From 8963bd2471eaa97422c054f40d1c5949a077bc15 Mon Sep 17 00:00:00 2001 From: "Amol.Dashwant" Date: Wed, 17 Jul 2024 12:32:40 +0530 Subject: [PATCH 1/2] Dependabot reported issues fixed --- CHANGELOG.md | 1 + DEPENDENCIES | 178 +++++++++++++++++++++++++-------------------------- pom.xml | 12 ++-- 3 files changed, 95 insertions(+), 96 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 03270f3..2e099e2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) ### Fixed - Dependabot reported security issues fixed. - Pom changes for dependency check +- Dependabot spring, spring-web, spring-security-core, spring cloud, protobuf-javalite and guava version issues fixed. ### Changed - Updated API health check details in documentation diff --git a/DEPENDENCIES b/DEPENDENCIES index 9c28800..083a8c0 100644 --- a/DEPENDENCIES +++ b/DEPENDENCIES @@ -1,24 +1,24 @@ -maven/mavencentral/ch.qos.logback/logback-classic/1.4.14, EPL-1.0 AND LGPL-2.1-only, approved, #15230 -maven/mavencentral/ch.qos.logback/logback-core/1.4.14, EPL-1.0 AND LGPL-2.1-only, approved, #15209 +maven/mavencentral/ch.qos.logback/logback-classic/1.5.6, EPL-1.0 AND LGPL-2.1-only, approved, #15279 +maven/mavencentral/ch.qos.logback/logback-core/1.5.6, EPL-1.0 AND LGPL-2.1-only, approved, #15210 maven/mavencentral/com.apicatalog/titanium-json-ld/1.1.0, Apache-2.0, approved, clearlydefined maven/mavencentral/com.danubetech/key-formats-java/1.6.0, Apache-2.0, approved, #10950 maven/mavencentral/com.danubetech/verifiable-credentials-java/1.1.0, Apache-2.0, approved, #10953 -maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.15.4, Apache-2.0, approved, #15260 -maven/mavencentral/com.fasterxml.jackson.core/jackson-core/2.15.4, , approved, #15194 -maven/mavencentral/com.fasterxml.jackson.core/jackson-databind/2.15.4, Apache-2.0, approved, #15199 -maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml/2.15.4, Apache-2.0, approved, #15207 -maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jdk8/2.15.4, Apache-2.0, approved, #15281 -maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jsr310/2.15.4, Apache-2.0, approved, #15189 -maven/mavencentral/com.fasterxml.jackson.module/jackson-module-parameter-names/2.15.4, Apache-2.0, approved, #15219 -maven/mavencentral/com.fasterxml/classmate/1.6.0, Apache-2.0, approved, clearlydefined +maven/mavencentral/com.fasterxml.jackson.core/jackson-annotations/2.17.1, Apache-2.0, approved, #13672 +maven/mavencentral/com.fasterxml.jackson.core/jackson-core/2.17.1, , approved, #13665 +maven/mavencentral/com.fasterxml.jackson.core/jackson-databind/2.17.1, Apache-2.0, approved, #13671 +maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-yaml/2.17.1, Apache-2.0, approved, #13669 +maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jdk8/2.17.1, Apache-2.0, approved, #15117 +maven/mavencentral/com.fasterxml.jackson.datatype/jackson-datatype-jsr310/2.17.1, Apache-2.0, approved, #14160 +maven/mavencentral/com.fasterxml.jackson.module/jackson-module-parameter-names/2.17.1, Apache-2.0, approved, #15122 +maven/mavencentral/com.fasterxml/classmate/1.7.0, Apache-2.0, approved, clearlydefined maven/mavencentral/com.github.multiformats/java-multibase/v1.1.0, MIT AND BSD-3-Clause AND EPL-1.0 AND Apache-2.0, approved, #4095 maven/mavencentral/com.google.code.findbugs/jsr305/3.0.2, CC-BY-2.5, approved, #15220 -maven/mavencentral/com.google.errorprone/error_prone_annotations/2.18.0, Apache-2.0, approved, clearlydefined -maven/mavencentral/com.google.guava/failureaccess/1.0.1, Apache-2.0, approved, CQ22654 -maven/mavencentral/com.google.guava/guava/32.1.1-jre, Apache-2.0 AND CC0-1.0 AND LicenseRef-Public-Domain, approved, #9229 +maven/mavencentral/com.google.errorprone/error_prone_annotations/2.26.1, Apache-2.0, approved, #13657 +maven/mavencentral/com.google.guava/failureaccess/1.0.2, Apache-2.0, approved, CQ22654 +maven/mavencentral/com.google.guava/guava/33.2.1-jre, Apache-2.0 AND CC0-1.0 AND (Apache-2.0 AND CC-PDDC), approved, #14607 maven/mavencentral/com.google.guava/listenablefuture/9999.0-empty-to-avoid-conflict-with-guava, Apache-2.0, approved, CQ22657 -maven/mavencentral/com.google.j2objc/j2objc-annotations/2.8, Apache-2.0, approved, clearlydefined -maven/mavencentral/com.google.protobuf/protobuf-javalite/3.22.3, BSD-3-Clause, approved, clearlydefined +maven/mavencentral/com.google.j2objc/j2objc-annotations/3.0.0, Apache-2.0, approved, #13676 +maven/mavencentral/com.google.protobuf/protobuf-javalite/4.27.2, BSD-3-Clause, approved, clearlydefined maven/mavencentral/com.goterl/lazysodium-java/5.1.1, MPL-2.0, approved, #10952 maven/mavencentral/com.goterl/resource-loader/2.0.1, MIT, approved, clearlydefined maven/mavencentral/com.jayway.jsonpath/json-path/2.9.0, Apache-2.0, approved, clearlydefined @@ -35,53 +35,52 @@ maven/mavencentral/info.weboftrust/ld-signatures-java/1.2.0, Apache-2.0, approve maven/mavencentral/io.github.erdtman/java-json-canonicalization/1.1, Apache-2.0, approved, clearlydefined maven/mavencentral/io.github.openfeign.form/feign-form-spring/3.8.0, Apache-2.0, approved, clearlydefined maven/mavencentral/io.github.openfeign.form/feign-form/3.8.0, Apache-2.0, approved, clearlydefined -maven/mavencentral/io.github.openfeign/feign-core/13.1, Apache-2.0, approved, clearlydefined -maven/mavencentral/io.github.openfeign/feign-slf4j/13.1, Apache-2.0, approved, clearlydefined -maven/mavencentral/io.micrometer/micrometer-commons/1.12.3, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #11679 -maven/mavencentral/io.micrometer/micrometer-core/1.12.3, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #11678 -maven/mavencentral/io.micrometer/micrometer-jakarta9/1.12.3, Apache-2.0, approved, #12923 -maven/mavencentral/io.micrometer/micrometer-observation/1.12.3, Apache-2.0, approved, #11680 +maven/mavencentral/io.github.openfeign/feign-core/13.3, Apache-2.0, approved, clearlydefined +maven/mavencentral/io.github.openfeign/feign-slf4j/13.3, Apache-2.0, approved, clearlydefined +maven/mavencentral/io.micrometer/micrometer-commons/1.13.1, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #14826 +maven/mavencentral/io.micrometer/micrometer-core/1.13.1, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #14827 +maven/mavencentral/io.micrometer/micrometer-jakarta9/1.13.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/io.micrometer/micrometer-observation/1.13.1, Apache-2.0, approved, #14829 maven/mavencentral/io.setl/rdf-urdna/1.1, Apache-2.0, approved, clearlydefined maven/mavencentral/io.swagger.core.v3/swagger-annotations-jakarta/2.2.21, Apache-2.0, approved, #5947 maven/mavencentral/io.swagger.core.v3/swagger-core-jakarta/2.2.21, Apache-2.0, approved, #5929 maven/mavencentral/io.swagger.core.v3/swagger-models-jakarta/2.2.21, Apache-2.0, approved, #5919 maven/mavencentral/io.vavr/vavr-match/0.10.4, Apache-2.0, approved, clearlydefined maven/mavencentral/io.vavr/vavr/0.10.4, Apache-2.0, approved, clearlydefined -maven/mavencentral/jakarta.activation/jakarta.activation-api/2.1.2, EPL-2.0 OR BSD-3-Clause OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.jaf +maven/mavencentral/jakarta.activation/jakarta.activation-api/2.1.3, EPL-2.0 OR BSD-3-Clause OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.jaf maven/mavencentral/jakarta.annotation/jakarta.annotation-api/2.1.1, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.ca maven/mavencentral/jakarta.validation/jakarta.validation-api/3.0.2, Apache-2.0, approved, ee4j.validation -maven/mavencentral/jakarta.xml.bind/jakarta.xml.bind-api/4.0.1, BSD-3-Clause, approved, ee4j.jaxb +maven/mavencentral/jakarta.xml.bind/jakarta.xml.bind-api/4.0.2, BSD-3-Clause, approved, ee4j.jaxb maven/mavencentral/junit/junit/4.13.2, EPL-2.0, approved, CQ23636 -maven/mavencentral/net.bytebuddy/byte-buddy-agent/1.14.12, Apache-2.0, approved, #7164 -maven/mavencentral/net.bytebuddy/byte-buddy/1.14.12, Apache-2.0 AND BSD-3-Clause, approved, #7163 +maven/mavencentral/net.bytebuddy/byte-buddy-agent/1.14.17, Apache-2.0, approved, #7164 +maven/mavencentral/net.bytebuddy/byte-buddy/1.14.17, Apache-2.0 AND BSD-3-Clause, approved, #7163 maven/mavencentral/net.java.dev.jna/jna/5.8.0, Apache-2.0 OR LGPL-2.1-or-later, approved, CQ23217 maven/mavencentral/net.jcip/jcip-annotations/1.0, CC-BY-2.5, approved, clearlydefined -maven/mavencentral/net.minidev/accessors-smart/2.5.0, Apache-2.0, approved, clearlydefined -maven/mavencentral/net.minidev/json-smart/2.5.0, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.apache.commons/commons-lang3/3.13.0, Apache-2.0, approved, #9820 -maven/mavencentral/org.apache.logging.log4j/log4j-api/2.21.1, Apache-2.0 AND (Apache-2.0 AND LGPL-2.0-or-later), approved, #11079 -maven/mavencentral/org.apache.logging.log4j/log4j-to-slf4j/2.21.1, Apache-2.0, approved, #15262 -maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-core/10.1.19, Apache-2.0 AND (EPL-2.0 OR GPL-2.0-only WITH Classpath-exception-2.0) AND (CDDL-1.0 OR GPL-2.0-only WITH Classpath-exception-2.0) AND W3C AND CC0-1.0, approved, #5949 -maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-el/10.1.19, Apache-2.0, approved, #6997 -maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-websocket/10.1.19, Apache-2.0, approved, #7920 -maven/mavencentral/org.apache.tomcat/tomcat-annotations-api/10.1.19, Apache-2.0, approved, #8196 +maven/mavencentral/net.minidev/accessors-smart/2.5.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/net.minidev/json-smart/2.5.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.apache.commons/commons-lang3/3.14.0, Apache-2.0, approved, #11677 +maven/mavencentral/org.apache.logging.log4j/log4j-api/2.23.1, Apache-2.0, approved, #13368 +maven/mavencentral/org.apache.logging.log4j/log4j-to-slf4j/2.23.1, Apache-2.0, approved, #15121 +maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-core/10.1.25, Apache-2.0 AND (EPL-2.0 OR (GPL-2.0 WITH Classpath-exception-2.0)) AND CDDL-1.0 AND (CDDL-1.1 OR (GPL-2.0-only WITH Classpath-exception-2.0)) AND EPL-2.0, approved, #15195 +maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-el/10.1.25, Apache-2.0, approved, #6997 +maven/mavencentral/org.apache.tomcat.embed/tomcat-embed-websocket/10.1.25, Apache-2.0, approved, #7920 +maven/mavencentral/org.apache.tomcat/tomcat-annotations-api/10.1.25, Apache-2.0, approved, #8196 maven/mavencentral/org.apiguardian/apiguardian-api/1.1.2, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.aspectj/aspectjweaver/1.9.21, Apache-2.0 AND BSD-3-Clause AND EPL-1.0 AND BSD-3-Clause AND Apache-1.1, approved, #15252 -maven/mavencentral/org.assertj/assertj-core/3.24.2, Apache-2.0, approved, #6161 -maven/mavencentral/org.awaitility/awaitility/4.2.0, Apache-2.0, approved, #14178 +maven/mavencentral/org.assertj/assertj-core/3.25.3, Apache-2.0, approved, #12585 +maven/mavencentral/org.awaitility/awaitility/4.2.1, Apache-2.0, approved, #14178 maven/mavencentral/org.bitcoinj/bitcoinj-core/0.16.1, Apache-2.0, approved, clearlydefined maven/mavencentral/org.bouncycastle/bcprov-jdk18on/1.78.1, MIT AND CC0-1.0, approved, #14433 -maven/mavencentral/org.checkerframework/checker-qual/3.33.0, MIT, approved, clearlydefined +maven/mavencentral/org.checkerframework/checker-qual/3.42.0, MIT, approved, clearlydefined maven/mavencentral/org.glassfish/jakarta.json/2.0.0, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.jsonp maven/mavencentral/org.hamcrest/hamcrest-core/2.2, BSD-3-Clause, approved, clearlydefined maven/mavencentral/org.hamcrest/hamcrest/2.2, BSD-3-Clause, approved, clearlydefined -maven/mavencentral/org.hdrhistogram/HdrHistogram/2.1.12, CC0-1.0, approved, #15259 +maven/mavencentral/org.hdrhistogram/HdrHistogram/2.2.2, BSD-2-Clause AND CC0-1.0 AND CC0-1.0, approved, #14828 maven/mavencentral/org.hibernate.validator/hibernate-validator/8.0.1.Final, Apache-2.0, approved, clearlydefined maven/mavencentral/org.jboss.logging/jboss-logging/3.5.3.Final, Apache-2.0, approved, #9471 -maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib-common/1.9.22, Apache-2.0, approved, #14186 -maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib-jdk7/1.9.22, Apache-2.0, approved, #14188 -maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib-jdk8/1.9.22, Apache-2.0, approved, #14185 -maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib/1.9.22, Apache-2.0, approved, #11827 +maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib-common/1.9.24, Apache-2.0, approved, #14186 +maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib-jdk7/1.9.24, Apache-2.0, approved, #14188 +maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib-jdk8/1.9.24, Apache-2.0, approved, #14185 +maven/mavencentral/org.jetbrains.kotlin/kotlin-stdlib/1.9.24, Apache-2.0, approved, #11827 maven/mavencentral/org.jetbrains/annotations/13.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.junit.jupiter/junit-jupiter-api/5.10.2, EPL-2.0, approved, #9714 maven/mavencentral/org.junit.jupiter/junit-jupiter-engine/5.10.2, EPL-2.0, approved, #9711 @@ -91,59 +90,58 @@ maven/mavencentral/org.junit.platform/junit-platform-commons/1.10.2, EPL-2.0, ap maven/mavencentral/org.junit.platform/junit-platform-engine/1.10.2, EPL-2.0, approved, #9709 maven/mavencentral/org.junit.vintage/junit-vintage-engine/5.10.2, EPL-2.0, approved, #9717 maven/mavencentral/org.latencyutils/LatencyUtils/2.0.3, CC0-1.0, approved, #15280 -maven/mavencentral/org.mockito/mockito-core/5.7.0, MIT AND (Apache-2.0 AND MIT) AND Apache-2.0, approved, #11424 -maven/mavencentral/org.mockito/mockito-junit-jupiter/5.7.0, MIT, approved, #11423 +maven/mavencentral/org.mockito/mockito-core/5.11.0, MIT AND (Apache-2.0 AND MIT) AND Apache-2.0, approved, #13505 +maven/mavencentral/org.mockito/mockito-junit-jupiter/5.11.0, MIT, approved, #13504 maven/mavencentral/org.objenesis/objenesis/3.3, Apache-2.0, approved, clearlydefined maven/mavencentral/org.opentest4j/opentest4j/1.3.0, Apache-2.0, approved, #9713 -maven/mavencentral/org.ow2.asm/asm/9.3, BSD-3-Clause, approved, clearlydefined -maven/mavencentral/org.projectlombok/lombok/1.18.30, MIT, approved, #15192 +maven/mavencentral/org.ow2.asm/asm/9.6, BSD-3-Clause, approved, #10776 +maven/mavencentral/org.projectlombok/lombok/1.18.32, MIT, approved, #15192 maven/mavencentral/org.skyscreamer/jsonassert/1.5.1, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.slf4j/jul-to-slf4j/2.0.12, MIT, approved, #7698 -maven/mavencentral/org.slf4j/slf4j-api/2.0.12, MIT, approved, #5915 +maven/mavencentral/org.slf4j/jul-to-slf4j/2.0.13, MIT, approved, #7698 +maven/mavencentral/org.slf4j/slf4j-api/2.0.13, MIT, approved, #5915 maven/mavencentral/org.springdoc/springdoc-openapi-starter-common/2.5.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.springdoc/springdoc-openapi-starter-webmvc-api/2.5.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.springdoc/springdoc-openapi-starter-webmvc-ui/2.5.0, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.boot/spring-boot-actuator-autoconfigure/3.2.3, Apache-2.0, approved, #11921 -maven/mavencentral/org.springframework.boot/spring-boot-actuator/3.2.3, Apache-2.0, approved, #11918 -maven/mavencentral/org.springframework.boot/spring-boot-autoconfigure/3.2.3, Apache-2.0, approved, #11751 -maven/mavencentral/org.springframework.boot/spring-boot-configuration-processor/3.2.3, Apache-2.0, approved, #12915 -maven/mavencentral/org.springframework.boot/spring-boot-starter-actuator/3.2.3, Apache-2.0, approved, #12918 -maven/mavencentral/org.springframework.boot/spring-boot-starter-aop/3.2.3, Apache-2.0, approved, #11928 -maven/mavencentral/org.springframework.boot/spring-boot-starter-json/3.2.3, Apache-2.0, approved, #11894 -maven/mavencentral/org.springframework.boot/spring-boot-starter-logging/3.2.3, Apache-2.0, approved, #11890 -maven/mavencentral/org.springframework.boot/spring-boot-starter-oauth2-resource-server/3.2.3, Apache-2.0, approved, #11931 -maven/mavencentral/org.springframework.boot/spring-boot-starter-security/3.2.3, Apache-2.0, approved, #12069 -maven/mavencentral/org.springframework.boot/spring-boot-starter-test/3.2.3, Apache-2.0, approved, #12917 -maven/mavencentral/org.springframework.boot/spring-boot-starter-tomcat/3.2.3, Apache-2.0, approved, #11923 -maven/mavencentral/org.springframework.boot/spring-boot-starter-validation/3.2.3, Apache-2.0, approved, #12921 -maven/mavencentral/org.springframework.boot/spring-boot-starter-web/3.2.3, Apache-2.0, approved, #11916 -maven/mavencentral/org.springframework.boot/spring-boot-starter/3.2.3, Apache-2.0, approved, #11935 -maven/mavencentral/org.springframework.boot/spring-boot-test-autoconfigure/3.2.3, Apache-2.0, approved, #12920 -maven/mavencentral/org.springframework.boot/spring-boot-test/3.2.3, Apache-2.0, approved, #12916 -maven/mavencentral/org.springframework.boot/spring-boot/3.2.3, Apache-2.0, approved, #11752 -maven/mavencentral/org.springframework.cloud/spring-cloud-commons/4.1.0, Apache-2.0, approved, #13495 -maven/mavencentral/org.springframework.cloud/spring-cloud-context/4.1.0, Apache-2.0, approved, #13494 -maven/mavencentral/org.springframework.cloud/spring-cloud-openfeign-core/4.1.0, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.cloud/spring-cloud-starter-openfeign/4.1.0, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.cloud/spring-cloud-starter/4.1.0, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.security/spring-security-config/6.2.2, Apache-2.0, approved, #11896 -maven/mavencentral/org.springframework.security/spring-security-core/6.2.3, Apache-2.0, approved, #11904 -maven/mavencentral/org.springframework.security/spring-security-crypto/6.2.2, Apache-2.0 AND ISC, approved, #11908 -maven/mavencentral/org.springframework.security/spring-security-oauth2-core/6.2.2, Apache-2.0, approved, #11925 -maven/mavencentral/org.springframework.security/spring-security-oauth2-jose/6.2.2, Apache-2.0, approved, #11893 -maven/mavencentral/org.springframework.security/spring-security-oauth2-resource-server/6.2.2, Apache-2.0, approved, #11920 -maven/mavencentral/org.springframework.security/spring-security-rsa/1.1.1, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.springframework.security/spring-security-test/6.2.2, Apache-2.0, approved, #12922 -maven/mavencentral/org.springframework.security/spring-security-web/6.2.2, Apache-2.0, approved, #11911 -maven/mavencentral/org.springframework/spring-aop/6.1.4, Apache-2.0, approved, #15221 -maven/mavencentral/org.springframework/spring-beans/6.1.4, Apache-2.0, approved, #15213 -maven/mavencentral/org.springframework/spring-context/6.1.4, Apache-2.0, approved, #15261 -maven/mavencentral/org.springframework/spring-core/6.1.4, Apache-2.0 AND BSD-3-Clause, approved, #15206 -maven/mavencentral/org.springframework/spring-expression/6.1.4, Apache-2.0, approved, #15264 -maven/mavencentral/org.springframework/spring-jcl/6.1.4, Apache-2.0, approved, #15266 -maven/mavencentral/org.springframework/spring-test/6.1.4, Apache-2.0, approved, #12919 -maven/mavencentral/org.springframework/spring-web/6.1.6, Apache-2.0, approved, #15188 -maven/mavencentral/org.springframework/spring-webmvc/6.1.4, Apache-2.0, approved, #15182 +maven/mavencentral/org.springframework.boot/spring-boot-actuator-autoconfigure/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-actuator/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-autoconfigure/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-configuration-processor/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-starter-actuator/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-starter-json/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-starter-logging/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-starter-oauth2-resource-server/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-starter-security/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-starter-test/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-starter-tomcat/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-starter-validation/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-starter-web/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-starter/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-test-autoconfigure/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot-test/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.boot/spring-boot/3.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.cloud/spring-cloud-commons/4.1.4, Apache-2.0, approved, #13495 +maven/mavencentral/org.springframework.cloud/spring-cloud-context/4.1.4, Apache-2.0, approved, #13494 +maven/mavencentral/org.springframework.cloud/spring-cloud-openfeign-core/4.1.3, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.cloud/spring-cloud-starter-openfeign/4.1.3, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.cloud/spring-cloud-starter/4.1.4, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.security/spring-security-config/6.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.security/spring-security-core/6.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.security/spring-security-crypto/6.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.security/spring-security-oauth2-core/6.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.security/spring-security-oauth2-jose/6.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.security/spring-security-oauth2-resource-server/6.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.security/spring-security-rsa/1.1.3, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.security/spring-security-test/6.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework.security/spring-security-web/6.3.1, Apache-2.0, approved, clearlydefined +maven/mavencentral/org.springframework/spring-aop/6.1.10, Apache-2.0, approved, #15221 +maven/mavencentral/org.springframework/spring-beans/6.1.10, Apache-2.0, approved, #15213 +maven/mavencentral/org.springframework/spring-context/6.1.10, Apache-2.0, approved, #15261 +maven/mavencentral/org.springframework/spring-core/6.1.10, Apache-2.0 AND BSD-3-Clause, approved, #15206 +maven/mavencentral/org.springframework/spring-expression/6.1.10, Apache-2.0, approved, #15264 +maven/mavencentral/org.springframework/spring-jcl/6.1.10, Apache-2.0, approved, #15266 +maven/mavencentral/org.springframework/spring-test/6.1.10, Apache-2.0, approved, #15265 +maven/mavencentral/org.springframework/spring-web/6.1.11, Apache-2.0, approved, #15188 +maven/mavencentral/org.springframework/spring-webmvc/6.1.10, Apache-2.0, approved, #15182 maven/mavencentral/org.web3j/abi/5.0.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.web3j/crypto/5.0.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.web3j/rlp/5.0.0, Apache-2.0, approved, clearlydefined diff --git a/pom.xml b/pom.xml index cee6dd1..f19c513 100644 --- a/pom.xml +++ b/pom.xml @@ -26,7 +26,7 @@ org.springframework.boot spring-boot-starter-parent - 3.2.3 + 3.3.1 com.tsystems @@ -37,7 +37,7 @@ 17 ^ - 4.1.0 + 4.1.3 1.0.3-SNAPSHOT @@ -145,12 +145,12 @@ com.google.protobuf protobuf-javalite - 3.22.3 + 4.27.2 com.google.guava guava - 32.1.1-jre + 33.2.1-jre com.nimbusds @@ -165,12 +165,12 @@ org.springframework spring-web - 6.1.6 + 6.1.11 org.springframework.security spring-security-core - 6.2.3 + 6.3.1 From dd43de8f20f9198427b318f284a250fcb39b6246 Mon Sep 17 00:00:00 2001 From: "Amol.Dashwant" Date: Wed, 17 Jul 2024 14:17:31 +0530 Subject: [PATCH 2/2] Open API doc added under docs/api directory --- CHANGELOG.md | 3 + docs/api/openAPI.yaml | 158 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 161 insertions(+) create mode 100644 docs/api/openAPI.yaml diff --git a/CHANGELOG.md b/CHANGELOG.md index 2e099e2..c31db09 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -5,6 +5,9 @@ All notable changes to this project will be documented in this file. The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/) ## [Unreleased] + +### Added +- Current OpenAPI file added under /docs/api directory. ### Fixed - Dependabot reported security issues fixed. - Pom changes for dependency check diff --git a/docs/api/openAPI.yaml b/docs/api/openAPI.yaml new file mode 100644 index 0000000..63a7dc8 --- /dev/null +++ b/docs/api/openAPI.yaml @@ -0,0 +1,158 @@ +################################################################################# +# Copyright (c) 2024 T-Systems International GmbH +# Copyright (c) 2024 Contributors to the Eclipse Foundation +# +# See the NOTICE file(s) distributed with this work for additional +# information regarding copyright ownership. +# +# This program and the accompanying materials are made available under the +# terms of the Apache License, Version 2.0 which is available at +# https://www.apache.org/licenses/LICENSE-2.0. +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT +# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the +# License for the specific language governing permissions and limitations +# under the License. +# +# SPDX-License-Identifier: Apache-2.0 +################################################################################ + +openapi: 3.0.0 +info: + version: Release3 + title: SD-Factory API + description: API for creating and storing the Verifiable Credentials +paths: + /api/rel3/selfdescription: + post: + summary: Creates a Verifiable Credential and returns it + operationId: selfdescriptionPost + requestBody: + required: true + description: parameters to generate VC + content: + application/json: + schema: + oneOf: + - $ref: '#/components/schemas/LegalParticipantSchema' + - $ref: '#/components/schemas/ServiceOfferingSchema' + discriminator: + propertyName: type + mapping: + LegalParticipant: '#/components/schemas/LegalParticipantSchema' + ServiceOffering: '#/components/schemas/ServiceOfferingSchema' + examples: + LegalParticipant: + description: payload to create LegalParticipant + value: + externalId: ID01234-123-4321 + type: LegalParticipant + holder: BPNL000000000000 + issuer: CAXSDUMMYCATENAZZ + registrationNumber: + - type: taxID + value: o12345678 + headquarterAddress.country: DE + legalAddress.country: DE + bpn: BPNL000000000000 + ServiceOffering: + description: payload to create ServiceOffering + value: + externalId: ID01234-123-4321 + type: ServiceOffering + holder: BPNL000000000000 + issuer: CAXSDUMMYCATENAZZ + providedBy: https://participant.url + aggregationOf: https://aggr1.url, https://aggr2.url + termsAndConditions: https://raw.githubusercontent.com/eclipse-tractusx/sd-factory/main/LICENSE + policies: policy1, policy2 + responses: + '202': + description: request has been accepted for processing +components: + securitySchemes: + bearerAuth: # arbitrary name for the security scheme + type: http + scheme: bearer + bearerFormat: JWT # optional, arbitrary value for documentation purposes + schemas: + SelfDescriptionSchema: + type: object + properties: + type: + type: string + holder: + type: string + issuer: + type: string + externalId: + type: string + required: + - type + - holder + - issuer + - externalId + RegistrationNumberSchema: + type: object + description: Registration Number element + properties: + type: + type: string + description: the mean to request data retrieval + enum: + - taxID + - local + - vatID + - EUID + - EORI + - leiCode + value: + type: string + description: Registration Number value + minLength: 1 + maxLength: 128 + LegalParticipantSchema: + type: object + allOf: + - $ref: '#/components/schemas/SelfDescriptionSchema' + - type: object + properties: + registrationNumber: + type: array + uniqueItems: true + minItems: 1 + maxItems: 512 + description: A list of registration numbers + items: + $ref: '#/components/schemas/RegistrationNumberSchema' + headquarterAddress.country: + type: string + legalAddress.country: + type: string + bpn: + type: string + required: + - registrationNumber + - headquarterAddress.country + - legalAddress.country + - bpn + ServiceOfferingSchema: + type: object + allOf: + - $ref: '#/components/schemas/SelfDescriptionSchema' + - type: object + properties: + providedBy: + type: string + format: uri + aggregationOf: + type: string + termsAndConditions: + type: string + policies: + type: string + required: + - providedBy +security: + - bearerAuth: []