| cn.hutool:hutool-all |
🔴 5.8.10 (2 / 0) |
🟢 5.8.21 (0) |
| com.alibaba:fastjson |
🔴 1.2.24 (1 / 0) |
🔴 1.2.31 (1) |
| com.fasterxml.jackson.core:jackson-core |
🔴 2.9.8 (2 / 0) |
🟢 2.15.0 (0) |
| com.fasterxml.jackson.core:jackson-databind |
🔴 2.9.8 (53 / 0) |
🟢 2.12.7.1 (0) |
| com.google.guava:guava |
🟠 23.0 (3 / 0) |
🟢 32.0.0-android (0) |
| com.jayway.jsonpath:json-path |
🟠 2.2.0 (1 / 3) |
🟢 2.9.0 (0) |
| ↳ net.minidev:json-smart |
🟠 2.2.1 (2 / 0) |
🟢 2.4.9 (0) |
| com.monitorjbl:xlsx-streamer |
🔴 2.0.0 (1 / 0) |
🟢 2.1.0 (0) |
| com.squareup.okhttp:okhttp |
🟢 2.5.0 (0 / 1) |
🟢 2.7.5 (0) |
| ↳ com.squareup.okio:okio |
🟠 1.6.0 (1 / 0) |
🟢 1.17.6 (0) |
| com.thoughtworks.xstream:xstream |
🔴 1.4.20 (1 / 0) |
🟢 1.4.21 (0) |
| commons-beanutils:commons-beanutils |
🔴 1.9.4 (1 / 0) |
🟢 1.11.0 (0) |
| commons-collections:commons-collections |
🔴 3.1 (2 / 0) |
🟢 3.2.2 (0) |
| commons-httpclient:commons-httpclient |
🟢 3.1 (1 / 0) |
🟢 20020423 (1) |
| commons-io:commons-io |
🟠 2.5 (2 / 0) |
🟢 2.14.0 (0) |
| commons-lang:commons-lang |
🟠 2.4 (1 / 0) |
🟠 2.6 (1) |
| commons-net:commons-net |
🟠 3.6 (1 / 0) |
🟢 3.9.0 (0) |
| io.springfox:springfox-swagger-ui |
🔴 2.9.2 (1 / 0) |
🟢 2.10.0 (0) |
| junit:junit |
🟠 4.12 (1 / 0) |
🟢 4.13.1 (0) |
| mysql:mysql-connector-java |
🔴 8.0.12 (5 / 9) |
🔴 8.0.30 (1) |
| ↳ com.google.protobuf:protobuf-java |
🟠 2.6.0 (4 / 0) |
🟢 3.25.5 (0) |
| org.apache.httpcomponents:httpclient |
🟠 4.5.12 (1 / 0) |
🟢 4.5.13 (0) |
| org.apache.logging.log4j:log4j-core |
🔴 2.9.1 (5 / 0) |
🟢 2.12.4 (0) |
| org.apache.poi:poi-ooxml |
🟠 3.9 (1 / 4) |
🟢 5.4.0 (0) |
| ↳ dom4j:dom4j |
🔴 1.6.1 (2 / 0) |
🔴 1.6.1 (2) |
| ↳ org.apache.poi:poi-ooxml-schemas |
🟢 3.9 (0 / 1) |
🟢 4.1.2 (0) |
| ↳ org.apache.xmlbeans:xmlbeans |
🔴 2.3.0 (1 / 0) |
🟢 3.0.0 (0) |
| org.apache.poi:poi |
🟠 3.10-FINAL (6 / 0) |
🟢 4.1.1 (0) |
| org.apache.shiro:shiro-core |
🔴 1.2.4 (9 / 0) |
🟢 1.13.0 (0) |
| org.apache.velocity:velocity |
🔴 1.7 (1 / 0) |
n/a |
| org.dom4j:dom4j |
🔴 2.1.0 (3 / 0) |
🟢 2.1.4 (1) |
| org.jdom:jdom2 |
🟠 2.0.6 (1 / 0) |
🟢 2.0.6.1 (0) |
| org.jolokia:jolokia-core |
🔴 1.6.0 (1 / 0) |
🟢 1.6.1 (0) |
| org.jsoup:jsoup |
🟠 1.10.2 (2 / 0) |
🟢 1.15.3 (0) |
| org.mybatis.spring.boot:mybatis-spring-boot-starter |
🟢 1.3.2 (0 / 1) |
🟢 1.3.2 (0) |
| ↳ org.mybatis:mybatis |
🔴 3.4.6 (1 / 0) |
🟢 3.5.6 (0) |
| org.postgresql:postgresql |
🔴 42.3.1 (7 / 0) |
🟢 42.3.9 (0) |
| org.springframework.boot:spring-boot-starter-actuator |
🟢 1.5.1.RELEASE (0 / 1) |
🟢 4.0.1 (0) |
| ↳ org.springframework.boot:spring-boot-actuator |
🟠 1.5.1.RELEASE (1 / 0) |
🟢 2.7.18 (0) |
| org.springframework.boot:spring-boot-starter-thymeleaf |
🟢 1.5.1.RELEASE (0 / 3) |
🟢 4.0.1 (0) |
| ↳ nz.net.ultraq.thymeleaf:thymeleaf-layout-dialect |
🟢 1.4.0 (0 / 2) |
🟢 3.4.0 (0) |
| ↳ org.codehaus.groovy:groovy |
🔴 2.4.7 (2 / 0) |
🟢 2.4.21 (0) |
| ↳ org.thymeleaf:thymeleaf-spring4 |
🟢 2.1.5.RELEASE (0 / 1) |
🟢 3.0.15.RELEASE (0) |
| ↳ org.thymeleaf:thymeleaf |
🟢 2.1.5.RELEASE (0 / 1) |
🟢 3.1.3.RELEASE (0) |
| ↳ ognl:ognl |
🟠 3.0.8 (1 / 0) |
🟢 3.0.12 (0) |
| org.springframework.boot:spring-boot-starter-web |
🔴 1.5.1.RELEASE (1 / 67) |
🟢 2.5.12 (0) |
| ↳ org.hibernate:hibernate-validator |
🟠 5.3.4.Final (4 / 0) |
🟢 6.2.0.Final (0) |
| ↳ org.springframework.boot:spring-boot-starter-tomcat |
🟢 1.5.1.RELEASE (0 / 41) |
🟢 4.0.1 (0) |
| ↳ org.apache.tomcat.embed:tomcat-embed-core |
🔴 8.5.11 (40 / 0) |
🔴 8.5.100 (11) |
| ↳ org.apache.tomcat.embed:tomcat-embed-websocket |
🟠 8.5.11 (1 / 0) |
🟢 8.5.99 (0) |
| ↳ org.springframework.boot:spring-boot-starter |
🟢 1.5.1.RELEASE (0 / 12) |
🟢 4.0.1 (0) |
| ↳ org.springframework.boot:spring-boot-autoconfigure |
🟠 1.5.1.RELEASE (1 / 0) |
🟢 2.5.15 (0) |
| ↳ org.springframework.boot:spring-boot-starter-logging |
🟢 1.5.1.RELEASE (0 / 8) |
🟢 4.0.1 (0) |
| ↳ ch.qos.logback:logback-classic |
🔴 1.1.9 (2 / 8) |
🟢 1.2.13 (0) |
| ↳ ch.qos.logback:logback-core |
🔴 1.1.9 (6 / 0) |
🟢 1.3.16 (0) |
| ↳ org.springframework.boot:spring-boot |
🔴 1.5.1.RELEASE (3 / 0) |
🟠 2.7.18 (1) |
| ↳ org.springframework:spring-web |
🔴 4.3.6.RELEASE (7 / 0) |
🔴 4.3.6.RELEASE (7) |
| ↳ org.springframework:spring-webmvc |
🔴 4.3.6.RELEASE (2 / 0) |
🟠 5.3.39 (4) |
| org.springframework.cloud:spring-cloud-starter-netflix-eureka-client |
🟢 1.4.0.RELEASE (0 / 46) |
🟢 5.0.0-RC1 (0) |
| ↳ com.netflix.eureka:eureka-client |
🟢 1.4.11 (0 / 12) |
🟢 2.0.5 (0) |
| ↳ com.netflix.netflix-commons:netflix-eventbus |
🟢 0.3.0 (0 / 7) |
n/a |
| ↳ com.netflix.netflix-commons:netflix-infix |
🟢 0.3.0 (0 / 7) |
n/a |
| ↳ com.google.code.gson:gson |
🔴 2.8.0 (1 / 0) |
🟢 2.8.9 (0) |
| ↳ commons-jxpath:commons-jxpath |
🔴 1.3 (6 / 0) |
🔴 1.3 (6) |
| ↳ org.codehaus.jettison:jettison |
🟠 1.3.7 (5 / 0) |
🟢 1.5.4 (0) |
| ↳ org.springframework.cloud:spring-cloud-starter-netflix-archaius |
🟢 1.4.0.RELEASE (0 / 1) |
🟢 2.2.10.RELEASE (0) |
| ↳ commons-configuration:commons-configuration |
🟠 1.8 (1 / 0) |
🟠 1.10 (1) |
| ↳ org.springframework.cloud:spring-cloud-starter-netflix-ribbon |
🟢 1.4.0.RELEASE (0 / 14) |
🟢 2.2.10.RELEASE (0) |
| ↳ com.netflix.ribbon:ribbon |
🟢 2.2.0 (0 / 14) |
🟢 2.7.18 (0) |
| ↳ io.reactivex:rxnetty |
🟢 0.4.9 (0 / 14) |
🟢 0.5.1 (0) |
| ↳ io.netty:netty-codec-http |
🔴 4.0.27.Final (6 / 12) |
🟢 4.1.125.Final (0) |
| ↳ io.netty:netty-codec |
🟠 4.0.27.Final (3 / 0) |
🟢 4.1.125.Final (0) |
| ↳ io.netty:netty-handler |
🟠 4.0.27.Final (3 / 0) |
🟠 4.1.94.Final (2) |
| ↳ io.netty:netty-transport-native-epoll |
🟢 4.0.27.Final (0 / 2) |
🟢 5.0.0.Alpha2 (0) |
| ↳ io.netty:netty-common |
🟠 4.0.27.Final (2 / 0) |
🟢 4.1.118.Final (0) |
| ↳ org.springframework.cloud:spring-cloud-starter |
🟢 1.1.3.RELEASE (0 / 19) |
🟢 5.0.0-RC1 (0) |
| ↳ org.springframework.cloud:spring-cloud-context |
🟢 1.1.3.RELEASE (0 / 1) |
🟢 1.1.3.RELEASE (0) |
| ↳ org.springframework.security:spring-security-crypto |
🟠 4.2.1.RELEASE (1 / 0) |
🟠 5.7.14 (1) |
| ↳ org.springframework.security:spring-security-rsa |
🟢 1.0.3.RELEASE (0 / 18) |
🟢 1.1.5 (0) |
| ↳ org.bouncycastle:bcpkix-jdk15on |
🟠 1.55 (1 / 18) |
🟠 1.70 (1) |
| ↳ org.bouncycastle:bcprov-jdk15on |
🟠 1.55 (17 / 0) |
🟠 1.70 (4) |
| org.springframework.data:spring-data-commons |
🟠 1.13.11.RELEASE (1 / 0) |
🟠 1.13.11.RELEASE (1) |
| org.springframework.security:spring-security-web |
🔴 4.2.12.RELEASE (3 / 22) |
🟢 5.7.13 (0) |
| ↳ org.springframework.security:spring-security-core |
🔴 4.2.1.RELEASE (8 / 0) |
🟢 5.7.14 (0) |
| ↳ org.springframework:spring-beans |
🔴 4.3.6.RELEASE (2 / 0) |
🟢 5.2.22.RELEASE (0) |
| ↳ org.springframework:spring-context |
🟠 4.3.6.RELEASE (3 / 0) |
🟠 5.3.39 (2) |
| ↳ org.springframework:spring-core |
🟠 4.3.6.RELEASE (6 / 0) |
🟢 4.3.20.RELEASE (0) |
| org.springframework:spring-expression |
🟠 4.3.16.RELEASE (4 / 0) |
🟢 5.3.39 (0) |
| org.yaml:snakeyaml |
🔴 1.21 (8 / 0) |
🟢 2.0 (0) |
Dependency Audit Overview
The table presented below outlines a dependency audit based on the findings from our recent Software Composition Analysis (SCA) scan. We have identified several dependencies within this project that require attention to ensure compliance, security, and optimal performance.
Key Highlights:
Action Items:
I will start working on this plan shortly; however, you can prompt me to take action immediately or suggest changes. For example:
Upgrade to target version:
@00felix upgrade org.group:artifactor
Upgrade to specific version:
@00felix upgrade org.group:artifact@versionSet JDK version:
@00felix settings set jdk {version}(e.g.,@00felix settings set jdk 17to switch to Java 17 for compatibility requirements)In response, I will create a remediation and generate a pull request for your review.