OWASP Foundation CycloneDX Maven plugin 2.7.10 1cc7f6a0382f8bb2f758d6a6ea401d1b a4297947a1f2d7d453105db542651614bbd37f38 bd0fdd8f2f2116eee5e715aeac1580f19eb7a10ec2b6f805b53567067658e872 9cde8352a427e10b96cae01348fc7cfe5d4aa9cd0a5e5dd93b414ce3bb7d112993c3b3004e53af52567fbfa16de0704ec59a5556a635ad70571fd124ae389f39 93d7bf5b5c735347edfbfbd66810273ca840f9a322b816d22d44c3d8e8255c09e86570bb23712aeb0cade0f478be5aeb 4467f16e9ca32190a6e49c65339eb28ee5e8c78f4e918fcf95128a4b7648898de56ccb43eacfad0c9391ef8cdb7d629a ed2996c99b483e969221d5e9a40f562ea2ab85442d361d72a90e85266a3ed781 c8e6ea9ddc38edc77e284b3bf541663e84752bdc59ed1935799847a48a14ea2fa531b61008fefcba37d732a56702a11ac112437b9b80d18f4ecc8ef0ecfb32cf The Apache Software Foundation org.apache.logging.log4j log4j-docker 2.23.1 Apache Log4j Docker Support Apache-2.0 https://www.apache.org/licenses/LICENSE-2.0 pkg:maven/org.apache.logging.log4j/log4j-docker@2.23.1?type=jar https://logging.apache.org/log4j/2.x/ https://github.com/apache/logging-log4j2/actions https://logging.apache.org/log4j/2.x/download.html https://github.com/apache/logging-log4j2/issues https://lists.apache.org/list.html?log4j-user@logging.apache.org https://github.com/apache/logging-log4j2 https://logging.apache.org/cyclonedx/vdr.xml makeBom compile,provided,runtime,system enabled The Apache Software Foundation org.apache.logging.log4j log4j-api 2.23.1 The Apache Log4j API required bee2e2dcbeeb983bdb6b71c9c3476b6a 9c15c29c526d9c6783049c0a77722693c66706e1 92ec1fd36ab3bc09de6198d2d7c0914685c0f7127ea931acc32fd2ecdd82ea89 2a296246b0059ff5fe5c26e2ba3f48aa99e38d7658d613fbd02f32c6d4262f93a67525e6cc4d767fa5c2ab0e39e70bb3c0d3966d38ea4f01608588c084af3162 3937cb646009763a94b199a0d6c0065441b9914e2b25e3d58db523874ea760276b445ff300015948d3a813217e0ee404 16ea3301ca37fbede2927399209b403066621789c4f1bee531b5153f27b652458900697fb828170d541a5f3b82e77fb7 0a3dfffc0f362b0a86ad0cd8b36da313c7500a8bdecb0ad7e628c2637d933548 2e230994b8cb7442a2073d60f89c27703ffc78b613dec7891bbfa42e91c95ed684b387ed65df3ee48559ccc06e6877462748f7e2ef985082c8db0741feb576a8 Apache-2.0 https://www.apache.org/licenses/LICENSE-2.0 pkg:maven/org.apache.logging.log4j/log4j-api@2.23.1?type=jar https://logging.apache.org/log4j/2.x/log4j/log4j-api/ https://github.com/apache/logging-log4j2/actions https://logging.apache.org/logging-parent/latest/#distribution https://github.com/apache/logging-log4j2/issues https://lists.apache.org/list.html?log4j-user@logging.apache.org https://github.com/apache/logging-log4j2 https://logging.apache.org/cyclonedx/vdr.xml The Apache Software Foundation org.apache.logging.log4j log4j-core 2.23.1 The Apache Log4j Implementation required 34fad2df975cf874a2fdf4b797122f16 905802940e2c78042d75b837c136ac477d2b4e4d 7079368005fc34f56248f57f8a8a53361c3a53e9007d556dbc66fc669df081b5 0862144475f4a5ed67c8ab4bf163e02a89c1cdde18cd3dd3811075bd7a4cd33bab5cb824c3dac8d16afa74e9e267a1120b6c18bbf3d586f37d740e06a1af1b15 d2608dd33e2dd3e50a663d942660db80bb62c39afa3fe4155de6bad235b4ee637f97488cb21e9d22750bdd279a44634a a4d3ebc98bba16601879fe05ca40c4ca442e8d8177795d286c19ac14040b750f1a9adbffbea982e4636bdd8798918883 80fc801f0be9b360024407409c8eae4d5fdfbfb520ec968500a9196446d77817 1d7923e1bf2bf28f9e5f0990b36cff5c5e8b3409ae848ee903c970a0af22da3d4ae81dfb335d2ecfb3cdf3f09dec08bf2d2f1f8dd2702c766fa373975f551205 Apache-2.0 https://www.apache.org/licenses/LICENSE-2.0 pkg:maven/org.apache.logging.log4j/log4j-core@2.23.1?type=jar https://logging.apache.org/log4j/2.x/log4j/log4j-core/ https://github.com/apache/logging-log4j2/actions https://logging.apache.org/logging-parent/latest/#distribution https://github.com/apache/logging-log4j2/issues https://lists.apache.org/list.html?log4j-user@logging.apache.org https://github.com/apache/logging-log4j2 https://logging.apache.org/cyclonedx/vdr.xml FasterXML com.fasterxml.jackson.core jackson-annotations 2.16.1 Core annotations used for value types, used by Jackson data binding package. required 1c1e081b6b61ee1f1cb0ef52eef45d61 fd441d574a71e7d10a4f73de6609f881d8cdfeec a4730771e6a495dd3793a42cdb8ce6bddb96c77e15f40c98fd8d9a7ae09e7286 2e268340c11ff606df14cc963e5a4c97b22c69dbe09b9ee96873b6553aa97ba703f94dd85cc05704a35c4ae1651fc37d23d87e94bbad39f2a3a63fc2b3f754b1 27d294ee2a7519f851bd9da37eefd432b13e2ba2ee94e5bcc8587d8d251c8d00537fe583912681f5d43fc92f29dc23ac f80ca2f1d7b49ca06c999f287249874979295312ad61fae7dba101a084825c2f7200b0a252c67e36b8f185cb5b70b490 28db760c602a501079b88e94eb4cea2e59895a688e6ea66e447b51adac113e0a acc6d03c8674438bac5e2b09e1615b11d202c12aa720e9205d820543cc2762f9a3497bf9de9f8239844db23ccf0b52cbd3255aff422c03de490c60ce2c4787ee Apache-2.0 pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.16.1?type=jar https://github.com/FasterXML/jackson https://oss.sonatype.org/service/local/staging/deploy/maven2/ https://github.com/FasterXML/jackson-annotations/issues https://github.com/FasterXML/jackson-annotations FasterXML com.fasterxml.jackson.core jackson-core 2.16.1 Core Jackson processing abstractions (aka Streaming API), implementation for JSON required 0f51c6a7d713aed6e044cf1692bb59f4 9456bb3cdd0f79f91a5f730a1b1bb041a380c91f f5f8ef90609e64fec82eb908e497dc7d81b2eb983fe509b870292a193cde4dfb 1f1551b0512a0ac3fc883db62472901c91051586616804daec24268ceaed409faaa1f1695df2f6220fa389aeb54802eb51dec439322bc7383507b45c08cbe17b 24b8435650ceba20008563d8bb9db4a8aca74d7ffa33e95efc6ac576d71f39d5ab228c133b413c6c852c34d905a249cf f15db08b5d9ff6b475507afeb587a30bf6fe050d216cadf1bcd9fccaac0a59fd6bb1e8533ee8a48bb6075801b6f617ce 5fc0bd6adc8b1f3e96b835acc703cb1a4a977deb1f44d0b9314ea25b83c2f36f 7273a7e983ef1e9c7195aa36dba2d0b7b35600f844f61a54c1a80e4590c987257411f8e17a2fb9252849fd8c5ab9fb40f14ae288159a0e98c337020fb8679a1d Apache-2.0 pkg:maven/com.fasterxml.jackson.core/jackson-core@2.16.1?type=jar https://github.com/FasterXML/jackson-core https://oss.sonatype.org/service/local/staging/deploy/maven2/ https://github.com/FasterXML/jackson-core/issues https://github.com/FasterXML/jackson-core FasterXML com.fasterxml.jackson.core jackson-databind 2.16.1 General data-binding functionality for Jackson: works on core streaming API required ac71b868569d329136f2c63f34dd2c89 02a16efeb840c45af1e2f31753dfe76795278b73 baf8a8ebee8f45ef68cdd5e2dd3923b3e296c0937b96ec0b4806aa3a31bccd1d e826126759ef714b35c546a524d0fc82e8ae38ad19d0502a58d360926aef3d13492092372302fcea19e78b24432838a40023ebf5dfae4e8c566478c4833ea998 6e46bf61e034085444b1a708fbb6926ddd46ccaa75c20c9765c1a98c266449169d7a28e6197224f46cc4c15201187ab6 649d02e2265bc92d75876b31006f1cb2fe33788da8edb06ebc5b798e964ba7a8d6b96d21053b01e5fe3cf27a63a8b66c d58b494fb40bb93c799c315293daf81fb6d0bf418d38b912aab1c37b4de1db77 c3950b04417dee7450b36f3428005a2f118c8ce0388f2c2470f5543cac3106215b6b591848775176892951f2ea7a608c7d02280067d5cfae1634e0f3e306e628 Apache-2.0 pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.16.1?type=jar https://github.com/FasterXML/jackson https://oss.sonatype.org/service/local/staging/deploy/maven2/ https://github.com/FasterXML/jackson-databind/issues https://github.com/FasterXML/jackson-databind Bndtools biz.aQute.bnd biz.aQute.bnd.annotation 7.0.0 bnd Annotations Library required 0339bd011cf13131841417c0de7452f5 8ad279ebf0d04ea89c5ce4d934189d0d16bb6d50 a0090390963dd2092f8abb6d76092bab1696494d2e31b127f5b1b2bf29c08638 6e96cffe60466e9bd5730c93686a6ae252958be6202ba07d235239f0033b9a1cc53faad327ddaebab9eab30825b881acc6296777851028c7fad5668cbbe99c81 f51cd44911333bf7c2f58bdf7440062c138005c8332be3bf69b0ab0d9d93af4d1e1dde3a4eae5bfae92e835b70e6f561 7e93113ee29b6fbed02fbeac096582476b0b7c04703a54ecf0c3c89cab6fff06bc486d072c78f5a19e2c7da1c603b9d2 e0a35d4ec2afe652ef58a37a9f2491349527e86c7a1b37d13436fdfef77f32b2 62783affe413b5419c08008094a43e63712c65d6e4a0cd345e58e1a7c66dc32a08f2e68852d14641d30da31d665091c19571809145f769480cb0b80e0ad003e9 (Apache-2.0 OR EPL-2.0) https://opensource.org/licenses/Apache-2.0,https://opensource.org/licenses/EPL-2.0 pkg:maven/biz.aQute.bnd/biz.aQute.bnd.annotation@7.0.0?type=jar https://bnd.bndtools.org/ https://github.com/bndtools/bnd OSGi Alliance org.osgi org.osgi.resource 1.0.0 OSGi Companion Code for org.osgi.resource Version 1.0.0. required 7d857a4203e2996fab0cf070133e43df 343c88949132984b3f2d4175a72c40b77dc65619 81fc50f1f1d38a4af28e131907d4afe213249aab05060484edca0e60c4af9b4a 4e798790856f83f50832db80bfab64dfceeff1c509d7dde43e74a9f9192ea7a7d5ea77b9b1e81291fa6ba3dcef5ab8fa791ca8093a72a08d7ca6f6499e13e506 73038c395166552b64b6b5469bd8056584f48d19b5762df2e8bd2770405ed8f6071e397a87d9a7ed39f8c2e0e8ab85b2 e06c8a460b3bf06d6cb22237aeffa6afd2eadd9461096c67b768a14603ad8aaa88f891d03cf0a273a99d86906c1c8eb3 1097cfd20e80ce368fd828a23ad7c32a202cebd92106f6ebb88ba55ca74349ee d7b710e1e0484badb875f326c602c90df6705df48b0f057320919a5255d3ecbddd7053eabc68787480a70aebd7e553e9f51728112e1fa0846c849366b7e8d69b Apache-2.0 pkg:maven/org.osgi/org.osgi.resource@1.0.0?type=jar http://www.osgi.org/ https://osgi.org/git/build.git OSGi Alliance org.osgi org.osgi.service.serviceloader 1.0.0 OSGi Companion Code for org.osgi.service.serviceloader Version 1.0.0. required 4943f0102a6d893c4dd77f369a5f0537 3728ff37909c6a3c1870b3e851342d9f2bd3cc63 8f876ce2a9aa4e95b1f1952950255103e2487425050a654f3285447ba601c154 a7def4cb7a8ed992645faa80a780e0b30bd39c1587b5bcb65fe170d10842d0d880c2849edd50c64807fe0e4b9cc0051337d1b161d0d390465d9e63a762861c49 1e480694b8a541da4cd1e044d3f3ea3cd55152515ac022b80d865b6654242506c2138daabb4e71c30d36b12b9aaf676d 7f076af200ae9c2bd9f235b949aee01a1a758c8aac10fee8b98ec2497197d2029117d5627eb0eabd9b42979eb1baa009 83b1dce69c4c899176eb6e368e434ecb77dfed7c436530b8c5d08b9b6f2430aa 5debde53a7ead231dcd907467d59728f59cae4eb3b967c19808f78890bd97d2f04657cad9c093e88f9818338b0b3b38a57c66400ebcff61fbb26d18e9f7bf8ed Apache-2.0 pkg:maven/org.osgi/org.osgi.service.serviceloader@1.0.0?type=jar http://www.osgi.org/ https://osgi.org/git/build.git Google LLC com.google.errorprone error_prone_annotations 2.24.1 Error Prone is a static analysis tool for Java that catches common programming mistakes at compile-time. required 345bbebec9b3c68d2638c0f6809436dc 32b299e45105aa9b0df8279c74dc1edfcf313ff0 19fe2f7155d20ea093168527999da98108103ee546d1e8b726bc4b27c31a3c30 75a8d055b90fc2be2198d8502299b5e4f08a81d87b15334a788a719e155f006b23c3648a4574be831de932db212593a2b004584948c394adb8272ed7d5844c94 b474fabb3ed301583358187787cb89161d4ea3a5e46d66aaf4317bfa74cba0063f53872c30fbc130af505537ac72f9c3 5d5456af3f5d809c6e1fbe13b6b65c71b442dcff66e087bf1be3958e582c7565135cf61f7b3bff55cee6d27a74365d01 39119e15f4769fdd5b018c1c9cae88c78e9454e05666731e8a703f47ed903693 d25c633ed33e217d71076ecf76040c13e3d8dfcc9eda1a2300a718a8699317de0b87680bfa5e499bf8c51f133408ab24c93e47393aa8c4300e92db0d683b48d6 Apache-2.0 pkg:maven/com.google.errorprone/error_prone_annotations@2.24.1?type=jar https://errorprone.info/error_prone_annotations https://github.com/google/error-prone/error_prone_annotations Eclipse Foundation org.osgi osgi.annotation 8.1.0 OSGi Annotation Release 8, Annotations for use in compiling bundles required 3bcfab9c55a2bcc158aa4953084021b6 59d42736bcc0af2144ba5c1a12ff7c08ea4b7e12 68afeb86a5322675d4dfe3df5863c7d8a37b34c18e3a8e41553f1ab3ac15d78f a190fa888fd22c2c31455d672b3e50ca79fa9f02269b9d45f6e6fc189dc8f90d20663e290f151a851e010b52ce87e62dc5079253c3e59caa72f11ea6248ffb26 581c88a48fc7df5edae29712f943ef780fb0f32b4eee10dfcaa879f122f19fd1645b961b38bc0a97dd894d89952fdb68 ab4fab76440671def19eb0ca3370d8f0f8a915df4ec92e5aa2b9e12a4b97aa49301c51ccd28a2d2718beec6fe8105bc6 6849ce4a9cad5dbf2dce1ad817442821a633f8ae10ab1ccde69ac46d26127a46 3c3ce68b5ae1ea157f78d72a210cc152375fd8819a7c85ed5c718fbe387ffb522715e1b0dfa5094caed1e8bbe4b8fcc6d2aadd1cd3851f4c0fffebda5acaebba Apache-2.0 https://www.apache.org/licenses/LICENSE-2.0 pkg:maven/org.osgi/osgi.annotation@8.1.0?type=jar https://docs.osgi.org/ https://github.com/osgi/osgi Eclipse Foundation org.osgi org.osgi.annotation.bundle 2.0.0 OSGi Companion Code for org.osgi.annotation.bundle Version 2.0.0 required 19115314a0ce4cfb711a811dcc0be0a3 f5c2cd6e670c3c5d440d3003efd5ef2ead5c68eb b9c9546ec5be3ebc2e85ba4919150ad76d64594805282fc895133a47d264a7ae f16b8983240ba3c08d6bc78e2eae92e89eb528f32a705961d90b463def0a5ed1ba08cc3d0be38b5dcfb946c6f759df772e122fb769e58e8c20aa79a489a1fd21 88217b7d3a2d9a0a3f005162b95d68ba2bd29629688b2c32e93e4587d89fe6bd468f5c62ef422ebf2b609d402e62ff56 c7ee64dd3e235d900d01d8629b82245303d34a006e1edcd2571ef736d9c6256dcb718be326ad4909cb6d2cea26118ea9 9adcacb036caf30d17a13fcd5952a35e011678b1dbfabafdff73dba065ace8a3 76bec6bb2cdbc8da043760a7aedd51203c8d70b740c9b8de0ba6b0cf9ad991a58059566e7f62dee30606f32d267b2596d5bd5e885c73e336ae7fff6cf7f970db Apache-2.0 https://www.apache.org/licenses/LICENSE-2.0 pkg:maven/org.osgi/org.osgi.annotation.bundle@2.0.0?type=jar https://docs.osgi.org/ https://github.com/osgi/osgi Eclipse Foundation org.osgi org.osgi.annotation.versioning 1.1.2 OSGi Companion Code for org.osgi.annotation.versioning Version 1.1.2 required a61b3b8d09c85ad296c61e21bf77ec70 dc3cd4ec96c0b3c5459fe00694bd73a816ecf93e f51f235e80df8ffbc30ef1b557b6ea38a696632d675404ec117e952978b8b863 a4c612bec624a168f25f0923d51925bbc914686673eeebd5b2442998b876f05855e2b0a6e6e9aca4a6533ed3156b0d24f94c3e508ee9778e1b2e469be318afa3 68a2046f083a2e77304622a56d07c0e73ba88534af4a87b5428cebf8b638c40ce21bbac089a8b5520ad488c946b633ea 930734f6979650191d51cd8bf1f9ab4548d307950735aa98e2dbda7aecc19b49d01a3b968824f6df2ffafce65e122c60 513392d0e8ddd873d04c5cf4f402a9cfe094413832bb859fe37b70fd0512dd12 3d2bd7d2eb784a9fab4b09c42adb0722363079235340f1915bb82a99f1c5e616ee8f3dc34d2c90b941d2651dcb4f393c7fea3e23b579456a696604148d10f22b Apache-2.0 https://www.apache.org/licenses/LICENSE-2.0 pkg:maven/org.osgi/org.osgi.annotation.versioning@1.1.2?type=jar https://docs.osgi.org/ https://github.com/osgi/osgi com.github.spotbugs spotbugs-annotations 4.8.3 Annotations the SpotBugs tool supports required cd5917b77643c3a7ba5420aea78f940c 05d2dc4ca5b632976371155252499819aea372ed e5d4f60be8e57595766ba7f1d4535dc46aebf98dae05e16372a4d4120d3ebb6b 1a64f6911a94654d440ce4918395af0cbdee79696acbcf727af79134b02e6be17956fffa8f39e05fa9e22e336041443eb31165b338164b48a1c70f947e66d68b 6875428ea8454185df4ac50b6551f9d9ba7d9152083eec2ecc5046aa464767982abfe0733c258f2dfed9fc3f2ad68add 25422667753a299021150558bf094a6bd5a521a0b736d94866f807f3246b11a0574e9e480f85c7a894258979afdaedd4 116a3c20fdd3253ab1cfc1bdc95c8d4eb3c454b3f7d89af1d2b87bde4b890c88 0e9ee42600abe9496fedc2d82cd71e51fd05f26c0094c1710025d3931b79507a3502a9f9e83fddefeb6ed784123c7faa7251bd58368e78cdcc218481cd05045d LGPL-2.1-only pkg:maven/com.github.spotbugs/spotbugs-annotations@4.8.3?type=jar https://spotbugs.github.io/ https://github.com/spotbugs/spotbugs/ com.google.code.findbugs jsr305 3.0.2 JSR305 Annotations for Findbugs required dd83accb899363c32b07d7a1b2e4ce40 25ea2e8b0c338a877313bd4672d3fe056ea78f0d 766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7 bb09db62919a50fa5b55906013be6ca4fc7acb2e87455fac5eaf9ede2e41ce8bbafc0e5a385a561264ea4cd71bbbd3ef5a45e02d63277a201d06a0ae1636f804 ca0b169d3eb2d0922dc031133a021f861a043bb3e405a88728215fd6ff00fa52fdc7347842dcc2031472e3726164bdc4 9903fd7505218999f8262efedb3d935d64bcef84aae781064ab5e1b24755466b269517cada562fa140cd1d417ede57a1 223fda9a89a461afaae73b177a2dc20ed4a90f2f8757f5c65f3241b0510f00ff 3996b5af57a5d5c6a0cd62b11773360fb051dd86a2ba968476806a2a5d32049b82d69a24a3c694e8fe4d735be6a28e41000cc500cc2a9fb577e058045855d2d6 Apache-2.0 pkg:maven/com.google.code.findbugs/jsr305@3.0.2?type=jar http://findbugs.sourceforge.net/ https://oss.sonatype.org/service/local/staging/deploy/maven2/ https://code.google.com/p/jsr-305/