Feature/create SBOM

README.md

@@ -115,6 +115,14 @@ Create a report about used licenses for every dependency:
 
 You will find the reports of all modules under  ``license3rdparty``.
 
+### SBOM reports
+
+Create an SBOM reports for every module:
+
+``gradle cyclonedxBom``
+
+You will find the JSON files under ``<root-project>/build/sbom``
+
 ### Publishing
 
 Testerra is deployed and published to Maven Central. All JAR files are signed via Gradle signing plugin.

build.gradle

@@ -1,6 +1,7 @@
 plugins {
     id "io.codearte.nexus-staging" version "0.30.0"
     id 'com.github.jk1.dependency-license-report' version '1.16'
+    id 'org.cyclonedx.bom' version '1.8.2' apply false
 }
 
 // Plugin dependency-license-report
@@ -42,7 +43,6 @@ allprojects {
 }
 
 subprojects {
-
     group 'io.testerra'
     version moduleVersion
     archivesBaseName = "testerra"
@@ -53,6 +53,8 @@ subprojects {
 
     apply plugin: 'com.github.jk1.dependency-license-report'
 
+    apply plugin: 'org.cyclonedx.bom'
+
     // important!
     repositories {
 //        mavenLocal()
@@ -107,6 +109,13 @@ subprojects {
         renderers = [new InventoryMarkdownReportRenderer("${project.name}.md")]
         outputDir = "$rootDir/license3rdparty"
     }
+
+    cyclonedxBom {
+        skipProjects = ["docs", "integration-tests", "report-ng", "app", "report-ng-tests"]
+        outputFormat = "json"
+        outputName = project.name
+        destination = file("../build/sbom")
+    }
 }
 
 // Do not move this integration because `group` and `version` is needed for publishing

license3rdparty/bup.md

@@ -1,7 +1,7 @@
 
 #bup
 ##Dependency License Report
-_2022-04-06 13:49:33 MESZ_
+_2024-03-05 07:59:00 MEZ_
 ## Apache 2.0
 
 **1** **Group:** `com.google.code.gson` **Name:** `gson` **Version:** `2.8.8` 

license3rdparty/core.md

@@ -1,128 +1,82 @@
 
 #core
 ##Dependency License Report
-_2022-04-06 13:49:34 MESZ_
+_2024-03-05 07:59:01 MEZ_
 ## Apache 2
 
-**1** **Group:** `com.opencsv` **Name:** `opencsv` **Version:** `3.9` 
-> - **POM Project URL**: [http://opencsv.sf.net](http://opencsv.sf.net)
-> - **POM License**: Apache 2 - [http://www.apache.org/licenses/LICENSE-2.0.txt](http://www.apache.org/licenses/LICENSE-2.0.txt)
-
-**2** **Group:** `de.idyl` **Name:** `winzipaes` **Version:** `1.0.1` 
+**1** **Group:** `de.idyl` **Name:** `winzipaes` **Version:** `1.0.1` 
 > - **POM Project URL**: [http://code.google.com/p/winzipaes/](http://code.google.com/p/winzipaes/)
 > - **POM License**: Apache 2 - [http://www.apache.org/licenses/LICENSE-2.0](http://www.apache.org/licenses/LICENSE-2.0)
 
-**3** **Group:** `net.lingala.zip4j` **Name:** `zip4j` **Version:** `1.3.2` 
+**2** **Group:** `net.lingala.zip4j` **Name:** `zip4j` **Version:** `1.3.2` 
 > - **POM License**: Apache 2 - [http://www.apache.org/licenses/LICENSE-2.0.txt](http://www.apache.org/licenses/LICENSE-2.0.txt)
 
 ## Apache License, Version 2.0
 
-**4** **Group:** `com.google.guava` **Name:** `guava` **Version:** `28.1-jre` 
+**3** **Group:** `com.google.guava` **Name:** `guava` **Version:** `33.0.0-jre` 
 > - **Manifest Project URL**: [https://github.com/google/guava/](https://github.com/google/guava/)
+> - **POM Project URL**: [https://github.com/google/guava](https://github.com/google/guava)
 > - **POM License**: Apache License, Version 2.0 - [http://www.apache.org/licenses/LICENSE-2.0.txt](http://www.apache.org/licenses/LICENSE-2.0.txt)
+> - **Embedded license files**: [guava-33.0.0-jre.jar/META-INF/LICENSE](guava-33.0.0-jre.jar/META-INF/LICENSE)
 
-**5** **Group:** `commons-io` **Name:** `commons-io` **Version:** `2.6` 
+**4** **Group:** `commons-io` **Name:** `commons-io` **Version:** `2.6` 
 > - **Project URL**: [http://commons.apache.org/proper/commons-io/](http://commons.apache.org/proper/commons-io/)
 > - **POM License**: Apache License, Version 2.0 - [https://www.apache.org/licenses/LICENSE-2.0.txt](https://www.apache.org/licenses/LICENSE-2.0.txt)
 > - **Embedded license files**: [commons-io-2.6.jar/META-INF/LICENSE.txt](commons-io-2.6.jar/META-INF/LICENSE.txt) 
     - [commons-io-2.6.jar/META-INF/NOTICE.txt](commons-io-2.6.jar/META-INF/NOTICE.txt)
 
-**6** **Group:** `org.apache.commons` **Name:** `commons-lang3` **Version:** `3.9` 
+**5** **Group:** `org.apache.commons` **Name:** `commons-lang3` **Version:** `3.9` 
 > - **Project URL**: [http://commons.apache.org/proper/commons-lang/](http://commons.apache.org/proper/commons-lang/)
 > - **POM License**: Apache License, Version 2.0 - [https://www.apache.org/licenses/LICENSE-2.0.txt](https://www.apache.org/licenses/LICENSE-2.0.txt)
 > - **Embedded license files**: [commons-lang3-3.9.jar/META-INF/LICENSE.txt](commons-lang3-3.9.jar/META-INF/LICENSE.txt) 
     - [commons-lang3-3.9.jar/META-INF/NOTICE.txt](commons-lang3-3.9.jar/META-INF/NOTICE.txt)
 
-**7** **Group:** `org.apache.pdfbox` **Name:** `pdfbox` **Version:** `1.8.16` 
+**6** **Group:** `org.apache.pdfbox` **Name:** `pdfbox` **Version:** `2.0.29` 
 > - **Manifest Project URL**: [http://pdfbox.apache.org](http://pdfbox.apache.org)
-> - **POM License**: Apache License, Version 2.0 - [http://www.apache.org/licenses/LICENSE-2.0.txt](http://www.apache.org/licenses/LICENSE-2.0.txt)
-> - **Embedded license files**: [pdfbox-1.8.16.jar/META-INF/LICENSE](pdfbox-1.8.16.jar/META-INF/LICENSE) 
-    - [pdfbox-1.8.16.jar/META-INF/NOTICE](pdfbox-1.8.16.jar/META-INF/NOTICE)
+> - **POM License**: Apache License, Version 2.0 - [https://www.apache.org/licenses/LICENSE-2.0.txt](https://www.apache.org/licenses/LICENSE-2.0.txt)
+> - **Embedded license files**: [pdfbox-2.0.29.jar/META-INF/LICENSE](pdfbox-2.0.29.jar/META-INF/LICENSE) 
+    - [pdfbox-2.0.29.jar/META-INF/NOTICE](pdfbox-2.0.29.jar/META-INF/NOTICE)
 
-**8** **Group:** `org.testng` **Name:** `testng` **Version:** `7.4.0` 
+**7** **Group:** `org.testng` **Name:** `testng` **Version:** `7.8.0` 
+> - **Manifest License**: Apache-2.0 (Not Packaged)
 > - **POM Project URL**: [https://testng.org](https://testng.org)
 > - **POM License**: Apache License, Version 2.0 - [https://www.apache.org/licenses/LICENSE-2.0.txt](https://www.apache.org/licenses/LICENSE-2.0.txt)
-
-## CDDL 1.1
-
-**9** **Group:** `javax.xml.bind` **Name:** `jaxb-api` **Version:** `2.3.0` 
-> - **Manifest Project URL**: [http://www.oracle.com/](http://www.oracle.com/)
-> - **POM License**: CDDL 1.1 - [https://oss.oracle.com/licenses/CDDL+GPL-1.1](https://oss.oracle.com/licenses/CDDL+GPL-1.1)
-> - **POM License**: GPL2 w/ CPE - [https://oss.oracle.com/licenses/CDDL+GPL-1.1](https://oss.oracle.com/licenses/CDDL+GPL-1.1)
-> - **Embedded license files**: [jaxb-api-2.3.0.jar/META-INF/LICENSE.txt](jaxb-api-2.3.0.jar/META-INF/LICENSE.txt)
-
-## CDDL+GPL License
-
-**10** **Group:** `com.sun.xml.bind` **Name:** `jaxb-impl` **Version:** `2.3.0` 
-> - **Manifest Project URL**: [http://www.oracle.com/](http://www.oracle.com/)
-> - **POM License**: CDDL+GPL License - [http://glassfish.java.net/public/CDDL+GPL_1_1.html](http://glassfish.java.net/public/CDDL+GPL_1_1.html)
-
-**11** **Group:** `com.sun.xml.bind` **Name:** `jaxb-core` **Version:** `2.3.0` 
-> - **Manifest Project URL**: [http://www.oracle.com/](http://www.oracle.com/)
-> - **POM License**: CDDL+GPL License - [http://glassfish.java.net/public/CDDL+GPL_1_1.html](http://glassfish.java.net/public/CDDL+GPL_1_1.html)
-
-## Common Development and Distribution License (CDDL) v1.0
-
-**12** **Group:** `javax.activation` **Name:** `activation` **Version:** `1.1` 
-> - **POM Project URL**: [http://java.sun.com/products/javabeans/jaf/index.jsp](http://java.sun.com/products/javabeans/jaf/index.jsp)
-> - **POM License**: Common Development and Distribution License (CDDL) v1.0 - [https://glassfish.dev.java.net/public/CDDLv1.0.html](https://glassfish.dev.java.net/public/CDDLv1.0.html)
-> - **Embedded license files**: [activation-1.1.jar/META-INF/LICENSE.txt](activation-1.1.jar/META-INF/LICENSE.txt)
-
-## GPL2 w/ CPE
-
-**13** **Group:** `javax.xml.bind` **Name:** `jaxb-api` **Version:** `2.3.0` 
-> - **Manifest Project URL**: [http://www.oracle.com/](http://www.oracle.com/)
-> - **POM License**: CDDL 1.1 - [https://oss.oracle.com/licenses/CDDL+GPL-1.1](https://oss.oracle.com/licenses/CDDL+GPL-1.1)
-> - **POM License**: GPL2 w/ CPE - [https://oss.oracle.com/licenses/CDDL+GPL-1.1](https://oss.oracle.com/licenses/CDDL+GPL-1.1)
-> - **Embedded license files**: [jaxb-api-2.3.0.jar/META-INF/LICENSE.txt](jaxb-api-2.3.0.jar/META-INF/LICENSE.txt)
-
-## Similar to Apache License but with the acknowledgment clause removed
-
-**14** **Group:** `org.jdom` **Name:** `jdom2` **Version:** `2.0.6` 
-> - **POM Project URL**: [http://www.jdom.org](http://www.jdom.org)
-> - **POM License**: Similar to Apache License but with the acknowledgment clause removed - [https://raw.github.com/hunterhacker/jdom/master/LICENSE.txt](https://raw.github.com/hunterhacker/jdom/master/LICENSE.txt)
-> - **Embedded license files**: [jdom2-2.0.6.jar/META-INF/LICENSE.txt](jdom2-2.0.6.jar/META-INF/LICENSE.txt)
+> - **Embedded license files**: [testng-7.8.0.jar/META-INF/LICENSE.txt](testng-7.8.0.jar/META-INF/LICENSE.txt)
 
 ## The Apache Software License, Version 2.0
 
-**15** **Group:** `com.google.inject` **Name:** `guice` **Version:** `4.2.2` 
+**8** **Group:** `com.google.inject` **Name:** `guice` **Version:** `4.2.2` 
 > - **Manifest Project URL**: [https://github.com/google/guice](https://github.com/google/guice)
 > - **POM License**: The Apache Software License, Version 2.0 - [http://www.apache.org/licenses/LICENSE-2.0.txt](http://www.apache.org/licenses/LICENSE-2.0.txt)
 > - **Embedded license files**: [guice-4.2.2-no_aop.jar/META-INF/LICENSE](guice-4.2.2-no_aop.jar/META-INF/LICENSE) 
     - [guice-4.2.2-no_aop.jar/META-INF/NOTICE](guice-4.2.2-no_aop.jar/META-INF/NOTICE)
 
-**16** **Group:** `com.google.inject.extensions` **Name:** `guice-assistedinject` **Version:** `4.2.2` 
+**9** **Group:** `com.google.inject.extensions` **Name:** `guice-assistedinject` **Version:** `4.2.2` 
 > - **Manifest Project URL**: [https://github.com/google/guice](https://github.com/google/guice)
 > - **POM License**: The Apache Software License, Version 2.0 - [http://www.apache.org/licenses/LICENSE-2.0.txt](http://www.apache.org/licenses/LICENSE-2.0.txt)
 > - **Embedded license files**: [guice-assistedinject-4.2.2.jar/META-INF/LICENSE](guice-assistedinject-4.2.2.jar/META-INF/LICENSE) 
     - [guice-assistedinject-4.2.2.jar/META-INF/NOTICE](guice-assistedinject-4.2.2.jar/META-INF/NOTICE)
 
-**17** **Group:** `org.apache.poi` **Name:** `poi-ooxml` **Version:** `3.17` 
+**10** **Group:** `org.apache.poi` **Name:** `poi-ooxml` **Version:** `3.17` 
 > - **POM Project URL**: [http://poi.apache.org/](http://poi.apache.org/)
 > - **POM License**: The Apache Software License, Version 2.0 - [http://www.apache.org/licenses/LICENSE-2.0.txt](http://www.apache.org/licenses/LICENSE-2.0.txt)
 > - **Embedded license files**: [poi-ooxml-3.17.jar/META-INF/LICENSE](poi-ooxml-3.17.jar/META-INF/LICENSE) 
     - [poi-ooxml-3.17.jar/META-INF/NOTICE](poi-ooxml-3.17.jar/META-INF/NOTICE)
 
-**18** **Group:** `xerces` **Name:** `xercesImpl` **Version:** `2.8.0` 
-> - **POM Project URL**: [http://xerces.apache.org/xerces2-j](http://xerces.apache.org/xerces2-j)
+**11** **Group:** `org.seleniumhq.selenium` **Name:** `selenium-java` **Version:** `4.18.1` 
+> - **POM Project URL**: [https://selenium.dev/](https://selenium.dev/)
 > - **POM License**: The Apache Software License, Version 2.0 - [http://www.apache.org/licenses/LICENSE-2.0.txt](http://www.apache.org/licenses/LICENSE-2.0.txt)
 
-## The MIT License
-
-**19** **Group:** `org.jsoup` **Name:** `jsoup` **Version:** `1.7.2` 
-> - **Project URL**: [http://jsoup.org/](http://jsoup.org/)
-> - **POM License**: The MIT License - [http://jsoup.com/license](http://jsoup.com/license)
-
 ## The New BSD License
 
-**20** **Group:** `org.reflections` **Name:** `reflections` **Version:** `0.9.12` 
+**12** **Group:** `org.reflections` **Name:** `reflections` **Version:** `0.9.12` 
 > - **POM Project URL**: [http://github.com/ronmamo/reflections](http://github.com/ronmamo/reflections)
 > - **POM License**: The New BSD License - [http://www.opensource.org/licenses/bsd-license.html](http://www.opensource.org/licenses/bsd-license.html)
 > - **POM License**: WTFPL - [http://www.wtfpl.net/](http://www.wtfpl.net/)
 
 ## WTFPL
 
-**21** **Group:** `org.reflections` **Name:** `reflections` **Version:** `0.9.12` 
+**13** **Group:** `org.reflections` **Name:** `reflections` **Version:** `0.9.12` 
 > - **POM Project URL**: [http://github.com/ronmamo/reflections](http://github.com/ronmamo/reflections)
 > - **POM License**: The New BSD License - [http://www.opensource.org/licenses/bsd-license.html](http://www.opensource.org/licenses/bsd-license.html)
 > - **POM License**: WTFPL - [http://www.wtfpl.net/](http://www.wtfpl.net/)

license3rdparty/docs.md

@@ -1,5 +1,5 @@
 
 #docs
 ##Dependency License Report
-_2022-04-06 13:49:34 MESZ_
+_2024-03-05 07:59:01 MEZ_
 

license3rdparty/driver-ui-desktop.md

@@ -1,25 +1,5 @@
 
 #driver-ui-desktop
 ##Dependency License Report
-_2022-04-06 13:49:36 MESZ_
-## GNU Lesser General Public License v3.0
-
-**1** **Group:** `net.anthavio` **Name:** `phanbedder-2.1.1` **Version:** `1.0.0` 
-> - **POM Project URL**: [http://anthavio.github.com/phanbedder](http://anthavio.github.com/phanbedder)
-> - **POM License**: GNU Lesser General Public License v3.0 - [http://www.gnu.org/licenses/lgpl-3.0.txt](http://www.gnu.org/licenses/lgpl-3.0.txt)
-> - **POM License**: The New BSD License - [http://www.opensource.org/licenses/bsd-license.html](http://www.opensource.org/licenses/bsd-license.html)
-
-## The BSD 2-Clause License
-
-**2** **Group:** `com.codeborne` **Name:** `phantomjsdriver` **Version:** `1.4.4` 
-> - **POM Project URL**: [https://github.com/codeborne/ghostdriver](https://github.com/codeborne/ghostdriver)
-> - **POM License**: The BSD 2-Clause License - [http://opensource.org/licenses/BSD-2-Clause](http://opensource.org/licenses/BSD-2-Clause)
-
-## The New BSD License
-
-**3** **Group:** `net.anthavio` **Name:** `phanbedder-2.1.1` **Version:** `1.0.0` 
-> - **POM Project URL**: [http://anthavio.github.com/phanbedder](http://anthavio.github.com/phanbedder)
-> - **POM License**: GNU Lesser General Public License v3.0 - [http://www.gnu.org/licenses/lgpl-3.0.txt](http://www.gnu.org/licenses/lgpl-3.0.txt)
-> - **POM License**: The New BSD License - [http://www.opensource.org/licenses/bsd-license.html](http://www.opensource.org/licenses/bsd-license.html)
-
+_2024-03-05 07:59:03 MEZ_
 

license3rdparty/driver-ui.md

@@ -1,7 +1,7 @@
 
 #driver-ui
 ##Dependency License Report
-_2022-04-06 13:49:35 MESZ_
+_2024-03-05 07:59:02 MEZ_
 ## Apache 2.0
 
 **1** **Group:** `com.google.code.gson` **Name:** `gson` **Version:** `2.8.6` 
@@ -42,22 +42,16 @@ _2022-04-06 13:49:35 MESZ_
 > - **POM Project URL**: [https://github.com/ua-parser/uap-java](https://github.com/ua-parser/uap-java)
 > - **POM License**: The Apache License, Version 2.0 - [http://www.apache.org/licenses/LICENSE-2.0.txt](http://www.apache.org/licenses/LICENSE-2.0.txt)
 
-## The Apache Software License, Version 2.0
-
-**7** **Group:** `org.seleniumhq.selenium` **Name:** `selenium-java` **Version:** `3.141.59` 
-> - **POM Project URL**: [http://www.seleniumhq.org/](http://www.seleniumhq.org/)
-> - **POM License**: The Apache Software License, Version 2.0 - [http://www.apache.org/licenses/LICENSE-2.0.txt](http://www.apache.org/licenses/LICENSE-2.0.txt)
-
 ## The New BSD License
 
-**8** **Group:** `org.reflections` **Name:** `reflections` **Version:** `0.9.12` 
+**7** **Group:** `org.reflections` **Name:** `reflections` **Version:** `0.9.12` 
 > - **POM Project URL**: [http://github.com/ronmamo/reflections](http://github.com/ronmamo/reflections)
 > - **POM License**: The New BSD License - [http://www.opensource.org/licenses/bsd-license.html](http://www.opensource.org/licenses/bsd-license.html)
 > - **POM License**: WTFPL - [http://www.wtfpl.net/](http://www.wtfpl.net/)
 
 ## WTFPL
 
-**9** **Group:** `org.reflections` **Name:** `reflections` **Version:** `0.9.12` 
+**8** **Group:** `org.reflections` **Name:** `reflections` **Version:** `0.9.12` 
 > - **POM Project URL**: [http://github.com/ronmamo/reflections](http://github.com/ronmamo/reflections)
 > - **POM License**: The New BSD License - [http://www.opensource.org/licenses/bsd-license.html](http://www.opensource.org/licenses/bsd-license.html)
 > - **POM License**: WTFPL - [http://www.wtfpl.net/](http://www.wtfpl.net/)