pom organization url https://spring.io Low Product pom url https://spring.io/projects/spring-security Medium Version file version 6.5.6 High Version Manifest Implementation-Version 6.5.6 High Version pom version 6.5.6 Highest
Related Dependencies spring-security-config-6.5.6.jarFile Path: /home/runner/.m2/repository/org/springframework/security/spring-security-config/6.5.6/spring-security-config-6.5.6.jar MD5: 51e3a25e52ce6536fdc693e2c6f0cf91 SHA1: 64c857395b4a53fa8241c0731d0834bde55a8893 SHA256: a8d789c4658dc8511af585980fb236fde774c26dcde3d4ce5d225094ac9798a5 pkg:maven/org.springframework.security/spring-security-config@6.5.6 spring-security-crypto-6.5.6.jarFile Path: /home/runner/.m2/repository/org/springframework/security/spring-security-crypto/6.5.6/spring-security-crypto-6.5.6.jar MD5: 9332014e31d7c9ebc54ba22a7f788b1f SHA1: dc447baac0e4fe40ffca4b73e2d0f758fdf9260d SHA256: 66acbc7cecc52a9cfece602aa444b14a641205520446dbfd521d79af8ce5e7ec pkg:maven/org.springframework.security/spring-security-crypto@6.5.6 spring-security-web-6.5.6.jarFile Path: /home/runner/.m2/repository/org/springframework/security/spring-security-web/6.5.6/spring-security-web-6.5.6.jar MD5: cf3e36c5733d38aa83a9faef6c929be0 SHA1: 7428000af55e700e10c0378cad694ed23fda59be SHA256: 6870ace2477eda87b6b92a0e8bab4eaffab40fe50b83d16e6980a2e203981a97 pkg:maven/org.springframework.security/spring-security-web@6.5.6 File Path: /home/runner/.m2/repository/org/springframework/security/spring-security-web/6.5.6/spring-security-web-6.5.6.jar/org/springframework/security/spring-security-webauthn.jsMD5: d8d90d854a23d021c2e758b3eebce213SHA1: 7814ccd3adc2388f52b2658bf5fc30b457949ab6SHA256: 044a2b8d7e995bff815565678631a2d3a5cc0aa96ef8ac35cfacb579307f77a9Referenced In Projects/Scopes:
waffle-spring-boot-autoconfigure3:compile waffle-spring-boot-starter3:compile Evidence Type Source Name Value Confidence
Description:
Core Tomcat implementation License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-core/10.1.48/tomcat-embed-core-10.1.48.jar
MD5: 56cb8fc876dbbbbb4bef0235a95ae4bf
SHA1: d4c095a353c839a23a401ce9afbcb52d5be97b69
SHA256: a9137d3526a05ce2f9359cfc7b108240bd3d01ff323b37986e5bd43208ff0f56
Referenced In Project/Scope: waffle-spring-boot-autoconfigure3:compile
tomcat-embed-core-10.1.48.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.7
Evidence Type Source Name Value Confidence Vendor file name tomcat-embed-core High Vendor jar package name apache Highest Vendor jar package name core Highest Vendor jar package name tomcat Highest Vendor Manifest bundle-symbolicname org.apache.tomcat-embed-core Medium Vendor Manifest Implementation-Vendor Apache Software Foundation High Vendor Manifest provide-capability osgi.contract;osgi.contract=JakartaAuthentication;version:Version="3.0";uses:="jakarta.security.auth.message,jakarta.security.auth.message.callback,jakarta.security.auth.message.config,jakarta.security.auth.message.module",osgi.contract;osgi.contract=JakartaServlet;version:Version="6.0";uses:="jakarta.servlet,jakarta.servlet.annotation,jakarta.servlet.descriptor,jakarta.servlet.http,jakarta.servlet.resources" Low Vendor Manifest specification-vendor Apache Software Foundation Low Vendor manifest: jakarta/security/auth/message/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/security/auth/message/callback/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/security/auth/message/config/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/security/auth/message/module/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/servlet/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/servlet/annotation/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/servlet/descriptor/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/servlet/http/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: jakarta/servlet/resources/ Implementation-Vendor Apache Software Foundation Medium Vendor pom artifactid tomcat-embed-core Highest Vendor pom artifactid tomcat-embed-core Low Vendor pom groupid org.apache.tomcat.embed Highest Vendor pom url https://tomcat.apache.org/ Highest Product file name tomcat-embed-core High Product jar package name annotation Highest Product jar package name apache Highest Product jar package name auth Highest Product jar package name core Highest Product jar package name descriptor Highest Product jar package name http Highest Product jar package name jakarta Highest Product jar package name message Highest Product jar package name security Highest Product jar package name servlet Highest Product jar package name tomcat Highest Product Manifest Bundle-Name tomcat-embed-core Medium Product Manifest bundle-symbolicname org.apache.tomcat-embed-core Medium Product Manifest Implementation-Title Apache Tomcat High Product Manifest provide-capability osgi.contract;osgi.contract=JakartaAuthentication;version:Version="3.0";uses:="jakarta.security.auth.message,jakarta.security.auth.message.callback,jakarta.security.auth.message.config,jakarta.security.auth.message.module",osgi.contract;osgi.contract=JakartaServlet;version:Version="6.0";uses:="jakarta.servlet,jakarta.servlet.annotation,jakarta.servlet.descriptor,jakarta.servlet.http,jakarta.servlet.resources" Low Product Manifest specification-title Apache Tomcat Medium Product manifest: jakarta/security/auth/message/ Implementation-Title jakarta.security.auth.message Medium Product manifest: jakarta/security/auth/message/ Specification-Title Jakarta Authentication SPI for Containers Medium Product manifest: jakarta/security/auth/message/callback/ Implementation-Title jakarta.security.auth.message Medium Product manifest: jakarta/security/auth/message/callback/ Specification-Title Jakarta Authentication SPI for Containers Medium Product manifest: jakarta/security/auth/message/config/ Implementation-Title jakarta.security.auth.message Medium Product manifest: jakarta/security/auth/message/config/ Specification-Title Jakarta Authentication SPI for Containers Medium Product manifest: jakarta/security/auth/message/module/ Implementation-Title jakarta.security.auth.message Medium Product manifest: jakarta/security/auth/message/module/ Specification-Title Jakarta Authentication SPI for Containers Medium Product manifest: jakarta/servlet/ Implementation-Title jakarta.servlet Medium Product manifest: jakarta/servlet/ Specification-Title Jakarta Servlet Medium Product manifest: jakarta/servlet/annotation/ Implementation-Title jakarta.servlet Medium Product manifest: jakarta/servlet/annotation/ Specification-Title Jakarta Servlet Medium Product manifest: jakarta/servlet/descriptor/ Implementation-Title jakarta.servlet Medium Product manifest: jakarta/servlet/descriptor/ Specification-Title Jakarta Servlet Medium Product manifest: jakarta/servlet/http/ Implementation-Title jakarta.servlet Medium Product manifest: jakarta/servlet/http/ Specification-Title Jakarta Servlet Medium Product manifest: jakarta/servlet/resources/ Implementation-Title jakarta.servlet Medium Product manifest: jakarta/servlet/resources/ Specification-Title Jakarta Servlet Medium Product pom artifactid tomcat-embed-core Highest Product pom groupid org.apache.tomcat.embed Highest Product pom url https://tomcat.apache.org/ Medium Version file version 10.1.48 High Version Manifest Bundle-Version 10.1.48 High Version Manifest Implementation-Version 10.1.48 High Version pom version 10.1.48 Highest
Related Dependencies tomcat-embed-websocket-10.1.48.jarFile Path: /home/runner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-websocket/10.1.48/tomcat-embed-websocket-10.1.48.jar MD5: dbdf94f7e6d1049eb0c545bdf360a9a8 SHA1: 7fd0d1c6eae6c43106763e458640f4f8868a4ec3 SHA256: d445d0ba335bcf06e6d02257a07c68d1c3c471d10c68330360af51db9ee47faa pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@10.1.48 Description:
Core Tomcat implementation License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: /home/runner/.m2/repository/org/apache/tomcat/embed/tomcat-embed-el/10.1.48/tomcat-embed-el-10.1.48.jar
MD5: 184e40d61540664a193431f2201ee029
SHA1: 220294d3a81451f793c9c54af16a9f04f8ec5824
SHA256: e7bd9eca5dd6b5e97bef17eb94266a4f87a58a9ebc5fc85800d017003c9b0f2f
Referenced In Project/Scope: waffle-spring-boot-autoconfigure3:compile
tomcat-embed-el-10.1.48.jar is in the transitive dependency tree of the listed items. Included by: pkg:maven/org.springframework.boot/spring-boot-starter-web@3.5.7
Evidence Type Source Name Value Confidence Vendor file name tomcat-embed-el High Vendor jar package name apache Highest Vendor jar package name el Highest Vendor Manifest bundle-symbolicname org.apache.tomcat-embed-jasper-el Medium Vendor Manifest Implementation-Vendor Apache Software Foundation High Vendor Manifest provide-capability osgi.contract;osgi.contract=JakartaExpressionLanguage;version:Version="5.0";uses:="jakarta.el",osgi.service;objectClass:List="jakarta.el.ExpressionFactory";effective:=active,osgi.serviceloader;osgi.serviceloader="jakarta.el.ExpressionFactory";register:="org.apache.el.ExpressionFactoryImpl" Low Vendor Manifest specification-vendor Apache Software Foundation Low Vendor manifest: jakarta/el/ Implementation-Vendor Apache Software Foundation Medium Vendor pom artifactid tomcat-embed-el Highest Vendor pom artifactid tomcat-embed-el Low Vendor pom groupid org.apache.tomcat.embed Highest Vendor pom url https://tomcat.apache.org/ Highest Product file name tomcat-embed-el High Product jar package name apache Highest Product jar package name el Highest Product jar package name expression Highest Product jar package name expressionfactory Highest Product jar package name expressionfactoryimpl Highest Product jar package name jakarta Highest Product Manifest Bundle-Name tomcat-embed-jasper-el Medium Product Manifest bundle-symbolicname org.apache.tomcat-embed-jasper-el Medium Product Manifest Implementation-Title Apache Tomcat High Product Manifest provide-capability osgi.contract;osgi.contract=JakartaExpressionLanguage;version:Version="5.0";uses:="jakarta.el",osgi.service;objectClass:List="jakarta.el.ExpressionFactory";effective:=active,osgi.serviceloader;osgi.serviceloader="jakarta.el.ExpressionFactory";register:="org.apache.el.ExpressionFactoryImpl" Low Product Manifest specification-title Apache Tomcat Medium Product manifest: jakarta/el/ Implementation-Title jakarta.annotation Medium Product manifest: jakarta/el/ Specification-Title Jakarta Expression Language Medium Product pom artifactid tomcat-embed-el Highest Product pom groupid org.apache.tomcat.embed Highest Product pom url https://tomcat.apache.org/ Medium Version file version 10.1.48 High Version Manifest Bundle-Version 10.1.48 High Version Manifest Implementation-Version 10.1.48 High Version pom version 10.1.48 Highest
pkg:maven/org.apache.tomcat.embed/tomcat-embed-el@10.1.48 (Confidence :High)