You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@zookeeper.apache.org by sy...@apache.org on 2022/12/13 08:59:08 UTC
[zookeeper] branch branch-3.6 updated: ZOOKEEPER-4644: update dependencies before release 3.6.4
This is an automated email from the ASF dual-hosted git repository.
symat pushed a commit to branch branch-3.6
in repository https://gitbox.apache.org/repos/asf/zookeeper.git
The following commit(s) were added to refs/heads/branch-3.6 by this push:
new a85567484 ZOOKEEPER-4644: update dependencies before release 3.6.4
a85567484 is described below
commit a8556748474bfe13bcd4c01fe0a9320b47dad96a
Author: Mate Szalay-Beko <sy...@apache.com>
AuthorDate: Tue Dec 13 09:58:38 2022 +0100
ZOOKEEPER-4644: update dependencies before release 3.6.4
dependency checks are failing currently on branch-3.6:
```
mvn clean package -DskipTests dependency-check:check
(...)
[ERROR] Failed to execute goal org.owasp:dependency-check-maven:7.1.0:check (default-cli) on project zookeeper:
[ERROR]
[ERROR] One or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '0.0':
[ERROR]
[ERROR] jackson-databind-2.13.2.1.jar: CVE-2022-42003(7.5), CVE-2022-42004(7.5)
[ERROR] jetty-io-9.4.43.v20210629.jar: CVE-2022-2047(2.7), CVE-2022-2048(7.5)
[ERROR] jetty-server-9.4.43.v20210629.jar: CVE-2022-2047(2.7), CVE-2022-2048(7.5)
[ERROR] netty-transport-4.1.76.Final.jar: CVE-2022-24823(5.5)
```
In this commit I updated several third party libraries and also updated / fixed license and notice files.
Because of the bouncycastle upgrade, I also had to do a very minimal code change: the `setPasssword` method on a builder was deprecated as it had a typo in the method name, and it caused compile error after the upgrade.
Author: Mate Szalay-Beko <sy...@apache.com>
Reviewers: Enrico Olivelli <eo...@apache.org>, Chris Nauroth <cn...@apache.org>
Closes #1957 from symat/ZOOKEEPER-4644
---
NOTICE.txt | 2 +-
pom.xml | 20 +-
zookeeper-server/src/main/resources/LICENSE.txt | 18 +-
zookeeper-server/src/main/resources/NOTICE.txt | 227 ++++++++++++++++-----
...txt => audience-annotations-0.13.0.LICENSE.txt} | 0
.../resources/lib/bouncycastle-1.70.LICENSE.txt | 18 ++
...nal.LICENSE.txt => commons-cli-1.4.LICENSE.txt} | 0
...E.txt => commons-collections-3.2.2.LICENSE.txt} | 0
...xt => jackson-annotations-2.13.4.2.LICENSE.txt} | 0
...CENSE.txt => jackson-core-2.13.4.2.LICENSE.txt} | 0
...E.txt => jackson-databind-2.13.4.2.LICENSE.txt} | 0
...txt => jetty-http-9.4.49.v20220914.LICENSE.txt} | 0
...E.txt => jetty-io-9.4.49.v20220914.LICENSE.txt} | 0
...=> jetty-security-9.4.49.v20220914.LICENSE.txt} | 0
...t => jetty-server-9.4.49.v20220914.LICENSE.txt} | 0
... => jetty-servlet-9.4.49.v20220914.LICENSE.txt} | 0
...txt => jetty-util-9.4.49.v20220914.LICENSE.txt} | 0
...> jetty-util-ajax-9.4.49.v20220914.LICENSE.txt} | 0
...6.Final.LICENSE.txt => kerby-2.0.2.LICENSE.txt} | 0
...E.txt => netty-buffer-4.1.85.Final.LICENSE.txt} | 0
...SE.txt => netty-codec-4.1.85.Final.LICENSE.txt} | 0
...E.txt => netty-common-4.1.85.Final.LICENSE.txt} | 0
....txt => netty-handler-4.1.85.Final.LICENSE.txt} | 0
...txt => netty-resolver-4.1.85.Final.LICENSE.txt} | 0
...xt => netty-transport-4.1.85.Final.LICENSE.txt} | 0
...ransport-native-epoll-4.1.85.Final.LICENSE.txt} | 0
...rt-native-unix-common-4.1.85.Final.LICENSE.txt} | 0
...nal.LICENSE.txt => reload4j.1.2.24.LICENSE.txt} | 0
.../main/resources/lib/slf4j-1.7.35.LICENSE.txt | 22 --
...1.7.25.LICENSE.txt => slf4j-1.7.36.LICENSE.txt} | 0
...NSE.txt => snappy-java-1.1.8.4.jar_LICENSE.txt} | 0
.../apache/zookeeper/common/X509TestHelpers.java | 2 +-
32 files changed, 211 insertions(+), 98 deletions(-)
diff --git a/NOTICE.txt b/NOTICE.txt
index 47c56aa57..8fb1daca8 100644
--- a/NOTICE.txt
+++ b/NOTICE.txt
@@ -1,5 +1,5 @@
Apache ZooKeeper
-Copyright 2009-2021 The Apache Software Foundation
+Copyright 2009-2022 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
diff --git a/pom.xml b/pom.xml
index ab051e8c6..cfbb97f8e 100755
--- a/pom.xml
+++ b/pom.xml
@@ -347,26 +347,26 @@
<surefire-forkcount>8</surefire-forkcount>
<!-- dependency versions -->
- <slf4j.version>1.7.35</slf4j.version>
- <audience-annotations.version>0.5.0</audience-annotations.version>
+ <slf4j.version>1.7.36</slf4j.version>
+ <audience-annotations.version>0.13.0</audience-annotations.version>
<jmockit.version>1.48</jmockit.version>
<junit.version>4.12</junit.version>
- <reload4j.version>1.2.22</reload4j.version>
+ <reload4j.version>1.2.24</reload4j.version>
<mockito.version>2.27.0</mockito.version>
<hamcrest.version>1.3</hamcrest.version>
<commons-cli.version>1.4</commons-cli.version>
- <netty.version>4.1.76.Final</netty.version>
- <jetty.version>9.4.43.v20210629</jetty.version>
- <jackson.version>2.13.2.1</jackson.version>
+ <netty.version>4.1.85.Final</netty.version>
+ <jetty.version>9.4.49.v20220914</jetty.version>
+ <jackson.version>2.13.4.2</jackson.version>
<json.version>1.1.1</json.version>
<jline.version>2.14.6</jline.version>
- <snappy.version>1.1.7</snappy.version>
- <kerby.version>2.0.0</kerby.version>
- <bouncycastle.version>1.60</bouncycastle.version>
+ <snappy.version>1.1.8.4</snappy.version>
+ <kerby.version>2.0.2</kerby.version>
+ <bouncycastle.version>1.70</bouncycastle.version>
<commons-collections.version>3.2.2</commons-collections.version>
<dropwizard.version>3.2.5</dropwizard.version>
<spotbugsannotations.version>4.0.2</spotbugsannotations.version>
- <checkstyle.version>8.17</checkstyle.version>
+ <checkstyle.version>8.39</checkstyle.version>
<enforcer.version>3.0.0-M3</enforcer.version>
<!-- parameter to pass to C client build -->
diff --git a/zookeeper-server/src/main/resources/LICENSE.txt b/zookeeper-server/src/main/resources/LICENSE.txt
index b1264c0ec..73cef8255 100644
--- a/zookeeper-server/src/main/resources/LICENSE.txt
+++ b/zookeeper-server/src/main/resources/LICENSE.txt
@@ -206,19 +206,19 @@ This distribution bundles javacc, which is available under the
3-clause BSD License. For details, see a copy of the license in
lib/javacc.LICENSE.txt
-This distribution bundles jline 2.11, which is available under the
+This distribution bundles jline 2.14.6, which is available under the
2-clause BSD License. For details, see a copy of the license in
-lib/jline-2.11.LICENSE.txt
+lib/jline-2.14.6.LICENSE.txt
-This distribution bundles SLF4J 1.7.5, which is available under the MIT
-License. For details, see a copy of the license in
-lib/slf4j-1.7.5.LICENSE.txt
+This distribution bundles slf4j 1.7.36 along with the slf4j-reload4j binding,
+which are available under the MIT License. For details, see a copy of the license in
+lib/slf4j-1.7.36.LICENSE.txt
This distribution bundles json-simple v1.1.1, which is available under the
Apache Software License, Version 2.0. For details, see a copy of the license in
lib/json-simple-1.1.1.LICENSE.txt
-This distribution bundles a modified version of 'JZLib' as part of
-Netty-3.7.0, which is available under the 3-clause BSD licence. For
-details, see a copy of the licence in META-INF/license/LICENSE-jzlib.txt
-as part of the Netty jar in lib/netty-3.7.0.Final.jar.
+This distribution bundles Bouncy Castle libraries (bcprov-jdk15on, bcpkix-jdk15on
+and bcutil-jdk15on) v1.70, which are available under the Bouncy Castle License
+(https://www.bouncycastle.org/licence.html). For details, see a copy of the
+license in lib/bouncycastle-1.70.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/NOTICE.txt b/zookeeper-server/src/main/resources/NOTICE.txt
index ff9fca39c..ac33c14ca 100644
--- a/zookeeper-server/src/main/resources/NOTICE.txt
+++ b/zookeeper-server/src/main/resources/NOTICE.txt
@@ -1,5 +1,5 @@
Apache ZooKeeper
-Copyright 2009-2021 The Apache Software Foundation
+Copyright 2009-2022 The Apache Software Foundation
This product includes software developed at
The Apache Software Foundation (http://www.apache.org/).
@@ -11,10 +11,10 @@ for Airlift code can be found at:
https://github.com/airlift/airlift/blob/master/LICENSE
This product includes software developed by
-The Netty Project (http://netty.io/)
-Copyright 2011 The Netty Project
-
-The Netty NOTICE file contains the following items:
+The Netty Project (http://netty.io/) Copyright 2011 The Netty Project
+The Netty NOTICE file (https://github.com/netty/netty/blob/4.1/NOTICE.txt)
+contains the following items:
+---------------- start of netty NOTICE file ----------------
This product contains the extensions to Java Collections Framework which has
been derived from the works by JSR-166 EG, Doug Lea, and Jason T. Greene:
@@ -32,29 +32,112 @@ Base64 Encoder and Decoder, which can be obtained at:
* HOMEPAGE:
* http://iharder.sourceforge.net/current/java/base64/
-This product contains a modified version of 'JZlib', a re-implementation of
-zlib in pure Java, which can be obtained at:
+This product contains a modified portion of 'Webbit', an event based
+WebSocket and HTTP server, which can be obtained at:
+
+ * LICENSE:
+ * license/LICENSE.webbit.txt (BSD License)
+ * HOMEPAGE:
+ * https://github.com/joewalnes/webbit
+
+This product contains a modified portion of 'SLF4J', a simple logging
+facade for Java, which can be obtained at:
+
+ * LICENSE:
+ * license/LICENSE.slf4j.txt (MIT License)
+ * HOMEPAGE:
+ * https://www.slf4j.org/
+
+This product contains a modified portion of 'Apache Harmony', an open source
+Java SE, which can be obtained at:
+ * NOTICE:
+ * license/NOTICE.harmony.txt
* LICENSE:
- * license/LICENSE.jzlib.txt (BSD Style License)
+ * license/LICENSE.harmony.txt (Apache License 2.0)
+ * HOMEPAGE:
+ * https://archive.apache.org/dist/harmony/
+
+This product contains a modified portion of 'jbzip2', a Java bzip2 compression
+and decompression library written by Matthew J. Francis. It can be obtained at:
+
+ * LICENSE:
+ * license/LICENSE.jbzip2.txt (MIT License)
+ * HOMEPAGE:
+ * https://code.google.com/p/jbzip2/
+
+This product contains a modified portion of 'libdivsufsort', a C API library to construct
+the suffix array and the Burrows-Wheeler transformed string for any input string of
+a constant-size alphabet written by Yuta Mori. It can be obtained at:
+
+ * LICENSE:
+ * license/LICENSE.libdivsufsort.txt (MIT License)
+ * HOMEPAGE:
+ * https://github.com/y-256/libdivsufsort
+
+This product contains a modified portion of Nitsan Wakart's 'JCTools', Java Concurrency Tools for the JVM,
+ which can be obtained at:
+
+ * LICENSE:
+ * license/LICENSE.jctools.txt (ASL2 License)
+ * HOMEPAGE:
+ * https://github.com/JCTools/JCTools
+
+This product optionally depends on 'JZlib', a re-implementation of zlib in
+pure Java, which can be obtained at:
+
+ * LICENSE:
+ * license/LICENSE.jzlib.txt (BSD style License)
* HOMEPAGE:
* http://www.jcraft.com/jzlib/
-This product contains a modified version of 'Webbit', a Java event based
-WebSocket and HTTP server:
+This product optionally depends on 'Compress-LZF', a Java library for encoding and
+decoding data in LZF format, written by Tatu Saloranta. It can be obtained at:
* LICENSE:
- * license/LICENSE.webbit.txt (BSD License)
+ * license/LICENSE.compress-lzf.txt (Apache License 2.0)
* HOMEPAGE:
- * https://github.com/joewalnes/webbit
+ * https://github.com/ning/compress
+
+This product optionally depends on 'lz4', a LZ4 Java compression
+and decompression library written by Adrien Grand. It can be obtained at:
+
+ * LICENSE:
+ * license/LICENSE.lz4.txt (Apache License 2.0)
+ * HOMEPAGE:
+ * https://github.com/jpountz/lz4-java
+
+This product optionally depends on 'lzma-java', a LZMA Java compression
+and decompression library, which can be obtained at:
-This product optionally depends on 'Protocol Buffers', Google's data
+ * LICENSE:
+ * license/LICENSE.lzma-java.txt (Apache License 2.0)
+ * HOMEPAGE:
+ * https://github.com/jponge/lzma-java
+
+This product optionally depends on 'zstd-jni', a zstd-jni Java compression
+and decompression library, which can be obtained at:
+
+ * LICENSE:
+ * license/LICENSE.zstd-jni.txt (Apache License 2.0)
+ * HOMEPAGE:
+ * https://github.com/luben/zstd-jni
+
+This product contains a modified portion of 'jfastlz', a Java port of FastLZ compression
+and decompression library written by William Kinney. It can be obtained at:
+
+ * LICENSE:
+ * license/LICENSE.jfastlz.txt (MIT License)
+ * HOMEPAGE:
+ * https://code.google.com/p/jfastlz/
+
+This product contains a modified portion of and optionally depends on 'Protocol Buffers', Google's data
interchange format, which can be obtained at:
* LICENSE:
* license/LICENSE.protobuf.txt (New BSD License)
* HOMEPAGE:
- * http://code.google.com/p/protobuf/
+ * https://github.com/google/protobuf
This product optionally depends on 'Bouncy Castle Crypto APIs' to generate
a temporary self-signed X.509 certificate when the JVM does not provide the
@@ -63,15 +146,31 @@ equivalent functionality. It can be obtained at:
* LICENSE:
* license/LICENSE.bouncycastle.txt (MIT License)
* HOMEPAGE:
- * http://www.bouncycastle.org/
+ * https://www.bouncycastle.org/
-This product optionally depends on 'SLF4J', a simple logging facade for Java,
-which can be obtained at:
+This product optionally depends on 'Snappy', a compression library produced
+by Google Inc, which can be obtained at:
* LICENSE:
- * license/LICENSE.slf4j.txt (MIT License)
+ * license/LICENSE.snappy.txt (New BSD License)
* HOMEPAGE:
- * http://www.slf4j.org/
+ * https://github.com/google/snappy
+
+This product optionally depends on 'JBoss Marshalling', an alternative Java
+serialization API, which can be obtained at:
+
+ * LICENSE:
+ * license/LICENSE.jboss-marshalling.txt (Apache License 2.0)
+ * HOMEPAGE:
+ * https://github.com/jboss-remoting/jboss-marshalling
+
+This product optionally depends on 'Caliper', Google's micro-
+benchmarking framework, which can be obtained at:
+
+ * LICENSE:
+ * license/LICENSE.caliper.txt (Apache License 2.0)
+ * HOMEPAGE:
+ * https://github.com/google/caliper
This product optionally depends on 'Apache Commons Logging', a logging
framework, which can be obtained at:
@@ -79,61 +178,79 @@ framework, which can be obtained at:
* LICENSE:
* license/LICENSE.commons-logging.txt (Apache License 2.0)
* HOMEPAGE:
- * http://commons.apache.org/logging/
+ * https://commons.apache.org/logging/
-This product optionally depends on 'Reload4j', a logging framework,
-which can be obtained at:
+This product optionally depends on 'Apache Log4J', a logging framework, which
+can be obtained at:
* LICENSE:
- * license/LICENSE.reload4j.txt (Apache License 2.0)
+ * license/LICENSE.log4j.txt (Apache License 2.0)
* HOMEPAGE:
- * https://reload4j.qos.ch/
+ * https://logging.apache.org/log4j/
-This product optionally depends on 'JBoss Logging', a logging framework,
-which can be obtained at:
+This product optionally depends on 'Aalto XML', an ultra-high performance
+non-blocking XML processor, which can be obtained at:
* LICENSE:
- * license/LICENSE.jboss-logging.txt (GNU LGPL 2.1)
+ * license/LICENSE.aalto-xml.txt (Apache License 2.0)
* HOMEPAGE:
- * http://anonsvn.jboss.org/repos/common/common-logging-spi/
+ * https://wiki.fasterxml.com/AaltoHome
-This product optionally depends on 'Apache Felix', an open source OSGi
-framework implementation, which can be obtained at:
+This product contains a modified version of 'HPACK', a Java implementation of
+the HTTP/2 HPACK algorithm written by Twitter. It can be obtained at:
* LICENSE:
- * license/LICENSE.felix.txt (Apache License 2.0)
+ * license/LICENSE.hpack.txt (Apache License 2.0)
* HOMEPAGE:
- * http://felix.apache.org/
+ * https://github.com/twitter/hpack
-The bundled library Metrics Core NOTICE file reports the following items
+This product contains a modified version of 'HPACK', a Java implementation of
+the HTTP/2 HPACK algorithm written by Cory Benfield. It can be obtained at:
-Metrics
-Copyright 2010-2013 Coda Hale and Yammer, Inc.
+ * LICENSE:
+ * license/LICENSE.hyper-hpack.txt (MIT License)
+ * HOMEPAGE:
+ * https://github.com/python-hyper/hpack/
-This product includes software developed by Coda Hale and Yammer, Inc.
+This product contains a modified version of 'HPACK', a Java implementation of
+the HTTP/2 HPACK algorithm written by Tatsuhiro Tsujikawa. It can be obtained at:
-This product includes code derived from the JSR-166 project (ThreadLocalRandom, Striped64,
-LongAdder), which was released with the following comments:
+ * LICENSE:
+ * license/LICENSE.nghttp2-hpack.txt (MIT License)
+ * HOMEPAGE:
+ * https://github.com/nghttp2/nghttp2/
- Written by Doug Lea with assistance from members of JCP JSR-166
- Expert Group and released to the public domain, as explained at
- http://creativecommons.org/publicdomain/zero/1.0/
+This product contains a modified portion of 'Apache Commons Lang', a Java library
+provides utilities for the java.lang API, which can be obtained at:
-The Nappy Java NOTICE file reports the following items:
+ * LICENSE:
+ * license/LICENSE.commons-lang.txt (Apache License 2.0)
+ * HOMEPAGE:
+ * https://commons.apache.org/proper/commons-lang/
-This product includes software developed by Google
- Snappy: http://code.google.com/p/snappy/ (New BSD License)
-This product includes software developed by Apache
- PureJavaCrc32C from apache-hadoop-common http://hadoop.apache.org/
- (Apache 2.0 license)
+This product contains the Maven wrapper scripts from 'Maven Wrapper', that provides an easy way to ensure a user has everything necessary to run the Maven build.
-This library containd statically linked libstdc++. This inclusion is allowed by
-"GCC RUntime Library Exception"
-http://gcc.gnu.org/onlinedocs/libstdc++/manual/license.html
+ * LICENSE:
+ * license/LICENSE.mvn-wrapper.txt (Apache License 2.0)
+ * HOMEPAGE:
+ * https://github.com/takari/maven-wrapper
+
+This product contains the dnsinfo.h header file, that provides a way to retrieve the system DNS configuration on MacOS.
+This private header is also used by Apple's open source
+ mDNSResponder (https://opensource.apple.com/tarballs/mDNSResponder/).
+
+ * LICENSE:
+ * license/LICENSE.dnsinfo.txt (Apple Public Source License 2.0)
+ * HOMEPAGE:
+ * https://www.opensource.apple.com/source/configd/configd-453.19/dnsinfo/dnsinfo.h
+
+This product optionally depends on 'Brotli4j', Brotli compression and
+decompression for Java., which can be obtained at:
+
+ * LICENSE:
+ * license/LICENSE.brotli4j.txt (Apache License 2.0)
+ * HOMEPAGE:
+ * https://github.com/hyperxpro/Brotli4j
-== Contributors ==
- * Tatu Saloranta
- * Providing benchmark suite
- * Alec Wysoker
- * Performance and memory usage improvement
+---------------- end of netty NOTICE file ----------------
\ No newline at end of file
diff --git a/zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt b/zookeeper-server/src/main/resources/lib/audience-annotations-0.13.0.LICENSE.txt
similarity index 100%
copy from zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt
copy to zookeeper-server/src/main/resources/lib/audience-annotations-0.13.0.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/bouncycastle-1.70.LICENSE.txt b/zookeeper-server/src/main/resources/lib/bouncycastle-1.70.LICENSE.txt
new file mode 100644
index 000000000..ff1320ae1
--- /dev/null
+++ b/zookeeper-server/src/main/resources/lib/bouncycastle-1.70.LICENSE.txt
@@ -0,0 +1,18 @@
+Copyright (c) 2000 - 2021 The Legion of the Bouncy Castle Inc.
+(https://www.bouncycastle.org)
+
+Permission is hereby granted, free of charge, to any person obtaining a copy of this software
+and associated documentation files (the "Software"), to deal in the Software without restriction,
+including without limitation the rights to use, copy, modify, merge, publish, distribute,
+sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all copies or
+substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING
+BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
+DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
diff --git a/zookeeper-server/src/main/resources/lib/netty-codec-4.1.76.Final.LICENSE.txt b/zookeeper-server/src/main/resources/lib/commons-cli-1.4.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/netty-codec-4.1.76.Final.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/commons-cli-1.4.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/netty-common-4.1.76.Final.LICENSE.txt b/zookeeper-server/src/main/resources/lib/commons-collections-3.2.2.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/netty-common-4.1.76.Final.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/commons-collections-3.2.2.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/netty-handler-4.1.76.Final.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jackson-annotations-2.13.4.2.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/netty-handler-4.1.76.Final.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jackson-annotations-2.13.4.2.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/netty-resolver-4.1.76.Final.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jackson-core-2.13.4.2.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/netty-resolver-4.1.76.Final.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jackson-core-2.13.4.2.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/netty-transport-4.1.76.Final.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jackson-databind-2.13.4.2.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/netty-transport-4.1.76.Final.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jackson-databind-2.13.4.2.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/jetty-http-9.4.43.v20210629.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jetty-http-9.4.49.v20220914.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/jetty-http-9.4.43.v20210629.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jetty-http-9.4.49.v20220914.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/jetty-io-9.4.43.v20210629.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jetty-io-9.4.49.v20220914.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/jetty-io-9.4.43.v20210629.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jetty-io-9.4.49.v20220914.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/jetty-security-9.4.43.v20210629.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jetty-security-9.4.49.v20220914.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/jetty-security-9.4.43.v20210629.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jetty-security-9.4.49.v20220914.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/jetty-server-9.4.43.v20210629.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jetty-server-9.4.49.v20220914.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/jetty-server-9.4.43.v20210629.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jetty-server-9.4.49.v20220914.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.43.v20210629.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.49.v20220914.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.43.v20210629.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jetty-servlet-9.4.49.v20220914.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/jetty-util-9.4.43.v20210629.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jetty-util-9.4.49.v20220914.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/jetty-util-9.4.43.v20210629.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jetty-util-9.4.49.v20220914.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.43.v20210629.LICENSE.txt b/zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.49.v20220914.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.43.v20210629.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/jetty-util-ajax-9.4.49.v20220914.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/netty-transport-native-epoll-4.1.76.Final.LICENSE.txt b/zookeeper-server/src/main/resources/lib/kerby-2.0.2.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/netty-transport-native-epoll-4.1.76.Final.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/kerby-2.0.2.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/netty-transport-native-unix-common-4.1.76.Final.LICENSE.txt b/zookeeper-server/src/main/resources/lib/netty-buffer-4.1.85.Final.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/netty-transport-native-unix-common-4.1.76.Final.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/netty-buffer-4.1.85.Final.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/reload4j.1.2.22.LICENSE.txt b/zookeeper-server/src/main/resources/lib/netty-codec-4.1.85.Final.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/reload4j.1.2.22.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/netty-codec-4.1.85.Final.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt b/zookeeper-server/src/main/resources/lib/netty-common-4.1.85.Final.LICENSE.txt
similarity index 100%
copy from zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt
copy to zookeeper-server/src/main/resources/lib/netty-common-4.1.85.Final.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt b/zookeeper-server/src/main/resources/lib/netty-handler-4.1.85.Final.LICENSE.txt
similarity index 100%
copy from zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt
copy to zookeeper-server/src/main/resources/lib/netty-handler-4.1.85.Final.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt b/zookeeper-server/src/main/resources/lib/netty-resolver-4.1.85.Final.LICENSE.txt
similarity index 100%
copy from zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt
copy to zookeeper-server/src/main/resources/lib/netty-resolver-4.1.85.Final.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt b/zookeeper-server/src/main/resources/lib/netty-transport-4.1.85.Final.LICENSE.txt
similarity index 100%
copy from zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt
copy to zookeeper-server/src/main/resources/lib/netty-transport-4.1.85.Final.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt b/zookeeper-server/src/main/resources/lib/netty-transport-native-epoll-4.1.85.Final.LICENSE.txt
similarity index 100%
copy from zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt
copy to zookeeper-server/src/main/resources/lib/netty-transport-native-epoll-4.1.85.Final.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt b/zookeeper-server/src/main/resources/lib/netty-transport-native-unix-common-4.1.85.Final.LICENSE.txt
similarity index 100%
copy from zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt
copy to zookeeper-server/src/main/resources/lib/netty-transport-native-unix-common-4.1.85.Final.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt b/zookeeper-server/src/main/resources/lib/reload4j.1.2.24.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/netty-buffer-4.1.76.Final.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/reload4j.1.2.24.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/slf4j-1.7.35.LICENSE.txt b/zookeeper-server/src/main/resources/lib/slf4j-1.7.35.LICENSE.txt
deleted file mode 100644
index a502dd93a..000000000
--- a/zookeeper-server/src/main/resources/lib/slf4j-1.7.35.LICENSE.txt
+++ /dev/null
@@ -1,22 +0,0 @@
-Copyright (c) 2004-2017 QOS.ch
-All rights reserved.
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-
diff --git a/zookeeper-server/src/main/resources/lib/slf4j-1.7.25.LICENSE.txt b/zookeeper-server/src/main/resources/lib/slf4j-1.7.36.LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/slf4j-1.7.25.LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/slf4j-1.7.36.LICENSE.txt
diff --git a/zookeeper-server/src/main/resources/lib/snappy-java-1.1.7.jar_LICENSE.txt b/zookeeper-server/src/main/resources/lib/snappy-java-1.1.8.4.jar_LICENSE.txt
similarity index 100%
rename from zookeeper-server/src/main/resources/lib/snappy-java-1.1.7.jar_LICENSE.txt
rename to zookeeper-server/src/main/resources/lib/snappy-java-1.1.8.4.jar_LICENSE.txt
diff --git a/zookeeper-server/src/test/java/org/apache/zookeeper/common/X509TestHelpers.java b/zookeeper-server/src/test/java/org/apache/zookeeper/common/X509TestHelpers.java
index fb1371a3d..b9f2f6db9 100644
--- a/zookeeper-server/src/test/java/org/apache/zookeeper/common/X509TestHelpers.java
+++ b/zookeeper-server/src/test/java/org/apache/zookeeper/common/X509TestHelpers.java
@@ -270,7 +270,7 @@ public class X509TestHelpers {
JcaPEMWriter pemWriter = new JcaPEMWriter(stringWriter);
OutputEncryptor encryptor = null;
if (password != null && password.length() > 0) {
- encryptor = new JceOpenSSLPKCS8EncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC).setProvider(BouncyCastleProvider.PROVIDER_NAME).setRandom(PRNG).setPasssword(password.toCharArray()).build();
+ encryptor = new JceOpenSSLPKCS8EncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC).setProvider(BouncyCastleProvider.PROVIDER_NAME).setRandom(PRNG).setPassword(password.toCharArray()).build();
}
pemWriter.writeObject(new JcaPKCS8Generator(key, encryptor));
pemWriter.close();