Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

As a system admin, I want dependency (library, package, image, configuration) updates for security and bug fixes for WRES 6.25 #67

Closed
8 tasks done
ArvinEsmailzadeh opened this issue Aug 20, 2024 · 43 comments
Closed
8 tasks done

As a system admin, I want dependency (library, package, image, configuration) updates for security and bug fixes for WRES 6.25 #67

ArvinEsmailzadeh opened this issue Aug 20, 2024 · 43 comments
Assignees
@ArvinEsmailzadeh
Labels
deployment Work related to deployments
Milestone
v6.25

Comments

@ArvinEsmailzadeh
Copy link
Collaborator

ArvinEsmailzadeh commented Aug 20, 2024
edited by james-d-brown
Loading

  • Libraries having update available
  • Libraries marked vulnerable by scan
  • Red Hat UBI #88
  • Jetty
  • Artemis
  • Redis
  • RabbitMQ
  • Java Runtime Environment
@ArvinEsmailzadeh ArvinEsmailzadeh added the deployment Work related to deployments label Aug 20, 2024
@ArvinEsmailzadeh ArvinEsmailzadeh self-assigned this Aug 20, 2024
@ArvinEsmailzadeh
Copy link
Collaborator Author

DEPENDENCY UPGRADES TO SKIP:

#68
#69
#70

@ArvinEsmailzadeh
Copy link
Collaborator Author

Proposed Library updates:

Starting aProposed Library updates:

Starting a Gradle Daemon, 1 incompatible Daemon could not be reused, use --status for details

> Configure project :
Markdown Gradle plugin 2.2.0. Consider becoming a patron at https://www.patreon.com/aalmiray
20240816-cfc3e92
20240816-cfc3e92

> Task :dependencyUpdates

------------------------------------------------------------
: Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.adarshr.test-logger:com.adarshr.test-logger.gradle.plugin:4.0.0
 - com.atlassian.commonmark:commonmark:0.17.0
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - com.github.ben-manes.versions:com.github.ben-manes.versions.gradle.plugin:0.51.0
 - com.github.marschall:jfr-jdbc:0.4.0
 - com.github.seanrl.jaxb:com.github.seanrl.jaxb.gradle.plugin:2.5.4
 - com.google.jimfs:jimfs:1.3.0
 - com.hubspot.jackson:jackson-datatype-protobuf:0.9.15
 - com.mattbertolini:liquibase-slf4j:5.0.0
 - com.netflix.nebula:gradle-aggregate-javadocs-plugin:3.0.1
 - com.opencsv:opencsv:5.9
 - com.rabbitmq:amqp-client:5.21.0
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - com.zaxxer:HikariCP:5.1.0
 - commons-beanutils:commons-beanutils:1.9.4
 - commons-io:commons-io:2.16.1
 - de.undercouch.download:de.undercouch.download.gradle.plugin:5.6.0
 - io.swagger.core.v3:swagger-jaxrs2:2.2.21
 - jakarta.jms:jakarta.jms-api:3.1.0
 - javax.measure:unit-api:2.2
 - javax.servlet:javax.servlet-api:3.1.0
 - javax.ws.rs:javax.ws.rs-api:2.1
 - junit:junit:4.13.2
 - org.ajoberstar.grgit:org.ajoberstar.grgit.gradle.plugin:5.2.2
 - org.apache.commons:commons-configuration2:2.11.0
 - org.apache.commons:commons-math3:3.6.1
 - org.apache.qpid:qpid-broker-core:9.2.0
 - org.apache.qpid:qpid-broker-plugins-amqp-0-8-protocol:9.2.0
 - org.apache.qpid:qpid-broker-plugins-memory-store:9.2.0
 - org.apache.qpid:qpid-jms-client:2.5.0
 - org.bouncycastle:bcpkix-jdk18on:1.78.1
 - org.bouncycastle:bcprov-jdk18on:1.78.1
 - org.glassfish:javax.json:1.1.4
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.jvnet.jaxb2_commons:jaxb2-basics-annotate:1.1.0
 - org.kordamp.gradle.markdown:org.kordamp.gradle.markdown.gradle.plugin:2.2.0
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mock-server:mockserver-netty:5.15.0
 - org.mockito:mockito-core:5.12.0
 - org.mockito:mockito-inline:5.2.0
 - org.postgresql:postgresql:42.7.3
 - org.projectlombok:lombok:1.18.34
 - org.slf4j:jcl-over-slf4j:2.1.0-alpha1
 - org.slf4j:jul-to-slf4j:2.1.0-alpha1
 - org.slf4j:log4j-over-slf4j:2.1.0-alpha1
 - si.uom:si-units:2.1
 - systems.uom:systems-quantity:2.1
 - systems.uom:systems-ucum:2.1
 - tech.units:indriya:2.2

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - com.fasterxml.jackson:jackson-bom [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-bom
 - com.fasterxml.jackson.core:jackson-annotations [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson
 - com.fasterxml.jackson.core:jackson-core [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-core
 - com.fasterxml.jackson.core:jackson-databind [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson
 - com.fasterxml.jackson.dataformat:jackson-dataformat-yaml [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-dataformats-text
 - com.fasterxml.jackson.datatype:jackson-datatype-jsr310 [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-modules-java8
 - com.github.sabomichal:immutable-xjc-plugin [1.7.1 -> 2.0.3]
     https://github.com/sabomichal/immutable-xjc
 - com.google.guava:guava [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.google.guava:guava-testlib [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.google.protobuf:com.google.protobuf.gradle.plugin [0.9.1 -> 0.9.4]
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protobuf-java-util [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protoc [3.21.12 -> 21.0-rc-1]
     https://developers.google.com/protocol-buffers/
 - com.h2database:h2 [2.2.224 -> 2.3.232]
     https://h2database.com
 - com.networknt:json-schema-validator [1.4.3 -> 1.5.1]
     https://github.com/networknt/json-schema-validator
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - commons-codec:commons-codec [1.17.0 -> 1.17.1]
     https://commons.apache.org/proper/commons-codec/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]
 - io.netty:netty-all [4.1.111.Final -> 5.0.0.Alpha2]
     http://netty.io/
 - io.soabase.record-builder:record-builder-core [41 -> 42]
     https://github.com/randgalt/record-builder
 - io.soabase.record-builder:record-builder-processor [41 -> 42]
     https://github.com/randgalt/record-builder
 - io.swagger.core.v3:swagger-jaxrs2-jakarta [2.2.21 -> 2.2.22]
     https://github.com/swagger-api/swagger-core
 - io.swagger.core.v3.swagger-gradle-plugin:io.swagger.core.v3.swagger-gradle-plugin.gradle.plugin [2.2.21 -> 2.2.22]
 - jakarta.activation:jakarta.activation-api [1.2.2 -> 2.1.3]
     https://github.com/jakartaee/jaf-api
 - jakarta.annotation:jakarta.annotation-api [2.1.1 -> 3.0.0]
     https://projects.eclipse.org/projects/ee4j.ca
 - jakarta.ws.rs:jakarta.ws.rs-api [3.1.0 -> 4.0.0]
     https://github.com/jakartaee/rest
 - jakarta.xml.bind:jakarta.xml.bind-api [2.3.3 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - jakarta.xml.bind:jakarta.xml.bind-api [3.0.1 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - org.apache.activemq:artemis-amqp-protocol [2.34.0 -> 2.36.0]
     https://activemq.apache.org/components/artemis/
 - org.apache.activemq:artemis-server [2.34.0 -> 2.36.0]
     https://activemq.apache.org/components/artemis/
 - org.apache.commons:commons-collections4 [4.4 -> 4.5.0-M2]
     https://commons.apache.org/proper/commons-collections/
 - org.apache.commons:commons-compress [1.26.2 -> 1.27.1]
     https://commons.apache.org/proper/commons-compress/
 - org.apache.commons:commons-lang3 [3.12.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.beryx.jlink:org.beryx.jlink.gradle.plugin [2.26.0 -> 3.0.1]
 - org.eclipse.collections:eclipse-collections [11.1.0 -> 12.0.0.M3]
     https://github.com/eclipse/eclipse-collections
 - org.eclipse.jetty:jetty-alpn-java-server [11.0.20 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-alpn-java-server [11.0.21 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-server [11.0.20 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-webapp [11.0.21 -> 11.0.22]
     https://jetty.org
 - org.eclipse.jetty.http2:http2-server [11.0.20 -> 11.0.22]
     https://jetty.org
 - org.eclipse.jetty.http2:http2-server [11.0.21 -> 11.0.22]
     https://jetty.org
 - org.eclipse.persistence:org.eclipse.persistence.moxy [2.7.12 -> 5.0.0-B02]
     http://www.eclipse.org/eclipselink
 - org.glassfish.jaxb:jaxb-core [2.3.0.1 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-runtime [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-xjc [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jersey.containers:jersey-container-jetty-http [3.1.3 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.containers:jersey-container-servlet [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.containers:jersey-container-servlet-core [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.core:jersey-server [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.inject:jersey-hk2 [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.media:jersey-media-multipart [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jfree:jfreechart [1.5.4 -> 1.5.5]
     http://www.jfree.org/jfreechart/
 - org.jfree:org.jfree.svg [4.1 -> 5.0.6]
     http://www.jfree.org/jfreesvg
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-params [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.vintage:junit-vintage-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.jvnet.jaxb2_commons:jaxb2-basics [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-ant [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-runtime [0.13.1 -> 2.0.12]
     https://github.com/highsource/jaxb-tools
 - org.liquibase:liquibase-core [4.28.0 -> 4.29.1]
     http://www.liquibase.com
 - org.owasp.dependencycheck:org.owasp.dependencycheck.gradle.plugin [9.2.0 -> 10.0.3]
 - org.redisson:redisson [3.18.0 -> 3.34.1]
     http://redisson.org
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org
 - org.sonarqube:org.sonarqube.gradle.plugin [5.0.0.4638 -> 5.1.0.4882]

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\build\dependencyUpdates\report.txt

> Task :wres-config:dependencyUpdates

------------------------------------------------------------
:wres-config Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.google.jimfs:jimfs:1.3.0
 - com.hubspot.jackson:jackson-datatype-protobuf:0.9.15
 - com.opencsv:opencsv:5.9
 - commons-beanutils:commons-beanutils:1.9.4
 - commons-io:commons-io:2.16.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.jvnet.jaxb2_commons:jaxb2-basics-annotate:1.1.0
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mockito:mockito-core:5.12.0

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - com.fasterxml.jackson:jackson-bom [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-bom
 - com.fasterxml.jackson.core:jackson-annotations [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson
 - com.fasterxml.jackson.core:jackson-core [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-core
 - com.fasterxml.jackson.core:jackson-databind [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson
 - com.fasterxml.jackson.dataformat:jackson-dataformat-yaml [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-dataformats-text
 - com.fasterxml.jackson.datatype:jackson-datatype-jsr310 [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-modules-java8
 - com.github.sabomichal:immutable-xjc-plugin [1.7.1 -> 2.0.3]
     https://github.com/sabomichal/immutable-xjc
 - com.google.guava:guava [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protobuf-java-util [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.networknt:json-schema-validator [1.4.3 -> 1.5.1]
     https://github.com/networknt/json-schema-validator
 - io.soabase.record-builder:record-builder-core [41 -> 42]
     https://github.com/randgalt/record-builder
 - io.soabase.record-builder:record-builder-processor [41 -> 42]
     https://github.com/randgalt/record-builder
 - jakarta.activation:jakarta.activation-api [1.2.2 -> 2.1.3]
     https://github.com/jakartaee/jaf-api
 - jakarta.xml.bind:jakarta.xml.bind-api [2.3.3 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.eclipse.persistence:org.eclipse.persistence.moxy [2.7.12 -> 5.0.0-B02]
     http://www.eclipse.org/eclipselink
 - org.glassfish.jaxb:jaxb-core [2.3.0.1 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-runtime [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-xjc [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-params [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.jvnet.jaxb2_commons:jaxb2-basics [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-ant [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-runtime [0.13.1 -> 2.0.12]
     https://github.com/highsource/jaxb-tools
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-config\build\dependencyUpdates\report.txt

> Task :wres-datamodel:dependencyUpdates

------------------------------------------------------------
:wres-datamodel Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - javax.measure:unit-api:2.2
 - junit:junit:4.13.2
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.locationtech.jts:jts-core:1.19.0
 - org.mockito:mockito-core:5.12.0
 - si.uom:si-units:2.1
 - systems.uom:systems-quantity:2.1
 - systems.uom:systems-ucum:2.1
 - tech.units:indriya:2.2

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.vintage:junit-vintage-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-datamodel\build\dependencyUpdates\report.txt

> Task :wres-events:dependencyUpdates

------------------------------------------------------------
:wres-events Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - jakarta.jms:jakarta.jms-api:3.1.0
 - org.apache.qpid:qpid-jms-client:2.5.0
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.mockito:mockito-core:5.12.0
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - io.netty:netty-all [4.1.111.Final -> 5.0.0.Alpha2]
     http://netty.io/
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-events\build\dependencyUpdates\report.txt

> Task :wres-eventsbroker:dependencyUpdates

------------------------------------------------------------
:wres-eventsbroker Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - jakarta.jms:jakarta.jms-api:3.1.0
 - org.apache.commons:commons-configuration2:2.11.0
 - org.apache.qpid:qpid-jms-client:2.5.0
 - org.bouncycastle:bcprov-jdk18on:1.78.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.slf4j:jcl-over-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - com.google.guava:guava [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - org.apache.activemq:artemis-amqp-protocol [2.34.0 -> 2.36.0]
     https://activemq.apache.org/components/artemis/
 - org.apache.activemq:artemis-server [2.34.0 -> 2.36.0]
     https://activemq.apache.org/components/artemis/
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-eventsbroker\build\dependencyUpdates\report.txt

> Task :wres-external-services-tests:dependencyUpdates

------------------------------------------------------------
:wres-external-services-tests Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-external-services-tests\build\dependencyUpdates\report.txt

> Task :wres-http:dependencyUpdates

------------------------------------------------------------
:wres-http Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-http\build\dependencyUpdates\report.txt

> Task :wres-io:dependencyUpdates

------------------------------------------------------------
:wres-io Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - com.github.marschall:jfr-jdbc:0.4.0
 - com.google.jimfs:jimfs:1.3.0
 - com.mattbertolini:liquibase-slf4j:5.0.0
 - com.zaxxer:HikariCP:5.1.0
 - junit:junit:4.13.2
 - org.glassfish:javax.json:1.1.4
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mockito:mockito-inline:5.2.0
 - org.postgresql:postgresql:42.7.3
 - org.slf4j:jcl-over-slf4j:2.1.0-alpha1
 - org.slf4j:jul-to-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - com.google.guava:guava [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.google.guava:guava-testlib [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.h2database:h2 [2.2.224 -> 2.3.232]
     https://h2database.com
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.vintage:junit-vintage-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.liquibase:liquibase-core [4.28.0 -> 4.29.1]
     http://www.liquibase.com

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-io\build\dependencyUpdates\report.txt

> Task :wres-messages:dependencyUpdates

------------------------------------------------------------
:wres-messages Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - junit:junit:4.13.2
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8

The following dependencies have later milestone versions:
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protoc [3.21.12 -> 21.0-rc-1]
     https://developers.google.com/protocol-buffers/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-messages\build\dependencyUpdates\report.txt

> Task :wres-metrics:dependencyUpdates

------------------------------------------------------------
:wres-metrics Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - junit:junit:4.13.2
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.mockito:mockito-core:5.12.0

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - org.eclipse.collections:eclipse-collections [11.1.0 -> 12.0.0.M3]
     https://github.com/eclipse/eclipse-collections
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.vintage:junit-vintage-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-metrics\build\dependencyUpdates\report.txt

> Task :wres-reading:dependencyUpdates

------------------------------------------------------------
:wres-reading Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.google.jimfs:jimfs:1.3.0
 - com.mattbertolini:liquibase-slf4j:5.0.0
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - junit:junit:4.13.2
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mock-server:mockserver-netty:5.15.0
 - org.mockito:mockito-inline:5.2.0
 - org.projectlombok:lombok:1.18.34

The following dependencies have later milestone versions:
 - com.fasterxml.jackson.datatype:jackson-datatype-jsr310 [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-modules-java8
 - com.google.guava:guava [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.google.guava:guava-testlib [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]
 - org.apache.commons:commons-collections4 [4.4 -> 4.5.0-M2]
     https://commons.apache.org/proper/commons-collections/
 - org.apache.commons:commons-compress [1.26.2 -> 1.27.1]
     https://commons.apache.org/proper/commons-compress/
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.vintage:junit-vintage-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.liquibase:liquibase-core [4.28.0 -> 4.29.1]
     http://www.liquibase.com

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-reading\build\dependencyUpdates\report.txt

> Task :wres-statistics:dependencyUpdates

------------------------------------------------------------
:wres-statistics Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protoc [3.21.12 -> 21.0-rc-1]
     https://developers.google.com/protocol-buffers/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-statistics\build\dependencyUpdates\report.txt

> Task :wres-system:dependencyUpdates

------------------------------------------------------------
:wres-system Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.github.marschall:jfr-jdbc:0.4.0
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - com.zaxxer:HikariCP:5.1.0
 - junit:junit:4.13.2
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.mock-server:mockserver-netty:5.15.0
 - org.postgresql:postgresql:42.7.3
 - org.projectlombok:lombok:1.18.34
 - org.slf4j:jul-to-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - com.h2database:h2 [2.2.224 -> 2.3.232]
     https://h2database.com
 - jakarta.xml.bind:jakarta.xml.bind-api [2.3.3 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.jvnet.jaxb2_commons:jaxb2-basics-runtime [0.13.1 -> 2.0.12]
     https://github.com/highsource/jaxb-tools
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-system\build\dependencyUpdates\report.txt

> Task :wres-tasker:dependencyUpdates

------------------------------------------------------------
:wres-tasker Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - com.google.jimfs:jimfs:1.3.0
 - com.rabbitmq:amqp-client:5.21.0
 - io.swagger.core.v3:swagger-jaxrs2:2.2.21
 - javax.servlet:javax.servlet-api:3.1.0
 - javax.ws.rs:javax.ws.rs-api:2.1
 - junit:junit:4.13.2
 - org.apache.qpid:qpid-broker-core:9.2.0
 - org.apache.qpid:qpid-broker-plugins-amqp-0-8-protocol:9.2.0
 - org.apache.qpid:qpid-broker-plugins-memory-store:9.2.0
 - org.bouncycastle:bcpkix-jdk18on:1.78.1
 - org.bouncycastle:bcprov-jdk18on:1.78.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - com.fasterxml.jackson:jackson-bom [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-bom
 - com.fasterxml.jackson.core:jackson-annotations [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson
 - com.fasterxml.jackson.core:jackson-core [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-core
 - com.fasterxml.jackson.core:jackson-databind [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - commons-codec:commons-codec [1.17.0 -> 1.17.1]
     https://commons.apache.org/proper/commons-codec/
 - io.netty:netty-all [4.1.111.Final -> 5.0.0.Alpha2]
     http://netty.io/
 - io.swagger.core.v3:swagger-jaxrs2-jakarta [2.2.21 -> 2.2.22]
     https://github.com/swagger-api/swagger-core
 - jakarta.annotation:jakarta.annotation-api [2.1.1 -> 3.0.0]
     https://projects.eclipse.org/projects/ee4j.ca
 - jakarta.ws.rs:jakarta.ws.rs-api [3.1.0 -> 4.0.0]
     https://github.com/jakartaee/rest
 - org.apache.commons:commons-lang3 [3.12.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.eclipse.jetty:jetty-alpn-java-server [11.0.21 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-server [11.0.20 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-webapp [11.0.21 -> 11.0.22]
     https://jetty.org
 - org.eclipse.jetty.http2:http2-server [11.0.21 -> 11.0.22]
     https://jetty.org
 - org.glassfish.jersey.containers:jersey-container-servlet-core [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.core:jersey-server [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.inject:jersey-hk2 [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.media:jersey-media-multipart [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.vintage:junit-vintage-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.redisson:redisson [3.18.0 -> 3.34.1]
     http://redisson.org
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-tasker\build\dependencyUpdates\report.txt

> Task :wres-vis:dependencyUpdates

------------------------------------------------------------
:wres-vis Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.google.jimfs:jimfs:1.3.0
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - junit:junit:4.13.2
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.mockito:mockito-core:5.12.0
 - org.slf4j:log4j-over-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.jfree:jfreechart [1.5.4 -> 1.5.5]
     http://www.jfree.org/jfreechart/
 - org.jfree:org.jfree.svg [4.1 -> 5.0.6]
     http://www.jfree.org/jfreesvg
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.vintage:junit-vintage-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-vis\build\dependencyUpdates\report.txt

> Task :wres-worker:dependencyUpdates

------------------------------------------------------------
:wres-worker Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.rabbitmq:amqp-client:5.21.0
 - junit:junit:4.13.2
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.mock-server:mockserver-netty:5.15.0
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - jakarta.ws.rs:jakarta.ws.rs-api [3.1.0 -> 4.0.0]
     https://github.com/jakartaee/rest
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-worker\build\dependencyUpdates\report.txt

> Task :wres-writing:dependencyUpdates

------------------------------------------------------------
:wres-writing Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.google.jimfs:jimfs:1.3.0
 - junit:junit:4.13.2
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - com.google.guava:guava [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-writing\build\dependencyUpdates\report.txt

Deprecated Gradle features were used in this build, making it incompatible with Gradle 8.0.

You can use '--warning-mode all' to show the individual deprecation warnings and determine if they come from your own scripts or plugins.

See https://docs.gradle.org/7.6.4/userguide/command_line_interface.html#sec:command_line_warnings

BUILD SUCCESSFUL in 45s Gradle Daemon, 1 incompatible Daemon could not be reused, use --status for details

> Configure project :
Markdown Gradle plugin 2.2.0. Consider becoming a patron at https://www.patreon.com/aalmiray
20240816-cfc3e92
20240816-cfc3e92

> Task :dependencyUpdates

------------------------------------------------------------
: Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.adarshr.test-logger:com.adarshr.test-logger.gradle.plugin:4.0.0
 - com.atlassian.commonmark:commonmark:0.17.0
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - com.github.ben-manes.versions:com.github.ben-manes.versions.gradle.plugin:0.51.0
 - com.github.marschall:jfr-jdbc:0.4.0
 - com.github.seanrl.jaxb:com.github.seanrl.jaxb.gradle.plugin:2.5.4
 - com.google.jimfs:jimfs:1.3.0
 - com.hubspot.jackson:jackson-datatype-protobuf:0.9.15
 - com.mattbertolini:liquibase-slf4j:5.0.0
 - com.netflix.nebula:gradle-aggregate-javadocs-plugin:3.0.1
 - com.opencsv:opencsv:5.9
 - com.rabbitmq:amqp-client:5.21.0
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - com.zaxxer:HikariCP:5.1.0
 - commons-beanutils:commons-beanutils:1.9.4
 - commons-io:commons-io:2.16.1
 - de.undercouch.download:de.undercouch.download.gradle.plugin:5.6.0
 - io.swagger.core.v3:swagger-jaxrs2:2.2.21
 - jakarta.jms:jakarta.jms-api:3.1.0
 - javax.measure:unit-api:2.2
 - javax.servlet:javax.servlet-api:3.1.0
 - javax.ws.rs:javax.ws.rs-api:2.1
 - junit:junit:4.13.2
 - org.ajoberstar.grgit:org.ajoberstar.grgit.gradle.plugin:5.2.2
 - org.apache.commons:commons-configuration2:2.11.0
 - org.apache.commons:commons-math3:3.6.1
 - org.apache.qpid:qpid-broker-core:9.2.0
 - org.apache.qpid:qpid-broker-plugins-amqp-0-8-protocol:9.2.0
 - org.apache.qpid:qpid-broker-plugins-memory-store:9.2.0
 - org.apache.qpid:qpid-jms-client:2.5.0
 - org.bouncycastle:bcpkix-jdk18on:1.78.1
 - org.bouncycastle:bcprov-jdk18on:1.78.1
 - org.glassfish:javax.json:1.1.4
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.jvnet.jaxb2_commons:jaxb2-basics-annotate:1.1.0
 - org.kordamp.gradle.markdown:org.kordamp.gradle.markdown.gradle.plugin:2.2.0
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mock-server:mockserver-netty:5.15.0
 - org.mockito:mockito-core:5.12.0
 - org.mockito:mockito-inline:5.2.0
 - org.postgresql:postgresql:42.7.3
 - org.projectlombok:lombok:1.18.34
 - org.slf4j:jcl-over-slf4j:2.1.0-alpha1
 - org.slf4j:jul-to-slf4j:2.1.0-alpha1
 - org.slf4j:log4j-over-slf4j:2.1.0-alpha1
 - si.uom:si-units:2.1
 - systems.uom:systems-quantity:2.1
 - systems.uom:systems-ucum:2.1
 - tech.units:indriya:2.2

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - com.fasterxml.jackson:jackson-bom [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-bom
 - com.fasterxml.jackson.core:jackson-annotations [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson
 - com.fasterxml.jackson.core:jackson-core [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-core
 - com.fasterxml.jackson.core:jackson-databind [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson
 - com.fasterxml.jackson.dataformat:jackson-dataformat-yaml [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-dataformats-text
 - com.fasterxml.jackson.datatype:jackson-datatype-jsr310 [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-modules-java8
 - com.github.sabomichal:immutable-xjc-plugin [1.7.1 -> 2.0.3]
     https://github.com/sabomichal/immutable-xjc
 - com.google.guava:guava [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.google.guava:guava-testlib [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.google.protobuf:com.google.protobuf.gradle.plugin [0.9.1 -> 0.9.4]
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protobuf-java-util [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protoc [3.21.12 -> 21.0-rc-1]
     https://developers.google.com/protocol-buffers/
 - com.h2database:h2 [2.2.224 -> 2.3.232]
     https://h2database.com
 - com.networknt:json-schema-validator [1.4.3 -> 1.5.1]
     https://github.com/networknt/json-schema-validator
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - commons-codec:commons-codec [1.17.0 -> 1.17.1]
     https://commons.apache.org/proper/commons-codec/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]
 - io.netty:netty-all [4.1.111.Final -> 5.0.0.Alpha2]
     http://netty.io/
 - io.soabase.record-builder:record-builder-core [41 -> 42]
     https://github.com/randgalt/record-builder
 - io.soabase.record-builder:record-builder-processor [41 -> 42]
     https://github.com/randgalt/record-builder
 - io.swagger.core.v3:swagger-jaxrs2-jakarta [2.2.21 -> 2.2.22]
     https://github.com/swagger-api/swagger-core
 - io.swagger.core.v3.swagger-gradle-plugin:io.swagger.core.v3.swagger-gradle-plugin.gradle.plugin [2.2.21 -> 2.2.22]
 - jakarta.activation:jakarta.activation-api [1.2.2 -> 2.1.3]
     https://github.com/jakartaee/jaf-api
 - jakarta.annotation:jakarta.annotation-api [2.1.1 -> 3.0.0]
     https://projects.eclipse.org/projects/ee4j.ca
 - jakarta.ws.rs:jakarta.ws.rs-api [3.1.0 -> 4.0.0]
     https://github.com/jakartaee/rest
 - jakarta.xml.bind:jakarta.xml.bind-api [2.3.3 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - jakarta.xml.bind:jakarta.xml.bind-api [3.0.1 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - org.apache.activemq:artemis-amqp-protocol [2.34.0 -> 2.36.0]
     https://activemq.apache.org/components/artemis/
 - org.apache.activemq:artemis-server [2.34.0 -> 2.36.0]
     https://activemq.apache.org/components/artemis/
 - org.apache.commons:commons-collections4 [4.4 -> 4.5.0-M2]
     https://commons.apache.org/proper/commons-collections/
 - org.apache.commons:commons-compress [1.26.2 -> 1.27.1]
     https://commons.apache.org/proper/commons-compress/
 - org.apache.commons:commons-lang3 [3.12.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.beryx.jlink:org.beryx.jlink.gradle.plugin [2.26.0 -> 3.0.1]
 - org.eclipse.collections:eclipse-collections [11.1.0 -> 12.0.0.M3]
     https://github.com/eclipse/eclipse-collections
 - org.eclipse.jetty:jetty-alpn-java-server [11.0.20 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-alpn-java-server [11.0.21 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-server [11.0.20 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-webapp [11.0.21 -> 11.0.22]
     https://jetty.org
 - org.eclipse.jetty.http2:http2-server [11.0.20 -> 11.0.22]
     https://jetty.org
 - org.eclipse.jetty.http2:http2-server [11.0.21 -> 11.0.22]
     https://jetty.org
 - org.eclipse.persistence:org.eclipse.persistence.moxy [2.7.12 -> 5.0.0-B02]
     http://www.eclipse.org/eclipselink
 - org.glassfish.jaxb:jaxb-core [2.3.0.1 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-runtime [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-xjc [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jersey.containers:jersey-container-jetty-http [3.1.3 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.containers:jersey-container-servlet [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.containers:jersey-container-servlet-core [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.core:jersey-server [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.inject:jersey-hk2 [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.media:jersey-media-multipart [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jfree:jfreechart [1.5.4 -> 1.5.5]
     http://www.jfree.org/jfreechart/
 - org.jfree:org.jfree.svg [4.1 -> 5.0.6]
     http://www.jfree.org/jfreesvg
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-params [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.vintage:junit-vintage-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.jvnet.jaxb2_commons:jaxb2-basics [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-ant [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-runtime [0.13.1 -> 2.0.12]
     https://github.com/highsource/jaxb-tools
 - org.liquibase:liquibase-core [4.28.0 -> 4.29.1]
     http://www.liquibase.com
 - org.owasp.dependencycheck:org.owasp.dependencycheck.gradle.plugin [9.2.0 -> 10.0.3]
 - org.redisson:redisson [3.18.0 -> 3.34.1]
     http://redisson.org
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org
 - org.sonarqube:org.sonarqube.gradle.plugin [5.0.0.4638 -> 5.1.0.4882]

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\build\dependencyUpdates\report.txt

> Task :wres-config:dependencyUpdates

------------------------------------------------------------
:wres-config Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.google.jimfs:jimfs:1.3.0
 - com.hubspot.jackson:jackson-datatype-protobuf:0.9.15
 - com.opencsv:opencsv:5.9
 - commons-beanutils:commons-beanutils:1.9.4
 - commons-io:commons-io:2.16.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.jvnet.jaxb2_commons:jaxb2-basics-annotate:1.1.0
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mockito:mockito-core:5.12.0

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - com.fasterxml.jackson:jackson-bom [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-bom
 - com.fasterxml.jackson.core:jackson-annotations [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson
 - com.fasterxml.jackson.core:jackson-core [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-core
 - com.fasterxml.jackson.core:jackson-databind [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson
 - com.fasterxml.jackson.dataformat:jackson-dataformat-yaml [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-dataformats-text
 - com.fasterxml.jackson.datatype:jackson-datatype-jsr310 [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-modules-java8
 - com.github.sabomichal:immutable-xjc-plugin [1.7.1 -> 2.0.3]
     https://github.com/sabomichal/immutable-xjc
 - com.google.guava:guava [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protobuf-java-util [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.networknt:json-schema-validator [1.4.3 -> 1.5.1]
     https://github.com/networknt/json-schema-validator
 - io.soabase.record-builder:record-builder-core [41 -> 42]
     https://github.com/randgalt/record-builder
 - io.soabase.record-builder:record-builder-processor [41 -> 42]
     https://github.com/randgalt/record-builder
 - jakarta.activation:jakarta.activation-api [1.2.2 -> 2.1.3]
     https://github.com/jakartaee/jaf-api
 - jakarta.xml.bind:jakarta.xml.bind-api [2.3.3 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.eclipse.persistence:org.eclipse.persistence.moxy [2.7.12 -> 5.0.0-B02]
     http://www.eclipse.org/eclipselink
 - org.glassfish.jaxb:jaxb-core [2.3.0.1 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-runtime [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-xjc [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-params [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.jvnet.jaxb2_commons:jaxb2-basics [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-ant [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-runtime [0.13.1 -> 2.0.12]
     https://github.com/highsource/jaxb-tools
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-config\build\dependencyUpdates\report.txt

> Task :wres-datamodel:dependencyUpdates

------------------------------------------------------------
:wres-datamodel Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - javax.measure:unit-api:2.2
 - junit:junit:4.13.2
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.locationtech.jts:jts-core:1.19.0
 - org.mockito:mockito-core:5.12.0
 - si.uom:si-units:2.1
 - systems.uom:systems-quantity:2.1
 - systems.uom:systems-ucum:2.1
 - tech.units:indriya:2.2

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.vintage:junit-vintage-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-datamodel\build\dependencyUpdates\report.txt

> Task :wres-events:dependencyUpdates

------------------------------------------------------------
:wres-events Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - jakarta.jms:jakarta.jms-api:3.1.0
 - org.apache.qpid:qpid-jms-client:2.5.0
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.mockito:mockito-core:5.12.0
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - io.netty:netty-all [4.1.111.Final -> 5.0.0.Alpha2]
     http://netty.io/
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-events\build\dependencyUpdates\report.txt

> Task :wres-eventsbroker:dependencyUpdates

------------------------------------------------------------
:wres-eventsbroker Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - jakarta.jms:jakarta.jms-api:3.1.0
 - org.apache.commons:commons-configuration2:2.11.0
 - org.apache.qpid:qpid-jms-client:2.5.0
 - org.bouncycastle:bcprov-jdk18on:1.78.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.slf4j:jcl-over-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - com.google.guava:guava [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - org.apache.activemq:artemis-amqp-protocol [2.34.0 -> 2.36.0]
     https://activemq.apache.org/components/artemis/
 - org.apache.activemq:artemis-server [2.34.0 -> 2.36.0]
     https://activemq.apache.org/components/artemis/
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-eventsbroker\build\dependencyUpdates\report.txt

> Task :wres-external-services-tests:dependencyUpdates

------------------------------------------------------------
:wres-external-services-tests Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-external-services-tests\build\dependencyUpdates\report.txt

> Task :wres-http:dependencyUpdates

------------------------------------------------------------
:wres-http Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-http\build\dependencyUpdates\report.txt

> Task :wres-io:dependencyUpdates

------------------------------------------------------------
:wres-io Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - com.github.marschall:jfr-jdbc:0.4.0
 - com.google.jimfs:jimfs:1.3.0
 - com.mattbertolini:liquibase-slf4j:5.0.0
 - com.zaxxer:HikariCP:5.1.0
 - junit:junit:4.13.2
 - org.glassfish:javax.json:1.1.4
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mockito:mockito-inline:5.2.0
 - org.postgresql:postgresql:42.7.3
 - org.slf4j:jcl-over-slf4j:2.1.0-alpha1
 - org.slf4j:jul-to-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - com.google.guava:guava [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.google.guava:guava-testlib [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.h2database:h2 [2.2.224 -> 2.3.232]
     https://h2database.com
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.vintage:junit-vintage-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.liquibase:liquibase-core [4.28.0 -> 4.29.1]
     http://www.liquibase.com

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-io\build\dependencyUpdates\report.txt

> Task :wres-messages:dependencyUpdates

------------------------------------------------------------
:wres-messages Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - junit:junit:4.13.2
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8

The following dependencies have later milestone versions:
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protoc [3.21.12 -> 21.0-rc-1]
     https://developers.google.com/protocol-buffers/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-messages\build\dependencyUpdates\report.txt

> Task :wres-metrics:dependencyUpdates

------------------------------------------------------------
:wres-metrics Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - junit:junit:4.13.2
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.mockito:mockito-core:5.12.0

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - org.eclipse.collections:eclipse-collections [11.1.0 -> 12.0.0.M3]
     https://github.com/eclipse/eclipse-collections
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.vintage:junit-vintage-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-metrics\build\dependencyUpdates\report.txt

> Task :wres-reading:dependencyUpdates

------------------------------------------------------------
:wres-reading Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.google.jimfs:jimfs:1.3.0
 - com.mattbertolini:liquibase-slf4j:5.0.0
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - junit:junit:4.13.2
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mock-server:mockserver-netty:5.15.0
 - org.mockito:mockito-inline:5.2.0
 - org.projectlombok:lombok:1.18.34

The following dependencies have later milestone versions:
 - com.fasterxml.jackson.datatype:jackson-datatype-jsr310 [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-modules-java8
 - com.google.guava:guava [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.google.guava:guava-testlib [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]
 - org.apache.commons:commons-collections4 [4.4 -> 4.5.0-M2]
     https://commons.apache.org/proper/commons-collections/
 - org.apache.commons:commons-compress [1.26.2 -> 1.27.1]
     https://commons.apache.org/proper/commons-compress/
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.vintage:junit-vintage-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.liquibase:liquibase-core [4.28.0 -> 4.29.1]
     http://www.liquibase.com

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-reading\build\dependencyUpdates\report.txt

> Task :wres-statistics:dependencyUpdates

------------------------------------------------------------
:wres-statistics Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protoc [3.21.12 -> 21.0-rc-1]
     https://developers.google.com/protocol-buffers/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-statistics\build\dependencyUpdates\report.txt

> Task :wres-system:dependencyUpdates

------------------------------------------------------------
:wres-system Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.github.marschall:jfr-jdbc:0.4.0
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - com.zaxxer:HikariCP:5.1.0
 - junit:junit:4.13.2
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.mock-server:mockserver-netty:5.15.0
 - org.postgresql:postgresql:42.7.3
 - org.projectlombok:lombok:1.18.34
 - org.slf4j:jul-to-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - com.h2database:h2 [2.2.224 -> 2.3.232]
     https://h2database.com
 - jakarta.xml.bind:jakarta.xml.bind-api [2.3.3 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.jvnet.jaxb2_commons:jaxb2-basics-runtime [0.13.1 -> 2.0.12]
     https://github.com/highsource/jaxb-tools
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-system\build\dependencyUpdates\report.txt

> Task :wres-tasker:dependencyUpdates

------------------------------------------------------------
:wres-tasker Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - com.google.jimfs:jimfs:1.3.0
 - com.rabbitmq:amqp-client:5.21.0
 - io.swagger.core.v3:swagger-jaxrs2:2.2.21
 - javax.servlet:javax.servlet-api:3.1.0
 - javax.ws.rs:javax.ws.rs-api:2.1
 - junit:junit:4.13.2
 - org.apache.qpid:qpid-broker-core:9.2.0
 - org.apache.qpid:qpid-broker-plugins-amqp-0-8-protocol:9.2.0
 - org.apache.qpid:qpid-broker-plugins-memory-store:9.2.0
 - org.bouncycastle:bcpkix-jdk18on:1.78.1
 - org.bouncycastle:bcprov-jdk18on:1.78.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - com.fasterxml.jackson:jackson-bom [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-bom
 - com.fasterxml.jackson.core:jackson-annotations [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson
 - com.fasterxml.jackson.core:jackson-core [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson-core
 - com.fasterxml.jackson.core:jackson-databind [2.17.1 -> 2.17.2]
     https://github.com/FasterXML/jackson
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - commons-codec:commons-codec [1.17.0 -> 1.17.1]
     https://commons.apache.org/proper/commons-codec/
 - io.netty:netty-all [4.1.111.Final -> 5.0.0.Alpha2]
     http://netty.io/
 - io.swagger.core.v3:swagger-jaxrs2-jakarta [2.2.21 -> 2.2.22]
     https://github.com/swagger-api/swagger-core
 - jakarta.annotation:jakarta.annotation-api [2.1.1 -> 3.0.0]
     https://projects.eclipse.org/projects/ee4j.ca
 - jakarta.ws.rs:jakarta.ws.rs-api [3.1.0 -> 4.0.0]
     https://github.com/jakartaee/rest
 - org.apache.commons:commons-lang3 [3.12.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.eclipse.jetty:jetty-alpn-java-server [11.0.21 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-server [11.0.20 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-webapp [11.0.21 -> 11.0.22]
     https://jetty.org
 - org.eclipse.jetty.http2:http2-server [11.0.21 -> 11.0.22]
     https://jetty.org
 - org.glassfish.jersey.containers:jersey-container-servlet-core [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.core:jersey-server [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.inject:jersey-hk2 [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.media:jersey-media-multipart [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.vintage:junit-vintage-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.redisson:redisson [3.18.0 -> 3.34.1]
     http://redisson.org
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-tasker\build\dependencyUpdates\report.txt

> Task :wres-vis:dependencyUpdates

------------------------------------------------------------
:wres-vis Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.google.jimfs:jimfs:1.3.0
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - junit:junit:4.13.2
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.mockito:mockito-core:5.12.0
 - org.slf4j:log4j-over-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.jfree:jfreechart [1.5.4 -> 1.5.5]
     http://www.jfree.org/jfreechart/
 - org.jfree:org.jfree.svg [4.1 -> 5.0.6]
     http://www.jfree.org/jfreesvg
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.vintage:junit-vintage-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-vis\build\dependencyUpdates\report.txt

> Task :wres-worker:dependencyUpdates

------------------------------------------------------------
:wres-worker Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.rabbitmq:amqp-client:5.21.0
 - junit:junit:4.13.2
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.mock-server:mockserver-netty:5.15.0
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - ch.qos.logback:logback-classic [1.5.6 -> 1.5.7]
     http://logback.qos.ch
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - jakarta.ws.rs:jakarta.ws.rs-api [3.1.0 -> 4.0.0]
     https://github.com/jakartaee/rest
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-worker\build\dependencyUpdates\report.txt

> Task :wres-writing:dependencyUpdates

------------------------------------------------------------
:wres-writing Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.google.jimfs:jimfs:1.3.0
 - junit:junit:4.13.2
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - com.google.guava:guava [33.2.1-jre -> 33.3.0-jre]
     https://github.com/google/guava
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.junit.jupiter:junit-jupiter-api [5.10.2 -> 5.11.0]
     https://junit.org/junit5/
 - org.junit.jupiter:junit-jupiter-engine [5.10.2 -> 5.11.0]
     https://junit.org/junit5/

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-writing\build\dependencyUpdates\report.txt

Deprecated Gradle features were used in this build, making it incompatible with Gradle 8.0.

You can use '--warning-mode all' to show the individual deprecation warnings and determine if they come from your own scripts or plugins.

See https://docs.gradle.org/7.6.4/userguide/command_line_interface.html#sec:command_line_warnings

BUILD SUCCESSFUL in 45s

@ArvinEsmailzadeh
Copy link
Collaborator Author

After the changes:

> Configure project :
20240816-cfc3e92-dev
20240816-cfc3e92-dev

> Task :dependencyUpdates

------------------------------------------------------------
: Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.adarshr.test-logger:com.adarshr.test-logger.gradle.plugin:4.0.0
 - com.atlassian.commonmark:commonmark:0.17.0
 - com.fasterxml.jackson:jackson-bom:2.17.2
 - com.fasterxml.jackson.core:jackson-annotations:2.17.2
 - com.fasterxml.jackson.core:jackson-core:2.17.2
 - com.fasterxml.jackson.core:jackson-databind:2.17.2
 - com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.17.2
 - com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.17.2
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - com.github.ben-manes.versions:com.github.ben-manes.versions.gradle.plugin:0.51.0
 - com.github.marschall:jfr-jdbc:0.4.0
 - com.github.seanrl.jaxb:com.github.seanrl.jaxb.gradle.plugin:2.5.4
 - com.google.guava:guava:33.3.0-jre
 - com.google.guava:guava-testlib:33.3.0-jre
 - com.google.jimfs:jimfs:1.3.0
 - com.h2database:h2:2.3.232
 - com.hubspot.jackson:jackson-datatype-protobuf:0.9.15
 - com.mattbertolini:liquibase-slf4j:5.0.0
 - com.netflix.nebula:gradle-aggregate-javadocs-plugin:3.0.1
 - com.networknt:json-schema-validator:1.5.1
 - com.opencsv:opencsv:5.9
 - com.rabbitmq:amqp-client:5.21.0
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - com.zaxxer:HikariCP:5.1.0
 - commons-beanutils:commons-beanutils:1.9.4
 - commons-codec:commons-codec:1.17.1
 - commons-io:commons-io:2.16.1
 - de.undercouch.download:de.undercouch.download.gradle.plugin:5.6.0
 - io.swagger.core.v3:swagger-jaxrs2:2.2.22
 - io.swagger.core.v3:swagger-jaxrs2-jakarta:2.2.22
 - io.swagger.core.v3.swagger-gradle-plugin:io.swagger.core.v3.swagger-gradle-plugin.gradle.plugin:2.2.22
 - jakarta.jms:jakarta.jms-api:3.1.0
 - javax.measure:unit-api:2.2
 - javax.servlet:javax.servlet-api:3.1.0
 - javax.ws.rs:javax.ws.rs-api:2.1
 - junit:junit:4.13.2
 - org.ajoberstar.grgit:org.ajoberstar.grgit.gradle.plugin:5.2.2
 - org.apache.commons:commons-compress:1.27.1
 - org.apache.commons:commons-configuration2:2.11.0
 - org.apache.commons:commons-lang3:3.16.0
 - org.apache.commons:commons-math3:3.6.1
 - org.apache.qpid:qpid-broker-core:9.2.0
 - org.apache.qpid:qpid-broker-plugins-amqp-0-8-protocol:9.2.0
 - org.apache.qpid:qpid-broker-plugins-memory-store:9.2.0
 - org.apache.qpid:qpid-jms-client:2.5.0
 - org.bouncycastle:bcpkix-jdk18on:1.78.1
 - org.bouncycastle:bcprov-jdk18on:1.78.1
 - org.eclipse.jetty:jetty-webapp:11.0.22
 - org.eclipse.jetty.http2:http2-server:11.0.22
 - org.glassfish:javax.json:1.1.4
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.jupiter:junit-jupiter-params:5.11.0
 - org.junit.vintage:junit-vintage-engine:5.11.0
 - org.jvnet.jaxb2_commons:jaxb2-basics-annotate:1.1.0
 - org.kordamp.gradle.markdown:org.kordamp.gradle.markdown.gradle.plugin:2.2.0
 - org.liquibase:liquibase-core:4.29.1
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mock-server:mockserver-netty:5.15.0
 - org.mockito:mockito-core:5.12.0
 - org.mockito:mockito-inline:5.2.0
 - org.postgresql:postgresql:42.7.3
 - org.projectlombok:lombok:1.18.34
 - org.slf4j:jcl-over-slf4j:2.1.0-alpha1
 - org.slf4j:jul-to-slf4j:2.1.0-alpha1
 - org.slf4j:log4j-over-slf4j:2.1.0-alpha1
 - org.sonarqube:org.sonarqube.gradle.plugin:5.1.0.4882
 - si.uom:si-units:2.1
 - systems.uom:systems-quantity:2.1
 - systems.uom:systems-ucum:2.1
 - tech.units:indriya:2.2

The following dependencies have later milestone versions:
 - com.github.sabomichal:immutable-xjc-plugin [1.7.1 -> 2.0.3]
     https://github.com/sabomichal/immutable-xjc
 - com.google.protobuf:com.google.protobuf.gradle.plugin [0.9.1 -> 0.9.4]
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protobuf-java-util [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protoc [3.21.12 -> 21.0-rc-1]
     https://developers.google.com/protocol-buffers/
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]
 - io.netty:netty-all [4.1.111.Final -> 5.0.0.Alpha2]
     http://netty.io/
 - io.soabase.record-builder:record-builder-core [41 -> 42]
     https://github.com/randgalt/record-builder
 - io.soabase.record-builder:record-builder-processor [41 -> 42]
     https://github.com/randgalt/record-builder
 - jakarta.activation:jakarta.activation-api [1.2.2 -> 2.1.3]
     https://github.com/jakartaee/jaf-api
 - jakarta.annotation:jakarta.annotation-api [2.1.1 -> 3.0.0]
     https://projects.eclipse.org/projects/ee4j.ca
 - jakarta.ws.rs:jakarta.ws.rs-api [3.1.0 -> 4.0.0]
     https://github.com/jakartaee/rest
 - jakarta.xml.bind:jakarta.xml.bind-api [2.3.3 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - jakarta.xml.bind:jakarta.xml.bind-api [3.0.1 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - org.apache.activemq:artemis-amqp-protocol [2.34.0 -> 2.36.0]
     https://activemq.apache.org/components/artemis/
 - org.apache.activemq:artemis-server [2.34.0 -> 2.36.0]
     https://activemq.apache.org/components/artemis/
 - org.apache.commons:commons-collections4 [4.4 -> 4.5.0-M2]
     https://commons.apache.org/proper/commons-collections/
 - org.apache.commons:commons-lang3 [3.12.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.beryx.jlink:org.beryx.jlink.gradle.plugin [2.26.0 -> 3.0.1]
 - org.eclipse.collections:eclipse-collections [11.1.0 -> 12.0.0.M3]
     https://github.com/eclipse/eclipse-collections
 - org.eclipse.jetty:jetty-alpn-java-server [11.0.20 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-alpn-java-server [11.0.21 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-server [11.0.20 -> 12.0.12]
     https://jetty.org
 - org.eclipse.persistence:org.eclipse.persistence.moxy [2.7.12 -> 5.0.0-B02]
     http://www.eclipse.org/eclipselink
 - org.glassfish.jaxb:jaxb-core [2.3.0.1 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-runtime [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-xjc [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jersey.containers:jersey-container-jetty-http [3.1.3 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.containers:jersey-container-servlet [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.containers:jersey-container-servlet-core [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.core:jersey-server [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.inject:jersey-hk2 [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.media:jersey-media-multipart [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jfree:jfreechart [1.5.4 -> 1.5.5]
     http://www.jfree.org/jfreechart/
 - org.jfree:org.jfree.svg [4.1 -> 5.0.6]
     http://www.jfree.org/jfreesvg
 - org.jvnet.jaxb2_commons:jaxb2-basics [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-ant [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-runtime [0.13.1 -> 2.0.12]
     https://github.com/highsource/jaxb-tools
 - org.owasp.dependencycheck:org.owasp.dependencycheck.gradle.plugin [9.2.0 -> 10.0.3]
 - org.redisson:redisson [3.18.0 -> 3.34.1]
     http://redisson.org
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\build\dependencyUpdates\report.txt

> Task :wres-config:dependencyUpdates

------------------------------------------------------------
:wres-config Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.fasterxml.jackson:jackson-bom:2.17.2
 - com.fasterxml.jackson.core:jackson-annotations:2.17.2
 - com.fasterxml.jackson.core:jackson-core:2.17.2
 - com.fasterxml.jackson.core:jackson-databind:2.17.2
 - com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.17.2
 - com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.17.2
 - com.google.guava:guava:33.3.0-jre
 - com.google.jimfs:jimfs:1.3.0
 - com.hubspot.jackson:jackson-datatype-protobuf:0.9.15
 - com.networknt:json-schema-validator:1.5.1
 - com.opencsv:opencsv:5.9
 - commons-beanutils:commons-beanutils:1.9.4
 - commons-io:commons-io:2.16.1
 - org.apache.commons:commons-lang3:3.16.0
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.jupiter:junit-jupiter-params:5.11.0
 - org.jvnet.jaxb2_commons:jaxb2-basics-annotate:1.1.0
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mockito:mockito-core:5.12.0

The following dependencies have later milestone versions:
 - com.github.sabomichal:immutable-xjc-plugin [1.7.1 -> 2.0.3]
     https://github.com/sabomichal/immutable-xjc
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protobuf-java-util [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - io.soabase.record-builder:record-builder-core [41 -> 42]
     https://github.com/randgalt/record-builder
 - io.soabase.record-builder:record-builder-processor [41 -> 42]
     https://github.com/randgalt/record-builder
 - jakarta.activation:jakarta.activation-api [1.2.2 -> 2.1.3]
     https://github.com/jakartaee/jaf-api
 - jakarta.xml.bind:jakarta.xml.bind-api [2.3.3 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.eclipse.persistence:org.eclipse.persistence.moxy [2.7.12 -> 5.0.0-B02]
     http://www.eclipse.org/eclipselink
 - org.glassfish.jaxb:jaxb-core [2.3.0.1 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-runtime [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-xjc [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.jvnet.jaxb2_commons:jaxb2-basics [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-ant [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-runtime [0.13.1 -> 2.0.12]
     https://github.com/highsource/jaxb-tools
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-config\build\dependencyUpdates\report.txt

> Task :wres-datamodel:dependencyUpdates

------------------------------------------------------------
:wres-datamodel Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - javax.measure:unit-api:2.2
 - junit:junit:4.13.2
 - org.apache.commons:commons-lang3:3.16.0
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.vintage:junit-vintage-engine:5.11.0
 - org.locationtech.jts:jts-core:1.19.0
 - org.mockito:mockito-core:5.12.0
 - si.uom:si-units:2.1
 - systems.uom:systems-quantity:2.1
 - systems.uom:systems-ucum:2.1
 - tech.units:indriya:2.2

The following dependencies have later milestone versions:
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-datamodel\build\dependencyUpdates\report.txt

> Task :wres-events:dependencyUpdates

------------------------------------------------------------
:wres-events Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - jakarta.jms:jakarta.jms-api:3.1.0
 - org.apache.qpid:qpid-jms-client:2.5.0
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.mockito:mockito-core:5.12.0
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - io.netty:netty-all [4.1.111.Final -> 5.0.0.Alpha2]
     http://netty.io/
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-events\build\dependencyUpdates\report.txt

> Task :wres-eventsbroker:dependencyUpdates

------------------------------------------------------------
:wres-eventsbroker Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.google.guava:guava:33.3.0-jre
 - jakarta.jms:jakarta.jms-api:3.1.0
 - org.apache.commons:commons-configuration2:2.11.0
 - org.apache.commons:commons-lang3:3.16.0
 - org.apache.qpid:qpid-jms-client:2.5.0
 - org.bouncycastle:bcprov-jdk18on:1.78.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.slf4j:jcl-over-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - org.apache.activemq:artemis-amqp-protocol [2.34.0 -> 2.36.0]
     https://activemq.apache.org/components/artemis/
 - org.apache.activemq:artemis-server [2.34.0 -> 2.36.0]
     https://activemq.apache.org/components/artemis/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-eventsbroker\build\dependencyUpdates\report.txt

> Task :wres-external-services-tests:dependencyUpdates

------------------------------------------------------------
:wres-external-services-tests Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-external-services-tests\build\dependencyUpdates\report.txt

> Task :wres-http:dependencyUpdates

------------------------------------------------------------
:wres-http Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - org.apache.commons:commons-lang3:3.16.0
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-http\build\dependencyUpdates\report.txt

> Task :wres-io:dependencyUpdates

------------------------------------------------------------
:wres-io Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - com.github.marschall:jfr-jdbc:0.4.0
 - com.google.guava:guava:33.3.0-jre
 - com.google.guava:guava-testlib:33.3.0-jre
 - com.google.jimfs:jimfs:1.3.0
 - com.h2database:h2:2.3.232
 - com.mattbertolini:liquibase-slf4j:5.0.0
 - com.zaxxer:HikariCP:5.1.0
 - junit:junit:4.13.2
 - org.glassfish:javax.json:1.1.4
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.vintage:junit-vintage-engine:5.11.0
 - org.liquibase:liquibase-core:4.29.1
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mockito:mockito-inline:5.2.0
 - org.postgresql:postgresql:42.7.3
 - org.slf4j:jcl-over-slf4j:2.1.0-alpha1
 - org.slf4j:jul-to-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-io\build\dependencyUpdates\report.txt

> Task :wres-messages:dependencyUpdates

------------------------------------------------------------
:wres-messages Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - junit:junit:4.13.2
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8

The following dependencies have later milestone versions:
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protoc [3.21.12 -> 21.0-rc-1]
     https://developers.google.com/protocol-buffers/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-messages\build\dependencyUpdates\report.txt

> Task :wres-metrics:dependencyUpdates

------------------------------------------------------------
:wres-metrics Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - junit:junit:4.13.2
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.vintage:junit-vintage-engine:5.11.0
 - org.mockito:mockito-core:5.12.0

The following dependencies have later milestone versions:
 - org.eclipse.collections:eclipse-collections [11.1.0 -> 12.0.0.M3]
     https://github.com/eclipse/eclipse-collections
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-metrics\build\dependencyUpdates\report.txt

> Task :wres-reading:dependencyUpdates

------------------------------------------------------------
:wres-reading Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.17.2
 - com.google.guava:guava:33.3.0-jre
 - com.google.guava:guava-testlib:33.3.0-jre
 - com.google.jimfs:jimfs:1.3.0
 - com.mattbertolini:liquibase-slf4j:5.0.0
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - junit:junit:4.13.2
 - org.apache.commons:commons-compress:1.27.1
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.vintage:junit-vintage-engine:5.11.0
 - org.liquibase:liquibase-core:4.29.1
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mock-server:mockserver-netty:5.15.0
 - org.mockito:mockito-inline:5.2.0
 - org.projectlombok:lombok:1.18.34

The following dependencies have later milestone versions:
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]
 - org.apache.commons:commons-collections4 [4.4 -> 4.5.0-M2]
     https://commons.apache.org/proper/commons-collections/
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-reading\build\dependencyUpdates\report.txt

> Task :wres-statistics:dependencyUpdates

------------------------------------------------------------
:wres-statistics Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0

The following dependencies have later milestone versions:
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protoc [3.21.12 -> 21.0-rc-1]
     https://developers.google.com/protocol-buffers/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-statistics\build\dependencyUpdates\report.txt

> Task :wres-system:dependencyUpdates

------------------------------------------------------------
:wres-system Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.github.marschall:jfr-jdbc:0.4.0
 - com.h2database:h2:2.3.232
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - com.zaxxer:HikariCP:5.1.0
 - junit:junit:4.13.2
 - org.apache.commons:commons-lang3:3.16.0
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.mock-server:mockserver-netty:5.15.0
 - org.postgresql:postgresql:42.7.3
 - org.projectlombok:lombok:1.18.34
 - org.slf4j:jul-to-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - jakarta.xml.bind:jakarta.xml.bind-api [2.3.3 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - org.jvnet.jaxb2_commons:jaxb2-basics-runtime [0.13.1 -> 2.0.12]
     https://github.com/highsource/jaxb-tools
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-system\build\dependencyUpdates\report.txt

> Task :wres-tasker:dependencyUpdates

------------------------------------------------------------
:wres-tasker Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.fasterxml.jackson:jackson-bom:2.17.2
 - com.fasterxml.jackson.core:jackson-annotations:2.17.2
 - com.fasterxml.jackson.core:jackson-core:2.17.2
 - com.fasterxml.jackson.core:jackson-databind:2.17.2
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - com.google.jimfs:jimfs:1.3.0
 - com.rabbitmq:amqp-client:5.21.0
 - commons-codec:commons-codec:1.17.1
 - io.swagger.core.v3:swagger-jaxrs2:2.2.22
 - io.swagger.core.v3:swagger-jaxrs2-jakarta:2.2.22
 - javax.servlet:javax.servlet-api:3.1.0
 - javax.ws.rs:javax.ws.rs-api:2.1
 - junit:junit:4.13.2
 - org.apache.commons:commons-lang3:3.16.0
 - org.apache.qpid:qpid-broker-core:9.2.0
 - org.apache.qpid:qpid-broker-plugins-amqp-0-8-protocol:9.2.0
 - org.apache.qpid:qpid-broker-plugins-memory-store:9.2.0
 - org.bouncycastle:bcpkix-jdk18on:1.78.1
 - org.bouncycastle:bcprov-jdk18on:1.78.1
 - org.eclipse.jetty:jetty-webapp:11.0.22
 - org.eclipse.jetty.http2:http2-server:11.0.22
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.vintage:junit-vintage-engine:5.11.0

The following dependencies have later milestone versions:
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - io.netty:netty-all [4.1.111.Final -> 5.0.0.Alpha2]
     http://netty.io/
 - jakarta.annotation:jakarta.annotation-api [2.1.1 -> 3.0.0]
     https://projects.eclipse.org/projects/ee4j.ca
 - jakarta.ws.rs:jakarta.ws.rs-api [3.1.0 -> 4.0.0]
     https://github.com/jakartaee/rest
 - org.apache.commons:commons-lang3 [3.12.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.eclipse.jetty:jetty-alpn-java-server [11.0.21 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-server [11.0.20 -> 12.0.12]
     https://jetty.org
 - org.glassfish.jersey.containers:jersey-container-servlet-core [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.core:jersey-server [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.inject:jersey-hk2 [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.media:jersey-media-multipart [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.redisson:redisson [3.18.0 -> 3.34.1]
     http://redisson.org
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-tasker\build\dependencyUpdates\report.txt

> Task :wres-vis:dependencyUpdates

------------------------------------------------------------
:wres-vis Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.google.jimfs:jimfs:1.3.0
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - junit:junit:4.13.2
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.vintage:junit-vintage-engine:5.11.0
 - org.mockito:mockito-core:5.12.0
 - org.slf4j:log4j-over-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.jfree:jfreechart [1.5.4 -> 1.5.5]
     http://www.jfree.org/jfreechart/
 - org.jfree:org.jfree.svg [4.1 -> 5.0.6]
     http://www.jfree.org/jfreesvg
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-vis\build\dependencyUpdates\report.txt

> Task :wres-worker:dependencyUpdates

------------------------------------------------------------
:wres-worker Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.rabbitmq:amqp-client:5.21.0
 - junit:junit:4.13.2
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.mock-server:mockserver-netty:5.15.0
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - jakarta.ws.rs:jakarta.ws.rs-api [3.1.0 -> 4.0.0]
     https://github.com/jakartaee/rest
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-worker\build\dependencyUpdates\report.txt

> Task :wres-writing:dependencyUpdates

------------------------------------------------------------
:wres-writing Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.google.guava:guava:33.3.0-jre
 - com.google.jimfs:jimfs:1.3.0
 - junit:junit:4.13.2
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-writing\build\dependencyUpdates\report.txt

Deprecated Gradle features were used in this build, making it incompatible with Gradle 8.0.

You can use '--warning-mode all' to show the individual deprecation warnings and determine if they come from your own scripts or plugins.

See https://docs.gradle.org/7.6.4/userguide/command_line_interface.html#sec:command_line_warnings

BUILD SUCCESSFUL in 9s
17 actionable tasks: 17 executed

@ArvinEsmailzadeh
Copy link
Collaborator Author

I was having a lot of trouble with the vulnerability scan.. I added the token to my build.gradle and then was getting 404 and 403 errors. I tried validating the apiKey, increasing delay and nothing worked. Evan pointed me to this which ended up working:

jeremylong/DependencyCheck#6816 (comment)

Increasing the dependencyCheck plugin from 9.2.0 -> 10.0.2

@ArvinEsmailzadeh
Copy link
Collaborator Author

Vulnerability Scan:

> Configure project :
20240816-cfc3e92-dev
20240816-cfc3e92-dev

> Task :dependencyCheckAnalyze
Verifying dependencies for project wres
Checking for updates and analyzing dependencies for vulnerabilities

Daemon will be stopped at the end of the build after running out of JVM memory

> Task :dependencyCheckAnalyze
Generating report for project wres
Found 7 vulnerabilities in project wres


One or more dependencies were identified with known vulnerabilities in wres:

h2-2.3.232.jar (pkg:maven/com.h2database/[email protected], cpe:2.3:a:h2database:h2:2.3.232:*:*:*:*:*:*:*) : CVE-2018-14335
jackson-databind-2.13.4.2.jar (pkg:maven/com.fasterxml.jackson.core/[email protected], cpe:2.3:a:fasterxml:jackson-databind:2.13.4.2:*:*:*:*:*:*:*) : CVE-2023-35116
jfreechart-1.5.4.jar (pkg:maven/org.jfree/[email protected], cpe:2.3:a:time_project:time:1.5.4:*:*:*:*:*:*:*) : CVE-2023-52070
jodd-bean-5.1.6.jar (pkg:maven/org.jodd/[email protected], cpe:2.3:a:jodd:jodd:5.1.6:*:*:*:*:*:*:*, cpe:2.3:a:jodd:jodd_http:5.1.6:*:*:*:*:*:*:*) : CVE-2022-29631
jodd-core-5.1.6.jar (pkg:maven/org.jodd/[email protected], cpe:2.3:a:jodd:jodd:5.1.6:*:*:*:*:*:*:*, cpe:2.3:a:jodd:jodd_http:5.1.6:*:*:*:*:*:*:*) : CVE-2022-29631
redisson-3.18.0.jar (pkg:maven/org.redisson/[email protected], cpe:2.3:a:redisson:redisson:3.18.0:*:*:*:*:*:*:*) : CVE-2023-42809
snakeyaml-1.33.jar (pkg:maven/org.yaml/[email protected], cpe:2.3:a:snakeyaml_project:snakeyaml:1.33:*:*:*:*:*:*:*) : CVE-2022-1471


See the dependency-check report for more details.



Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-config:dependencyCheckAnalyze
Verifying dependencies for project wres-config
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-config
Found 0 vulnerabilities in project wres-config                                                                                                                                                                                                                                                                      

Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-datamodel:dependencyCheckAnalyze
Verifying dependencies for project wres-datamodel
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-datamodel
Found 0 vulnerabilities in project wres-datamodel
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-events:dependencyCheckAnalyze
Verifying dependencies for project wres-events
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-events
Found 0 vulnerabilities in project wres-events

> Task :wres-eventsbroker:dependencyCheckAnalyze
Verifying dependencies for project wres-eventsbroker
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-eventsbroker
Found 0 vulnerabilities in project wres-eventsbroker                                                                                                                                                                                                                                                                

Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-external-services-tests:dependencyCheckAnalyze
Verifying dependencies for project wres-external-services-tests                                                                                                                                                                                                                                                     
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-external-services-tests
Found 1 vulnerabilities in project wres-external-services-tests


One or more dependencies were identified with known vulnerabilities in wres-external-services-tests:

h2-2.3.232.jar (pkg:maven/com.h2database/[email protected], cpe:2.3:a:h2database:h2:2.3.232:*:*:*:*:*:*:*) : CVE-2018-14335


See the dependency-check report for more details.


Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-http:dependencyCheckAnalyze
Verifying dependencies for project wres-http
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-http
Found 0 vulnerabilities in project wres-http

> Task :wres-io:dependencyCheckAnalyze
Verifying dependencies for project wres-io
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-io
Found 1 vulnerabilities in project wres-io                                                                                                                                                                                                                                                                          


One or more dependencies were identified with known vulnerabilities in wres-io:

h2-2.3.232.jar (pkg:maven/com.h2database/[email protected], cpe:2.3:a:h2database:h2:2.3.232:*:*:*:*:*:*:*) : CVE-2018-14335


See the dependency-check report for more details.



Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL                                                                                                                                                                                                                                              
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-messages:dependencyCheckAnalyze
Verifying dependencies for project wres-messages
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-messages
Found 0 vulnerabilities in project wres-messages
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-metrics:dependencyCheckAnalyze
Verifying dependencies for project wres-metrics
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-metrics
Found 0 vulnerabilities in project wres-metrics

> Task :wres-reading:dependencyCheckAnalyze
Verifying dependencies for project wres-reading
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-reading
Found 1 vulnerabilities in project wres-reading                                                                                                                                                                                                                                                                     


One or more dependencies were identified with known vulnerabilities in wres-reading:

h2-2.3.232.jar (pkg:maven/com.h2database/[email protected], cpe:2.3:a:h2database:h2:2.3.232:*:*:*:*:*:*:*) : CVE-2018-14335


See the dependency-check report for more details.



Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-statistics:dependencyCheckAnalyze
Verifying dependencies for project wres-statistics
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-statistics
Found 0 vulnerabilities in project wres-statistics
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-system:dependencyCheckAnalyze
Verifying dependencies for project wres-system
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-system
Found 1 vulnerabilities in project wres-system


One or more dependencies were identified with known vulnerabilities in wres-system:

h2-2.3.232.jar (pkg:maven/com.h2database/[email protected], cpe:2.3:a:h2database:h2:2.3.232:*:*:*:*:*:*:*) : CVE-2018-14335


See the dependency-check report for more details.



> Task :wres-tasker:dependencyCheckAnalyze
Verifying dependencies for project wres-tasker
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-tasker
Found 3 vulnerabilities in project wres-tasker


One or more dependencies were identified with known vulnerabilities in wres-tasker:

jodd-bean-5.1.6.jar (pkg:maven/org.jodd/[email protected], cpe:2.3:a:jodd:jodd:5.1.6:*:*:*:*:*:*:*, cpe:2.3:a:jodd:jodd_http:5.1.6:*:*:*:*:*:*:*) : CVE-2022-29631
jodd-core-5.1.6.jar (pkg:maven/org.jodd/[email protected], cpe:2.3:a:jodd:jodd:5.1.6:*:*:*:*:*:*:*, cpe:2.3:a:jodd:jodd_http:5.1.6:*:*:*:*:*:*:*) : CVE-2022-29631
redisson-3.18.0.jar (pkg:maven/org.redisson/[email protected], cpe:2.3:a:redisson:redisson:3.18.0:*:*:*:*:*:*:*) : CVE-2023-42809


See the dependency-check report for more details.



Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-vis:dependencyCheckAnalyze
Verifying dependencies for project wres-vis
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-vis
Found 1 vulnerabilities in project wres-vis


One or more dependencies were identified with known vulnerabilities in wres-vis:

jfreechart-1.5.4.jar (pkg:maven/org.jfree/[email protected], cpe:2.3:a:time_project:time:1.5.4:*:*:*:*:*:*:*) : CVE-2023-52070


See the dependency-check report for more details.



Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-worker:dependencyCheckAnalyze
Verifying dependencies for project wres-worker
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-worker
Found 0 vulnerabilities in project wres-worker

> Task :wres-writing:dependencyCheckAnalyze
Verifying dependencies for project wres-writing
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-writing
Found 1 vulnerabilities in project wres-writing


One or more dependencies were identified with known vulnerabilities in wres-writing:

h2-2.3.232.jar (pkg:maven/com.h2database/[email protected], cpe:2.3:a:h2database:h2:2.3.232:*:*:*:*:*:*:*) : CVE-2018-14335


See the dependency-check report for more details.



Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

Deprecated Gradle features were used in this build, making it incompatible with Gradle 8.0.

You can use '--warning-mode all' to show the individual deprecation warnings and determine if they come from your own scripts or plugins.

See https://docs.gradle.org/7.6.4/userguide/command_line_interface.html#sec:command_line_warnings

BUILD SUCCESSFUL in 3m 34s
17 actionable tasks: 17 executed

@ArvinEsmailzadeh
Copy link
Collaborator Author

Redhat upgraded to 8.10-1054

@ArvinEsmailzadeh
Copy link
Collaborator Author

ArvinEsmailzadeh commented Aug 20, 2024
edited
Loading

Redis upgraded to 7.4-alpine3.20

@ArvinEsmailzadeh
Copy link
Collaborator Author

ArvinEsmailzadeh commented Aug 20, 2024
edited
Loading

RabbitMQ upgraded to 3.13.6-management-alpine

@ArvinEsmailzadeh
Copy link
Collaborator Author

ActiveMQ upgraded to 2.36.0

ArvinEsmailzadeh added a commit that referenced this issue Aug 20, 2024
@ArvinEsmailzadeh
Merge pull request #101 from NOAA-OWP/deployment_6.25
4d9d453 
fixes #67 Dependency and dockerfile upgrades for deployment
@james-d-brown
Copy link
Collaborator

Arvin, I think there are at least two mistakes in recent commits. First, you have not upgraded artemis consistently. The build.gradle is still using 2.34. Second, you have added an api key to the build.gradle. An API key is a private token and should never be added to a public repo.

@ArvinEsmailzadeh
Copy link
Collaborator Author

I completely missed taking out the API key... oops.. and Artemis upgraded it on the Docker files but missed it in gradle. Let me fix these.

Sorry about that.

@ArvinEsmailzadeh
Copy link
Collaborator Author

New Library updates:

Starting a Gradle Daemon, 1 incompatible Daemon could not be reused, use --status for details

> Configure project :
20240820-5321359-dev
20240820-5321359-dev

> Task :dependencyUpdates

------------------------------------------------------------
: Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.adarshr.test-logger:com.adarshr.test-logger.gradle.plugin:4.0.0
 - com.atlassian.commonmark:commonmark:0.17.0
 - com.fasterxml.jackson:jackson-bom:2.17.2
 - com.fasterxml.jackson.core:jackson-annotations:2.17.2
 - com.fasterxml.jackson.core:jackson-core:2.17.2
 - com.fasterxml.jackson.core:jackson-databind:2.17.2
 - com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.17.2
 - com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.17.2
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - com.github.ben-manes.versions:com.github.ben-manes.versions.gradle.plugin:0.51.0
 - com.github.marschall:jfr-jdbc:0.4.0
 - com.github.seanrl.jaxb:com.github.seanrl.jaxb.gradle.plugin:2.5.4
 - com.google.guava:guava:33.3.0-jre
 - com.google.guava:guava-testlib:33.3.0-jre
 - com.google.jimfs:jimfs:1.3.0
 - com.h2database:h2:2.3.232
 - com.hubspot.jackson:jackson-datatype-protobuf:0.9.15
 - com.mattbertolini:liquibase-slf4j:5.0.0
 - com.netflix.nebula:gradle-aggregate-javadocs-plugin:3.0.1
 - com.networknt:json-schema-validator:1.5.1
 - com.opencsv:opencsv:5.9
 - com.rabbitmq:amqp-client:5.21.0
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - com.zaxxer:HikariCP:5.1.0
 - commons-beanutils:commons-beanutils:1.9.4
 - commons-codec:commons-codec:1.17.1
 - commons-io:commons-io:2.16.1
 - de.undercouch.download:de.undercouch.download.gradle.plugin:5.6.0
 - io.swagger.core.v3:swagger-jaxrs2:2.2.22
 - io.swagger.core.v3:swagger-jaxrs2-jakarta:2.2.22
 - io.swagger.core.v3.swagger-gradle-plugin:io.swagger.core.v3.swagger-gradle-plugin.gradle.plugin:2.2.22
 - jakarta.jms:jakarta.jms-api:3.1.0
 - javax.measure:unit-api:2.2
 - javax.servlet:javax.servlet-api:3.1.0
 - javax.ws.rs:javax.ws.rs-api:2.1
 - junit:junit:4.13.2
 - org.ajoberstar.grgit:org.ajoberstar.grgit.gradle.plugin:5.2.2
 - org.apache.activemq:artemis-amqp-protocol:2.36.0
 - org.apache.activemq:artemis-server:2.36.0
 - org.apache.commons:commons-compress:1.27.1
 - org.apache.commons:commons-configuration2:2.11.0
 - org.apache.commons:commons-lang3:3.16.0
 - org.apache.commons:commons-math3:3.6.1
 - org.apache.qpid:qpid-broker-core:9.2.0
 - org.apache.qpid:qpid-broker-plugins-amqp-0-8-protocol:9.2.0
 - org.apache.qpid:qpid-broker-plugins-memory-store:9.2.0
 - org.apache.qpid:qpid-jms-client:2.5.0
 - org.bouncycastle:bcpkix-jdk18on:1.78.1
 - org.bouncycastle:bcprov-jdk18on:1.78.1
 - org.eclipse.jetty:jetty-webapp:11.0.22
 - org.eclipse.jetty.http2:http2-server:11.0.22
 - org.glassfish:javax.json:1.1.4
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.jupiter:junit-jupiter-params:5.11.0
 - org.junit.vintage:junit-vintage-engine:5.11.0
 - org.jvnet.jaxb2_commons:jaxb2-basics-annotate:1.1.0
 - org.kordamp.gradle.markdown:org.kordamp.gradle.markdown.gradle.plugin:2.2.0
 - org.liquibase:liquibase-core:4.29.1
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mock-server:mockserver-netty:5.15.0
 - org.mockito:mockito-core:5.12.0
 - org.mockito:mockito-inline:5.2.0
 - org.postgresql:postgresql:42.7.3
 - org.projectlombok:lombok:1.18.34
 - org.slf4j:jcl-over-slf4j:2.1.0-alpha1
 - org.slf4j:jul-to-slf4j:2.1.0-alpha1
 - org.slf4j:log4j-over-slf4j:2.1.0-alpha1
 - org.sonarqube:org.sonarqube.gradle.plugin:5.1.0.4882
 - si.uom:si-units:2.1
 - systems.uom:systems-quantity:2.1
 - systems.uom:systems-ucum:2.1
 - tech.units:indriya:2.2

The following dependencies have later milestone versions:
 - com.github.sabomichal:immutable-xjc-plugin [1.7.1 -> 2.0.3]
     https://github.com/sabomichal/immutable-xjc
 - com.google.protobuf:com.google.protobuf.gradle.plugin [0.9.1 -> 0.9.4]
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protobuf-java-util [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protoc [3.21.12 -> 21.0-rc-1]
     https://developers.google.com/protocol-buffers/
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]
 - io.netty:netty-all [4.1.111.Final -> 5.0.0.Alpha2]
     http://netty.io/
 - io.soabase.record-builder:record-builder-core [41 -> 42]
     https://github.com/randgalt/record-builder
 - io.soabase.record-builder:record-builder-processor [41 -> 42]
     https://github.com/randgalt/record-builder
 - jakarta.activation:jakarta.activation-api [1.2.2 -> 2.1.3]
     https://github.com/jakartaee/jaf-api
 - jakarta.annotation:jakarta.annotation-api [2.1.1 -> 3.0.0]
     https://projects.eclipse.org/projects/ee4j.ca
 - jakarta.ws.rs:jakarta.ws.rs-api [3.1.0 -> 4.0.0]
     https://github.com/jakartaee/rest
 - jakarta.xml.bind:jakarta.xml.bind-api [2.3.3 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - jakarta.xml.bind:jakarta.xml.bind-api [3.0.1 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - org.apache.commons:commons-collections4 [4.4 -> 4.5.0-M2]
     https://commons.apache.org/proper/commons-collections/
 - org.apache.commons:commons-lang3 [3.12.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.beryx.jlink:org.beryx.jlink.gradle.plugin [2.26.0 -> 3.0.1]
 - org.eclipse.collections:eclipse-collections [11.1.0 -> 12.0.0.M3]
     https://github.com/eclipse/eclipse-collections
 - org.eclipse.jetty:jetty-alpn-java-server [11.0.20 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-alpn-java-server [11.0.21 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-server [11.0.20 -> 12.0.12]
     https://jetty.org
 - org.eclipse.persistence:org.eclipse.persistence.moxy [2.7.12 -> 5.0.0-B02]
     http://www.eclipse.org/eclipselink
 - org.glassfish.jaxb:jaxb-core [2.3.0.1 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-runtime [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-xjc [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jersey.containers:jersey-container-jetty-http [3.1.3 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.containers:jersey-container-servlet [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.containers:jersey-container-servlet-core [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.core:jersey-server [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.inject:jersey-hk2 [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.media:jersey-media-multipart [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jfree:jfreechart [1.5.4 -> 1.5.5]
     http://www.jfree.org/jfreechart/
 - org.jfree:org.jfree.svg [4.1 -> 5.0.6]
     http://www.jfree.org/jfreesvg
 - org.jvnet.jaxb2_commons:jaxb2-basics [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-ant [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-runtime [0.13.1 -> 2.0.12]
     https://github.com/highsource/jaxb-tools
 - org.owasp.dependencycheck:org.owasp.dependencycheck.gradle.plugin [10.0.2 -> 10.0.3]
 - org.redisson:redisson [3.18.0 -> 3.34.1]
     http://redisson.org
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\build\dependencyUpdates\report.txt

> Task :wres-config:dependencyUpdates

------------------------------------------------------------
:wres-config Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.fasterxml.jackson:jackson-bom:2.17.2
 - com.fasterxml.jackson.core:jackson-annotations:2.17.2
 - com.fasterxml.jackson.core:jackson-core:2.17.2
 - com.fasterxml.jackson.core:jackson-databind:2.17.2
 - com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.17.2
 - com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.17.2
 - com.google.guava:guava:33.3.0-jre
 - com.google.jimfs:jimfs:1.3.0
 - com.hubspot.jackson:jackson-datatype-protobuf:0.9.15
 - com.networknt:json-schema-validator:1.5.1
 - com.opencsv:opencsv:5.9
 - commons-beanutils:commons-beanutils:1.9.4
 - commons-io:commons-io:2.16.1
 - org.apache.commons:commons-lang3:3.16.0
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.jupiter:junit-jupiter-params:5.11.0
 - org.jvnet.jaxb2_commons:jaxb2-basics-annotate:1.1.0
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mockito:mockito-core:5.12.0

The following dependencies have later milestone versions:
 - com.github.sabomichal:immutable-xjc-plugin [1.7.1 -> 2.0.3]
     https://github.com/sabomichal/immutable-xjc
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protobuf-java-util [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - io.soabase.record-builder:record-builder-core [41 -> 42]
     https://github.com/randgalt/record-builder
 - io.soabase.record-builder:record-builder-processor [41 -> 42]
     https://github.com/randgalt/record-builder
 - jakarta.activation:jakarta.activation-api [1.2.2 -> 2.1.3]
     https://github.com/jakartaee/jaf-api
 - jakarta.xml.bind:jakarta.xml.bind-api [2.3.3 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.eclipse.persistence:org.eclipse.persistence.moxy [2.7.12 -> 5.0.0-B02]
     http://www.eclipse.org/eclipselink
 - org.glassfish.jaxb:jaxb-core [2.3.0.1 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-runtime [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.glassfish.jaxb:jaxb-xjc [2.3.8 -> 4.0.5]
     https://eclipse-ee4j.github.io/jaxb-ri/
 - org.jvnet.jaxb2_commons:jaxb2-basics [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-ant [0.13.1 -> 1.11.1]
     https://github.com/highsource/jaxb2-basics
 - org.jvnet.jaxb2_commons:jaxb2-basics-runtime [0.13.1 -> 2.0.12]
     https://github.com/highsource/jaxb-tools
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-config\build\dependencyUpdates\report.txt

> Task :wres-datamodel:dependencyUpdates

------------------------------------------------------------
:wres-datamodel Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - javax.measure:unit-api:2.2
 - junit:junit:4.13.2
 - org.apache.commons:commons-lang3:3.16.0
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.vintage:junit-vintage-engine:5.11.0
 - org.locationtech.jts:jts-core:1.19.0
 - org.mockito:mockito-core:5.12.0
 - si.uom:si-units:2.1
 - systems.uom:systems-quantity:2.1
 - systems.uom:systems-ucum:2.1
 - tech.units:indriya:2.2

The following dependencies have later milestone versions:
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-datamodel\build\dependencyUpdates\report.txt

> Task :wres-events:dependencyUpdates

------------------------------------------------------------
:wres-events Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - jakarta.jms:jakarta.jms-api:3.1.0
 - org.apache.qpid:qpid-jms-client:2.5.0
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.mockito:mockito-core:5.12.0
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - io.netty:netty-all [4.1.111.Final -> 5.0.0.Alpha2]
     http://netty.io/
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-events\build\dependencyUpdates\report.txt

> Task :wres-eventsbroker:dependencyUpdates

------------------------------------------------------------
:wres-eventsbroker Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.google.guava:guava:33.3.0-jre
 - jakarta.jms:jakarta.jms-api:3.1.0
 - org.apache.activemq:artemis-amqp-protocol:2.36.0
 - org.apache.activemq:artemis-server:2.36.0
 - org.apache.commons:commons-configuration2:2.11.0
 - org.apache.commons:commons-lang3:3.16.0
 - org.apache.qpid:qpid-jms-client:2.5.0
 - org.bouncycastle:bcprov-jdk18on:1.78.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.slf4j:jcl-over-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-eventsbroker\build\dependencyUpdates\report.txt

> Task :wres-external-services-tests:dependencyUpdates

------------------------------------------------------------
:wres-external-services-tests Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-external-services-tests\build\dependencyUpdates\report.txt

> Task :wres-http:dependencyUpdates

------------------------------------------------------------
:wres-http Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - org.apache.commons:commons-lang3:3.16.0
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-http\build\dependencyUpdates\report.txt

> Task :wres-io:dependencyUpdates

------------------------------------------------------------
:wres-io Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - com.github.marschall:jfr-jdbc:0.4.0
 - com.google.guava:guava:33.3.0-jre
 - com.google.guava:guava-testlib:33.3.0-jre
 - com.google.jimfs:jimfs:1.3.0
 - com.h2database:h2:2.3.232
 - com.mattbertolini:liquibase-slf4j:5.0.0
 - com.zaxxer:HikariCP:5.1.0
 - junit:junit:4.13.2
 - org.glassfish:javax.json:1.1.4
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.vintage:junit-vintage-engine:5.11.0
 - org.liquibase:liquibase-core:4.29.1
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mockito:mockito-inline:5.2.0
 - org.postgresql:postgresql:42.7.3
 - org.slf4j:jcl-over-slf4j:2.1.0-alpha1
 - org.slf4j:jul-to-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-io\build\dependencyUpdates\report.txt

> Task :wres-messages:dependencyUpdates

------------------------------------------------------------
:wres-messages Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - junit:junit:4.13.2
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8

The following dependencies have later milestone versions:
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protoc [3.21.12 -> 21.0-rc-1]
     https://developers.google.com/protocol-buffers/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-messages\build\dependencyUpdates\report.txt

> Task :wres-metrics:dependencyUpdates

------------------------------------------------------------
:wres-metrics Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - junit:junit:4.13.2
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.vintage:junit-vintage-engine:5.11.0
 - org.mockito:mockito-core:5.12.0

The following dependencies have later milestone versions:
 - org.eclipse.collections:eclipse-collections [11.1.0 -> 12.0.0.M3]
     https://github.com/eclipse/eclipse-collections
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-metrics\build\dependencyUpdates\report.txt

> Task :wres-reading:dependencyUpdates

------------------------------------------------------------
:wres-reading Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.fasterxml.jackson.datatype:jackson-datatype-jsr310:2.17.2
 - com.google.guava:guava:33.3.0-jre
 - com.google.guava:guava-testlib:33.3.0-jre
 - com.google.jimfs:jimfs:1.3.0
 - com.mattbertolini:liquibase-slf4j:5.0.0
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - junit:junit:4.13.2
 - org.apache.commons:commons-compress:1.27.1
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.vintage:junit-vintage-engine:5.11.0
 - org.liquibase:liquibase-core:4.29.1
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mock-server:mockserver-netty:5.15.0
 - org.mockito:mockito-inline:5.2.0
 - org.projectlombok:lombok:1.18.34

The following dependencies have later milestone versions:
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]
 - org.apache.commons:commons-collections4 [4.4 -> 4.5.0-M2]
     https://commons.apache.org/proper/commons-collections/
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-reading\build\dependencyUpdates\report.txt

> Task :wres-statistics:dependencyUpdates

------------------------------------------------------------
:wres-statistics Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0

The following dependencies have later milestone versions:
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.google.protobuf:protoc [3.21.12 -> 21.0-rc-1]
     https://developers.google.com/protocol-buffers/
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-statistics\build\dependencyUpdates\report.txt

> Task :wres-system:dependencyUpdates

------------------------------------------------------------
:wres-system Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.github.marschall:jfr-jdbc:0.4.0
 - com.h2database:h2:2.3.232
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - com.zaxxer:HikariCP:5.1.0
 - junit:junit:4.13.2
 - org.apache.commons:commons-lang3:3.16.0
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.mock-server:mockserver-netty:5.15.0
 - org.postgresql:postgresql:42.7.3
 - org.projectlombok:lombok:1.18.34
 - org.slf4j:jul-to-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - jakarta.xml.bind:jakarta.xml.bind-api [2.3.3 -> 4.0.2]
     https://github.com/jakartaee/jaxb-api
 - org.jvnet.jaxb2_commons:jaxb2-basics-runtime [0.13.1 -> 2.0.12]
     https://github.com/highsource/jaxb-tools
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-system\build\dependencyUpdates\report.txt

> Task :wres-tasker:dependencyUpdates

------------------------------------------------------------
:wres-tasker Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.fasterxml.jackson:jackson-bom:2.17.2
 - com.fasterxml.jackson.core:jackson-annotations:2.17.2
 - com.fasterxml.jackson.core:jackson-core:2.17.2
 - com.fasterxml.jackson.core:jackson-databind:2.17.2
 - com.github.ben-manes.caffeine:caffeine:3.1.8
 - com.google.jimfs:jimfs:1.3.0
 - com.rabbitmq:amqp-client:5.21.0
 - commons-codec:commons-codec:1.17.1
 - io.swagger.core.v3:swagger-jaxrs2:2.2.22
 - io.swagger.core.v3:swagger-jaxrs2-jakarta:2.2.22
 - javax.servlet:javax.servlet-api:3.1.0
 - javax.ws.rs:javax.ws.rs-api:2.1
 - junit:junit:4.13.2
 - org.apache.commons:commons-lang3:3.16.0
 - org.apache.qpid:qpid-broker-core:9.2.0
 - org.apache.qpid:qpid-broker-plugins-amqp-0-8-protocol:9.2.0
 - org.apache.qpid:qpid-broker-plugins-memory-store:9.2.0
 - org.bouncycastle:bcpkix-jdk18on:1.78.1
 - org.bouncycastle:bcprov-jdk18on:1.78.1
 - org.eclipse.jetty:jetty-webapp:11.0.22
 - org.eclipse.jetty.http2:http2-server:11.0.22
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.vintage:junit-vintage-engine:5.11.0

The following dependencies have later milestone versions:
 - com.google.protobuf:protobuf-java [3.21.12 -> 4.28.0-RC2]
     https://developers.google.com/protocol-buffers/
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - io.netty:netty-all [4.1.111.Final -> 5.0.0.Alpha2]
     http://netty.io/
 - jakarta.annotation:jakarta.annotation-api [2.1.1 -> 3.0.0]
     https://projects.eclipse.org/projects/ee4j.ca
 - jakarta.ws.rs:jakarta.ws.rs-api [3.1.0 -> 4.0.0]
     https://github.com/jakartaee/rest
 - org.apache.commons:commons-lang3 [3.12.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.eclipse.jetty:jetty-alpn-java-server [11.0.21 -> 12.0.12]
     https://jetty.org
 - org.eclipse.jetty:jetty-server [11.0.20 -> 12.0.12]
     https://jetty.org
 - org.glassfish.jersey.containers:jersey-container-servlet-core [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.core:jersey-server [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.inject:jersey-hk2 [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.glassfish.jersey.media:jersey-media-multipart [3.1.6 -> 4.0.0-M1]
     https://projects.eclipse.org/projects/ee4j.jersey
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.redisson:redisson [3.18.0 -> 3.34.1]
     http://redisson.org
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-tasker\build\dependencyUpdates\report.txt

> Task :wres-vis:dependencyUpdates

------------------------------------------------------------
:wres-vis Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.google.jimfs:jimfs:1.3.0
 - com.sun.xml.fastinfoset:FastInfoset:2.1.1
 - junit:junit:4.13.2
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.junit.vintage:junit-vintage-engine:5.11.0
 - org.mockito:mockito-core:5.12.0
 - org.slf4j:log4j-over-slf4j:2.1.0-alpha1

The following dependencies have later milestone versions:
 - org.apache.commons:commons-lang3 [3.14.0 -> 3.16.0]
     https://commons.apache.org/proper/commons-lang/
 - org.jfree:jfreechart [1.5.4 -> 1.5.5]
     http://www.jfree.org/jfreechart/
 - org.jfree:org.jfree.svg [4.1 -> 5.0.6]
     http://www.jfree.org/jfreesvg
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-vis\build\dependencyUpdates\report.txt

> Task :wres-worker:dependencyUpdates

------------------------------------------------------------
:wres-worker Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - ch.qos.logback:logback-classic:1.5.7
 - com.rabbitmq:amqp-client:5.21.0
 - junit:junit:4.13.2
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.mock-server:mockserver-netty:5.15.0
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - jakarta.ws.rs:jakarta.ws.rs-api [3.1.0 -> 4.0.0]
     https://github.com/jakartaee/rest
 - org.slf4j:slf4j-api [2.0.13 -> 2.1.0-alpha1]
     http://www.slf4j.org

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-worker\build\dependencyUpdates\report.txt

> Task :wres-writing:dependencyUpdates

------------------------------------------------------------
:wres-writing Project Dependency Updates (report to plain text file)
------------------------------------------------------------

The following dependencies are using the latest milestone version:
 - com.google.guava:guava:33.3.0-jre
 - com.google.jimfs:jimfs:1.3.0
 - junit:junit:4.13.2
 - org.apache.commons:commons-math3:3.6.1
 - org.jacoco:org.jacoco.agent:0.8.8
 - org.jacoco:org.jacoco.ant:0.8.8
 - org.junit.jupiter:junit-jupiter-api:5.11.0
 - org.junit.jupiter:junit-jupiter-engine:5.11.0
 - org.locationtech.jts:jts-core:1.19.0
 - org.locationtech.jts:jts-io:1.19.0
 - org.mockito:mockito-inline:5.2.0

The following dependencies have later milestone versions:
 - com.squareup.okhttp3:okhttp [4.12.0 -> 5.0.0-alpha.14]
     https://square.github.io/okhttp/
 - edu.ucar:cdm-core [5.4.2 -> 6.0.0-beta1]
 - org.apache.tika:tika-core [2.9.2 -> 3.0.0-BETA2]
     https://tika.apache.org/
 - org.jetbrains.kotlin:kotlin-stdlib [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk7 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/
 - org.jetbrains.kotlin:kotlin-stdlib-jdk8 [1.9.23 -> 2.0.20-RC2]
     https://kotlinlang.org/

Failed to determine the latest version for the following dependencies (use --info for details):
 - net.jcip:jcip-annotations

Gradle release-candidate updates:
 - Gradle: [7.6.4 -> 8.10]

Generated report file C:\Users\Umbra\IdeaProjects\wres\wres-writing\build\dependencyUpdates\report.txt

Deprecated Gradle features were used in this build, making it incompatible with Gradle 8.0.

You can use '--warning-mode all' to show the individual deprecation warnings and determine if they come from your own scripts or plugins.

See https://docs.gradle.org/7.6.4/userguide/command_line_interface.html#sec:command_line_warnings

BUILD SUCCESSFUL in 14s
17 actionable tasks: 17 executed

@ArvinEsmailzadeh
Copy link
Collaborator Author

New vulnerability scanner:

> Configure project :
20240820-5321359-dev
20240820-5321359-dev

> Task :dependencyCheckAnalyze
Verifying dependencies for project wres
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres
Found 7 vulnerabilities in project wres


One or more dependencies were identified with known vulnerabilities in wres:

h2-2.3.232.jar (pkg:maven/com.h2database/[email protected], cpe:2.3:a:h2database:h2:2.3.232:*:*:*:*:*:*:*) : CVE-2018-14335
jackson-databind-2.13.4.2.jar (pkg:maven/com.fasterxml.jackson.core/[email protected], cpe:2.3:a:fasterxml:jackson-databind:2.13.4.2:*:*:*:*:*:*:*) : CVE-2023-35116
jfreechart-1.5.4.jar (pkg:maven/org.jfree/[email protected], cpe:2.3:a:time_project:time:1.5.4:*:*:*:*:*:*:*) : CVE-2023-52070
jodd-bean-5.1.6.jar (pkg:maven/org.jodd/[email protected], cpe:2.3:a:jodd:jodd:5.1.6:*:*:*:*:*:*:*, cpe:2.3:a:jodd:jodd_http:5.1.6:*:*:*:*:*:*:*) : CVE-2022-29631
jodd-core-5.1.6.jar (pkg:maven/org.jodd/[email protected], cpe:2.3:a:jodd:jodd:5.1.6:*:*:*:*:*:*:*, cpe:2.3:a:jodd:jodd_http:5.1.6:*:*:*:*:*:*:*) : CVE-2022-29631
redisson-3.18.0.jar (pkg:maven/org.redisson/[email protected], cpe:2.3:a:redisson:redisson:3.18.0:*:*:*:*:*:*:*) : CVE-2023-42809
snakeyaml-1.33.jar (pkg:maven/org.yaml/[email protected], cpe:2.3:a:snakeyaml_project:snakeyaml:1.33:*:*:*:*:*:*:*) : CVE-2022-1471


See the dependency-check report for more details.



Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-config:dependencyCheckAnalyze
Verifying dependencies for project wres-config
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-config
Found 0 vulnerabilities in project wres-config

> Task :wres-datamodel:dependencyCheckAnalyze
Verifying dependencies for project wres-datamodel
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-datamodel
Found 0 vulnerabilities in project wres-datamodel

Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-events:dependencyCheckAnalyze
Verifying dependencies for project wres-events
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-events
Found 0 vulnerabilities in project wres-events

> Task :wres-eventsbroker:dependencyCheckAnalyze
Verifying dependencies for project wres-eventsbroker
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-eventsbroker
Found 0 vulnerabilities in project wres-eventsbroker                                                                                                                                                                                

Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-external-services-tests:dependencyCheckAnalyze
Verifying dependencies for project wres-external-services-tests
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-external-services-tests
Found 1 vulnerabilities in project wres-external-services-tests


One or more dependencies were identified with known vulnerabilities in wres-external-services-tests:

h2-2.3.232.jar (pkg:maven/com.h2database/[email protected], cpe:2.3:a:h2database:h2:2.3.232:*:*:*:*:*:*:*) : CVE-2018-14335


See the dependency-check report for more details.


Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-http:dependencyCheckAnalyze
Verifying dependencies for project wres-http
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-http
Found 0 vulnerabilities in project wres-http
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-io:dependencyCheckAnalyze
Verifying dependencies for project wres-io
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-io
Found 1 vulnerabilities in project wres-io


One or more dependencies were identified with known vulnerabilities in wres-io:

h2-2.3.232.jar (pkg:maven/com.h2database/[email protected], cpe:2.3:a:h2database:h2:2.3.232:*:*:*:*:*:*:*) : CVE-2018-14335


See the dependency-check report for more details.


Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-messages:dependencyCheckAnalyze
Verifying dependencies for project wres-messages
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-messages
Found 0 vulnerabilities in project wres-messages
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-metrics:dependencyCheckAnalyze
Verifying dependencies for project wres-metrics
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-metrics
Found 0 vulnerabilities in project wres-metrics

> Task :wres-reading:dependencyCheckAnalyze
Verifying dependencies for project wres-reading
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-reading
Found 1 vulnerabilities in project wres-reading


One or more dependencies were identified with known vulnerabilities in wres-reading:

h2-2.3.232.jar (pkg:maven/com.h2database/[email protected], cpe:2.3:a:h2database:h2:2.3.232:*:*:*:*:*:*:*) : CVE-2018-14335


See the dependency-check report for more details.



Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-statistics:dependencyCheckAnalyze
Verifying dependencies for project wres-statistics
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-statistics
Found 0 vulnerabilities in project wres-statistics
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-system:dependencyCheckAnalyze
Verifying dependencies for project wres-system
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-system
Found 1 vulnerabilities in project wres-system


One or more dependencies were identified with known vulnerabilities in wres-system:

h2-2.3.232.jar (pkg:maven/com.h2database/[email protected], cpe:2.3:a:h2database:h2:2.3.232:*:*:*:*:*:*:*) : CVE-2018-14335


See the dependency-check report for more details.



> Task :wres-tasker:dependencyCheckAnalyze
Verifying dependencies for project wres-tasker
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-tasker
Found 3 vulnerabilities in project wres-tasker                                                                                                                                                                                      


One or more dependencies were identified with known vulnerabilities in wres-tasker:

jodd-bean-5.1.6.jar (pkg:maven/org.jodd/[email protected], cpe:2.3:a:jodd:jodd:5.1.6:*:*:*:*:*:*:*, cpe:2.3:a:jodd:jodd_http:5.1.6:*:*:*:*:*:*:*) : CVE-2022-29631
jodd-core-5.1.6.jar (pkg:maven/org.jodd/[email protected], cpe:2.3:a:jodd:jodd:5.1.6:*:*:*:*:*:*:*, cpe:2.3:a:jodd:jodd_http:5.1.6:*:*:*:*:*:*:*) : CVE-2022-29631
redisson-3.18.0.jar (pkg:maven/org.redisson/[email protected], cpe:2.3:a:redisson:redisson:3.18.0:*:*:*:*:*:*:*) : CVE-2023-42809


See the dependency-check report for more details.



Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-vis:dependencyCheckAnalyze
Verifying dependencies for project wres-vis
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-vis
Found 1 vulnerabilities in project wres-vis


One or more dependencies were identified with known vulnerabilities in wres-vis:

jfreechart-1.5.4.jar (pkg:maven/org.jfree/[email protected], cpe:2.3:a:time_project:time:1.5.4:*:*:*:*:*:*:*) : CVE-2023-52070


See the dependency-check report for more details.



Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM
Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

> Task :wres-worker:dependencyCheckAnalyze
Verifying dependencies for project wres-worker
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-worker
Found 0 vulnerabilities in project wres-worker

> Task :wres-writing:dependencyCheckAnalyze
Verifying dependencies for project wres-writing
Checking for updates and analyzing dependencies for vulnerabilities
Generating report for project wres-writing
Found 1 vulnerabilities in project wres-writing


One or more dependencies were identified with known vulnerabilities in wres-writing:

h2-2.3.232.jar (pkg:maven/com.h2database/[email protected], cpe:2.3:a:h2database:h2:2.3.232:*:*:*:*:*:*:*) : CVE-2018-14335


See the dependency-check report for more details.



Region [NODEAUDIT] : Not alive and dispose was called, filename: NODEAUDIT
Region [CENTRAL] : Not alive and dispose was called, filename: CENTRAL
Region [POM] : Not alive and dispose was called, filename: POM

Deprecated Gradle features were used in this build, making it incompatible with Gradle 8.0.

You can use '--warning-mode all' to show the individual deprecation warnings and determine if they come from your own scripts or plugins.

See https://docs.gradle.org/7.6.4/userguide/command_line_interface.html#sec:command_line_warnings

BUILD SUCCESSFUL in 46s
17 actionable tasks: 17 executed

ArvinEsmailzadeh added a commit that referenced this issue Aug 20, 2024
@ArvinEsmailzadeh
fixes #67 Fixed dependency upgrades
274ab89
@james-d-brown james-d-brown added this to the v6.25 milestone Aug 20, 2024
@james-d-brown
Copy link
Collaborator

Another thing, Arvin. I see you reported the vulnerability scan above, but I cannot see any follow up. When performing a scan, it needs to be followed up so that each reported CVE is either explained as will not fix (e.g., a false positive), cannot fix (e.g., no fix available) or it needs to be fixed.

@james-d-brown
Copy link
Collaborator

Also, the build is in an endlessly looped/failing state because you have not checked whether the upgrade to Artemis 2.36 actually works locally before pushing. You should not push without the build succeeding locally. Apparently, the upgrade to Artemis 2.36 does not work, which is not very surprising because the upgrade to 2.35 also did not work. I think you will need to cancel the build and back out this upgrade to Artemis 2.36.

@james-d-brown james-d-brown reopened this Aug 20, 2024
@james-d-brown
Copy link
Collaborator

I have cancelled the failing workflows.

@james-d-brown
Copy link
Collaborator

I have unchecked the items that need to be repeated.

@ArvinEsmailzadeh
Copy link
Collaborator Author

ArvinEsmailzadeh commented Aug 21, 2024
edited
Loading

James,

We have a bit of a problem regarding Artemis in the Dockerfile. So the place we are pulling it from no longer has version 2.34.0 See here: https://dlcdn.apache.org/activemq/activemq-artemis/

So we currently have 2 options.

  1. Have the inconsistency between the build.gradle which will have version 2.34 that works and the dockerfile having 2.36
  2. Find out why Artemis breaks on versions > 2.34 and fix it

Arvin

@james-d-brown
Copy link
Collaborator

James,

We have a bit of a problem regarding Artemis in the Dockerfile. So the place we are pulling it from no longer has version 2.34.0 See here: https://dlcdn.apache.org/activemq/activemq-artemis/

So we currently have 2 options.

  1. Have the inconsistency between the build.gradle which will have version 2.34 that works and the dockerfile having 2.36
  2. Find out why Artemis breaks on versions > 2.34 and fix it

Arvin

Thanks. Note that (1) is not an option because, when you deploy to cowres, it will break in exactly the same way it breaks the wres build. It's just that we don't exercise our docker deployment until the software has been deployed on a cowres machine. The only difference between the core artifact and the cowres deployment w/r to Artemis is where and how the broker is started. For the cowres deployment, a broker instance is started separately. For the core software, a broker instance is started by the core software and embedded within the same process. Otherwise, there is no difference, so the problem exists either way.

@james-d-brown
Copy link
Collaborator

I think these are the two options:

  1. We fix As a developer, I want to understand why Artemis 2.35 is not working properly and fix it #69; or
  2. We pull the old artifact from a separate archive server, here: https://archive.apache.org/dist/activemq/activemq-artemis/

@james-d-brown
Copy link
Collaborator

Let me start with (1) to see whether it can be addressed reasonably quickly, but I reserve the option of (2) if it isn't a quick-ish fix. Option (2) will require a temporary update to the broker dockerfile to pull from the archive space.

@ArvinEsmailzadeh
Copy link
Collaborator Author

ArvinEsmailzadeh commented Aug 21, 2024
edited
Loading

Sounds good, James. Thank you!

Arvin

@james-d-brown
Copy link
Collaborator

Fixed #69 and merged the PR. You should be able to proceed by merging master into your branch and then addressing the CVEs. I retained the updated Artemis in the dockerfile and now in the core artifact too, so that step is done.

@ArvinEsmailzadeh
Copy link
Collaborator Author

Awesome so before I move forward with the rest of the deployment, the CVE's need to be addressed. So let me start taking a look.

Arvin

@ArvinEsmailzadeh
Copy link
Collaborator Author

Ok so here are the CVEs

h2-2.3.232.jar (pkg:maven/com.h2database/[email protected], cpe:2.3:a:h2database:h2:2.3.232:*:*:*:*:*:*:*) : CVE-2018-14335
jackson-databind-2.13.4.2.jar (pkg:maven/com.fasterxml.jackson.core/[email protected], cpe:2.3:a:fasterxml:jackson-databind:2.13.4.2:*:*:*:*:*:*:*) : CVE-2023-35116
jfreechart-1.5.4.jar (pkg:maven/org.jfree/[email protected], cpe:2.3:a:time_project:time:1.5.4:*:*:*:*:*:*:*) : CVE-2023-52070
jodd-bean-5.1.6.jar (pkg:maven/org.jodd/[email protected], cpe:2.3:a:jodd:jodd:5.1.6:*:*:*:*:*:*:*, cpe:2.3:a:jodd:jodd_http:5.1.6:*:*:*:*:*:*:*) : CVE-2022-29631
jodd-core-5.1.6.jar (pkg:maven/org.jodd/[email protected], cpe:2.3:a:jodd:jodd:5.1.6:*:*:*:*:*:*:*, cpe:2.3:a:jodd:jodd_http:5.1.6:*:*:*:*:*:*:*) : CVE-2022-29631
redisson-3.18.0.jar (pkg:maven/org.redisson/[email protected], cpe:2.3:a:redisson:redisson:3.18.0:*:*:*:*:*:*:*) : CVE-2023-42809
snakeyaml-1.33.jar (pkg:maven/org.yaml/[email protected], cpe:2.3:a:snakeyaml_project:snakeyaml:1.33:*:*:*:*:*:*:*) : CVE-2022-1471

All of them besides the two below were there previously and are known about and cannot be fixed as of right now.

jodd-bean-5.1.6.jar (pkg:maven/org.jodd/[email protected], cpe:2.3:a:jodd:jodd:5.1.6:*:*:*:*:*:*:*, cpe:2.3:a:jodd:jodd_http:5.1.6:*:*:*:*:*:*:*) : CVE-2022-29631
jodd-core-5.1.6.jar (pkg:maven/org.jodd/[email protected], cpe:2.3:a:jodd:jodd:5.1.6:*:*:*:*:*:*:*, cpe:2.3:a:jodd:jodd_http:5.1.6:*:*:*:*:*:*:*) : CVE-2022-29631

jfreechart vulns are disputed and no update available.

https://nvd.nist.gov/vuln/detail/CVE-2023-52070

Let me try to find the jodd ones.

@james-d-brown
Copy link
Collaborator

Awesome so before I move forward with the rest of the deployment, the CVE's need to be addressed. So let me start taking a look.

Arvin

I think they are mostly the same as earlier releases, either false positives or disputed or no updates. But these ones look new:

jodd-bean-5.1.6.jar (pkg:maven/org.jodd/[email protected], cpe:2.3:a:jodd:jodd:5.1.6:*:*:*:*:*:*:*, cpe:2.3:a:jodd:jodd_http:5.1.6:*:*:*:*:*:*:*) : CVE-2022-29631
jodd-core-5.1.6.jar (pkg:maven/org.jodd/[email protected], cpe:2.3:a:jodd:jodd:5.1.6:*:*:*:*:*:*:*, cpe:2.3:a:jodd:jodd_http:5.1.6:*:*:*:*:*:*:*) : CVE-2022-29631

I mean, new to us. They are not new CVEs. Would check where these (presumably) transitive deps have suddenly been introduced from and then see if there are updates available...

@james-d-brown
Copy link
Collaborator

Updates to transitive deps require a slightly different approach, as you will see in our build.gradle. First, you need to remove the transitive dep when importing the dep. Next, you need to add a new transitive dep. Here's an example for guava, which is a transitive dep in edu.ucar:cdm-core:5.4.2:

        implementation('edu.ucar:cdm-core:5.4.2') {
            // Because we use slf4j, not jcl:
            exclude group: 'commons-logging', module: 'commons-logging'
            // CVE-2021-33813
            exclude group: 'org.jdom', module: 'jdom2'
            // Not used at runtime, bloat
            exclude group: 'org.checkerframework', module: 'checker-qual'
            // Remove older guava version. TODO: remove when the CDM catches up
            exclude group: 'com.google.guava', module: 'guava'
        }
        // Include later dependency versions for the excluded dependencies above
        implementation 'com.google.guava:guava:33.2.0-jre'

Note the two steps, first exclude, then include (later version).

@james-d-brown
Copy link
Collaborator

But first you need to discover where these jodd deps come from, what imports them. Gradle dependencyInsight or similar should help with that, or just create a full dependency graph and search for jodd to see what brings it in.

@ArvinEsmailzadeh
Copy link
Collaborator Author

Looks like its a transitive dependency of org.yaml:snakeyaml which is a transitive dependency of org.redisson:redisson:3.18.0

+--- org.redisson:redisson:3.18.0
|    +--- javax.cache:cache-api:1.1.1
|    +--- io.projectreactor:reactor-core:3.4.24
|    |    \--- org.reactivestreams:reactive-streams:1.0.4
|    +--- org.reactivestreams:reactive-streams:1.0.4
|    +--- io.reactivex.rxjava3:rxjava:3.1.5
|    |    \--- org.reactivestreams:reactive-streams:1.0.4
|    +--- org.jboss.marshalling:jboss-marshalling:2.0.11.Final
|    +--- org.jboss.marshalling:jboss-marshalling-river:2.0.11.Final
|    |    \--- org.jboss.marshalling:jboss-marshalling:2.0.11.Final
|    +--- org.slf4j:slf4j-api:1.7.36 -> 2.1.0-alpha1
|    +--- com.fasterxml.jackson.core:jackson-annotations:2.13.4 -> 2.17.2 (*)
|    +--- com.fasterxml.jackson.dataformat:jackson-dataformat-yaml:2.13.4 -> 2.17.2 (*)
|    +--- com.fasterxml.jackson.core:jackson-core:2.13.4 -> 2.17.2 (*)
|    +--- com.fasterxml.jackson.core:jackson-databind:2.13.4.2 -> 2.17.2 (*)
|    +--- net.bytebuddy:byte-buddy:1.12.18
|    +--- org.yaml:snakeyaml:1.33 -> 2.2
|    \--- org.jodd:jodd-bean:5.1.6
|         \--- org.jodd:jodd-core:5.1.6

@james-d-brown
Copy link
Collaborator

Not sure about that slanted line, I reckon it's a transitive dep of redisson only. Also, note that snakeyaml appears in a ton of places, so that dep would appear elsewhere in that case, not just the tasker...

@ArvinEsmailzadeh
Copy link
Collaborator Author

You're right I think the slanted line means last line of the transitive dependencies for the top level one.

@ArvinEsmailzadeh
Copy link
Collaborator Author

Looks like there are no version upgrades for org.jodd:jodd-bean 5.1.6 seems to be the latest version. So I believe there isn't anything we can really do here right?

Arvin

@ArvinEsmailzadeh
Copy link
Collaborator Author

org.jodd:jodd-core Does have a version upgrade to the latest which is 5.3.0

@james-d-brown
Copy link
Collaborator

Looks like there are no version upgrades for org.jodd:jodd-bean 5.1.6 seems to be the latest version. So I believe there isn't anything we can really do here right?

Arvin

Well, according to the CVE:

https://nvd.nist.gov/vuln/detail/CVE-2022-29631

Up to (excluding)
6.2.1

In other words, 5.* won't help, but there should be a 6.2.1 or higher that will...

https://github.com/oblac/jodd-http

The issue seems to be jodd http, used by core.

@james-d-brown
Copy link
Collaborator

If core 5.3.0 brings in http 6.2.1 or later, I would go with that.

@james-d-brown
Copy link
Collaborator

Oh, but jodd bean too. So you will probably need to remove jodd http from redis and bring in the latest, 6.3.0...

@james-d-brown
Copy link
Collaborator

james-d-brown commented Aug 21, 2024
edited
Loading

Oh, wait a second. I think these are false positives. There is no dependency of beans or core on http, right? So this is just the checking tool getting confused with jodd deps that have version < 6.21. In other words, a false positive. I would double check to see whether that has been reported to the checking tool devs, but it's probably a fp...

edit: in other words, we have no dependency or transitive dependency on jodd-http, but the checking tool sees other jodd dependencies with versions < 6.21 and gets confused, throwing a fp. The cve is exclusively about jodd http.

@ArvinEsmailzadeh
Copy link
Collaborator Author

So I just tried a bunch of different things just to see if I can get rid of the CVE so what I did was I excluded org.jodd:jodd-bean brought in org.jodd:jodd-core to the latest version. That has a transitive dependency of jobb util which was outdated too so I excluded it and brought in the newest version and then I even tried bringing in jodd-http and that didn't work either. It always failed the build here:

import jodd.net.HttpStatus;
               ^
  symbol:   class HttpStatus
  location: package jodd.net

@ArvinEsmailzadeh
Copy link
Collaborator Author

So in that case are we good to move on to the next steps of deployment?

@james-d-brown
Copy link
Collaborator

As long as our dependency graph shows no dependency on jodd http, then there is no issue. Please confirm that our dependency graph does not show jodd http. As above, I think it's a false positive whereby the owasp dependency check tool is being triggered on any jodd dependency < 6.21, even though the cve is for jod http only (and we appear not to depend on it).

@ArvinEsmailzadeh
Copy link
Collaborator Author

James,

I confirmed that we do not have jodd http in our dependency tree.

Arvin

@james-d-brown
Copy link
Collaborator

Good to go, then.

@james-d-brown
Copy link
Collaborator

james-d-brown commented Aug 21, 2024
edited
Loading

Remember to remove the api key from the build.gradle.

ArvinEsmailzadeh added a commit that referenced this issue Aug 21, 2024
@ArvinEsmailzadeh
Merge pull request #272 from NOAA-OWP/deployment-6.25
1d5b305 
fixes #67 Fixed dependency upgrades
@HankHerr-NOAA HankHerr-NOAA mentioned this issue Sep 10, 2024
Closed
8 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ArvinEsmailzadeh ArvinEsmailzadeh

Labels
deployment Work related to deployments
Projects
None yet
Milestone
v6.25
Development

No branches or pull requests
2 participants
@james-d-brown @ArvinEsmailzadeh