Missing license information for trivy java filesystem scans #5027

namandf · 2023-08-23T10:48:05Z

namandf
Aug 23, 2023

Description

Performed a trivy filesystem scan on https://github.com/WebGoat/WebGoat .
Only see license captured in root pom.xml.

        {
          "Name": "org.owasp.webgoat:webgoat",
          "Version": "2023.5-SNAPSHOT",
          "Licenses": [
            "GNU General Public License, version 2"
          ],
          "Layer": {}
        }

Desired Behavior

Was expecting license information for a bunch of packages detected.

Eg.

https://repo.maven.apache.org/maven2/org/jruby/joni/joni/2.1.48/joni-2.1.48.pom

License: MIT

        {
          "Name": "org.jruby.joni:joni",
          "Version": "2.2.1",
          "Layer": {}
        }

https://repo.maven.apache.org/maven2/org/yaml/snakeyaml/1.33/snakeyaml-1.33.pom
License: Apache 2.0

        {
          "Name": "org.yaml:snakeyaml",
          "Version": "1.33",
          "Layer": {}
        }

Actual Behavior

Only see license captured in root pom.xml.

Reproduction Steps

1.Clone https://github.com/WebGoat/WebGoat
2. Install latest trivy
4. trivy fs WebGoat  --format json --output webgoat.json --list-all-pkgs --debug
...

Target

Filesystem

Scanner

Vulnerability

Output Format

JSON

Mode

Standalone

Debug Output

trivy fs WebGoat  --format json --output webgoat.json --list-all-pkgs --debug
2023-08-23T16:06:38.375+0530	DEBUG	Severities: ["UNKNOWN" "LOW" "MEDIUM" "HIGH" "CRITICAL"]
2023-08-23T16:06:38.376+0530	DEBUG	Ignore statuses	{"statuses": null}
2023-08-23T16:06:38.420+0530	DEBUG	cache dir:  /Users/deepfactor/Library/Caches/trivy
2023-08-23T16:06:38.421+0530	DEBUG	DB update was skipped because the local DB is the latest
2023-08-23T16:06:38.421+0530	DEBUG	DB Schema: 2, UpdatedAt: 2023-08-23 09:19:57.833271956 +0000 UTC, NextUpdate: 2023-08-23 15:19:57.833271456 +0000 UTC, DownloadedAt: 2023-08-23 10:32:00.288343 +0000 UTC
2023-08-23T16:06:38.422+0530	INFO	Vulnerability scanning is enabled
2023-08-23T16:06:38.422+0530	DEBUG	Vulnerability type:  [os library]
2023-08-23T16:06:38.423+0530	INFO	Secret scanning is enabled
2023-08-23T16:06:38.423+0530	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-08-23T16:06:38.423+0530	INFO	Please see also https://aquasecurity.github.io/trivy/v0.44/docs/scanner/secret/#recommendation for faster secret detection
2023-08-23T16:06:38.424+0530	DEBUG	No secret config detected: trivy-secret.yaml
2023-08-23T16:06:38.427+0530	DEBUG	Walk the file tree rooted at 'WebGoat' in parallel
2023-08-23T16:06:38.439+0530	DEBUG	Start parent: org.springframework.boot:spring-boot-starter-parent:3.1.0
2023-08-23T16:06:38.791+0530	DEBUG	Start parent: org.springframework.boot:spring-boot-dependencies:3.1.0
2023-08-23T16:06:38.838+0530	DEBUG	Exit parent: org.springframework.boot:spring-boot-dependencies:3.1.0
2023-08-23T16:06:38.839+0530	DEBUG	Exit parent: org.springframework.boot:spring-boot-starter-parent:3.1.0
2023-08-23T16:06:38.842+0530	DEBUG	Resolving org.assertj:assertj-bom:3.24.2...
2023-08-23T16:06:38.858+0530	DEBUG	Resolving io.zipkin.brave:brave-bom:5.15.1...
2023-08-23T16:06:38.877+0530	DEBUG	Resolving com.datastax.oss:java-driver-bom:4.15.0...
2023-08-23T16:06:38.893+0530	DEBUG	Resolving io.dropwizard.metrics:metrics-bom:4.2.18...
2023-08-23T16:06:38.922+0530	DEBUG	Start parent: io.dropwizard.metrics:metrics-parent:4.2.18
2023-08-23T16:06:38.944+0530	DEBUG	Exit parent: io.dropwizard.metrics:metrics-parent:4.2.18
2023-08-23T16:06:38.944+0530	DEBUG	Resolving org.glassfish.jaxb:jaxb-bom:4.0.2...
2023-08-23T16:06:38.963+0530	DEBUG	Start parent: org.eclipse.ee4j:project:1.0.8
2023-08-23T16:06:38.981+0530	DEBUG	Exit parent: org.eclipse.ee4j:project:1.0.8
2023-08-23T16:06:38.981+0530	DEBUG	Resolving org.apache.groovy:groovy-bom:4.0.12...
2023-08-23T16:06:39.013+0530	DEBUG	Resolving org.infinispan:infinispan-bom:14.0.9.Final...
2023-08-23T16:06:39.037+0530	DEBUG	Start parent: org.infinispan:infinispan-build-configuration-parent:14.0.9.Final
2023-08-23T16:06:39.059+0530	DEBUG	Start parent: org.jboss:jboss-parent:39
2023-08-23T16:06:39.087+0530	DEBUG	Exit parent: org.jboss:jboss-parent:39
2023-08-23T16:06:39.088+0530	DEBUG	Exit parent: org.infinispan:infinispan-build-configuration-parent:14.0.9.Final
2023-08-23T16:06:39.089+0530	DEBUG	Resolving com.fasterxml.jackson:jackson-bom:2.15.0...
2023-08-23T16:06:39.109+0530	DEBUG	Start parent: com.fasterxml.jackson:jackson-parent:2.15
2023-08-23T16:06:39.127+0530	DEBUG	Start parent: com.fasterxml:oss-parent:50
2023-08-23T16:06:39.150+0530	DEBUG	Exit parent: com.fasterxml:oss-parent:50
2023-08-23T16:06:39.150+0530	DEBUG	Exit parent: com.fasterxml.jackson:jackson-parent:2.15
2023-08-23T16:06:39.151+0530	DEBUG	Resolving org.glassfish.jersey:jersey-bom:3.1.1...
2023-08-23T16:06:39.172+0530	DEBUG	Start parent: org.eclipse.ee4j:project:1.0.8
2023-08-23T16:06:39.172+0530	DEBUG	Exit parent: org.eclipse.ee4j:project:1.0.8
2023-08-23T16:06:39.173+0530	DEBUG	Resolving org.eclipse.jetty:jetty-bom:11.0.15...
2023-08-23T16:06:39.192+0530	DEBUG	Resolving org.junit:junit-bom:5.9.3...
2023-08-23T16:06:39.210+0530	DEBUG	Resolving org.jetbrains.kotlin:kotlin-bom:1.8.21...
2023-08-23T16:06:39.228+0530	DEBUG	Resolving org.jetbrains.kotlinx:kotlinx-coroutines-bom:1.6.4...
2023-08-23T16:06:39.245+0530	DEBUG	Resolving org.apache.logging.log4j:log4j-bom:2.20.0...
2023-08-23T16:06:39.263+0530	DEBUG	Start parent: org.apache.logging:logging-parent:7
2023-08-23T16:06:39.281+0530	DEBUG	Start parent: org.apache:apache:27
2023-08-23T16:06:39.300+0530	DEBUG	Exit parent: org.apache:apache:27
2023-08-23T16:06:39.300+0530	DEBUG	Exit parent: org.apache.logging:logging-parent:7
2023-08-23T16:06:39.301+0530	DEBUG	Resolving io.micrometer:micrometer-bom:1.11.0...
2023-08-23T16:06:39.323+0530	DEBUG	Resolving io.micrometer:micrometer-tracing-bom:1.1.1...
2023-08-23T16:06:39.361+0530	DEBUG	Resolving org.mockito:mockito-bom:5.3.1...
2023-08-23T16:06:39.379+0530	DEBUG	Resolving io.netty:netty-bom:4.1.92.Final...
2023-08-23T16:06:39.398+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:39.417+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:39.418+0530	DEBUG	Resolving com.squareup.okhttp3:okhttp-bom:4.10.0...
2023-08-23T16:06:39.439+0530	DEBUG	Resolving io.opentelemetry:opentelemetry-bom:1.25.0...
2023-08-23T16:06:39.457+0530	DEBUG	Resolving com.oracle.database.jdbc:ojdbc-bom:21.9.0.0...
2023-08-23T16:06:39.476+0530	DEBUG	Resolving io.prometheus:simpleclient_bom:0.16.0...
2023-08-23T16:06:39.492+0530	DEBUG	Start parent: io.prometheus:parent:0.16.0
2023-08-23T16:06:39.508+0530	DEBUG	Exit parent: io.prometheus:parent:0.16.0
2023-08-23T16:06:39.509+0530	DEBUG	Resolving com.querydsl:querydsl-bom:5.0.0...
2023-08-23T16:06:39.527+0530	DEBUG	Resolving io.projectreactor:reactor-bom:2022.0.7...
2023-08-23T16:06:39.544+0530	DEBUG	Resolving io.rest-assured:rest-assured-bom:5.3.0...
2023-08-23T16:06:39.561+0530	DEBUG	Resolving io.rsocket:rsocket-bom:1.1.3...
2023-08-23T16:06:39.578+0530	DEBUG	Resolving org.springframework.batch:spring-batch-bom:5.0.2...
2023-08-23T16:06:39.596+0530	DEBUG	Resolving org.springframework.data:spring-data-bom:2023.0.0...
2023-08-23T16:06:39.614+0530	DEBUG	Resolving org.springframework:spring-framework-bom:6.0.9...
2023-08-23T16:06:39.633+0530	DEBUG	Resolving org.springframework.integration:spring-integration-bom:6.1.0...
2023-08-23T16:06:39.651+0530	DEBUG	Resolving org.springframework.restdocs:spring-restdocs-bom:3.0.0...
2023-08-23T16:06:39.670+0530	DEBUG	Resolving org.springframework.security:spring-security-bom:6.1.0...
2023-08-23T16:06:39.768+0530	DEBUG	Resolving org.springframework.session:spring-session-bom:3.1.0...
2023-08-23T16:06:39.816+0530	DEBUG	Resolving org.springframework.ws:spring-ws-bom:4.0.4...
2023-08-23T16:06:39.834+0530	DEBUG	Resolving org.testcontainers:testcontainers-bom:1.18.0...
2023-08-23T16:06:39.879+0530	DEBUG	Resolving org.apache.commons:commons-exec:1.3...
2023-08-23T16:06:39.909+0530	DEBUG	Start parent: org.apache.commons:commons-parent:35
2023-08-23T16:06:39.940+0530	DEBUG	Start parent: org.apache:apache:15
2023-08-23T16:06:39.962+0530	DEBUG	Exit parent: org.apache:apache:15
2023-08-23T16:06:39.962+0530	DEBUG	Exit parent: org.apache.commons:commons-parent:35
2023-08-23T16:06:39.962+0530	DEBUG	Resolving org.springframework.boot:spring-boot-starter-validation:3.1.0...
2023-08-23T16:06:39.979+0530	DEBUG	Resolving javax.xml.bind:jaxb-api:2.3.1...
2023-08-23T16:06:40.001+0530	DEBUG	Start parent: javax.xml.bind:jaxb-api-parent:2.3.1
2023-08-23T16:06:40.023+0530	DEBUG	Start parent: net.java:jvnet-parent:5
2023-08-23T16:06:40.040+0530	DEBUG	Exit parent: net.java:jvnet-parent:5
2023-08-23T16:06:40.040+0530	DEBUG	Exit parent: javax.xml.bind:jaxb-api-parent:2.3.1
2023-08-23T16:06:40.040+0530	DEBUG	Resolving org.springframework.boot:spring-boot-starter-undertow:3.1.0...
2023-08-23T16:06:40.058+0530	DEBUG	Resolving org.springframework.boot:spring-boot-starter-web:3.1.0...
2023-08-23T16:06:40.078+0530	DEBUG	Resolving org.springframework.boot:spring-boot-starter-actuator:3.1.0...
2023-08-23T16:06:40.095+0530	DEBUG	Resolving org.flywaydb:flyway-core:9.16.3...
2023-08-23T16:06:40.113+0530	DEBUG	Start parent: org.flywaydb:flyway-parent:9.16.3
2023-08-23T16:06:40.138+0530	DEBUG	Exit parent: org.flywaydb:flyway-parent:9.16.3
2023-08-23T16:06:40.141+0530	DEBUG	Resolving org.asciidoctor:asciidoctorj:2.5.10...
2023-08-23T16:06:40.171+0530	DEBUG	Resolving org.springframework.boot:spring-boot-starter-data-jpa:3.1.0...
2023-08-23T16:06:40.189+0530	DEBUG	Resolving org.springframework.boot:spring-boot-starter-security:3.1.0...
2023-08-23T16:06:40.207+0530	DEBUG	Resolving org.springframework.boot:spring-boot-starter-thymeleaf:3.1.0...
2023-08-23T16:06:40.226+0530	DEBUG	Resolving org.thymeleaf.extras:thymeleaf-extras-springsecurity6:3.1.1.RELEASE...
2023-08-23T16:06:40.252+0530	DEBUG	Start parent: org.thymeleaf:thymeleaf-lib:3.1.1.RELEASE
2023-08-23T16:06:40.280+0530	DEBUG	Start parent: org.thymeleaf:thymeleaf-parent:3.1.1.RELEASE
2023-08-23T16:06:40.300+0530	DEBUG	Exit parent: org.thymeleaf:thymeleaf-parent:3.1.1.RELEASE
2023-08-23T16:06:40.300+0530	DEBUG	Exit parent: org.thymeleaf:thymeleaf-lib:3.1.1.RELEASE
2023-08-23T16:06:40.300+0530	DEBUG	Resolving org.springframework:spring-framework-bom:6.0.2...
2023-08-23T16:06:40.343+0530	DEBUG	Resolving org.springframework.security:spring-security-bom:6.0.0...
2023-08-23T16:06:40.361+0530	DEBUG	Resolving com.fasterxml.jackson:jackson-bom:2.14.1...
2023-08-23T16:06:40.388+0530	DEBUG	Start parent: com.fasterxml.jackson:jackson-parent:2.14
2023-08-23T16:06:40.415+0530	DEBUG	Start parent: com.fasterxml:oss-parent:48
2023-08-23T16:06:40.436+0530	DEBUG	Exit parent: com.fasterxml:oss-parent:48
2023-08-23T16:06:40.436+0530	DEBUG	Exit parent: com.fasterxml.jackson:jackson-parent:2.14
2023-08-23T16:06:40.437+0530	DEBUG	Resolving io.projectreactor:reactor-bom:2022.0.0...
2023-08-23T16:06:40.454+0530	DEBUG	Resolving org.apache.logging.log4j:log4j-bom:2.19.0...
2023-08-23T16:06:40.473+0530	DEBUG	Start parent: org.apache.logging:logging-parent:5
2023-08-23T16:06:40.506+0530	DEBUG	Start parent: org.apache:apache:24
2023-08-23T16:06:40.526+0530	DEBUG	Exit parent: org.apache:apache:24
2023-08-23T16:06:40.526+0530	DEBUG	Exit parent: org.apache.logging:logging-parent:5
2023-08-23T16:06:40.526+0530	DEBUG	Resolving org.junit:junit-bom:5.9.1...
2023-08-23T16:06:40.543+0530	DEBUG	Resolving jakarta.servlet:jakarta.servlet-api:6.0.0...
2023-08-23T16:06:40.566+0530	DEBUG	Start parent: org.eclipse.ee4j:project:1.0.7
2023-08-23T16:06:40.586+0530	DEBUG	Exit parent: org.eclipse.ee4j:project:1.0.7
2023-08-23T16:06:40.587+0530	DEBUG	Resolving org.hsqldb:hsqldb:2.7.1...
2023-08-23T16:06:40.603+0530	DEBUG	Resolving org.jsoup:jsoup:1.16.1...
2023-08-23T16:06:40.632+0530	DEBUG	Resolving com.nulab-inc:zxcvbn:1.8.0...
2023-08-23T16:06:40.654+0530	DEBUG	Resolving com.thoughtworks.xstream:xstream:1.4.5...
2023-08-23T16:06:40.673+0530	DEBUG	Start parent: com.thoughtworks.xstream:xstream-parent:1.4.5
2023-08-23T16:06:40.696+0530	DEBUG	Start parent: org.codehaus:codehaus-parent:3
2023-08-23T16:06:40.715+0530	DEBUG	Exit parent: org.codehaus:codehaus-parent:3
2023-08-23T16:06:40.715+0530	DEBUG	Exit parent: com.thoughtworks.xstream:xstream-parent:1.4.5
2023-08-23T16:06:40.719+0530	DEBUG	Resolving cglib:cglib-nodep:3.3.0...
2023-08-23T16:06:40.737+0530	DEBUG	Start parent: cglib:cglib-parent:3.3.0
2023-08-23T16:06:40.756+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:40.756+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:40.756+0530	DEBUG	Exit parent: cglib:cglib-parent:3.3.0
2023-08-23T16:06:40.757+0530	DEBUG	Resolving xml-resolver:xml-resolver:1.2...
2023-08-23T16:06:40.773+0530	DEBUG	Start parent: org.apache:apache:3
2023-08-23T16:06:40.789+0530	DEBUG	Exit parent: org.apache:apache:3
2023-08-23T16:06:40.790+0530	DEBUG	Resolving io.jsonwebtoken:jjwt:0.9.1...
2023-08-23T16:06:40.809+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:40.809+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:40.811+0530	DEBUG	Resolving com.auth0:jwks-rsa:0.22.1...
2023-08-23T16:06:40.828+0530	DEBUG	Resolving com.auth0:java-jwt:4.4.0...
2023-08-23T16:06:40.920+0530	DEBUG	Resolving com.google.guava:guava:32.1.1-jre...
2023-08-23T16:06:40.943+0530	DEBUG	Start parent: com.google.guava:guava-parent:32.1.1-jre
2023-08-23T16:06:40.977+0530	DEBUG	Exit parent: com.google.guava:guava-parent:32.1.1-jre
2023-08-23T16:06:40.979+0530	DEBUG	Resolving commons-io:commons-io:2.13.0...
2023-08-23T16:06:40.999+0530	DEBUG	Start parent: org.apache.commons:commons-parent:58
2023-08-23T16:06:41.029+0530	DEBUG	Start parent: org.apache:apache:29
2023-08-23T16:06:41.048+0530	DEBUG	Exit parent: org.apache:apache:29
2023-08-23T16:06:41.049+0530	DEBUG	Exit parent: org.apache.commons:commons-parent:58
2023-08-23T16:06:41.050+0530	DEBUG	Resolving org.apache.commons:commons-lang3:3.12.0...
2023-08-23T16:06:41.070+0530	DEBUG	Start parent: org.apache.commons:commons-parent:52
2023-08-23T16:06:41.103+0530	DEBUG	Start parent: org.apache:apache:23
2023-08-23T16:06:41.135+0530	DEBUG	Exit parent: org.apache:apache:23
2023-08-23T16:06:41.136+0530	DEBUG	Exit parent: org.apache.commons:commons-parent:52
2023-08-23T16:06:41.136+0530	DEBUG	Resolving org.junit:junit-bom:5.7.1...
2023-08-23T16:06:41.155+0530	DEBUG	Resolving org.apache.commons:commons-text:1.10.0...
2023-08-23T16:06:41.176+0530	DEBUG	Start parent: org.apache.commons:commons-parent:54
2023-08-23T16:06:41.207+0530	DEBUG	Start parent: org.apache:apache:27
2023-08-23T16:06:41.207+0530	DEBUG	Exit parent: org.apache:apache:27
2023-08-23T16:06:41.207+0530	DEBUG	Exit parent: org.apache.commons:commons-parent:54
2023-08-23T16:06:41.209+0530	DEBUG	Resolving org.bitbucket.b_c:jose4j:0.9.3...
2023-08-23T16:06:41.229+0530	DEBUG	Resolving org.webjars:bootstrap:3.3.7...
2023-08-23T16:06:41.250+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:41.250+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:41.250+0530	DEBUG	Resolving org.webjars:jquery:3.6.4...
2023-08-23T16:06:41.271+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:41.271+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:41.271+0530	DEBUG	Resolving jakarta.xml.bind:jakarta.xml.bind-api:4.0.0...
2023-08-23T16:06:41.291+0530	DEBUG	Start parent: jakarta.xml.bind:jakarta.xml.bind-api-parent:4.0.0
2023-08-23T16:06:41.308+0530	DEBUG	Start parent: org.eclipse.ee4j:project:1.0.7
2023-08-23T16:06:41.308+0530	DEBUG	Exit parent: org.eclipse.ee4j:project:1.0.7
2023-08-23T16:06:41.308+0530	DEBUG	Exit parent: jakarta.xml.bind:jakarta.xml.bind-api-parent:4.0.0
2023-08-23T16:06:41.308+0530	DEBUG	Resolving org.springframework.boot:spring-boot-starter:3.1.0...
2023-08-23T16:06:41.326+0530	DEBUG	Resolving org.apache.tomcat.embed:tomcat-embed-el:10.1.8...
2023-08-23T16:06:41.342+0530	DEBUG	Resolving org.hibernate.validator:hibernate-validator:8.0.0.Final...
2023-08-23T16:06:41.361+0530	DEBUG	Start parent: org.hibernate.validator:hibernate-validator-parent:8.0.0.Final
2023-08-23T16:06:41.399+0530	DEBUG	Exit parent: org.hibernate.validator:hibernate-validator-parent:8.0.0.Final
2023-08-23T16:06:41.399+0530	DEBUG	Resolving org.jboss.arquillian:arquillian-bom:1.7.0.Alpha10...
2023-08-23T16:06:41.423+0530	DEBUG	Resolving javax.activation:javax.activation-api:1.2.0...
2023-08-23T16:06:41.439+0530	DEBUG	Start parent: com.sun.activation:all:1.2.0
2023-08-23T16:06:41.458+0530	DEBUG	Start parent: net.java:jvnet-parent:1
2023-08-23T16:06:41.476+0530	DEBUG	Exit parent: net.java:jvnet-parent:1
2023-08-23T16:06:41.476+0530	DEBUG	Exit parent: com.sun.activation:all:1.2.0
2023-08-23T16:06:41.476+0530	DEBUG	Resolving io.undertow:undertow-core:2.3.6.Final...
2023-08-23T16:06:41.500+0530	DEBUG	Start parent: io.undertow:undertow-parent:2.3.6.Final
2023-08-23T16:06:41.530+0530	DEBUG	Start parent: org.jboss:jboss-parent:35
2023-08-23T16:06:41.564+0530	DEBUG	Exit parent: org.jboss:jboss-parent:35
2023-08-23T16:06:41.564+0530	DEBUG	Exit parent: io.undertow:undertow-parent:2.3.6.Final
2023-08-23T16:06:41.568+0530	DEBUG	Resolving io.undertow:undertow-servlet:2.3.6.Final...
2023-08-23T16:06:41.595+0530	DEBUG	Start parent: io.undertow:undertow-parent:2.3.6.Final
2023-08-23T16:06:41.595+0530	DEBUG	Exit parent: io.undertow:undertow-parent:2.3.6.Final
2023-08-23T16:06:41.597+0530	DEBUG	Resolving io.undertow:undertow-websockets-jsr:2.3.6.Final...
2023-08-23T16:06:41.616+0530	DEBUG	Start parent: io.undertow:undertow-parent:2.3.6.Final
2023-08-23T16:06:41.616+0530	DEBUG	Exit parent: io.undertow:undertow-parent:2.3.6.Final
2023-08-23T16:06:41.618+0530	DEBUG	Resolving org.springframework.boot:spring-boot-starter-json:3.1.0...
2023-08-23T16:06:41.640+0530	DEBUG	Resolving org.springframework:spring-web:6.0.9...
2023-08-23T16:06:41.664+0530	DEBUG	Resolving org.springframework:spring-webmvc:6.0.9...
2023-08-23T16:06:41.686+0530	DEBUG	Resolving org.springframework.boot:spring-boot-actuator-autoconfigure:3.1.0...
2023-08-23T16:06:41.704+0530	DEBUG	Resolving io.micrometer:micrometer-observation:1.11.0...
2023-08-23T16:06:41.721+0530	DEBUG	Resolving io.micrometer:micrometer-core:1.11.0...
2023-08-23T16:06:41.748+0530	DEBUG	Resolving com.fasterxml.jackson.dataformat:jackson-dataformat-toml:2.15.0...
2023-08-23T16:06:41.764+0530	DEBUG	Start parent: com.fasterxml.jackson.dataformat:jackson-dataformats-text:2.15.0
2023-08-23T16:06:41.783+0530	DEBUG	Start parent: com.fasterxml.jackson:jackson-base:2.15.0
2023-08-23T16:06:41.801+0530	DEBUG	Start parent: com.fasterxml.jackson:jackson-bom:2.15.0
2023-08-23T16:06:41.801+0530	DEBUG	Exit parent: com.fasterxml.jackson:jackson-bom:2.15.0
2023-08-23T16:06:41.801+0530	DEBUG	Exit parent: com.fasterxml.jackson:jackson-base:2.15.0
2023-08-23T16:06:41.801+0530	DEBUG	Exit parent: com.fasterxml.jackson.dataformat:jackson-dataformats-text:2.15.0
2023-08-23T16:06:41.802+0530	DEBUG	Resolving org.projectlombok:lombok:1.18.26...
2023-08-23T16:06:41.819+0530	DEBUG	Resolving org.asciidoctor:asciidoctorj-api:2.5.10...
2023-08-23T16:06:41.836+0530	DEBUG	Resolving org.jruby:jruby:9.4.3.0...
2023-08-23T16:06:41.853+0530	DEBUG	Start parent: org.jruby:jruby-artifacts:9.4.3.0
2023-08-23T16:06:41.872+0530	DEBUG	Start parent: org.jruby:jruby-parent:9.4.3.0
2023-08-23T16:06:41.897+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:41.897+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:41.897+0530	DEBUG	Exit parent: org.jruby:jruby-parent:9.4.3.0
2023-08-23T16:06:41.897+0530	DEBUG	Exit parent: org.jruby:jruby-artifacts:9.4.3.0
2023-08-23T16:06:41.897+0530	DEBUG	Resolving org.springframework.boot:spring-boot-starter-aop:3.1.0...
2023-08-23T16:06:41.923+0530	DEBUG	Resolving org.springframework.boot:spring-boot-starter-jdbc:3.1.0...
2023-08-23T16:06:41.940+0530	DEBUG	Resolving org.hibernate.orm:hibernate-core:6.2.2.Final...
2023-08-23T16:06:41.960+0530	DEBUG	Resolving org.springframework.data:spring-data-jpa:3.1.0...
2023-08-23T16:06:41.982+0530	DEBUG	Start parent: org.springframework.data:spring-data-jpa-parent:3.1.0
2023-08-23T16:06:42.002+0530	DEBUG	Start parent: org.springframework.data.build:spring-data-parent:3.1.0
2023-08-23T16:06:42.034+0530	DEBUG	Start parent: org.springframework.data.build:spring-data-build:3.1.0
2023-08-23T16:06:42.054+0530	DEBUG	Exit parent: org.springframework.data.build:spring-data-build:3.1.0
2023-08-23T16:06:42.054+0530	DEBUG	Resolving io.micrometer:micrometer-bom:1.10.6...
2023-08-23T16:06:42.072+0530	DEBUG	Resolving io.micrometer:micrometer-tracing-bom:1.0.4...
2023-08-23T16:06:42.095+0530	DEBUG	Exit parent: org.springframework.data.build:spring-data-parent:3.1.0
2023-08-23T16:06:42.095+0530	DEBUG	Exit parent: org.springframework.data:spring-data-jpa-parent:3.1.0
2023-08-23T16:06:42.095+0530	DEBUG	Resolving org.testcontainers:testcontainers-bom:1.18.1...
2023-08-23T16:06:42.130+0530	DEBUG	Resolving org.springframework:spring-aspects:6.0.9...
2023-08-23T16:06:42.148+0530	DEBUG	Resolving org.springframework:spring-aop:6.0.9...
2023-08-23T16:06:42.165+0530	DEBUG	Resolving org.springframework.security:spring-security-config:6.1.0...
2023-08-23T16:06:42.188+0530	DEBUG	Resolving org.springframework.security:spring-security-web:6.1.0...
2023-08-23T16:06:42.209+0530	DEBUG	Resolving org.thymeleaf:thymeleaf-spring6:3.1.1.RELEASE...
2023-08-23T16:06:42.242+0530	DEBUG	Start parent: org.thymeleaf:thymeleaf-lib:3.1.1.RELEASE
2023-08-23T16:06:42.242+0530	DEBUG	Exit parent: org.thymeleaf:thymeleaf-lib:3.1.1.RELEASE
2023-08-23T16:06:42.247+0530	DEBUG	Resolving org.slf4j:slf4j-api:2.0.7...
2023-08-23T16:06:42.281+0530	DEBUG	Start parent: org.slf4j:slf4j-parent:2.0.7
2023-08-23T16:06:42.303+0530	DEBUG	Exit parent: org.slf4j:slf4j-parent:2.0.7
2023-08-23T16:06:42.303+0530	DEBUG	Resolving xmlpull:xmlpull:1.1.3.1...
2023-08-23T16:06:42.320+0530	DEBUG	Resolving xpp3:xpp3_min:1.1.4c...
2023-08-23T16:06:42.340+0530	DEBUG	Resolving junit:junit:4.13.2...
2023-08-23T16:06:42.360+0530	DEBUG	Resolving com.fasterxml.jackson.core:jackson-databind:2.15.0...
2023-08-23T16:06:42.380+0530	DEBUG	Start parent: com.fasterxml.jackson:jackson-base:2.15.0
2023-08-23T16:06:42.380+0530	DEBUG	Exit parent: com.fasterxml.jackson:jackson-base:2.15.0
2023-08-23T16:06:42.382+0530	DEBUG	Resolving com.google.guava:failureaccess:1.0.1...
2023-08-23T16:06:42.397+0530	DEBUG	Start parent: com.google.guava:guava-parent:26.0-android
2023-08-23T16:06:42.421+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:9
2023-08-23T16:06:42.438+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:9
2023-08-23T16:06:42.438+0530	DEBUG	Exit parent: com.google.guava:guava-parent:26.0-android
2023-08-23T16:06:42.438+0530	DEBUG	Resolving com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava...
2023-08-23T16:06:42.457+0530	DEBUG	Start parent: com.google.guava:guava-parent:26.0-android
2023-08-23T16:06:42.457+0530	DEBUG	Exit parent: com.google.guava:guava-parent:26.0-android
2023-08-23T16:06:42.457+0530	DEBUG	Resolving com.google.code.findbugs:jsr305:3.0.2...
2023-08-23T16:06:42.473+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:42.473+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:42.473+0530	DEBUG	Resolving org.checkerframework:checker-qual:3.33.0...
2023-08-23T16:06:42.495+0530	DEBUG	Resolving com.google.errorprone:error_prone_annotations:2.18.0...
2023-08-23T16:06:42.511+0530	DEBUG	Start parent: com.google.errorprone:error_prone_parent:2.18.0
2023-08-23T16:06:42.528+0530	DEBUG	Exit parent: com.google.errorprone:error_prone_parent:2.18.0
2023-08-23T16:06:42.529+0530	DEBUG	Resolving com.google.j2objc:j2objc-annotations:2.8...
2023-08-23T16:06:42.544+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:9
2023-08-23T16:06:42.544+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:9
2023-08-23T16:06:42.544+0530	DEBUG	Resolving jakarta.activation:jakarta.activation-api:2.1.2...
2023-08-23T16:06:42.563+0530	DEBUG	Start parent: org.eclipse.ee4j:project:1.0.7
2023-08-23T16:06:42.563+0530	DEBUG	Exit parent: org.eclipse.ee4j:project:1.0.7
2023-08-23T16:06:42.563+0530	DEBUG	Resolving org.springframework.boot:spring-boot:3.1.0...
2023-08-23T16:06:42.579+0530	DEBUG	Resolving org.springframework.boot:spring-boot-autoconfigure:3.1.0...
2023-08-23T16:06:42.596+0530	DEBUG	Resolving org.springframework.boot:spring-boot-starter-logging:3.1.0...
2023-08-23T16:06:42.615+0530	DEBUG	Resolving jakarta.annotation:jakarta.annotation-api:2.1.1...
2023-08-23T16:06:42.634+0530	DEBUG	Start parent: org.eclipse.ee4j:project:1.0.7
2023-08-23T16:06:42.634+0530	DEBUG	Exit parent: org.eclipse.ee4j:project:1.0.7
2023-08-23T16:06:42.634+0530	DEBUG	Resolving org.springframework:spring-core:6.0.9...
2023-08-23T16:06:42.653+0530	DEBUG	Resolving org.yaml:snakeyaml:1.33...
2023-08-23T16:06:42.676+0530	DEBUG	Resolving jakarta.validation:jakarta.validation-api:3.0.2...
2023-08-23T16:06:42.693+0530	DEBUG	Start parent: org.eclipse.ee4j:project:1.0.6
2023-08-23T16:06:42.711+0530	DEBUG	Exit parent: org.eclipse.ee4j:project:1.0.6
2023-08-23T16:06:42.711+0530	DEBUG	Resolving org.jboss.logging:jboss-logging:3.5.0.Final...
2023-08-23T16:06:42.766+0530	DEBUG	Start parent: org.jboss:jboss-parent:39
2023-08-23T16:06:42.766+0530	DEBUG	Exit parent: org.jboss:jboss-parent:39
2023-08-23T16:06:42.766+0530	DEBUG	Resolving org.junit:junit-bom:5.8.2...
2023-08-23T16:06:42.797+0530	DEBUG	Resolving com.fasterxml:classmate:1.5.1...
2023-08-23T16:06:42.813+0530	DEBUG	Start parent: com.fasterxml:oss-parent:35
2023-08-23T16:06:42.836+0530	DEBUG	Exit parent: com.fasterxml:oss-parent:35
2023-08-23T16:06:42.836+0530	DEBUG	Resolving org.jboss.xnio:xnio-api:3.8.8.Final...
2023-08-23T16:06:42.858+0530	DEBUG	Start parent: org.jboss.xnio:xnio-all:3.8.8.Final
2023-08-23T16:06:42.883+0530	DEBUG	Start parent: org.jboss:jboss-parent:39
2023-08-23T16:06:42.883+0530	DEBUG	Exit parent: org.jboss:jboss-parent:39
2023-08-23T16:06:42.883+0530	DEBUG	Exit parent: org.jboss.xnio:xnio-all:3.8.8.Final
2023-08-23T16:06:42.887+0530	DEBUG	Resolving jakarta.websocket:jakarta.websocket-api:2.1.0...
2023-08-23T16:06:42.913+0530	DEBUG	Start parent: jakarta.websocket:jakarta.websocket-all:2.1.0
2023-08-23T16:06:42.954+0530	DEBUG	Start parent: org.eclipse.ee4j:project:1.0.7
2023-08-23T16:06:42.954+0530	DEBUG	Exit parent: org.eclipse.ee4j:project:1.0.7
2023-08-23T16:06:42.954+0530	DEBUG	Exit parent: jakarta.websocket:jakarta.websocket-all:2.1.0
2023-08-23T16:06:42.954+0530	DEBUG	Resolving jakarta.websocket:jakarta.websocket-client-api:2.1.0...
2023-08-23T16:06:42.973+0530	DEBUG	Start parent: jakarta.websocket:jakarta.websocket-all:2.1.0
2023-08-23T16:06:42.973+0530	DEBUG	Exit parent: jakarta.websocket:jakarta.websocket-all:2.1.0
2023-08-23T16:06:42.974+0530	DEBUG	Resolving com.fasterxml.jackson.datatype:jackson-datatype-jdk8:2.15.0...
2023-08-23T16:06:42.990+0530	DEBUG	Start parent: com.fasterxml.jackson.module:jackson-modules-java8:2.15.0
2023-08-23T16:06:43.008+0530	DEBUG	Start parent: com.fasterxml.jackson:jackson-base:2.15.0
2023-08-23T16:06:43.008+0530	DEBUG	Exit parent: com.fasterxml.jackson:jackson-base:2.15.0
2023-08-23T16:06:43.008+0530	DEBUG	Exit parent: com.fasterxml.jackson.module:jackson-modules-java8:2.15.0
2023-08-23T16:06:43.008+0530	DEBUG	Resolving com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.15.0...
2023-08-23T16:06:43.030+0530	DEBUG	Start parent: com.fasterxml.jackson.module:jackson-modules-java8:2.15.0
2023-08-23T16:06:43.030+0530	DEBUG	Exit parent: com.fasterxml.jackson.module:jackson-modules-java8:2.15.0
2023-08-23T16:06:43.030+0530	DEBUG	Resolving com.fasterxml.jackson.module:jackson-module-parameter-names:2.15.0...
2023-08-23T16:06:43.048+0530	DEBUG	Start parent: com.fasterxml.jackson.module:jackson-modules-java8:2.15.0
2023-08-23T16:06:43.048+0530	DEBUG	Exit parent: com.fasterxml.jackson.module:jackson-modules-java8:2.15.0
2023-08-23T16:06:43.048+0530	DEBUG	Resolving org.springframework:spring-beans:6.0.9...
2023-08-23T16:06:43.065+0530	DEBUG	Resolving org.springframework:spring-context:6.0.9...
2023-08-23T16:06:43.087+0530	DEBUG	Resolving org.springframework:spring-expression:6.0.9...
2023-08-23T16:06:43.110+0530	DEBUG	Resolving org.springframework.boot:spring-boot-actuator:3.1.0...
2023-08-23T16:06:43.126+0530	DEBUG	Resolving io.micrometer:micrometer-commons:1.11.0...
2023-08-23T16:06:43.143+0530	DEBUG	Resolving com.fasterxml.jackson.core:jackson-core:2.15.0...
2023-08-23T16:06:43.160+0530	DEBUG	Start parent: com.fasterxml.jackson:jackson-base:2.15.0
2023-08-23T16:06:43.160+0530	DEBUG	Exit parent: com.fasterxml.jackson:jackson-base:2.15.0
2023-08-23T16:06:43.160+0530	DEBUG	Resolving org.jruby:jruby-base:9.4.3.0...
2023-08-23T16:06:43.181+0530	DEBUG	Start parent: org.jruby:jruby-parent:9.4.3.0
2023-08-23T16:06:43.181+0530	DEBUG	Exit parent: org.jruby:jruby-parent:9.4.3.0
2023-08-23T16:06:43.187+0530	DEBUG	Resolving org.jruby:jruby-stdlib:9.4.3.0...
2023-08-23T16:06:43.212+0530	DEBUG	Start parent: org.jruby:jruby-parent:9.4.3.0
2023-08-23T16:06:43.212+0530	DEBUG	Exit parent: org.jruby:jruby-parent:9.4.3.0
2023-08-23T16:06:43.234+0530	DEBUG	Resolving org.aspectj:aspectjweaver:1.9.19...
2023-08-23T16:06:43.251+0530	DEBUG	Resolving com.zaxxer:HikariCP:5.0.1...
2023-08-23T16:06:43.271+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:9
2023-08-23T16:06:43.271+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:9
2023-08-23T16:06:43.278+0530	DEBUG	Resolving org.springframework:spring-jdbc:6.0.9...
2023-08-23T16:06:43.296+0530	DEBUG	Resolving jakarta.persistence:jakarta.persistence-api:3.1.0...
2023-08-23T16:06:43.317+0530	DEBUG	Start parent: org.eclipse.ee4j:project:1.0.7
2023-08-23T16:06:43.317+0530	DEBUG	Exit parent: org.eclipse.ee4j:project:1.0.7
2023-08-23T16:06:43.317+0530	DEBUG	Resolving jakarta.transaction:jakarta.transaction-api:2.0.1...
2023-08-23T16:06:43.336+0530	DEBUG	Start parent: org.eclipse.ee4j:project:1.0.6
2023-08-23T16:06:43.336+0530	DEBUG	Exit parent: org.eclipse.ee4j:project:1.0.6
2023-08-23T16:06:43.336+0530	DEBUG	Resolving org.springframework.data:spring-data-commons:3.1.0...
2023-08-23T16:06:43.355+0530	DEBUG	Start parent: org.springframework.data.build:spring-data-parent:3.1.0
2023-08-23T16:06:43.355+0530	DEBUG	Exit parent: org.springframework.data.build:spring-data-parent:3.1.0
2023-08-23T16:06:43.368+0530	DEBUG	Resolving org.springframework:spring-orm:6.0.9...
2023-08-23T16:06:43.386+0530	DEBUG	Resolving org.springframework:spring-tx:6.0.9...
2023-08-23T16:06:43.402+0530	DEBUG	Resolving org.antlr:antlr4-runtime:4.10.1...
2023-08-23T16:06:43.419+0530	DEBUG	Start parent: org.antlr:antlr4-master:4.10.1
2023-08-23T16:06:43.435+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:9
2023-08-23T16:06:43.435+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:9
2023-08-23T16:06:43.435+0530	DEBUG	Exit parent: org.antlr:antlr4-master:4.10.1
2023-08-23T16:06:43.435+0530	DEBUG	Resolving org.springframework.security:spring-security-core:6.1.0...
2023-08-23T16:06:43.455+0530	DEBUG	Resolving org.thymeleaf:thymeleaf:3.1.1.RELEASE...
2023-08-23T16:06:43.472+0530	DEBUG	Start parent: org.thymeleaf:thymeleaf-lib:3.1.1.RELEASE
2023-08-23T16:06:43.472+0530	DEBUG	Exit parent: org.thymeleaf:thymeleaf-lib:3.1.1.RELEASE
2023-08-23T16:06:43.476+0530	DEBUG	Resolving org.hamcrest:hamcrest-core:2.2...
2023-08-23T16:06:43.492+0530	DEBUG	Resolving com.fasterxml.jackson.core:jackson-annotations:2.15.0...
2023-08-23T16:06:43.510+0530	DEBUG	Start parent: com.fasterxml.jackson:jackson-parent:2.15
2023-08-23T16:06:43.510+0530	DEBUG	Exit parent: com.fasterxml.jackson:jackson-parent:2.15
2023-08-23T16:06:43.511+0530	DEBUG	Resolving ch.qos.logback:logback-classic:1.4.7...
2023-08-23T16:06:43.539+0530	DEBUG	Start parent: ch.qos.logback:logback-parent:1.4.7
2023-08-23T16:06:43.560+0530	DEBUG	Exit parent: ch.qos.logback:logback-parent:1.4.7
2023-08-23T16:06:43.562+0530	DEBUG	Resolving org.apache.logging.log4j:log4j-to-slf4j:2.20.0...
2023-08-23T16:06:43.577+0530	DEBUG	Start parent: org.apache.logging.log4j:log4j:2.20.0
2023-08-23T16:06:43.607+0530	DEBUG	Start parent: org.apache.logging:logging-parent:7
2023-08-23T16:06:43.607+0530	DEBUG	Exit parent: org.apache.logging:logging-parent:7
2023-08-23T16:06:43.607+0530	DEBUG	Exit parent: org.apache.logging.log4j:log4j:2.20.0
2023-08-23T16:06:43.608+0530	DEBUG	Resolving org.codehaus.groovy:groovy-bom:3.0.14...
2023-08-23T16:06:43.630+0530	DEBUG	Resolving jakarta.platform:jakarta.jakartaee-bom:9.0.0...
2023-08-23T16:06:43.649+0530	DEBUG	Start parent: jakarta.platform:jakartaee-api-parent:9.0.0
2023-08-23T16:06:43.670+0530	DEBUG	Start parent: org.eclipse.ee4j:project:1.0.6
2023-08-23T16:06:43.670+0530	DEBUG	Exit parent: org.eclipse.ee4j:project:1.0.6
2023-08-23T16:06:43.670+0530	DEBUG	Exit parent: jakarta.platform:jakartaee-api-parent:9.0.0
2023-08-23T16:06:43.670+0530	DEBUG	Resolving org.eclipse.jetty:jetty-bom:9.4.50.v20221201...
2023-08-23T16:06:43.692+0530	DEBUG	Resolving io.fabric8:kubernetes-client-bom:5.12.2...
2023-08-23T16:06:43.716+0530	DEBUG	Resolving io.netty:netty-bom:4.1.86.Final...
2023-08-23T16:06:43.734+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:43.734+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:43.735+0530	DEBUG	Resolving org.springframework:spring-framework-bom:5.3.24...
2023-08-23T16:06:43.756+0530	DEBUG	Resolving org.slf4j:jul-to-slf4j:2.0.7...
2023-08-23T16:06:43.772+0530	DEBUG	Start parent: org.slf4j:slf4j-parent:2.0.7
2023-08-23T16:06:43.772+0530	DEBUG	Exit parent: org.slf4j:slf4j-parent:2.0.7
2023-08-23T16:06:43.772+0530	DEBUG	Resolving org.springframework:spring-jcl:6.0.9...
2023-08-23T16:06:43.788+0530	DEBUG	Resolving org.wildfly.client:wildfly-client-config:1.0.1.Final...
2023-08-23T16:06:43.805+0530	DEBUG	Start parent: org.jboss:jboss-parent:23
2023-08-23T16:06:43.835+0530	DEBUG	Exit parent: org.jboss:jboss-parent:23
2023-08-23T16:06:43.836+0530	DEBUG	Resolving org.ow2.asm:asm:9.5...
2023-08-23T16:06:43.856+0530	DEBUG	Start parent: org.ow2:ow2:1.5.1
2023-08-23T16:06:43.881+0530	DEBUG	Exit parent: org.ow2:ow2:1.5.1
2023-08-23T16:06:43.881+0530	DEBUG	Resolving org.ow2.asm:asm-commons:9.2...
2023-08-23T16:06:43.897+0530	DEBUG	Start parent: org.ow2:ow2:1.5
2023-08-23T16:06:43.914+0530	DEBUG	Exit parent: org.ow2:ow2:1.5
2023-08-23T16:06:43.914+0530	DEBUG	Resolving org.ow2.asm:asm-util:9.2...
2023-08-23T16:06:43.932+0530	DEBUG	Start parent: org.ow2:ow2:1.5
2023-08-23T16:06:43.932+0530	DEBUG	Exit parent: org.ow2:ow2:1.5
2023-08-23T16:06:43.933+0530	DEBUG	Resolving com.github.jnr:jnr-netdb:1.2.0...
2023-08-23T16:06:43.950+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:43.950+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:43.951+0530	DEBUG	Resolving com.github.jnr:jnr-enxio:0.32.15...
2023-08-23T16:06:43.969+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:43.969+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:43.970+0530	DEBUG	Resolving com.github.jnr:jnr-unixsocket:0.38.20...
2023-08-23T16:06:43.988+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:43.988+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:43.991+0530	DEBUG	Resolving com.github.jnr:jnr-posix:3.1.17...
2023-08-23T16:06:44.008+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.008+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.008+0530	DEBUG	Resolving com.github.jnr:jnr-constants:0.10.4...
2023-08-23T16:06:44.050+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.050+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.050+0530	DEBUG	Resolving com.github.jnr:jffi:1.3.11...
2023-08-23T16:06:44.070+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.070+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.070+0530	DEBUG	Resolving org.jruby.joni:joni:2.2.1...
2023-08-23T16:06:44.097+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.097+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.098+0530	DEBUG	Resolving org.jruby.jcodings:jcodings:1.0.58...
2023-08-23T16:06:44.116+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.116+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.116+0530	DEBUG	Resolving org.jruby:dirgra:0.3...
2023-08-23T16:06:44.133+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.133+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.134+0530	DEBUG	Resolving com.headius:invokebinder:1.13...
2023-08-23T16:06:44.152+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.152+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.152+0530	DEBUG	Resolving com.headius:options:1.6...
2023-08-23T16:06:44.168+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.168+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.168+0530	DEBUG	Resolving org.jruby:jzlib:1.1.5...
2023-08-23T16:06:44.185+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.185+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.185+0530	DEBUG	Resolving joda-time:joda-time:2.12.5...
2023-08-23T16:06:44.210+0530	DEBUG	Resolving me.qmx.jitescript:jitescript:0.4.1...
2023-08-23T16:06:44.228+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.228+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.229+0530	DEBUG	Resolving com.headius:backport9:1.13...
2023-08-23T16:06:44.245+0530	DEBUG	Start parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.245+0530	DEBUG	Exit parent: org.sonatype.oss:oss-parent:7
2023-08-23T16:06:44.245+0530	DEBUG	Resolving org.springframework.security:spring-security-crypto:6.1.0...
2023-08-23T16:06:44.261+0530	DEBUG	Resolving org.attoparser:attoparser:2.0.6.RELEASE...
2023-08-23T16:06:44.280+0530	DEBUG	Resolving org.unbescape:unbescape:1.1.6.RELEASE...
2023-08-23T16:06:44.302+0530	DEBUG	Resolving org.hamcrest:hamcrest:2.2...
2023-08-23T16:06:44.320+0530	DEBUG	Resolving ch.qos.logback:logback-core:1.4.7...
2023-08-23T16:06:44.354+0530	DEBUG	Start parent: ch.qos.logback:logback-parent:1.4.7
2023-08-23T16:06:44.354+0530	DEBUG	Exit parent: ch.qos.logback:logback-parent:1.4.7
2023-08-23T16:06:44.355+0530	DEBUG	Resolving org.apache.logging.log4j:log4j-api:2.20.0...
2023-08-23T16:06:44.371+0530	DEBUG	Start parent: org.apache.logging.log4j:log4j:2.20.0
2023-08-23T16:06:44.371+0530	DEBUG	Exit parent: org.apache.logging.log4j:log4j:2.20.0
2023-08-23T16:06:44.376+0530	DEBUG	Resolving org.ow2.asm:asm-tree:9.2...
2023-08-23T16:06:44.391+0530	DEBUG	Start parent: org.ow2:ow2:1.5
2023-08-23T16:06:44.391+0530	DEBUG	Exit parent: org.ow2:ow2:1.5
2023-08-23T16:06:44.391+0530	DEBUG	Resolving org.ow2.asm:asm-analysis:9.2...
2023-08-23T16:06:44.412+0530	DEBUG	Start parent: org.ow2:ow2:1.5
2023-08-23T16:06:44.412+0530	DEBUG	Exit parent: org.ow2:ow2:1.5
2023-08-23T16:06:44.466+0530	DEBUG	OS is not detected.
2023-08-23T16:06:44.466+0530	DEBUG	Detected OS: unknown
2023-08-23T16:06:44.466+0530	INFO	Number of language-specific files: 1
2023-08-23T16:06:44.466+0530	INFO	Detecting pom vulnerabilities...
2023-08-23T16:06:44.466+0530	DEBUG	Detecting library vulnerabilities, type: pom, path: pom.xml

Operating System

macOS

Version

trivy --version
Version: 0.44.1
Vulnerability DB:
  Version: 2
  UpdatedAt: 2023-08-23 09:19:57.833271956 +0000 UTC
  NextUpdate: 2023-08-23 15:19:57.833271456 +0000 UTC
  DownloadedAt: 2023-08-23 10:32:00.288343 +0000 UTC
Java DB:
  Version: 1
  UpdatedAt: 2023-06-12 00:58:09.155334694 +0000 UTC
  NextUpdate: 2023-06-15 00:58:09.155334094 +0000 UTC
  DownloadedAt: 2023-06-12 09:47:21.272961 +0000 UTC

Checklist

Run trivy image --reset
Read the troubleshooting

nikpivkin · 2023-08-23T11:26:06Z

nikpivkin
Aug 23, 2023
Maintainer

Hi @namandf !

It seems that you have already created a discussion with a similar problem: #4236

0 replies

namandf · 2023-08-23T11:29:36Z

namandf
Aug 23, 2023
Author

Hi @nikpivkin , #4236 is now focussed on license detection for image scans.

For filesystem scans, trivy seems to have added support some time back wherein, pom.xml is parsed to extract license information.
#4236 (reply in thread)

There seems to be an issue with the same. When maven is being referred to fetch child POM dependencies, the expected behaviour is to analyze pom to extract GAV + license. But looks like license is not being parsed or may be it is parsed, but not processed or lost in translation

4 replies

nikpivkin Aug 23, 2023
Maintainer

Trivy extracts licenses from pom.xml which are stored directly in the file system.

At the moment, Trivy cannot get information about dependency licenses, since licenses are not stored in trivy-db. But I see that the issue of adding licenses to the database is being discussed.

namandf Aug 23, 2023
Author

Trivy is anyways making maven calls to fetch POM dependencies if I am not wrong. Won't it be straightforward to extract licenses as well? I assumed , we are already doing that as part of the recent change. https://github.com/aquasecurity/go-dep-parser/blob/main/pkg/java/pom/parse.go#L541

Even if its a local repository instead of maven, it is processing the local pom.xml . We should be able to extract license information from the same. https://github.com/aquasecurity/go-dep-parser/blob/main/pkg/java/pom/parse.go#L534

namandf Aug 23, 2023
Author

Trivy cannot get information about dependency licenses, since licenses are not stored in trivy-db.

This isn't the current approach anyways right i.e we don't refer java db in case of pom.xml (filesystem scans)? We directly call maven https://repo.maven.apache.org/maven2 or refer local maven repository if available to get all child packages .

nikpivkin Aug 23, 2023
Maintainer

Yes, you're right, I think I'm a little confused. I created an issue. #5028

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Missing license information for trivy java filesystem scans #5027

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 2 comments 4 replies

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

{{editor}}'s edit

{{editor}}'s edit

{{title}}

Select a reply

Missing license information for trivy java filesystem scans #5027

namandf Aug 23, 2023

Description

Desired Behavior

Actual Behavior

Reproduction Steps

Target

Scanner

Output Format

Mode

Debug Output

Operating System

Version

Checklist

Replies: 2 comments · 4 replies

nikpivkin Aug 23, 2023 Maintainer

namandf Aug 23, 2023 Author

nikpivkin Aug 23, 2023 Maintainer

namandf Aug 23, 2023 Author

namandf Aug 23, 2023 Author

nikpivkin Aug 23, 2023 Maintainer

namandf
Aug 23, 2023

Replies: 2 comments 4 replies

nikpivkin
Aug 23, 2023
Maintainer

namandf
Aug 23, 2023
Author

nikpivkin Aug 23, 2023
Maintainer

namandf Aug 23, 2023
Author

namandf Aug 23, 2023
Author

nikpivkin Aug 23, 2023
Maintainer