Tooling to help Maven collaborate with the Sigstore ecosystem.

LicenseEPL 1.0
Tagsbuildstorebuild-systemmavensigning
DateMay 11, 2022
Filespom (10 KB)  View All
RepositoriesCentralClearfly
Ranking#785567 in MvnRepository (See Top Artifacts)
VulnerabilitiesVulnerabilities from dependencies:
CVE-2024-47554
CVE-2024-30171
CVE-2024-29857
View 6 more ...

Note: There is a new version for this artifact

New Version0.0.15


Compile Dependencies (0)

Category/License Group / ArtifactVersionUpdates

Managed Dependencies (34)

Category/License Group / ArtifactVersionUpdates

EPL 1.0
ca.vanzyl.sigstore.maven » sigstore-maven-core 0.0.80.0.15

EPL 1.0
ca.vanzyl.sigstore.maven » sigstore-maven-model 0.0.80.0.15
Annotation Lib
Apache 2.0
com.fasterxml.jackson.core » jackson-annotations 2.13.12.18.2
JSON Lib
Apache 2.0
com.fasterxml.jackson.core » jackson-core 2.13.12.18.2
JSON Lib
Apache 2.0
com.fasterxml.jackson.core » jackson-databind3 vulnerabilities 2.13.12.18.2

Apache 2.0
com.google.api-client » google-api-client 1.33.02.7.2

Apache 2.0
com.google.api-client » google-api-client-jackson2 1.33.02.7.2

Apache 2.0
com.google.apis » google-api-services-oauth2 v2-rev20200213-1.32.1v2-rev157-1.25.0
Defect Detection
LGPL 2.1
com.google.code.findbugs » jsr305 3.0.24.9.1
Defect Detection
Apache 2.0
com.google.errorprone » error_prone_annotations 2.10.02.36.0

Apache 2.0
com.google.http-client » google-http-client-apache-v2 1.41.01.46.1
OAuth Lib
Apache 2.0
com.google.oauth-client » google-oauth-client1 vulnerability 1.32.11.37.0

Apache 2.0
com.google.oauth-client » google-oauth-client-jetty 1.32.11.37.0

Apache 2.0
com.kohlschutter.junixsocket » junixsocket-common 2.0.42.10.1

Apache 2.0
com.kohlschutter.junixsocket » junixsocket-native-common 2.0.42.10.1
I/O
Apache 2.0
commons-io » commons-io1 vulnerability 2.11.02.18.0
Validation
Apache 2.0
commons-validator » commons-validator 1.71.9.0

EPL 1.0
io.takari » takari-archiver 0.1.271.0.3
Testing
EPL 2.0
junit » junit 4.13.25.11.4
Build Model
Apache 2.0
org.apache.maven » maven-plugin-api 3.8.43.9.9
Build Tool
Apache 2.0
org.apache.maven » maven-core 3.8.43.9.9
Build Model
Apache 2.0
org.apache.maven » maven-model 3.8.43.9.9
Build Model
Apache 2.0
org.apache.maven » maven-artifact 3.8.43.9.9

Apache 2.0
org.apache.maven » maven-compat 3.8.43.9.9

Apache 2.0
org.apache.maven.plugin-testing » maven-plugin-testing-harness 3.3.0
Annotation Lib
Apache 2.0
org.apache.maven.plugin-tools » maven-plugin-annotations 3.6.23.15.1
Assertion
Apache 2.0
org.assertj » assertj-core 3.22.03.27.3

Apache 2.0BouncyCastle
org.bouncycastle » bcpg-jdk15on 1.691.80
Encryption Lib
BouncyCastle
org.bouncycastle » bcprov-jdk15on4 vulnerabilities 1.691.80
Core Utils
Apache 2.0
org.codehaus.plexus » plexus-utils 3.1.04.0.2
Annotation Tool
Apache 2.0
org.immutables » value 2.8.82.10.1
Logging
MIT
org.slf4j » slf4j-api 1.7.362.0.16
Logging Bridge
Apache 2.0
org.slf4j » log4j-over-slf4j 1.7.362.0.16
Logging
MIT
org.slf4j » slf4j-simple 1.7.362.0.16

Licenses

LicenseURL
The Eclipse Public License, Version 1.0 http://www.eclipse.org/legal/epl-v10.html

Developers

NameEmailDev IdRolesOrganization
Jason van ZyljvanzylProject Lead
Igor Fedorenkoigor<at>ifedorenko.comifedorenkoProject Lead
Manfred Mosermanfred<at>simpligility.commmoserProject Lead