diff --git a/NOTICE b/NOTICE
index 540343197a8e5985bc2132ec3dd3b5b9baa249b6..e6fb19c9f762a59c574375595deda7ee06914070 100644
--- a/NOTICE
+++ b/NOTICE
@@ -2,13 +2,6 @@
Generated by fossa-cli (https://github.com/fossas/fossa-cli).
This software includes the following software and licenses:
-========================================================================
-AML
-========================================================================
-The following software have components provided under the terms of this license:
-
-- SnakeYAML (from http://www.snakeyaml.org)
-
========================================================================
Apache-2.0
========================================================================
@@ -20,18 +13,18 @@ The following software have components provided under the terms of this license:
- ASM based accessors helper used by json-smart (from )
- AWS Event Stream (from https://github.com/awslabs/aws-eventstream-java)
- AWS Java SDK :: AWS Core (from https://aws.amazon.com/sdkforjava)
-- AWS Java SDK :: Annotations (from )
+- AWS Java SDK :: Annotations (from https://repo1.maven.org/maven2/software/amazon/awssdk/annotations)
- AWS Java SDK :: Auth (from https://aws.amazon.com/sdkforjava)
- AWS Java SDK :: Core :: Protocols :: AWS Json Protocol (from https://aws.amazon.com/sdkforjava)
- AWS Java SDK :: Core :: Protocols :: Protocol Core (from https://aws.amazon.com/sdkforjava)
-- AWS Java SDK :: HTTP Client Interface (from )
-- AWS Java SDK :: HTTP Clients :: Apache (from )
-- AWS Java SDK :: HTTP Clients :: Netty Non-Blocking I/O (from )
+- AWS Java SDK :: HTTP Client Interface (from https://repo1.maven.org/maven2/software/amazon/awssdk/http-client-spi)
+- AWS Java SDK :: HTTP Clients :: Apache (from https://repo1.maven.org/maven2/software/amazon/awssdk/apache-client)
+- AWS Java SDK :: HTTP Clients :: Netty Non-Blocking I/O (from https://repo1.maven.org/maven2/software/amazon/awssdk/netty-nio-client)
- AWS Java SDK :: Profiles (from https://aws.amazon.com/sdkforjava)
-- AWS Java SDK :: Regions (from )
+- AWS Java SDK :: Regions (from https://repo1.maven.org/maven2/software/amazon/awssdk/regions)
- AWS Java SDK :: SDK Core (from https://aws.amazon.com/sdkforjava)
- AWS Java SDK :: Services :: AWS Simple Systems Management (SSM) (from https://aws.amazon.com/sdkforjava)
-- AWS Java SDK :: Utilities (from )
+- AWS Java SDK :: Utilities (from https://repo1.maven.org/maven2/software/amazon/awssdk/utils)
- AWS Java SDK for AWS Elemental MediaLive (from https://aws.amazon.com/sdkforjava)
- AWS Java SDK for AWS KMS (from https://aws.amazon.com/sdkforjava)
- AWS Java SDK for AWS Lambda (from https://aws.amazon.com/sdkforjava)
@@ -54,12 +47,8 @@ The following software have components provided under the terms of this license:
- Apache Geronimo JMS Spec 2.0 (from http://geronimo.apache.org/maven/${siteId}/${version})
- Apache HttpAsyncClient (from http://hc.apache.org/httpcomponents-asyncclient)
- Apache HttpClient (from http://hc.apache.org/httpcomponents-client)
-- Apache HttpClient (from http://hc.apache.org/httpcomponents-client)
-- Apache HttpClient Cache (from http://hc.apache.org/httpcomponents-client)
- Apache HttpClient Cache (from http://hc.apache.org/httpcomponents-client)
- Apache HttpCore (from http://hc.apache.org/httpcomponents-core-ga)
-- Apache HttpCore (from http://hc.apache.org/httpcomponents-core-ga)
-- Apache HttpCore NIO (from http://hc.apache.org/httpcomponents-core-ga)
- Apache HttpCore NIO (from http://hc.apache.org/httpcomponents-core-ga)
- Apache Log4j API (from )
- Apache Log4j Core (from )
@@ -73,7 +62,7 @@ The following software have components provided under the terms of this license:
- Bean Validation API (from http://beanvalidation.org)
- Brave Instrumentation: Http Adapters (from )
- Brave instrumentation for Reactor Netty HTTP (from https://github.com/reactor/reactor-netty)
-- Byte Buddy (without dependencies) (from )
+- Byte Buddy (without dependencies) (from https://repo1.maven.org/maven2/net/bytebuddy/byte-buddy)
- Byte Buddy Java agent (from )
- ClassMate (from http://github.com/cowtowncoder/java-classmate)
- Commons IO (from http://commons.apache.org/io/)
@@ -82,6 +71,7 @@ The following software have components provided under the terms of this license:
- Elastic JNA Distribution (from https://github.com/java-native-access/jna)
- Elasticsearch: 5.0.0-alpha5 (from https://github.com/elastic/elasticsearch)
- Expression Language 3.0 (from https://projects.eclipse.org/projects/ee4j.el)
+- Expression Language 3.0 (from http://uel.java.net)
- FindBugs-jsr305 (from http://findbugs.sourceforge.net/)
- Google APIs Client Library for Java (from )
- Google HTTP Client Library for Java (from https://github.com/google/google-http-java-client.git)
@@ -94,7 +84,6 @@ The following software have components provided under the terms of this license:
- HTTP functionality for the Reactor Netty library (from https://github.com/reactor/reactor-netty)
- Hibernate Validator Engine (from )
- Hibernate Validator Engine (from )
-- Hibernate Validator Engine (from )
- IBM COS Java SDK for Amazon S3 (from https://github.com/ibm/ibm-cos-sdk-java)
- IBM COS Java SDK for COS KMS (from https://github.com/ibm/ibm-cos-sdk-java)
- IBM COS SDK For Java (from https://github.com/ibm/ibm-cos-sdk-java)
@@ -103,7 +92,7 @@ The following software have components provided under the terms of this license:
- IntelliJ IDEA Annotations (from http://www.jetbrains.org)
- J2ObjC Annotations (from https://github.com/google/j2objc/)
- JBoss Logging 3 (from http://www.jboss.org)
-- JBoss Logging 3 (from http://www.jboss.org)
+- JBoss Threads (from )
- JCIP Annotations under Apache License (from http://stephenc.github.com/jcip-annotations)
- JMES Path Query library (from https://aws.amazon.com/sdkforjava)
- JSON Small and Fast Parser (from http://www.minidev.net/)
@@ -112,35 +101,29 @@ The following software have components provided under the terms of this license:
- JSONassert (from https://github.com/skyscreamer/JSONassert)
- Jackson 2 extensions to the Google HTTP Client Library for Java. (from https://github.com/google/google-http-java-client.git/google-http-client-jackson2)
- Jackson dataformat: CBOR (from http://github.com/FasterXML/jackson-dataformats-binary)
-- Jackson dataformat: CBOR (from http://github.com/FasterXML/jackson-dataformats-binary)
-- Jackson datatype: JSR310 (from http://wiki.fasterxml.com/JacksonModuleJSR310)
- Jackson datatype: JSR310 (from http://wiki.fasterxml.com/JacksonModuleJSR310)
-- Jackson-annotations (from http://github.com/FasterXML/jackson)
+- Jackson module: Afterburner (from https://github.com/FasterXML/jackson-modules-base)
- Jackson-annotations (from http://github.com/FasterXML/jackson)
- Jackson-core (from https://github.com/FasterXML/jackson-core)
- Jackson-core (from https://github.com/FasterXML/jackson-core)
- Jackson-dataformat-Smile (from http://github.com/FasterXML/jackson-dataformat-smile)
-- Jackson-dataformat-Smile (from http://github.com/FasterXML/jackson-dataformat-smile)
- Jackson-dataformat-XML (from http://wiki.fasterxml.com/JacksonExtensionXmlDataBinding)
-- Jackson-dataformat-YAML (from https://github.com/FasterXML/jackson)
-- Jackson-dataformat-YAML (from https://github.com/FasterXML/jackson)
+- Jackson-dataformat-YAML (from https://github.com/FasterXML/jackson-dataformats-text)
- Jackson-datatype-Joda (from http://wiki.fasterxml.com/JacksonModuleJoda)
- Jackson-datatype-jdk8 (from )
-- Jackson-datatype-jdk8 (from )
-- Jackson-module-Afterburner (from http://wiki.fasterxml.com/JacksonHome)
- Jackson-module-JAXB-annotations (from http://wiki.fasterxml.com/JacksonJAXBAnnotations)
- Jackson-module-parameter-names (from )
-- Jackson-module-parameter-names (from )
- Jakarta Bean Validation API (from https://beanvalidation.org)
- Java Native Access (from https://github.com/java-native-access/jna)
- Java Native Access Platform (from https://github.com/java-native-access/jna)
+- Java Servlet 4.0 API (from )
+- Java Servlet 4.0 API (from )
- Java Servlet API (from http://servlet-spec.java.net)
- Java Servlet API (from https://projects.eclipse.org/projects/ee4j.servlet)
- Java UUID Generator (from http://wiki.fasterxml.com/JugHome)
- Javassist (from http://www.javassist.org/)
- Javassist (from http://www.javassist.org/)
- Joda-Time (from http://www.joda.org/joda-time/)
-- Joda-Time (from http://www.joda.org/joda-time/)
- Json Path (from https://github.com/jayway/JsonPath)
- KeePassJava2 :: All (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2)
- KeePassJava2 :: DOM (from https://repo1.maven.org/maven2/org/linguafranca/pwdb/KeePassJava2-dom)
@@ -172,8 +155,8 @@ The following software have components provided under the terms of this license:
- Microsoft Azure Java Core Library (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure Netty HTTP Client Library (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure SDK for SQL API of Azure Cosmos DB Service (from https://github.com/Azure/azure-sdk-for-java)
-- Mockito (from http://www.mockito.org)
- Mockito (from http://mockito.org)
+- Mockito (from http://www.mockito.org)
- Netty Reactive Streams HTTP support (from )
- Netty Reactive Streams Implementation (from )
- Netty/Buffer (from http://netty.io/)
@@ -222,73 +205,56 @@ The following software have components provided under the terms of this license:
- Retrofit (from )
- SnakeYAML (from http://www.snakeyaml.org)
- Spring AOP (from https://github.com/spring-projects/spring-framework)
-- Spring AOP (from https://github.com/spring-projects/spring-framework)
-- Spring Beans (from https://github.com/spring-projects/spring-framework)
- Spring Beans (from https://github.com/spring-projects/spring-framework)
- Spring Boot (from http://projects.spring.io/spring-boot/)
-- Spring Boot (from http://projects.spring.io/spring-boot/)
- Spring Boot Actuator (from http://projects.spring.io/spring-boot/)
- Spring Boot Actuator AutoConfigure (from https://projects.spring.io/spring-boot/#/spring-boot-parent/spring-boot-actuator-autoconfigure)
- Spring Boot Actuator Starter (from http://projects.spring.io/spring-boot/)
- Spring Boot AutoConfigure (from http://projects.spring.io/spring-boot/)
-- Spring Boot AutoConfigure (from http://projects.spring.io/spring-boot/)
- Spring Boot Dependencies (from http://projects.spring.io/spring-boot/)
- Spring Boot Json Starter (from https://projects.spring.io/spring-boot/#/spring-boot-parent/spring-boot-starters/spring-boot-starter-json)
-- Spring Boot Json Starter (from https://projects.spring.io/spring-boot/#/spring-boot-parent/spring-boot-starters/spring-boot-starter-json)
- Spring Boot Log4J2 Starter (from http://projects.spring.io/spring-boot/)
- Spring Boot Logging Starter (from http://projects.spring.io/spring-boot/)
-- Spring Boot Logging Starter (from http://projects.spring.io/spring-boot/)
- Spring Boot Reactor Netty Starter (from https://projects.spring.io/spring-boot/#/spring-boot-parent/spring-boot-starters/spring-boot-starter-reactor-netty)
- Spring Boot Security Starter (from http://projects.spring.io/spring-boot/)
-- Spring Boot Security Starter (from http://projects.spring.io/spring-boot/)
-- Spring Boot Starter (from http://projects.spring.io/spring-boot/)
- Spring Boot Starter (from http://projects.spring.io/spring-boot/)
- Spring Boot Test (from http://projects.spring.io/spring-boot/)
- Spring Boot Test Auto-Configure (from http://projects.spring.io/spring-boot/)
- Spring Boot Test Starter (from http://projects.spring.io/spring-boot/)
- Spring Boot Tomcat Starter (from http://projects.spring.io/spring-boot/)
-- Spring Boot Tomcat Starter (from http://projects.spring.io/spring-boot/)
- Spring Boot Undertow Starter (from http://projects.spring.io/spring-boot/)
- Spring Boot Undertow Starter (from http://projects.spring.io/spring-boot/)
-- Spring Boot Undertow Starter (from http://projects.spring.io/spring-boot/)
-- Spring Boot Validation Starter (from http://projects.spring.io/spring-boot/)
- Spring Boot Validation Starter (from http://projects.spring.io/spring-boot/)
- Spring Boot Validation Starter (from http://projects.spring.io/spring-boot/)
- Spring Boot Web Starter (from http://projects.spring.io/spring-boot/)
- Spring Boot Web Starter (from http://projects.spring.io/spring-boot/)
- Spring Boot WebFlux Starter (from https://projects.spring.io/spring-boot/#/spring-boot-parent/spring-boot-starters/spring-boot-starter-webflux)
- Spring Commons Logging Bridge (from https://github.com/spring-projects/spring-framework)
-- Spring Commons Logging Bridge (from https://github.com/spring-projects/spring-framework)
-- Spring Context (from https://github.com/spring-projects/spring-framework)
- Spring Context (from https://github.com/spring-projects/spring-framework)
- Spring Core (from https://github.com/spring-projects/spring-framework)
-- Spring Core (from https://github.com/spring-projects/spring-framework)
- Spring Data Core (from )
- Spring Expression Language (SpEL) (from https://github.com/spring-projects/spring-framework)
-- Spring Expression Language (SpEL) (from https://github.com/spring-projects/spring-framework)
- Spring JMS (from https://github.com/spring-projects/spring-framework)
- Spring Messaging (from https://github.com/spring-projects/spring-framework)
- Spring Plugin - Core (from )
- Spring Plugin - Metadata Extension (from )
- Spring TestContext Framework (from https://github.com/spring-projects/spring-framework)
-- Spring TestContext Framework (from https://github.com/spring-projects/spring-framework)
-- Spring Transaction (from https://github.com/spring-projects/spring-framework)
- Spring Transaction (from https://github.com/spring-projects/spring-framework)
- Spring Web (from https://github.com/spring-projects/spring-framework)
-- Spring Web (from https://github.com/spring-projects/spring-framework)
-- Spring Web MVC (from https://github.com/spring-projects/spring-framework)
- Spring Web MVC (from https://github.com/spring-projects/spring-framework)
- Spring WebFlux (from https://github.com/spring-projects/spring-framework)
- T-Digest (from https://github.com/tdunning/t-digest)
- Undertow Core (from )
- Undertow Core (from )
-- Undertow Core (from )
- Undertow Servlet (from )
- Undertow Servlet (from )
- Undertow WebSockets JSR356 implementations (from )
- Undertow WebSockets JSR356 implementations (from )
+- WildFly Client Configuration (from )
- Woodstox (from https://github.com/FasterXML/woodstox)
- XNIO API (from http://www.jboss.org/xnio)
+- XNIO API (from http://www.jboss.org/xnio)
+- XNIO NIO Implementation (from )
- XNIO NIO Implementation (from )
- Zipkin Reporter Brave (from https://repo1.maven.org/maven2/io/zipkin/reporter2/zipkin-reporter-brave)
- Zipkin Reporter: Core (from )
@@ -320,7 +286,6 @@ The following software have components provided under the terms of this license:
- lang-mustache (from https://github.com/elastic/elasticsearch)
- lettuce (from http://github.com/mp911de/lettuce/wiki)
- micrometer-core (from https://github.com/micrometer-metrics/micrometer)
-- micrometer-core (from https://github.com/micrometer-metrics/micrometer)
- micrometer-registry-azure-monitor (from https://github.com/micrometer-metrics/micrometer)
- nio-multipart-parser (from )
- nio-stream-storage (from https://github.com/synchronoss/nio-stream-storage)
@@ -342,7 +307,6 @@ The following software have components provided under the terms of this license:
- spring-security-config (from http://spring.io/spring-security)
- spring-security-config (from http://spring.io/spring-security)
- spring-security-core (from http://spring.io/spring-security)
-- spring-security-core (from http://spring.io/spring-security)
- spring-security-oauth2-core (from http://spring.io/spring-security)
- spring-security-oauth2-jose (from http://spring.io/spring-security)
- spring-security-oauth2-resource-server (from http://spring.io/spring-security)
@@ -359,7 +323,7 @@ The following software have components provided under the terms of this license:
- swagger-jaxrs (from )
- swagger-models (from )
- tomcat-embed-el (from http://tomcat.apache.org/)
-- tomcat-embed-el (from http://tomcat.apache.org/)
+- wildfly-common (from )
- x-content (from https://github.com/elastic/elasticsearch)
========================================================================
@@ -368,6 +332,7 @@ BSD-2-Clause
The following software have components provided under the terms of this license:
- Lucene Common Analyzers (from )
+- Lucene Core (from )
- Reflections (from http://github.com/ronmamo/reflections)
- Stax2 API (from http://github.com/FasterXML/stax2-api)
@@ -377,7 +342,7 @@ BSD-3-Clause
The following software have components provided under the terms of this license:
- ASM Core (from )
-- Expression Language 3.0 (from https://projects.eclipse.org/projects/ee4j.el)
+- Apache Commons Codec (from http://commons.apache.org/proper/commons-codec/)
- Google APIs Client Library for Java (from )
- Lucene Common Analyzers (from )
- Lucene Core (from )
@@ -389,7 +354,8 @@ The following software have components provided under the terms of this license:
- Netty/Codec/HTTP (from )
- Netty/Codec/HTTP (from )
- Protocol Buffer Java API (from https://developers.google.com/protocol-buffers/)
-- Spring Core (from https://github.com/spring-projects/spring-framework)
+- Reflections (from http://github.com/ronmamo/reflections)
+- SnakeYAML (from http://www.snakeyaml.org)
- Spring Core (from https://github.com/spring-projects/spring-framework)
========================================================================
@@ -414,10 +380,6 @@ CC0-1.0
========================================================================
The following software have components provided under the terms of this license:
-- HdrHistogram (from http://hdrhistogram.github.io/HdrHistogram/)
-- LatencyUtils (from http://latencyutils.github.io/LatencyUtils/)
-- Netty/Common (from )
-- reactive-streams (from http://www.reactive-streams.org/)
- reactive-streams (from http://www.reactive-streams.org/)
========================================================================
@@ -425,9 +387,7 @@ CDDL-1.0
========================================================================
The following software have components provided under the terms of this license:
-- Apache Log4j Core (from )
-- Common Annotations 1.2 API (from )
-- JavaBeans(TM) Activation Framework (from http://java.sun.com/javase/technologies/desktop/javabeans/jaf/index.jsp)
+- JavaBeans Activation Framework API jar (from )
- Old JAXB Core (from )
- Old JAXB Runtime (from )
@@ -437,10 +397,16 @@ CDDL-1.1
The following software have components provided under the terms of this license:
- Common Annotations 1.2 API (from )
+- Expression Language 3.0 (from http://uel.java.net)
- Java Architecture For XML Binding (from )
- Java Architecture For XML Binding (from )
+- Java Servlet 4.0 API (from )
+- Java Servlet API (from http://servlet-spec.java.net)
- Java(TM) API for WebSocket (from )
+- JavaBeans Activation Framework (from )
- JavaBeans(TM) Activation Framework (from http://java.sun.com/javase/technologies/desktop/javabeans/jaf/index.jsp)
+- JavaMail API (from )
+- javax.annotation-api (from http://jcp.org/en/jsr/detail?id=250)
========================================================================
CPL-1.0
@@ -454,21 +420,27 @@ DOC
========================================================================
The following software have components provided under the terms of this license:
+- Lucene Core (from )
- Woodstox (from https://github.com/FasterXML/woodstox)
-- aalto-xml (from )
========================================================================
EPL-1.0
========================================================================
The following software have components provided under the terms of this license:
+- Common Annotations 1.3 API (from )
- Expression Language 3.0 (from https://projects.eclipse.org/projects/ee4j.el)
- JUnit Jupiter (Aggregator) (from https://junit.org/junit5/)
+- Java Servlet 4.0 API (from )
- Java Servlet API (from https://projects.eclipse.org/projects/ee4j.servlet)
+- Java(TM) API for WebSocket (from )
+- Logback Classic Module (from )
- Logback Contrib :: JSON :: Classic (from )
+- Logback Core Module (from )
- Microsoft Application Insights Java SDK Spring Boot starter (from https://github.com/Microsoft/ApplicationInsights-Java)
- Microsoft Application Insights Java SDK Web Module (from https://github.com/Microsoft/ApplicationInsights-Java)
- Microsoft Application Insights Log4j 2 Appender (from https://github.com/Microsoft/ApplicationInsights-Java)
+- SnakeYAML (from http://www.snakeyaml.org)
- org.junit.jupiter:junit-jupiter-api (from http://junit.org/junit5/)
- org.junit.jupiter:junit-jupiter-engine (from http://junit.org/junit5/)
- org.junit.jupiter:junit-jupiter-params (from http://junit.org/junit5/)
@@ -480,8 +452,12 @@ EPL-2.0
========================================================================
The following software have components provided under the terms of this license:
+- Common Annotations 1.3 API (from )
- Expression Language 3.0 (from https://projects.eclipse.org/projects/ee4j.el)
- JUnit Jupiter (Aggregator) (from https://junit.org/junit5/)
+- Java Servlet 4.0 API (from )
+- Java Servlet API (from https://projects.eclipse.org/projects/ee4j.servlet)
+- Java(TM) API for WebSocket (from )
- org.junit.jupiter:junit-jupiter-api (from http://junit.org/junit5/)
- org.junit.jupiter:junit-jupiter-engine (from http://junit.org/junit5/)
- org.junit.jupiter:junit-jupiter-params (from http://junit.org/junit5/)
@@ -494,45 +470,60 @@ GPL-2.0-only
The following software have components provided under the terms of this license:
- Common Annotations 1.2 API (from )
-- Expression Language 3.0 (from https://projects.eclipse.org/projects/ee4j.el)
- Expression Language 3.0 (from http://uel.java.net)
+- Java Architecture For XML Binding (from )
+- Java Architecture For XML Binding (from )
+- Java Servlet 4.0 API (from )
- Java Servlet API (from http://servlet-spec.java.net)
- Java(TM) API for WebSocket (from )
+- JavaBeans Activation Framework (from )
- Old JAXB Core (from )
- Old JAXB Runtime (from )
- javax.annotation-api (from http://jcp.org/en/jsr/detail?id=250)
+========================================================================
+GPL-2.0-or-later
+========================================================================
+The following software have components provided under the terms of this license:
+
+- SnakeYAML (from http://www.snakeyaml.org)
+
========================================================================
GPL-2.0-with-classpath-exception
========================================================================
The following software have components provided under the terms of this license:
+- Common Annotations 1.3 API (from )
+- Expression Language 3.0 (from http://uel.java.net)
- Expression Language 3.0 (from https://projects.eclipse.org/projects/ee4j.el)
- Java Architecture For XML Binding (from )
- Java Architecture For XML Binding (from )
+- Java Servlet 4.0 API (from )
+- Java Servlet 4.0 API (from )
+- Java Servlet API (from https://projects.eclipse.org/projects/ee4j.servlet)
+- Java Servlet API (from http://servlet-spec.java.net)
- Java(TM) API for WebSocket (from )
+- Java(TM) API for WebSocket (from )
+- JavaBeans Activation Framework (from )
- Old JAXB Core (from )
- Old JAXB Runtime (from )
+- javax.annotation-api (from http://jcp.org/en/jsr/detail?id=250)
========================================================================
GPL-3.0-only
========================================================================
The following software have components provided under the terms of this license:
+- Common Annotations 1.3 API (from )
- Expression Language 3.0 (from https://projects.eclipse.org/projects/ee4j.el)
+- Java Servlet 4.0 API (from )
+- Java Servlet 4.0 API (from )
- Java Servlet API (from https://projects.eclipse.org/projects/ee4j.servlet)
- Java(TM) API for WebSocket (from )
- Old JAXB Core (from )
- Old JAXB Runtime (from )
- Project Lombok (from https://projectlombok.org)
-========================================================================
-ISC
-========================================================================
-The following software have components provided under the terms of this license:
-
-- Java Native Access Platform (from https://github.com/java-native-access/jna)
-
========================================================================
ImageMagick
========================================================================
@@ -540,7 +531,6 @@ The following software have components provided under the terms of this license:
- Stax2 API (from http://github.com/FasterXML/stax2-api)
- Woodstox (from https://github.com/FasterXML/woodstox)
-- aalto-xml (from )
========================================================================
JSON
@@ -559,11 +549,31 @@ The following software have components provided under the terms of this license:
- Java Native Access Platform (from https://github.com/java-native-access/jna)
- Javassist (from http://www.javassist.org/)
- Javassist (from http://www.javassist.org/)
+- Logback Classic Module (from )
- Logback Contrib :: JSON :: Classic (from )
+- Logback Core Module (from )
- Microsoft Application Insights Java SDK Spring Boot starter (from https://github.com/Microsoft/ApplicationInsights-Java)
- Microsoft Application Insights Java SDK Web Module (from https://github.com/Microsoft/ApplicationInsights-Java)
- Microsoft Application Insights Log4j 2 Appender (from https://github.com/Microsoft/ApplicationInsights-Java)
+========================================================================
+LGPL-2.1-or-later
+========================================================================
+The following software have components provided under the terms of this license:
+
+- JBoss Threads (from )
+- Javassist (from http://www.javassist.org/)
+- Javassist (from http://www.javassist.org/)
+- SnakeYAML (from http://www.snakeyaml.org)
+
+========================================================================
+LGPL-3.0-only
+========================================================================
+The following software have components provided under the terms of this license:
+
+- Apache Log4j API (from )
+- Apache Log4j Core (from )
+
========================================================================
MIT
========================================================================
@@ -571,7 +581,6 @@ The following software have components provided under the terms of this license:
- AWS Java SDK for AWS Lambda (from https://aws.amazon.com/sdkforjava)
- Animal Sniffer Annotations (from )
-- Apache Log4j SLF4J Binding (from )
- Azure Java Client Authentication Library for AutoRest (from https://github.com/Azure/autorest-clientruntime-for-java)
- Azure Java Client Runtime for ARM (from https://github.com/Azure/autorest-clientruntime-for-java)
- Azure Java Client Runtime for AutoRest (from https://github.com/Azure/autorest-clientruntime-for-java)
@@ -580,7 +589,6 @@ The following software have components provided under the terms of this license:
- Extensions on Apache Proton-J library (from https://github.com/Azure/qpid-proton-j-extensions)
- JOpt Simple (from http://pholser.github.io/jopt-simple)
- JUL to SLF4J bridge (from http://www.slf4j.org)
-- JUL to SLF4J bridge (from http://www.slf4j.org)
- Java Client Runtime for AutoRest (from https://github.com/Azure/autorest-clientruntime-for-java)
- Java JWT (from http://www.jwt.io)
- Lucene Core (from )
@@ -601,15 +609,14 @@ The following software have components provided under the terms of this license:
- Microsoft Azure client library for KeyVault Secrets (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure common module for Storage (from https://github.com/Azure/azure-sdk-for-java)
- Microsoft Azure internal Avro module for Storage (from https://github.com/Azure/azure-sdk-for-java)
-- Mockito (from http://www.mockito.org)
- Mockito (from http://mockito.org)
+- Mockito (from http://www.mockito.org)
- Netty/Codec/HTTP (from )
- Netty/Codec/HTTP (from )
- Netty/Common (from )
- Netty/Common (from )
- Project Lombok (from https://projectlombok.org)
- SLF4J API Module (from http://www.slf4j.org)
-- SLF4J API Module (from http://www.slf4j.org)
- Spongy Castle (from http://rtyley.github.io/spongycastle/)
- Spring Data for Azure Cosmos DB SQL API (from https://github.com/Azure/azure-sdk-for-java/tree/master/sdk/cosmos/azure-spring-data-cosmos)
- adal4j (from https://github.com/AzureAD/azure-activedirectory-library-for-java)
@@ -620,7 +627,14 @@ The following software have components provided under the terms of this license:
- msal4j (from https://github.com/AzureAD/microsoft-authentication-library-for-java)
- msal4j-persistence-extension (from https://github.com/AzureAD/microsoft-authentication-extensions-for-java)
- spring-security-core (from http://spring.io/spring-security)
-- spring-security-core (from http://spring.io/spring-security)
+
+========================================================================
+MPL-1.1
+========================================================================
+The following software have components provided under the terms of this license:
+
+- Javassist (from http://www.javassist.org/)
+- Javassist (from http://www.javassist.org/)
========================================================================
MPL-2.0
@@ -629,6 +643,7 @@ The following software have components provided under the terms of this license:
- Javassist (from http://www.javassist.org/)
- Javassist (from http://www.javassist.org/)
+- OkHttp (from )
========================================================================
MS-RL
@@ -646,6 +661,20 @@ The following software have components provided under the terms of this license:
- Old JAXB Runtime (from )
- Spongy Castle (from http://rtyley.github.io/spongycastle/)
+========================================================================
+SPL-1.0
+========================================================================
+The following software have components provided under the terms of this license:
+
+- Checker Qual (from https://checkerframework.org)
+
+========================================================================
+SunPro
+========================================================================
+The following software have components provided under the terms of this license:
+
+- Lucene Core (from )
+
========================================================================
WTFPL
========================================================================
@@ -653,6 +682,13 @@ The following software have components provided under the terms of this license:
- Reflections (from http://github.com/ronmamo/reflections)
+========================================================================
+X11
+========================================================================
+The following software have components provided under the terms of this license:
+
+- Lucene Core (from )
+
========================================================================
public-domain
========================================================================
@@ -663,7 +699,6 @@ The following software have components provided under the terms of this license:
- Guava: Google Core Libraries for Java (from https://github.com/google/guava.git)
- HdrHistogram (from http://hdrhistogram.github.io/HdrHistogram/)
- Joda-Time (from http://www.joda.org/joda-time/)
-- Joda-Time (from http://www.joda.org/joda-time/)
- LatencyUtils (from http://latencyutils.github.io/LatencyUtils/)
- Microsoft Application Insights Java SDK Core (from https://github.com/Microsoft/ApplicationInsights-Java)
- Microsoft Azure SDK for EventGrid Management (from https://github.com/Azure/azure-sdk-for-java)
@@ -671,18 +706,24 @@ The following software have components provided under the terms of this license:
- Microsoft Azure client library for Blob Storage (from https://github.com/Azure/azure-sdk-for-java)
- Project Lombok (from https://projectlombok.org)
- Spring Web (from https://github.com/spring-projects/spring-framework)
-- Spring Web (from https://github.com/spring-projects/spring-framework)
- azure-documentdb (from https://azure.microsoft.com/en-us/services/cosmos-db/)
- msal4j (from https://github.com/AzureAD/microsoft-authentication-library-for-java)
+- reactive-streams (from http://www.reactive-streams.org/)
========================================================================
unknown
========================================================================
The following software have components provided under the terms of this license:
-- Byte Buddy (without dependencies) (from )
+- Byte Buddy (without dependencies) (from https://repo1.maven.org/maven2/net/bytebuddy/byte-buddy)
- JSON in Java (from https://github.com/douglascrockford/JSON-java)
- JUnit (from http://junit.org)
+- JUnit Jupiter (Aggregator) (from https://junit.org/junit5/)
- Spongy Castle (from http://rtyley.github.io/spongycastle/)
+- org.junit.jupiter:junit-jupiter-api (from http://junit.org/junit5/)
+- org.junit.jupiter:junit-jupiter-engine (from http://junit.org/junit5/)
+- org.junit.jupiter:junit-jupiter-params (from http://junit.org/junit5/)
+- org.junit.platform:junit-platform-commons (from http://junit.org/junit5/)
+- org.junit.platform:junit-platform-engine (from http://junit.org/junit5/)
diff --git a/notification-core/pom.xml b/notification-core/pom.xml
index 4fadc3d8619a364904fc97fca963b1972f4dd284..de0485a83f4b62ab52d668ba42b6c852574b6b09 100644
--- a/notification-core/pom.xml
+++ b/notification-core/pom.xml
@@ -36,6 +36,8 @@
<maven.compiler.target>${java.version}</maven.compiler.target>
<maven.compiler.source>${java.version}</maven.compiler.source>
<springfox-version>2.7.0</springfox-version>
+ <netty.version>4.1.65.Final</netty.version>
+ <undertow.version>2.1.7.Final</undertow.version>
</properties>
<dependencies>
@@ -131,11 +133,6 @@
</exclusion>
</exclusions>
</dependency>
- <dependency>
- <groupId>io.undertow</groupId>
- <artifactId>undertow-core</artifactId>
- <version>2.0.27.Final</version>
- </dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-validation</artifactId>
@@ -215,6 +212,83 @@
<artifactId>spring-test</artifactId>
<scope>test</scope>
</dependency>
+
+ <!-- overriding packages with known vulnerabilities -->
+ <!-- See: https://nvd.nist.gov/vuln/search/results?form_type=Advanced&results_type=overview&search_type=all&cpe_vendor=cpe%3A%2F%3Anetty&cpe_product=cpe%3A%2F%3Anetty%3Anetty&cpe_version=cpe%3A%2F%3Anetty%3Anetty%3A4.1.38-->
+ <!-- See: https://ossindex.sonatype.org/component/pkg:maven/com.google.oauth-client/google-oauth-client@1.30.1?utm_source=dependency-check&utm_medium=integration&utm_content=6.1.6-->
+ <!-- See: https://nvd.nist.gov/vuln/search/results?form_type=Advanced&results_type=overview&search_type=all&cpe_vendor=cpe%3A%2F%3Aredhat&cpe_product=cpe%3A%2F%3Aredhat%3Aundertow&cpe_version=cpe%3A%2F%3Aredhat%3Aundertow%3A2.0.23-->
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-transport</artifactId>
+ <version>${netty.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-transport-native-unix-common</artifactId>
+ <version>${netty.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-codec</artifactId>
+ <version>${netty.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-buffer</artifactId>
+ <version>${netty.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-common</artifactId>
+ <version>${netty.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-resolver</artifactId>
+ <version>${netty.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-handler</artifactId>
+ <version>${netty.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-codec-http</artifactId>
+ <version>${netty.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-codec-http2</artifactId>
+ <version>${netty.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>io.netty</groupId>
+ <artifactId>netty-transport-native-epoll</artifactId>
+ <version>${netty.version}</version>
+ <classifier>linux-x86_64</classifier>
+ <type>jar</type>
+ </dependency>
+ <dependency>
+ <groupId>com.google.oauth-client</groupId>
+ <artifactId>google-oauth-client</artifactId>
+ <version>1.31.5</version>
+ </dependency>
+ <dependency>
+ <groupId>io.undertow</groupId>
+ <artifactId>undertow-core</artifactId>
+ <version>${undertow.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>io.undertow</groupId>
+ <artifactId>undertow-servlet</artifactId>
+ <version>${undertow.version}</version>
+ </dependency>
+ <dependency>
+ <groupId>io.undertow</groupId>
+ <artifactId>undertow-websockets-jsr</artifactId>
+ <version>${undertow.version}</version>
+ </dependency>
</dependencies>
<build>
<plugins>
diff --git a/pom.xml b/pom.xml
index 66dac6053767ca9c32d9b671520c8289db2ca89e..e926c0eb615f49d3035dc63664a9c7cd70f2c2e5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -43,7 +43,7 @@
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-dependencies</artifactId>
- <version>2.1.7.RELEASE</version>
+ <version>2.1.18.RELEASE</version>
<type>pom</type>
<scope>import</scope>
</dependency>
@@ -53,6 +53,24 @@
<artifactId>os-core-common</artifactId>
<version>${os-core-common.version}</version>
</dependency>
+
+ <!-- overriding packages with known vulnerabilities -->
+ <!-- See: https://nvd.nist.gov/vuln/search/results?form_type=Advanced&results_type=overview&search_type=all&cpe_vendor=cpe%3A%2F%3Afasterxml&cpe_product=cpe%3A%2F%3Afasterxml%3Ajackson-databind&cpe_version=cpe%3A%2F%3Afasterxml%3Ajackson-databind%3A2.9.9-->
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-core</artifactId>
+ <version>2.12.3</version>
+ </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-databind</artifactId>
+ <version>2.12.3</version>
+ </dependency>
+ <dependency>
+ <groupId>com.fasterxml.jackson.core</groupId>
+ <artifactId>jackson-annotations</artifactId>
+ <version>2.12.3</version>
+ </dependency>
</dependencies>
</dependencyManagement>
diff --git a/provider/notification-aws/maven/settings.xml b/provider/notification-aws/maven/settings.xml
index 3dbde15f47c27d083537fa2f0b280f97f9aa54b5..1bfc43ac96aafb6790498c6f0acef3ca0818a98f 100644
--- a/provider/notification-aws/maven/settings.xml
+++ b/provider/notification-aws/maven/settings.xml
@@ -1,18 +1,19 @@
<?xml version="1.0" encoding="UTF-8"?>
<!--
- Copyright © 2020 Amazon Web Services
- Licensed under the Apache License, Version 2.0 (the "License");
- you may not use this file except in compliance with the License.
- You may obtain a copy of the License at
+Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.​
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
- http://www.apache.org/licenses/LICENSE-2.0
+ http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
-->
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0"
@@ -63,15 +64,14 @@
</server>
</servers>
- <!-- CodeArtifact doesn't support external repos yet that aren't Maven Central. ETA Q4 2020. -->
- <!-- <mirrors> -->
- <!-- <mirror> -->
- <!-- <id>aws-osdu-dev-maven</id> -->
- <!-- <name>aws-osdu-dev-maven</name> -->
- <!-- <url>https://osdu-dev-888733619319.d.codeartifact.us-east-1.amazonaws.com/maven/osdu-maven/</url> -->
- <!-- <mirrorOf>*,!gitlab-os-core-common-maven</mirrorOf> -->
- <!-- </mirror> -->
- <!-- </mirrors> -->
+ <mirrors>
+ <mirror>
+ <id>aws-osdu-dev-maven</id>
+ <name>aws-osdu-dev-maven</name>
+ <url>https://osdu-dev-${AWS_ACCOUNT_ID}.d.codeartifact.us-east-1.amazonaws.com/maven/osdu-maven/</url>
+ <mirrorOf>central,!gitlab-os-core-common-maven,!gitlab-os-core-lib-aws-maven</mirrorOf>
+ </mirror>
+ </mirrors>
<activeProfiles>
<activeProfile>credentialsConfiguration</activeProfile>
diff --git a/provider/notification-aws/pom.xml b/provider/notification-aws/pom.xml
index 677d2b4c46862ce406706553a27b0d2a0330912a..f2cf1a2f137b69bb68b806b59c8c70bc94eebcd1 100644
--- a/provider/notification-aws/pom.xml
+++ b/provider/notification-aws/pom.xml
@@ -39,16 +39,10 @@
</properties>
<dependencies>
- <!-- <dependency>
- <groupId>org.opengroup.osdu</groupId>
- <artifactId>os-core-common</artifactId>
- </dependency> -->
-
-
<dependency>
<groupId>org.opengroup.osdu.core.aws</groupId>
<artifactId>os-core-lib-aws</artifactId>
- <version>0.9.0</version>
+ <version>0.10.0-SNAPSHOT</version>
</dependency>
<!-- https://mvnrepository.com/artifact/com.amazonaws/aws-java-sdk-secretsmanager -->
@@ -94,6 +88,7 @@
<version>4.12</version>
<scope>test</scope>
</dependency>
+
</dependencies>
<build>
diff --git a/provider/notification-aws/src/main/resources/application.properties b/provider/notification-aws/src/main/resources/application.properties
index 704966d16d904a03b2c712057b97a0772d96bdac..b524fa658546350df74cca9f56401ef12e179289 100644
--- a/provider/notification-aws/src/main/resources/application.properties
+++ b/provider/notification-aws/src/main/resources/application.properties
@@ -48,3 +48,5 @@ server.ssl.key-store=${SSL_KEY_STORE_PATH:/certs/osduonaws.p12}
server.ssl.key-alias=${SSL_KEY_ALIAS:osduonaws}
server.ssl.key-password=${SSL_KEY_PASSWORD:}
server.ssl.key-store-password=${SSL_KEY_STORE_PASSWORD:}
+
+spring.autoconfigure.exclude=org.springframework.boot.autoconfigure.security.SecurityAutoConfiguration
\ No newline at end of file