Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
File Path: C:\Users\Jeremy\.m2\repository\args4j\args4j\2.37\args4j-2.37.jar MD5: f58e89e55a715448f1eac17edaf4b511 SHA1: 244f60c057d72a785227c0562d3560f42a7ea54b SHA256:5a13b0f7ff519183e55b8f453b8faaa23b92ccf0443f1fac515fedf2246bdc18 Referenced In Project/Scope: smartsprites-maven-plugin:compile args4j-2.37.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz/smartsprites@0.4.1
checker-qual contains annotations (type qualifiers) that a programmerwrites to specify Java code for type-checking by the Checker Framework.
License:
The MIT License: http://opensource.org/licenses/MIT
File Path: C:\Users\Jeremy\.m2\repository\org\checkerframework\checker-qual\3.51.1\checker-qual-3.51.1.jar MD5: 1b247ba89d3b8776fa6223324b934f56 SHA1: d69c339a293b5ec04b26c9d994cbeffb7056d122 SHA256:153aeffe56ca24f3a9b8b6c6ff813eace9620ccf35adfab91d491682e56cd5ce Referenced In Project/Scope: smartsprites-maven-plugin:compile checker-qual-3.51.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.maven/smartsprites-maven-plugin@2.4.1
The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
File Path: C:\Users\Jeremy\.m2\repository\commons-io\commons-io\2.21.0\commons-io-2.21.0.jar MD5: bc7e020873f086ede85f97bd9f013215 SHA1: 52a6f68fe5afe335cde95461dd5c3412f04996f7 SHA256:7d643a2afea8b058b762aa6fb90e5b256f6c729739f8b3784c3370ddc609e88d Referenced In Project/Scope: smartsprites-maven-plugin:compile commons-io-2.21.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz/smartsprites@0.4.1
The Apache Commons Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\commons\commons-math3\3.6.1\commons-math3-3.6.1.jar MD5: 5b730d97e4e6368069de1983937c508e SHA1: e4ba98f1d4b3c80ec46392f25e094a6a2e58fcbf SHA256:1e56d7b058d28b65abd256b8458e3885b674c1d588fa43cd7d1cbb9c7ef2b308 Referenced In Project/Scope: smartsprites-maven-plugin:compile commons-math3-3.6.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz/smartsprites@0.4.1
File Path: C:\Users\Jeremy\.m2\repository\com\google\errorprone\error_prone_annotations\2.43.0\error_prone_annotations-2.43.0.jar MD5: 59fe4a79ce3218423f4f8918f04ef22f SHA1: a4f9062316c31850b03085e45717f564fd563ceb SHA256:48272e75c16e1f7bdc7bd19529ccacd5ee170404701d7f5a23441bb5847957f5 Referenced In Project/Scope: smartsprites-maven-plugin:provided error_prone_annotations-2.43.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.maven/smartsprites-maven-plugin@2.4.1
Contains
com.google.common.util.concurrent.internal.InternalFutureFailureAccess and
InternalFutures. Most users will never need to use this artifact. Its
classes are conceptually a part of Guava, but they're in this separate
artifact so that Android libraries can use them without pulling in all of
Guava (just as they can use ListenableFuture by depending on the
listenablefuture artifact).
File Path: C:\Users\Jeremy\.m2\repository\com\google\guava\failureaccess\1.0.3\failureaccess-1.0.3.jar MD5: 29a782e90f6b37218b18bb880d2a8f4a SHA1: aeaffd00d57023a2c947393ed251f0354f0985fc SHA256:cbfc3906b19b8f55dd7cfd6dfe0aa4532e834250d7f080bd8d211a3e246b59cb Referenced In Project/Scope: smartsprites-maven-plugin:compile failureaccess-1.0.3.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz/smartsprites@0.4.1
Evidence
Type
Source
Name
Value
Confidence
Vendor
file
name
failureaccess
High
Vendor
jar
package name
common
Highest
Vendor
jar
package name
concurrent
Highest
Vendor
jar
package name
google
Highest
Vendor
jar
package name
util
Highest
Vendor
Manifest
build-jdk-spec
17
Low
Vendor
Manifest
bundle-docurl
https://github.com/google/guava/
Low
Vendor
Manifest
bundle-symbolicname
com.google.guava.failureaccess
Medium
Vendor
Manifest
multi-release
true
Low
Vendor
pom
artifactid
failureaccess
Highest
Vendor
pom
artifactid
failureaccess
Low
Vendor
pom
groupid
com.google.guava
Highest
Vendor
pom
name
Guava InternalFutureFailureAccess and InternalFutures
High
Vendor
pom
parent-artifactid
guava-parent
Low
Product
file
name
failureaccess
High
Product
jar
package name
common
Highest
Product
jar
package name
concurrent
Highest
Product
jar
package name
google
Highest
Product
jar
package name
util
Highest
Product
Manifest
build-jdk-spec
17
Low
Product
Manifest
bundle-docurl
https://github.com/google/guava/
Low
Product
Manifest
Bundle-Name
Guava InternalFutureFailureAccess and InternalFutures
Medium
Product
Manifest
bundle-symbolicname
com.google.guava.failureaccess
Medium
Product
Manifest
multi-release
true
Low
Product
pom
artifactid
failureaccess
Highest
Product
pom
groupid
com.google.guava
Highest
Product
pom
name
Guava InternalFutureFailureAccess and InternalFutures
File Path: C:\Users\Jeremy\.m2\repository\com\google\guava\guava\33.5.0-jre\guava-33.5.0-jre.jar MD5: d9fbf39a41a5bab891348f07668e18c5 SHA1: 8699de25f2f979108d6c1b804a7ba38cda1116bc SHA256:1e301f0c52ac248b0b14fdc3d12283c77252d4d6f48521d572e7d8c4c2cc4ac7 Referenced In Project/Scope: smartsprites-maven-plugin:compile guava-33.5.0-jre.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz/smartsprites@0.4.1
A set of annotations that provide additional information to the J2ObjC
translator to modify the result of translation.
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\j2objc\j2objc-annotations\3.1\j2objc-annotations-3.1.jar MD5: abe8bd3abff622b9a8b15c3a737aa741 SHA1: a892ca9507839bbdb900d64310ac98256cab992f SHA256:84d3a150518485f8140ea99b8a985656749629f6433c92b80c75b36aba3b099b Referenced In Project/Scope: smartsprites-maven-plugin:provided j2objc-annotations-3.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.maven/smartsprites-maven-plugin@2.4.1
An artifact of well-named and well-specified annotations to power static analysis checks
License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\org\jspecify\jspecify\1.0.0\jspecify-1.0.0.jar MD5: 9133aba420d0ca3b001dbb6ae9992cf6 SHA1: 7425a601c1c7ec76645a78d22b8c6a627edee507 SHA256:1fad6e6be7557781e4d33729d49ae1cdc8fdda6fe477bb0cc68ce351eafdfbab Referenced In Project/Scope: smartsprites-maven-plugin:compile jspecify-1.0.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz/smartsprites@0.4.1
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\com\google\code\findbugs\jsr305\3.0.2\jsr305-3.0.2.jar MD5: dd83accb899363c32b07d7a1b2e4ce40 SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7 Referenced In Project/Scope: smartsprites-maven-plugin:provided jsr305-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.spotbugs/spotbugs-annotations@4.9.8
An empty artifact that Guava depends on to signal that it is providing
ListenableFuture -- but is also available in a second "version" that
contains com.google.common.util.concurrent.ListenableFuture class, without
any other Guava classes. The idea is:
- If users want only ListenableFuture, they depend on listenablefuture-1.0.
- If users want all of Guava, they depend on guava, which, as of Guava
27.0, depends on
listenablefuture-9999.0-empty-to-avoid-conflict-with-guava. The 9999.0-...
version number is enough for some build systems (notably, Gradle) to select
that empty artifact over the "real" listenablefuture-1.0 -- avoiding a
conflict with the copy of ListenableFuture in guava itself. If users are
using an older version of Guava or a build system other than Gradle, they
may see class conflicts. If so, they can solve them by manually excluding
the listenablefuture artifact or manually forcing their build systems to
use 9999.0-....
File Path: C:\Users\Jeremy\.m2\repository\com\google\guava\listenablefuture\9999.0-empty-to-avoid-conflict-with-guava\listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar MD5: d094c22570d65e132c19cea5d352e381 SHA1: b421526c5f297295adef1c886e5246c39d4ac629 SHA256:b372a037d4230aa57fbeffdef30fd6123f9c0c2db85d0aced00c91b974f33f99 Referenced In Project/Scope: smartsprites-maven-plugin:compile listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz/smartsprites@0.4.1
Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!
License:
The MIT License: https://projectlombok.org/LICENSE
File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.42\lombok-1.18.42.jar MD5: f29149836e0187fb9fd95d82dc718d36 SHA1: 8365263844ebb62398e0dc33057ba10ba472d3b8 SHA256:3488a4e9994c26596baaceebee58cad36a50e3bdaec5be72b5834d3c3b560306 Referenced In Project/Scope: smartsprites-maven-plugin:provided lombok-1.18.42.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.maven/smartsprites-maven-plugin@2.4.1
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-artifact\3.9.11\maven-artifact-3.9.11.jar MD5: a4f0e4baaf853053f701ff0924de6358 SHA1: b0f6b246f5626936ecae7531d0a3deb76789bab9 SHA256:0bfd1c121f907642344311d81e4dfd93eba6c24dc712cc0aeae273eb22833022 Referenced In Project/Scope: smartsprites-maven-plugin:provided maven-artifact-3.9.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-plugin-api@3.9.11
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-model\3.9.11\maven-model-3.9.11.jar MD5: 34391ac48570063189c15f912b30fc3c SHA1: 067ea52736eaf94e26be0635e6084d7dd04d5700 SHA256:163aa596f976264384efeb50b4cb8a806086fd64a9b755ad1f69195fed3998ad Referenced In Project/Scope: smartsprites-maven-plugin:provided maven-model-3.9.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-plugin-api@3.9.11
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugin-tools\maven-plugin-annotations\3.15.2\maven-plugin-annotations-3.15.2.jar MD5: 6b86f30960ce2f9eac20c6657db588a2 SHA1: dfc79f3b5b0c3afd01f55b8b01310f457568d2a4 SHA256:979d3cf8f4ac804cc27d2f8a6db07f2149d58ccd59bb3d589cc46bb9a44c0b4b Referenced In Project/Scope: smartsprites-maven-plugin:provided maven-plugin-annotations-3.15.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.maven/smartsprites-maven-plugin@2.4.1
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-plugin-api\3.9.11\maven-plugin-api-3.9.11.jar MD5: 9ca7de6288d7d7b5d3e98dbf089ac8d3 SHA1: fbe89a71892cc54bf7a3de8db442a025911704bb SHA256:8e985a56412564cf687040efed8bcd3a63eac2202a824bb01e1d5ece2b87458f Referenced In Project/Scope: smartsprites-maven-plugin:provided maven-plugin-api-3.9.11.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.maven/smartsprites-maven-plugin@2.4.1
File Path: C:\Users\Jeremy\.m2\repository\org\gaul\modernizer-maven-annotations\3.2.0\modernizer-maven-annotations-3.2.0.jar MD5: 127396b14eb51fd93eb587308f079768 SHA1: 23a99089ff682152e86ab1691a8232db325def09 SHA256:9f9396f361f0d45d435355c1f2b57980307abd81f3131083ec18f54fbbaa5ecb Referenced In Project/Scope: smartsprites-maven-plugin:provided modernizer-maven-annotations-3.2.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.maven/smartsprites-maven-plugin@2.4.1
Plexus-JSR330 adapter; adds Plexus support to the Sisu-Inject container
License:
"Eclipse Public License, Version 2.0";link="https://www.eclipse.org/legal/epl-v20.html"
File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\sisu\org.eclipse.sisu.plexus\0.9.0.M4\org.eclipse.sisu.plexus-0.9.0.M4.jar MD5: 51eea54bbc85323fc68f6a79f9b8f179 SHA1: 478f7935e88cd9da7ef01f509e4853e80ede9034 SHA256:b90579bc652eac7331436e0a25533fce14130b9c6e015f2dd3a3d4bb07e942b7 Referenced In Project/Scope: smartsprites-maven-plugin:provided org.eclipse.sisu.plexus-0.9.0.M4.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-plugin-api@3.9.11
Evidence
Type
Source
Name
Value
Confidence
Vendor
file
name
org.eclipse.sisu.plexus
High
Vendor
jar
package name
eclipse
Highest
Vendor
jar
package name
plexus
Highest
Vendor
jar
package name
sisu
Highest
Vendor
Manifest
build-jdk-spec
21
Low
Vendor
Manifest
bundle-copyright
Copyright (c) 2010-present Sonatype, Inc. and others
File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-classworlds\2.9.0\plexus-classworlds-2.9.0.jar MD5: 64e4ee5a1298f866d00f705e02058200 SHA1: ace0820f34de49f69511f5263bcebb09fac9731a SHA256:1ad3292cd563381e3fd632f3fded1988f9e9b2be7a9f3db63ff4c4cedba13fa5 Referenced In Project/Scope: smartsprites-maven-plugin:provided plexus-classworlds-2.9.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-plugin-api@3.9.11
Plexus Component "Java 5" Annotations, to describe plexus components properties in java sources with
standard annotations instead of javadoc annotations.
File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-component-annotations\2.1.0\plexus-component-annotations-2.1.0.jar MD5: 141fd7a2ae613cb17d25ecd54b43eb3f SHA1: 2f2147a6cc6a119a1b51a96f31d45c557f6244b9 SHA256:bde3617ce9b5bcf9584126046080043af6a4b3baea40a3b153f02e7bbc32acac Referenced In Project/Scope: smartsprites-maven-plugin:provided plexus-component-annotations-2.1.0.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/org.apache.maven/maven-plugin-api@3.9.11
A collection of various utility classes to ease working with strings, files, command lines and
more.
License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-utils\4.0.2\plexus-utils-4.0.2.jar MD5: 4cfdd73e436702d319d551a44fcea500 SHA1: 9526a9548b302572f23337fcc217fb4cc713b9c3 SHA256:8957274e75fe2c278b1428dd16a0daeee1dd38152cb6eff816177ac28fccb697 Referenced In Project/Scope: smartsprites-maven-plugin:compile plexus-utils-4.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.maven/smartsprites-maven-plugin@2.4.1
A collection of various utility classes to ease working with XML in Maven 3.
File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-xml\3.0.2\plexus-xml-3.0.2.jar MD5: e2feab7a114ac4a144632670734db7e4 SHA1: 70c207ae478a5011a14dcefe56f4bbda16e3bc87 SHA256:6a49fe0c49a06b5bcd6073ff16580fcb0dd87c50295e97a9fa9f95619b69921c Referenced In Project/Scope: smartsprites-maven-plugin:compile plexus-xml-3.0.2.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.maven/smartsprites-maven-plugin@2.4.1
CSS Sprites Generator Done Right. SmartSprites maintains CSS sprites in your designs,
fully automatically. No tedious copying and pasting to your CSS when adding or changing
sprited images.
File Path: C:\Users\Jeremy\.m2\repository\com\github\hazendaz\smartsprites\0.4.1\smartsprites-0.4.1.jar MD5: b3ef5ae9253945ccdf997d321bc49410 SHA1: e33c72215415bee082e6f2fee942098616e7ca97 SHA256:0264dff59b5111921421b5048b25bf685a8ef6fdd3c77dff931f98d4dd0b86cb Referenced In Project/Scope: smartsprites-maven-plugin:compile smartsprites-0.4.1.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.maven/smartsprites-maven-plugin@2.4.1
GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html
File Path: C:\Users\Jeremy\.m2\repository\com\github\spotbugs\spotbugs-annotations\4.9.8\spotbugs-annotations-4.9.8.jar MD5: d4c2e7bd090be697ad409a4e75684a94 SHA1: ca4a2783a6123e67124fd7feb4caccd2e2ac9a73 SHA256:6f69d6fe9c55a54dcb30e87d8fa2d5f52246af50d7a3445246d9539ef221be1c Referenced In Project/Scope: smartsprites-maven-plugin:provided spotbugs-annotations-4.9.8.jar is in the transitive dependency tree of the listed items.Included by: pkg:maven/com.github.hazendaz.maven/smartsprites-maven-plugin@2.4.1