This is an automated email from the ASF dual-hosted git repository.
rzo1 pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/storm.git
The following commit(s) were added to refs/heads/master by this push:
new a87dc930f STORM-4029 - Bump org.apache.commons:commons-compress from
1.21 to 1.26.0 (#3625)
a87dc930f is described below
commit a87dc930fbb70868d796f4b741487a2b7c595c1a
Author: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
AuthorDate: Wed Feb 21 15:17:27 2024 +0100
STORM-4029 - Bump org.apache.commons:commons-compress from 1.21 to 1.26.0
(#3625)
* Bump org.apache.commons:commons-compress from 1.21 to 1.26.0
Bumps org.apache.commons:commons-compress from 1.21 to 1.26.0.
---
updated-dependencies:
- dependency-name: org.apache.commons:commons-compress
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <[email protected]>
* Fix license
---------
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot]
<49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Richard Zowalla <[email protected]>
---
DEPENDENCY-LICENSES | 71 +++++++++++++++++++++--------------------------------
LICENSE-binary | 2 +-
pom.xml | 10 +++++++-
3 files changed, 38 insertions(+), 45 deletions(-)
diff --git a/DEPENDENCY-LICENSES b/DEPENDENCY-LICENSES
index 791098959..d0d87b6ef 100644
--- a/DEPENDENCY-LICENSES
+++ b/DEPENDENCY-LICENSES
@@ -9,36 +9,6 @@ List of third-party dependencies grouped by their license type.
* Protocol Buffers [Core] (com.google.protobuf:protobuf-java:3.3.0 -
https://developers.google.com/protocol-buffers/protobuf-java/)
* ReflectASM (com.esotericsoftware:reflectasm:1.11.9 -
https://github.com/EsotericSoftware/reflectasm)
- Apache-2.0
-
- * ActiveMQ :: Client (org.apache.activemq:activemq-client:5.18.3 -
http://activemq.apache.org/activemq-client)
- * Apache Avro (org.apache.avro:avro:1.11.3 - https://avro.apache.org)
- * Apache Commons FileUpload (commons-fileupload:commons-fileupload:1.5
- https://commons.apache.org/proper/commons-fileupload/)
- * Apache Commons Lang (org.apache.commons:commons-lang3:3.13.0 -
https://commons.apache.org/proper/commons-lang/)
- * Apache Commons Pool (org.apache.commons:commons-pool2:2.12.0 -
https://commons.apache.org/proper/commons-pool/)
- * Apache Commons Text (org.apache.commons:commons-text:1.11.0 -
https://commons.apache.org/proper/commons-text)
- * Apache Directory API ASN.1 API
(org.apache.directory.api:api-asn1-api:2.1.4 -
https://directory.apache.org/api-parent/api-asn1-parent/api-asn1-api/)
- * Apache Directory API ASN.1 BER
(org.apache.directory.api:api-asn1-ber:2.1.4 -
https://directory.apache.org/api-parent/api-asn1-parent/api-asn1-ber/)
- * Apache Directory LDAP API I18n
(org.apache.directory.api:api-i18n:2.1.4 -
https://directory.apache.org/api-parent/api-i18n/)
- * Apache Directory LDAP API Model
(org.apache.directory.api:api-ldap-model:2.1.4 -
https://directory.apache.org/api-parent/api-ldap-parent/api-ldap-model/)
- * Apache Directory LDAP API Utilities
(org.apache.directory.api:api-util:2.1.4 -
https://directory.apache.org/api-parent/api-util/)
- * Apache Log4j 1.x Compatibility API
(org.apache.logging.log4j:log4j-1.2-api:2.21.1 -
https://logging.apache.org/log4j/2.x/log4j/log4j-1.2-api/)
- * Apache Log4j API (org.apache.logging.log4j:log4j-api:2.21.1 -
https://logging.apache.org/log4j/2.x/log4j/log4j-api/)
- * Apache Log4j Core (org.apache.logging.log4j:log4j-core:2.21.1 -
https://logging.apache.org/log4j/2.x/log4j/log4j-core/)
- * Apache Log4j SLF4J Binding
(org.apache.logging.log4j:log4j-slf4j-impl:2.21.1 -
https://logging.apache.org/log4j/2.x/log4j/log4j-slf4j-impl/)
- * Apache Log4j Web (org.apache.logging.log4j:log4j-web:2.21.1 -
https://logging.apache.org/log4j/2.x/log4j/log4j-web/)
- * Gson (com.google.code.gson:gson:2.10.1 -
https://github.com/google/gson/gson)
- * Maven Plugin Tools Java Annotations
(org.apache.maven.plugin-tools:maven-plugin-annotations:3.8.1 -
https://maven.apache.org/plugin-tools/maven-plugin-annotations)
- * snappy-java (org.xerial.snappy:snappy-java:1.1.10.4 -
https://github.com/xerial/snappy-java)
-
- Apache-2.0, LGPL-2.1-or-later
-
- * Java Native Access (net.java.dev.jna:jna:5.10.0 -
https://github.com/java-native-access/jna)
-
- Apache 2.0 License
-
- * Apache MINA Core (org.apache.mina:mina-core:2.2.2 -
https://mina.apache.org/mina-core/)
-
Apache License
* carbonite (org.clojars.bipinprasad:carbonite:1.6.0 -
https://github.com/bipinprasad/carbonite)
@@ -46,6 +16,7 @@ List of third-party dependencies grouped by their license
type.
Apache License, Version 2.0
+ * ActiveMQ :: Client (org.apache.activemq:activemq-client:5.18.3 -
http://activemq.apache.org/activemq-client)
* Aether :: API (org.sonatype.aether:aether-api:1.7 -
http://aether.sonatype.org/aether-api/)
* Aether :: Implementation (org.sonatype.aether:aether-impl:1.7 -
http://aether.sonatype.org/aether-impl/)
* Aether :: SPI (org.sonatype.aether:aether-spi:1.7 -
http://aether.sonatype.org/aether-spi/)
@@ -56,6 +27,7 @@ List of third-party dependencies grouped by their license
type.
* Annotations for Metrics
(io.dropwizard.metrics:metrics-annotation:4.1.16 -
https://metrics.dropwizard.io/metrics-annotation)
* Apache Ant Core (org.apache.ant:ant:1.9.1 - http://ant.apache.org/)
* Apache Ant Launcher (org.apache.ant:ant-launcher:1.9.1 -
http://ant.apache.org/)
+ * Apache Avro (org.apache.avro:avro:1.11.3 - https://avro.apache.org)
* Apache Calcite Avatica
(org.apache.calcite.avatica:avatica-core:1.11.0 -
https://calcite.apache.org/avatica/avatica-core)
* Apache Calcite Avatica (Shaded)
(org.apache.calcite.avatica:avatica:1.11.0 -
https://calcite.apache.org/avatica/avatica)
* Apache Calcite Avatica Metrics
(org.apache.calcite.avatica:avatica-metrics:1.11.0 -
https://calcite.apache.org/avatica/avatica-metrics)
@@ -64,17 +36,26 @@ List of third-party dependencies grouped by their license
type.
* Apache Commons Codec (commons-codec:commons-codec:1.11 -
http://commons.apache.org/proper/commons-codec/)
* Apache Commons Collections
(commons-collections:commons-collections:3.2.2 -
http://commons.apache.org/collections/)
* Apache Commons Collections
(org.apache.commons:commons-collections4:4.4 -
https://commons.apache.org/proper/commons-collections/)
- * Apache Commons Compress (org.apache.commons:commons-compress:1.21 -
https://commons.apache.org/proper/commons-compress/)
+ * Apache Commons Compress (org.apache.commons:commons-compress:1.26.0
- https://commons.apache.org/proper/commons-compress/)
* Apache Commons Configuration
(org.apache.commons:commons-configuration2:2.8.0 -
https://commons.apache.org/proper/commons-configuration/)
* Apache Commons Crypto (org.apache.commons:commons-crypto:1.1.0 -
https://commons.apache.org/proper/commons-crypto/)
* Apache Commons CSV (org.apache.commons:commons-csv:1.4 -
http://commons.apache.org/proper/commons-csv/)
* Apache Commons Exec (org.apache.commons:commons-exec:1.3 -
http://commons.apache.org/proper/commons-exec/)
+ * Apache Commons FileUpload (commons-fileupload:commons-fileupload:1.5
- https://commons.apache.org/proper/commons-fileupload/)
* Apache Commons IO (commons-io:commons-io:2.11.0 -
https://commons.apache.org/proper/commons-io/)
+ * Apache Commons Lang (org.apache.commons:commons-lang3:3.13.0 -
https://commons.apache.org/proper/commons-lang/)
* Apache Commons Logging (commons-logging:commons-logging:1.2 -
http://commons.apache.org/proper/commons-logging/)
* Apache Commons Math (org.apache.commons:commons-math3:3.6.1 -
http://commons.apache.org/proper/commons-math/)
* Apache Commons Net (commons-net:commons-net:3.9.0 -
https://commons.apache.org/proper/commons-net/)
+ * Apache Commons Pool (org.apache.commons:commons-pool2:2.12.0 -
https://commons.apache.org/proper/commons-pool/)
+ * Apache Commons Text (org.apache.commons:commons-text:1.11.0 -
https://commons.apache.org/proper/commons-text)
* Apache Curator (org.apache.curator:apache-curator:2.12.0 -
http://curator.apache.org)
* Apache Derby Database Engine and Embedded JDBC Driver
(org.apache.derby:derby:10.14.1.0 - http://db.apache.org/derby/)
+ * Apache Directory API ASN.1 API
(org.apache.directory.api:api-asn1-api:2.1.4 -
https://directory.apache.org/api-parent/api-asn1-parent/api-asn1-api/)
+ * Apache Directory API ASN.1 BER
(org.apache.directory.api:api-asn1-ber:2.1.4 -
https://directory.apache.org/api-parent/api-asn1-parent/api-asn1-ber/)
+ * Apache Directory LDAP API I18n
(org.apache.directory.api:api-i18n:2.1.4 -
https://directory.apache.org/api-parent/api-i18n/)
+ * Apache Directory LDAP API Model
(org.apache.directory.api:api-ldap-model:2.1.4 -
https://directory.apache.org/api-parent/api-ldap-parent/api-ldap-model/)
+ * Apache Directory LDAP API Utilities
(org.apache.directory.api:api-util:2.1.4 -
https://directory.apache.org/api-parent/api-util/)
* Apache Geronimo JCache Spec 1.0
(org.apache.geronimo.specs:geronimo-jcache_1.0_spec:1.0-alpha-1 -
http://geronimo.apache.org/maven/specs/geronimo-jcache_1.0_spec/1.0-alpha-1)
* Apache Groovy (org.codehaus.groovy:groovy-all:2.4.11 -
http://groovy-lang.org)
* Apache Hadoop Annotations
(org.apache.hadoop:hadoop-annotations:3.3.6 - no url defined)
@@ -134,12 +115,18 @@ List of third-party dependencies grouped by their license
type.
* Apache HttpCore NIO (org.apache.httpcomponents:httpcore-nio:4.4.15 -
http://hc.apache.org/httpcomponents-core-ga)
* Apache Ivy (org.apache.ivy:ivy:2.4.0 - http://ant.apache.org/ivy/)
* Apache Kafka (org.apache.kafka:kafka-clients:3.6.0 -
https://kafka.apache.org)
+ * Apache Log4j 1.x Compatibility API
(org.apache.logging.log4j:log4j-1.2-api:2.21.1 -
https://logging.apache.org/log4j/2.x/log4j/log4j-1.2-api/)
+ * Apache Log4j API (org.apache.logging.log4j:log4j-api:2.21.1 -
https://logging.apache.org/log4j/2.x/log4j/log4j-api/)
+ * Apache Log4j Core (org.apache.logging.log4j:log4j-core:2.21.1 -
https://logging.apache.org/log4j/2.x/log4j/log4j-core/)
+ * Apache Log4j SLF4J Binding
(org.apache.logging.log4j:log4j-slf4j-impl:2.21.1 -
https://logging.apache.org/log4j/2.x/log4j/log4j-slf4j-impl/)
+ * Apache Log4j Web (org.apache.logging.log4j:log4j-web:2.21.1 -
https://logging.apache.org/log4j/2.x/log4j/log4j-web/)
* Apache Maven Artifact Transfer
(org.apache.maven.shared:maven-artifact-transfer:0.9.1 -
https://maven.apache.org/shared/maven-artifact-transfer/)
* Apache Maven Common Artifact Filters
(org.apache.maven.shared:maven-common-artifact-filters:3.0.1 -
https://maven.apache.org/shared/maven-common-artifact-filters/)
* Apache Maven Dependency Tree
(org.apache.maven.shared:maven-dependency-tree:2.2 -
http://maven.apache.org/shared/maven-dependency-tree/)
* Apache Maven Shade Plugin
(org.apache.maven.plugins:maven-shade-plugin:3.1.1 -
https://maven.apache.org/plugins/maven-shade-plugin/)
* Apache Maven Shared Utils
(org.apache.maven.shared:maven-shared-utils:3.1.0 -
https://maven.apache.org/shared/maven-shared-utils/)
* Apache Maven Shared Utils
(org.apache.maven.shared:maven-shared-utils:3.2.1 -
https://maven.apache.org/shared/maven-shared-utils/)
+ * Apache MINA Core (org.apache.mina:mina-core:2.2.2 -
https://mina.apache.org/mina-core/)
* Apache Parquet Hadoop Bundle
(org.apache.parquet:parquet-hadoop-bundle:1.10.0 - https://parquet.apache.org)
* Apache ServiceMix :: Bundles :: antlr
(org.apache.servicemix.bundles:org.apache.servicemix.bundles.antlr:2.7.7_5 -
http://servicemix.apache.org/bundles-pom/org.apache.servicemix.bundles.antlr/)
* Apache Standard Taglib Implementation
(org.apache.taglibs:taglibs-standard-impl:1.2.5 -
http://tomcat.apache.org/taglibs/standard-1.2.5/taglibs-standard-impl)
@@ -217,6 +204,7 @@ List of third-party dependencies grouped by their license
type.
* Google Guice - Extensions - AssistedInject
(com.google.inject.extensions:guice-assistedinject:3.0 -
http://code.google.com/p/google-guice/extensions-parent/guice-assistedinject/)
* Google Guice - Extensions - Servlet
(com.google.inject.extensions:guice-servlet:4.0 -
https://github.com/google/guice/extensions-parent/guice-servlet)
* Graphite Integration for Metrics
(io.dropwizard.metrics:metrics-graphite:3.2.6 -
http://metrics.dropwizard.io/metrics-graphite/)
+ * Gson (com.google.code.gson:gson:2.10.1 -
https://github.com/google/gson/gson)
* Guava: Google Core Libraries for Java (com.google.guava:guava:16.0.1
- http://code.google.com/p/guava-libraries/guava)
* Guava: Google Core Libraries for Java (com.google.guava:guava:19.0 -
https://github.com/google/guava/guava)
* Guava: Google Core Libraries for Java
(com.google.guava:guava:32.1.3-jre - https://github.com/google/guava)
@@ -352,6 +340,7 @@ List of third-party dependencies grouped by their license
type.
* Maven Model Builder (org.apache.maven:maven-model-builder:3.8.1 -
https://maven.apache.org/ref/3.8.1/maven-model-builder/)
* Maven Plugin API (org.apache.maven:maven-plugin-api:3.0 -
http://maven.apache.org/maven-plugin-api/)
* Maven Plugin API (org.apache.maven:maven-plugin-api:3.8.1 -
https://maven.apache.org/ref/3.8.1/maven-plugin-api/)
+ * Maven Plugin Tools Java Annotations
(org.apache.maven.plugin-tools:maven-plugin-annotations:3.8.1 -
https://maven.apache.org/plugin-tools/maven-plugin-annotations)
* Maven Repository Metadata Model
(org.apache.maven:maven-repository-metadata:3.0 -
http://maven.apache.org/maven-repository-metadata/)
* Maven Repository Metadata Model
(org.apache.maven:maven-repository-metadata:3.6.0 -
https://maven.apache.org/ref/3.6.0/maven-repository-metadata/)
* Maven Repository Metadata Model
(org.apache.maven:maven-repository-metadata:3.8.1 -
https://maven.apache.org/ref/3.8.1/maven-repository-metadata/)
@@ -427,6 +416,7 @@ List of third-party dependencies grouped by their license
type.
* Sisu - Inject (JSR330 bean support)
(org.sonatype.sisu:sisu-inject-bean:1.4.2 -
http://sisu.sonatype.org/sisu-inject/guice-bean/sisu-inject-bean/)
* Sisu - Inject (Plexus bean support)
(org.sonatype.sisu:sisu-inject-plexus:1.4.2 -
http://sisu.sonatype.org/sisu-inject/guice-bean/guice-plexus/sisu-inject-plexus/)
* SnakeYAML (org.yaml:snakeyaml:2.0 -
https://bitbucket.org/snakeyaml/snakeyaml)
+ * snappy-java (org.xerial.snappy:snappy-java:1.1.10.4 -
https://github.com/xerial/snappy-java)
* Spring AOP (org.springframework:spring-aop:5.3.27 -
https://github.com/spring-projects/spring-framework)
* Spring Beans (org.springframework:spring-beans:5.3.27 -
https://github.com/spring-projects/spring-framework)
* Spring Commons Logging Bridge (org.springframework:spring-jcl:5.3.27
- https://github.com/spring-projects/spring-framework)
@@ -501,6 +491,10 @@ List of third-party dependencies grouped by their license
type.
* Javassist (org.javassist:javassist:3.29.2-GA -
http://www.javassist.org/)
+ Apache License, Version 2.0, LGPL-2.1-or-later
+
+ * Java Native Access (net.java.dev.jna:jna:5.10.0 -
https://github.com/java-native-access/jna)
+
Apache License (v2.0)
* FlatBuffers Java API (com.vlkan:flatbuffers:1.2.0-3f79e055 -
https://github.com/vy/flatbuffers)
@@ -514,36 +508,27 @@ List of third-party dependencies grouped by their license
type.
* HdrHistogram (org.hdrhistogram:HdrHistogram:2.1.10 -
http://hdrhistogram.github.io/HdrHistogram/)
- BSD 2-Clause license
-
- * dnsjava (dnsjava:dnsjava:2.1.7 - http://www.dnsjava.org)
-
BSD 2-Clause License
+ * dnsjava (dnsjava:dnsjava:2.1.7 - http://www.dnsjava.org)
* zstd-jni (com.github.luben:zstd-jni:1.5.5-1 -
https://github.com/luben/zstd-jni)
- BSD-3-Clause
+ BSD 3-Clause License
* asm (org.ow2.asm:asm:9.6 - http://asm.ow2.io/)
* asm-analysis (org.ow2.asm:asm-analysis:9.6 - http://asm.ow2.io/)
* asm-commons (org.ow2.asm:asm-commons:9.6 - http://asm.ow2.io/)
* asm-tree (org.ow2.asm:asm-tree:9.6 - http://asm.ow2.io/)
* asm-util (org.ow2.asm:asm-util:9.6 - http://asm.ow2.io/)
-
- BSD 3-Clause License
-
* Commons Compiler (org.codehaus.janino:commons-compiler:2.7.6 -
http://docs.codehaus.org/display/JANINO/Home/commons-compiler)
* Janino (org.codehaus.janino:janino:2.7.6 -
http://docs.codehaus.org/display/JANINO/Home/janino)
* leveldbjni-all (org.fusesource.leveldbjni:leveldbjni-all:1.8 -
http://leveldbjni.fusesource.org/leveldbjni-all)
* Protocol Buffer Java API (com.google.protobuf:protobuf-java:2.5.0 -
http://code.google.com/p/protobuf)
- BSD licence
+ BSD License
* ANTLR 3 Runtime (org.antlr:antlr-runtime:3.5.2 -
http://www.antlr.org)
* ANTLR ST4 4.0.4 (org.antlr:ST4:4.0.4 - http://www.stringtemplate.org)
-
- BSD License
-
* Javolution (javolution:javolution:5.5.1 - http://javolution.org)
* JLine (jline:jline:0.9.94 - http://jline.sourceforge.net)
* JLine Bundle (org.jline:jline:3.9.0 -
http://nexus.sonatype.org/oss-repository-hosting.html/jline-parent/jline)
diff --git a/LICENSE-binary b/LICENSE-binary
index d9eef1d23..38f147789 100644
--- a/LICENSE-binary
+++ b/LICENSE-binary
@@ -677,7 +677,7 @@ The license texts of these dependencies can be found in the
licenses directory.
* Apache Commons Codec (commons-codec:commons-codec:1.11 -
http://commons.apache.org/proper/commons-codec/)
* Apache Commons Collections
(commons-collections:commons-collections:3.2.2 -
http://commons.apache.org/collections/)
* Apache Commons Collections
(org.apache.commons:commons-collections4:4.4 -
https://commons.apache.org/proper/commons-collections/)
- * Apache Commons Compress (org.apache.commons:commons-compress:1.21 -
https://commons.apache.org/proper/commons-compress/)
+ * Apache Commons Compress (org.apache.commons:commons-compress:1.26.0
- https://commons.apache.org/proper/commons-compress/)
* Apache Commons Configuration
(org.apache.commons:commons-configuration2:2.8.0 -
https://commons.apache.org/proper/commons-configuration/)
* Apache Commons Crypto (org.apache.commons:commons-crypto:1.1.0 -
https://commons.apache.org/proper/commons-crypto/)
* Apache Commons CSV (org.apache.commons:commons-csv:1.4 -
http://commons.apache.org/proper/commons-csv/)
diff --git a/pom.xml b/pom.xml
index d1763475a..4f08a84bc 100644
--- a/pom.xml
+++ b/pom.xml
@@ -83,7 +83,7 @@
<!-- dependency versions -->
<clojure.version>1.10.0</clojure.version>
- <commons-compress.version>1.21</commons-compress.version>
+ <commons-compress.version>1.26.0</commons-compress.version>
<commons-io.version>2.11.0</commons-io.version>
<commons-lang.version>2.6</commons-lang.version>
<commons-lang3.version>3.13.0</commons-lang3.version>
@@ -1382,6 +1382,8 @@
Apache License version 2.0 |
Apache 2 |
Apache 2.0 |
+ Apache-2.0 |
+ Apache 2.0 License |
Apache License, 2.0 |
Apache License 2 |
Apache License 2.0 |
@@ -1399,13 +1401,19 @@
<licenseMerge>
BSD License |
BSD license |
+ BSD licence |
BSD |
The BSD License
</licenseMerge>
+ <licenseMerge>
+ BSD 2-Clause License |
+ BSD 2-Clause license |
+ </licenseMerge>
<licenseMerge>
BSD 3-Clause License |
BSD 3-Clause |
BSD 3-clause |
+ BSD-3-Clause |
The BSD 3-Clause License |
New BSD License |
New BSD license
