From 3755a884fb463c79b1386d149b9a1328eff3c959 Mon Sep 17 00:00:00 2001
From: Diogo Gaspar <dgaspar@kth.se>
Date: Fri, 21 Mar 2025 10:05:26 +0100
Subject: [PATCH 01/33] chore: add dirty-waters-action@v1.11.24 to code quality
 workflow

---
 .github/workflows/code-qualitiy.yml | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index 8e0a6c412..20fc59e5a 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -64,3 +64,24 @@ jobs:
         run: mvn --batch-mode --update-snapshots clean install
       - name: Run reproducibility check
         run: mvn clean install
+  dirty-waters:
+    runs-on:
+        ubuntu-latest
+    permissions:
+      pull-requests: write # To comment on a Pull Request
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          submodules: true
+      - name: Setup JDK17
+        uses: actions/setup-java@v4
+        with:
+          distribution: 'temurin'
+          java-version: '17'
+      - name: Dirty Waters Analysis
+        uses: chains-project/dirty-waters-action@v1.11.24
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          package_manager: maven
+          gradual_report: false
+

From cfd21aa8da165e079e88aad0bfad14c5f63d4408 Mon Sep 17 00:00:00 2001
From: Diogo Gaspar <dgaspar@kth.se>
Date: Wed, 26 Mar 2025 13:57:05 +0100
Subject: [PATCH 02/33] chore: bump to 1.11.31; ignoring cache for one run, to
 gather parents too

---
 .github/workflows/code-qualitiy.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index 20fc59e5a..1ccbc7e04 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -79,9 +79,10 @@ jobs:
           distribution: 'temurin'
           java-version: '17'
       - name: Dirty Waters Analysis
-        uses: chains-project/dirty-waters-action@v1.11.24
+        uses: chains-project/dirty-waters-action@v1.11.31
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           package_manager: maven
+          ignore_cache: "true"
           gradual_report: false
 

From e1da795041194484ea5dfcd6e3542f5cee673ce8 Mon Sep 17 00:00:00 2001
From: Diogo Gaspar <dgaspar@kth.se>
Date: Wed, 26 Mar 2025 14:55:14 +0100
Subject: [PATCH 03/33] chore: revert to not ignoring cache

---
 .github/workflows/code-qualitiy.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index 1ccbc7e04..08499464d 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -83,6 +83,5 @@ jobs:
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           package_manager: maven
-          ignore_cache: "true"
           gradual_report: false
 

From 569d985e75647ef2c58f7e5ad8d280f675f210eb Mon Sep 17 00:00:00 2001
From: Diogo Gaspar <dgaspar@kth.se>
Date: Mon, 31 Mar 2025 00:34:44 +0200
Subject: [PATCH 04/33] chore: re-run with debug flag active

---
 .github/workflows/code-qualitiy.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index 08499464d..1e5a4cbb3 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -84,4 +84,5 @@ jobs:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           package_manager: maven
           gradual_report: false
+          debug: true
 

From d6e0ae05de335ef014399666f3b2aa1bc99a2f6f Mon Sep 17 00:00:00 2001
From: Diogo Gaspar <dgaspar@kth.se>
Date: Mon, 31 Mar 2025 00:58:31 +0200
Subject: [PATCH 05/33] chore: bump to v1.11.33

---
 .github/workflows/code-qualitiy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index 1e5a4cbb3..63c56cc44 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -79,7 +79,7 @@ jobs:
           distribution: 'temurin'
           java-version: '17'
       - name: Dirty Waters Analysis
-        uses: chains-project/dirty-waters-action@v1.11.31
+        uses: chains-project/dirty-waters-action@v1.11.33
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           package_manager: maven

From cdf5a00063f0ea0963b66a48566ee14dc4c7a518 Mon Sep 17 00:00:00 2001
From: Diogo Gaspar <dgaspar@kth.se>
Date: Wed, 2 Apr 2025 11:01:30 +0200
Subject: [PATCH 06/33] chore: bump to v1.11.35; adds option to ignore parent
 deps

---
 .github/workflows/code-qualitiy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index 63c56cc44..5ddbd8075 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -79,7 +79,7 @@ jobs:
           distribution: 'temurin'
           java-version: '17'
       - name: Dirty Waters Analysis
-        uses: chains-project/dirty-waters-action@v1.11.33
+        uses: chains-project/dirty-waters-action@v1.11.35
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           package_manager: maven

From 0b2f95591b834111130653505841150724b9f8e5 Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Wed, 2 Apr 2025 13:02:27 +0200
Subject: [PATCH 07/33] Add ignore config

---
 .github/workflows/code-qualitiy.yml |  1 +
 dirty-waters.json                   | 12 ++++++++++++
 2 files changed, 13 insertions(+)
 create mode 100644 dirty-waters.json

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index 5ddbd8075..bc7b1ec4c 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -85,4 +85,5 @@ jobs:
           package_manager: maven
           gradual_report: false
           debug: true
+          config: dirty-waters.json
 
diff --git a/dirty-waters.json b/dirty-waters.json
new file mode 100644
index 000000000..2139a81df
--- /dev/null
+++ b/dirty-waters.json
@@ -0,0 +1,12 @@
+{
+    "ignore": {
+        "org.sonatype.plexus:plexus-sec-dispatcher@1.3": "provenance",
+        "org.sonatype.plexus:plexus-cipher@1.4": "provenance",
+        "commons-beanutils:commons-beanutils@1.7.0": "provenance",
+        "dom4j:dom4j@1.1": "provenance",
+        "oro:oro@2.0.8": "provenance",
+        "org.iq80.snappy:snappy@0.4": "provenance"
+    }
+}
+
+

From def8c0417fdd6b53508562a70242f21564861db8 Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Wed, 2 Apr 2025 13:08:21 +0200
Subject: [PATCH 08/33] Update config with source_code

---
 dirty-waters.json | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/dirty-waters.json b/dirty-waters.json
index 2139a81df..901058fe5 100644
--- a/dirty-waters.json
+++ b/dirty-waters.json
@@ -1,11 +1,11 @@
 {
     "ignore": {
-        "org.sonatype.plexus:plexus-sec-dispatcher@1.3": "provenance",
-        "org.sonatype.plexus:plexus-cipher@1.4": "provenance",
-        "commons-beanutils:commons-beanutils@1.7.0": "provenance",
-        "dom4j:dom4j@1.1": "provenance",
-        "oro:oro@2.0.8": "provenance",
-        "org.iq80.snappy:snappy@0.4": "provenance"
+        "org.sonatype.plexus:plexus-sec-dispatcher@1.3": ["source_code"],
+        "org.sonatype.plexus:plexus-cipher@1.4": ["source_code"],
+        "commons-beanutils:commons-beanutils@1.7.0": ["source_code"],
+        "dom4j:dom4j@1.1": ["source_code"],
+        "oro:oro@2.0.8": ["source_code"],
+        "org.iq80.snappy:snappy@0.4": ["source_code_sha"]
     }
 }
 

From 9a15c86d9e883f9351f5ffc25e2755b202253b98 Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Wed, 2 Apr 2025 17:58:59 +0200
Subject: [PATCH 09/33] Change path to config

---
 .github/workflows/code-qualitiy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index dc3170ce3..f082bbcfc 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -85,5 +85,5 @@ jobs:
           package_manager: maven
           gradual_report: false
           debug: true
-          config: dirty-waters.json
+          config: chains-project/maven-lockfile/dirty-waters.json
 

From 85883f977a4e0ddda1195f513b5816451e501778 Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Wed, 2 Apr 2025 18:24:25 +0200
Subject: [PATCH 10/33] Specify PR base for analysis

---
 .github/workflows/code-qualitiy.yml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index f082bbcfc..0b852d4b1 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -82,6 +82,7 @@ jobs:
         uses: chains-project/dirty-waters-action@v1.11.35
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
+          version_old: ${{ github.event.pull_request.base.sha }}
           package_manager: maven
           gradual_report: false
           debug: true

From ef16f09012fc21759da50a97586a26337aaa1ffe Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Wed, 2 Apr 2025 18:29:41 +0200
Subject: [PATCH 11/33] Run on PR head ref

---
 .github/workflows/code-qualitiy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index 0b852d4b1..d8c9e1202 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -82,7 +82,7 @@ jobs:
         uses: chains-project/dirty-waters-action@v1.11.35
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
-          version_old: ${{ github.event.pull_request.base.sha }}
+          version_old: ${{ github.event.pull_request.head.ref }}
           package_manager: maven
           gradual_report: false
           debug: true

From fb610ec4637b34bf22a2700f3c90b3a8ddee97b8 Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Wed, 2 Apr 2025 18:32:10 +0200
Subject: [PATCH 12/33] Reset to HEAD

---
 .github/workflows/code-qualitiy.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index d8c9e1202..f082bbcfc 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -82,7 +82,6 @@ jobs:
         uses: chains-project/dirty-waters-action@v1.11.35
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
-          version_old: ${{ github.event.pull_request.head.ref }}
           package_manager: maven
           gradual_report: false
           debug: true

From c8d07e3a2e3e0474decd7cf73fe8dbd446913fc8 Mon Sep 17 00:00:00 2001
From: Diogo Gaspar <dgaspar@kth.se>
Date: Wed, 2 Apr 2025 23:20:05 +0200
Subject: [PATCH 13/33] bump to v1.11.39; new version fixes config-file bug

---
 .github/workflows/code-qualitiy.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index f082bbcfc..c22482d1f 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -79,11 +79,11 @@ jobs:
           distribution: 'temurin'
           java-version: '17'
       - name: Dirty Waters Analysis
-        uses: chains-project/dirty-waters-action@v1.11.35
+        uses: chains-project/dirty-waters-action@v1.11.39
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           package_manager: maven
           gradual_report: false
           debug: true
-          config: chains-project/maven-lockfile/dirty-waters.json
+          config: dirty-waters.json
 

From 654372735759de827f82c97aeb6d0b829b1db94a Mon Sep 17 00:00:00 2001
From: Diogo Gaspar <dgaspar@kth.se>
Date: Wed, 2 Apr 2025 23:42:22 +0200
Subject: [PATCH 14/33] chore: bump to v1.11.40; fixes issue where if entries
 were cached they were shown, even if ignored

---
 .github/workflows/code-qualitiy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index c22482d1f..ba4fcf1a9 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -79,7 +79,7 @@ jobs:
           distribution: 'temurin'
           java-version: '17'
       - name: Dirty Waters Analysis
-        uses: chains-project/dirty-waters-action@v1.11.39
+        uses: chains-project/dirty-waters-action@v1.11.40
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           package_manager: maven

From 41cbe66b1b53a9268c8b5961341f048f24bec490 Mon Sep 17 00:00:00 2001
From: Diogo Gaspar <dgaspar@kth.se>
Date: Thu, 3 Apr 2025 00:04:31 +0200
Subject: [PATCH 15/33] chore: bump to v1.11.41; added check for disallowing
 conflicting configs

---
 .github/workflows/code-qualitiy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index ba4fcf1a9..a2e1251d8 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -79,7 +79,7 @@ jobs:
           distribution: 'temurin'
           java-version: '17'
       - name: Dirty Waters Analysis
-        uses: chains-project/dirty-waters-action@v1.11.40
+        uses: chains-project/dirty-waters-action@v1.11.41
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           package_manager: maven

From f1a219d87947eef2f116e574f2981aafbf1eac60 Mon Sep 17 00:00:00 2001
From: Diogo Gaspar <dgaspar@kth.se>
Date: Thu, 3 Apr 2025 00:21:54 +0200
Subject: [PATCH 16/33] chore: bump to v1.11.42; dirty-waters now resolves
 config conflicts instead of breaking

---
 .github/workflows/code-qualitiy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index a2e1251d8..111c9f114 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -79,7 +79,7 @@ jobs:
           distribution: 'temurin'
           java-version: '17'
       - name: Dirty Waters Analysis
-        uses: chains-project/dirty-waters-action@v1.11.41
+        uses: chains-project/dirty-waters-action@v1.11.42
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           package_manager: maven

From b8aff0bbfd121c767eb55b835bdeacb820be550b Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Thu, 3 Apr 2025 08:35:08 +0200
Subject: [PATCH 17/33] Do not check for source code, avoid 404

---
 dirty-waters.json | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/dirty-waters.json b/dirty-waters.json
index 901058fe5..0ea0961ee 100644
--- a/dirty-waters.json
+++ b/dirty-waters.json
@@ -5,8 +5,6 @@
         "commons-beanutils:commons-beanutils@1.7.0": ["source_code"],
         "dom4j:dom4j@1.1": ["source_code"],
         "oro:oro@2.0.8": ["source_code"],
-        "org.iq80.snappy:snappy@0.4": ["source_code_sha"]
+        "org.iq80.snappy:snappy@0.4": ["source_code"]
     }
 }
-
-

From ef17886a0ea7e35c5754d39dd5b3f23f4b3e17ab Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Thu, 3 Apr 2025 12:12:32 +0200
Subject: [PATCH 18/33] Ignore source_code_sha, missing tags for plugins with
 many deps

---
 dirty-waters.json | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/dirty-waters.json b/dirty-waters.json
index 0ea0961ee..96ab6c778 100644
--- a/dirty-waters.json
+++ b/dirty-waters.json
@@ -6,5 +6,10 @@
         "dom4j:dom4j@1.1": ["source_code"],
         "oro:oro@2.0.8": ["source_code"],
         "org.iq80.snappy:snappy@0.4": ["source_code"]
+    },
+    "ignore-if-parent": {
+        "com.diffplug.spotless:spotless-maven-plugin@2.44.3": ["source_code_sha"],
+        "org.apache.maven.plugins:maven-artifact-plugin@3.6.0": ["source_code_sha"],
+        "org.apache.maven.plugins:maven-site-plugin@3.21.0": ["source_code_sha"]
     }
 }

From e0c69c00d9f4174e29cfade9faeff38a4c32be9d Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Thu, 3 Apr 2025 12:27:01 +0200
Subject: [PATCH 19/33] Ignore code_signatures for deps with missing

---
 dirty-waters.json | 26 ++++++++++++++++++++++----
 1 file changed, 22 insertions(+), 4 deletions(-)

diff --git a/dirty-waters.json b/dirty-waters.json
index 96ab6c778..7210639ff 100644
--- a/dirty-waters.json
+++ b/dirty-waters.json
@@ -2,10 +2,25 @@
     "ignore": {
         "org.sonatype.plexus:plexus-sec-dispatcher@1.3": ["source_code"],
         "org.sonatype.plexus:plexus-cipher@1.4": ["source_code"],
-        "commons-beanutils:commons-beanutils@1.7.0": ["source_code"],
-        "dom4j:dom4j@1.1": ["source_code"],
-        "oro:oro@2.0.8": ["source_code"],
-        "org.iq80.snappy:snappy@0.4": ["source_code"]
+        "commons-beanutils:commons-beanutils@1.7.0": ["source_code", "code_signature"],
+        "dom4j:dom4j@1.1": ["source_code", "code_signature"],
+        "oro:oro@2.0.8": ["source_code", "code_signature"],
+        "org.iq80.snappy:snappy@0.4": ["source_code"],
+        "javax.inject:javax.inject@1": ["code_signature"],
+        "com.google.collections:google-collections@1.0": ["code_signature"],
+        "org.codehaus.plexus:plexus-i18n@1.0-beta-10": ["code_signature"],
+        "commons-digester:commons-digester@1.8": ["code_signature"],
+        "commons-chain:commons-chain@1.1": ["code_signature"],
+        "org.jboss.logging:commons-logging-jboss-logging@1.0.0.Final": ["code_signature"],
+        "org.jboss.logmanager:jboss-logmanager@3.1.2.Final": ["code_signature"],
+        "org.jboss.logging:jboss-logging@3.6.1.Final": ["code_signature"],
+        "aopalliance:aopalliance@1.0": ["code_signature"],
+        "org.aesh:readline@2.6": ["code_signature"],
+        "org.aesh:aesh@2.8.2": ["code_signature"],
+        "org.wildfly.common:wildfly-common@2.0.1": "[code_signature]",
+        "org.jboss.logging:jboss-logging-annotations@3.0.4.Final": ["code_signature"],
+        "org.jboss.threads:jboss-threads@3.8.0.Final": ["code_signature"],
+        "org.jboss.slf4j:slf4j-jboss-logmanager@2.0.0.Final": ["code_signature"]
     },
     "ignore-if-parent": {
         "com.diffplug.spotless:spotless-maven-plugin@2.44.3": ["source_code_sha"],
@@ -13,3 +28,6 @@
         "org.apache.maven.plugins:maven-site-plugin@3.21.0": ["source_code_sha"]
     }
 }
+
+
+

From 4194fd024b6f760735b15de3002ec7960d79e120 Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Thu, 3 Apr 2025 12:31:17 +0200
Subject: [PATCH 20/33] Ignore deps with missing tags

---
 dirty-waters.json | 38 ++++++++++++++++++++++++++++++++++++--
 1 file changed, 36 insertions(+), 2 deletions(-)

diff --git a/dirty-waters.json b/dirty-waters.json
index 7210639ff..0ae6a63dd 100644
--- a/dirty-waters.json
+++ b/dirty-waters.json
@@ -16,11 +16,44 @@
         "org.jboss.logging:jboss-logging@3.6.1.Final": ["code_signature"],
         "aopalliance:aopalliance@1.0": ["code_signature"],
         "org.aesh:readline@2.6": ["code_signature"],
-        "org.aesh:aesh@2.8.2": ["code_signature"],
+        "org.aesh:aesh@2.8.2": ["code_signature", "source_code_sha"],
         "org.wildfly.common:wildfly-common@2.0.1": "[code_signature]",
         "org.jboss.logging:jboss-logging-annotations@3.0.4.Final": ["code_signature"],
         "org.jboss.threads:jboss-threads@3.8.0.Final": ["code_signature"],
-        "org.jboss.slf4j:slf4j-jboss-logmanager@2.0.0.Final": ["code_signature"]
+        "org.jboss.slf4j:slf4j-jboss-logmanager@2.0.0.Final": ["code_signature", "source_code_sha"],
+        "commons-codec:commons-codec@1.17.1": ["source_code_sha"],
+        "commons-io:commons-io@2.18.0": ["source_code_sha"],
+        "org.eclipse.sisu:org.eclipse.sisu.plexus@0.9.0.M3": ["source_code_sha"],
+        "org.eclipse.sisu:org.eclipse.sisu.inject@0.9.0.M3": ["source_code_sha"],
+        "commons-codec:commons-codec@1.18.0": ["source_code_sha"],
+        "org.apache.httpcomponents:httpclient@4.5.14": ["source_code_sha"],
+        "org.apache.httpcomponents:httpcore@4.4.16": ["source_code_sha"],
+        "com.google.guava:guava@33.4.0-jre": ["source_code_sha"],
+        "commons-cli:commons-cli@1.8.0": ["source_code_sha"],
+        "org.apache.commons:commons-lang3@3.17.0": ["source_code_sha"],
+        "io.github.crac:org-crac@0.1.3": ["source_code_sha"],
+        "org.junit.platform:junit-platform-launcher@1.10.5": ["source_code_sha"],
+        "org.junit.platform:junit-platform-engine@1.10.5": ["source_code_sha"],
+        "org.junit.platform:junit-platform-commons@1.10.5": ["source_code_sha"],
+        "org.apache.commons:commons-compress@1.27.1": ["source_code_sha"],
+        "org.jdom:jdom2@2.0.6.1": ["source_code_sha"],
+        "jakarta.el:jakarta.el-api@5.0.1": "[source_code_sha]",
+        "jakarta.interceptor:jakarta.interceptor-api@2.2.0": ["source_code_sha"],
+        "org.apache.commons:commons-collections4@4.4": ["source_code_sha"],
+        "jakarta.json:jakarta.json-api@2.1.3": ["source_code_sha"],
+        "org.twdata.maven:mojo-executor@2.4.0": ["source_code_sha"],
+        "commons-io:commons-io@2.16.1": ["source_code_sha"],
+        "org.apache.commons:commons-lang3@3.14.0": ["source_code_sha"],
+        "commons-io:commons-io@2.14.0": ["source_code_sha"],
+        "commons-io:commons-io@2.11.0": ["source_code_sha"],
+        "org.apache.commons:commons-compress@1.26.1": ["source_code_sha"],
+        "commons-codec:commons-codec@1.16.1": ["source_code_sha"],
+        "org.apache.commons:commons-lang3@3.12.0": ["source_code_sha"],
+        "io.vertx:vertx-web-client@4.5.13": ["source_code_sha"],
+        "io.vertx:vertx-uri-template@4.5.13": "[source_code_sha]",
+        "io.vertx:vertx-web-common@4.5.13": ["source_code_sha"],
+        "io.vertx:vertx-auth-common@4.5.13": ["source_code_sha"],
+        "org.jboss.marshalling:jboss-marshalling@2.2.2.Final": ["source_code_sha"]
     },
     "ignore-if-parent": {
         "com.diffplug.spotless:spotless-maven-plugin@2.44.3": ["source_code_sha"],
@@ -31,3 +64,4 @@
 
 
 
+

From 73c36fad8d599bfe59ba5f006e3964370aa34b41 Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Thu, 3 Apr 2025 12:35:08 +0200
Subject: [PATCH 21/33] Formatting error

---
 dirty-waters.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/dirty-waters.json b/dirty-waters.json
index 0ae6a63dd..d8f5553ae 100644
--- a/dirty-waters.json
+++ b/dirty-waters.json
@@ -17,7 +17,7 @@
         "aopalliance:aopalliance@1.0": ["code_signature"],
         "org.aesh:readline@2.6": ["code_signature"],
         "org.aesh:aesh@2.8.2": ["code_signature", "source_code_sha"],
-        "org.wildfly.common:wildfly-common@2.0.1": "[code_signature]",
+        "org.wildfly.common:wildfly-common@2.0.1": ["code_signature"],
         "org.jboss.logging:jboss-logging-annotations@3.0.4.Final": ["code_signature"],
         "org.jboss.threads:jboss-threads@3.8.0.Final": ["code_signature"],
         "org.jboss.slf4j:slf4j-jboss-logmanager@2.0.0.Final": ["code_signature", "source_code_sha"],

From 2b28fa1f9b432c114034ffbf26af146308208a98 Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Thu, 3 Apr 2025 12:39:05 +0200
Subject: [PATCH 22/33] JSON formatting errors

---
 dirty-waters.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/dirty-waters.json b/dirty-waters.json
index d8f5553ae..6ccc6c27a 100644
--- a/dirty-waters.json
+++ b/dirty-waters.json
@@ -37,7 +37,7 @@
         "org.junit.platform:junit-platform-commons@1.10.5": ["source_code_sha"],
         "org.apache.commons:commons-compress@1.27.1": ["source_code_sha"],
         "org.jdom:jdom2@2.0.6.1": ["source_code_sha"],
-        "jakarta.el:jakarta.el-api@5.0.1": "[source_code_sha]",
+        "jakarta.el:jakarta.el-api@5.0.1": ["source_code_sha"],
         "jakarta.interceptor:jakarta.interceptor-api@2.2.0": ["source_code_sha"],
         "org.apache.commons:commons-collections4@4.4": ["source_code_sha"],
         "jakarta.json:jakarta.json-api@2.1.3": ["source_code_sha"],
@@ -50,7 +50,7 @@
         "commons-codec:commons-codec@1.16.1": ["source_code_sha"],
         "org.apache.commons:commons-lang3@3.12.0": ["source_code_sha"],
         "io.vertx:vertx-web-client@4.5.13": ["source_code_sha"],
-        "io.vertx:vertx-uri-template@4.5.13": "[source_code_sha]",
+        "io.vertx:vertx-uri-template@4.5.13": ["source_code_sha"],
         "io.vertx:vertx-web-common@4.5.13": ["source_code_sha"],
         "io.vertx:vertx-auth-common@4.5.13": ["source_code_sha"],
         "org.jboss.marshalling:jboss-marshalling@2.2.2.Final": ["source_code_sha"]

From d59eda383bdcd3ae95423a4808a962e04372c8bc Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Sat, 5 Apr 2025 02:47:02 +0200
Subject: [PATCH 23/33] Pin actions to sha's

---
 .github/workflows/code-qualitiy.yml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index 111c9f114..f9c554635 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -70,16 +70,16 @@ jobs:
     permissions:
       pull-requests: write # To comment on a Pull Request
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           submodules: true
       - name: Setup JDK17
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
         with:
-          distribution: 'temurin'
           java-version: '17'
+          distribution: 'temurin'
       - name: Dirty Waters Analysis
-        uses: chains-project/dirty-waters-action@v1.11.42
+        uses: chains-project/dirty-waters-action@c66f3ec3a34924dcad7717e316223dd17cdf5a57 # v1.11.42
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           package_manager: maven

From fe1deefe12ce3125159583487da2bef5ed1c584e Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Sat, 5 Apr 2025 02:48:32 +0200
Subject: [PATCH 24/33] Add harden runner with audit

---
 .github/workflows/code-qualitiy.yml | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index f9c554635..9087d9d0a 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -70,6 +70,12 @@ jobs:
     permissions:
       pull-requests: write # To comment on a Pull Request
     steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
+        with:
+          disable-sudo: true
+          egress-policy: audit
+
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           submodules: true

From d02342c67ddbdaf4f0345e7236d8844adeaec6f0 Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Sat, 5 Apr 2025 02:51:34 +0200
Subject: [PATCH 25/33] Enable sudo

---
 .github/workflows/code-qualitiy.yml | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index 9087d9d0a..81df027b3 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -73,7 +73,6 @@ jobs:
       - name: Harden Runner
         uses: step-security/harden-runner@c6295a65d1254861815972266d5933fd6e532bdf # v2.11.1
         with:
-          disable-sudo: true
           egress-policy: audit
 
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

From 1b115786dcafcafa77f505b9959e27a04400beab Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Sat, 5 Apr 2025 05:54:44 +0200
Subject: [PATCH 26/33] use tag to test if sha breaks config

---
 .github/workflows/code-qualitiy.yml | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index 81df027b3..79d6a6913 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -84,7 +84,8 @@ jobs:
           java-version: '17'
           distribution: 'temurin'
       - name: Dirty Waters Analysis
-        uses: chains-project/dirty-waters-action@c66f3ec3a34924dcad7717e316223dd17cdf5a57 # v1.11.42
+        # uses: chains-project/dirty-waters-action@c66f3ec3a34924dcad7717e316223dd17cdf5a57 # v1.11.42
+        uses: chains-project/dirty-waters-action@v1.11.42 # c66f3ec3a34924dcad7717e316223dd17cdf5a57 # v1.11.42
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           package_manager: maven

From 515ca60d27bb7155ba4bfe1d4c466823700d02b1 Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Sat, 5 Apr 2025 06:13:28 +0200
Subject: [PATCH 27/33] Remove comment in maven.config

# Do not sign .sha1,.md5 for sigstore.json files. Automatic for maven >
3.9.2. See
https://github.com/sigstore/sigstore-java/tree/main/sigstore-maven-plugin#github-actions-oidc-support
---
 .mvn/maven.config | 1 -
 1 file changed, 1 deletion(-)

diff --git a/.mvn/maven.config b/.mvn/maven.config
index 38598aaaf..a726b7536 100644
--- a/.mvn/maven.config
+++ b/.mvn/maven.config
@@ -1,2 +1 @@
-# Do not sign .sha1,.md5 for sigstore.json files. Automatic for maven > 3.9.2. See https://github.com/sigstore/sigstore-java/tree/main/sigstore-maven-plugin#github-actions-oidc-support
 -Daether.checksums.omitChecksumsForExtensions=.asc,.sigstore.json

From c24ea6b01e35722f50ded3f3377d5ebad3cce691 Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Sat, 5 Apr 2025 16:04:37 +0200
Subject: [PATCH 28/33] Add commit to have comment removed in prev commit


From b086206e87729ad66c95d4a0aae8f82be26f3b6f Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Sun, 6 Apr 2025 01:11:09 +0200
Subject: [PATCH 29/33] Add sigstore dep to code signature ignore list

---
 dirty-waters.json | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/dirty-waters.json b/dirty-waters.json
index 6ccc6c27a..39fec7671 100644
--- a/dirty-waters.json
+++ b/dirty-waters.json
@@ -53,7 +53,8 @@
         "io.vertx:vertx-uri-template@4.5.13": ["source_code_sha"],
         "io.vertx:vertx-web-common@4.5.13": ["source_code_sha"],
         "io.vertx:vertx-auth-common@4.5.13": ["source_code_sha"],
-        "org.jboss.marshalling:jboss-marshalling@2.2.2.Final": ["source_code_sha"]
+        "org.jboss.marshalling:jboss-marshalling@2.2.2.Final": ["source_code_sha"],
+        "om.kohlschutter.junixsocket:junixsocket-core@2.10.1": ["code_signature"]
     },
     "ignore-if-parent": {
         "com.diffplug.spotless:spotless-maven-plugin@2.44.3": ["source_code_sha"],

From fd60c2291aeb18956c840c7c78eed69c04b8e4c5 Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Sun, 6 Apr 2025 01:12:25 +0200
Subject: [PATCH 30/33] Remove empty lines at bottom of file

---
 dirty-waters.json | 4 ----
 1 file changed, 4 deletions(-)

diff --git a/dirty-waters.json b/dirty-waters.json
index 39fec7671..c8f681061 100644
--- a/dirty-waters.json
+++ b/dirty-waters.json
@@ -62,7 +62,3 @@
         "org.apache.maven.plugins:maven-site-plugin@3.21.0": ["source_code_sha"]
     }
 }
-
-
-
-

From 1ef06d311e69484705a11a10dcac696668610e6e Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Wed, 16 Apr 2025 12:58:35 +0200
Subject: [PATCH 31/33] Update to 1.11.43

---
 .github/workflows/code-qualitiy.yml | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index 267ac59ac..abd2bed1e 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -95,8 +95,7 @@ jobs:
           java-version: '17'
           distribution: 'temurin'
       - name: Dirty Waters Analysis
-        # uses: chains-project/dirty-waters-action@c66f3ec3a34924dcad7717e316223dd17cdf5a57 # v1.11.42
-        uses: chains-project/dirty-waters-action@v1.11.42 # c66f3ec3a34924dcad7717e316223dd17cdf5a57 # v1.11.42
+        uses: chains-project/dirty-waters-action@66ab87b64de0909a21b0c8274d812d4f52f15d2b # v1.11.43
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           package_manager: maven

From a1041d13a3338c92dad60798ee7f458d3ddaef33 Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Mon, 5 May 2025 16:06:22 +0200
Subject: [PATCH 32/33] Bump dirty-waters-action to 1.11.45, using dirty-waters
 0.97.0

---
 .github/workflows/code-qualitiy.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/code-qualitiy.yml b/.github/workflows/code-qualitiy.yml
index 862eb37a9..d2cd8125a 100644
--- a/.github/workflows/code-qualitiy.yml
+++ b/.github/workflows/code-qualitiy.yml
@@ -95,7 +95,7 @@ jobs:
           java-version: '17'
           distribution: 'temurin'
       - name: Dirty Waters Analysis
-        uses: chains-project/dirty-waters-action@66ab87b64de0909a21b0c8274d812d4f52f15d2b # v1.11.43
+        uses: chains-project/dirty-waters-action@57e2b7be964e687bdab629460efb274053fe3b28 # v1.11.45
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           package_manager: maven

From cbed57cb317568cfdb497c5f26e36a34eb31958a Mon Sep 17 00:00:00 2001
From: Elias Lundell <elilun03@gmail.com>
Date: Wed, 7 May 2025 11:28:25 +0200
Subject: [PATCH 33/33] Sort alphabetically

---
 dirty-waters.json | 88 +++++++++++++++++++++++------------------------
 1 file changed, 44 insertions(+), 44 deletions(-)

diff --git a/dirty-waters.json b/dirty-waters.json
index c8f681061..056689f65 100644
--- a/dirty-waters.json
+++ b/dirty-waters.json
@@ -1,60 +1,60 @@
 {
     "ignore": {
-        "org.sonatype.plexus:plexus-sec-dispatcher@1.3": ["source_code"],
-        "org.sonatype.plexus:plexus-cipher@1.4": ["source_code"],
-        "commons-beanutils:commons-beanutils@1.7.0": ["source_code", "code_signature"],
-        "dom4j:dom4j@1.1": ["source_code", "code_signature"],
-        "oro:oro@2.0.8": ["source_code", "code_signature"],
-        "org.iq80.snappy:snappy@0.4": ["source_code"],
-        "javax.inject:javax.inject@1": ["code_signature"],
+        "aopalliance:aopalliance@1.0": ["code_signature"],
         "com.google.collections:google-collections@1.0": ["code_signature"],
-        "org.codehaus.plexus:plexus-i18n@1.0-beta-10": ["code_signature"],
-        "commons-digester:commons-digester@1.8": ["code_signature"],
+        "com.google.guava:guava@33.4.0-jre": ["source_code_sha"],
+        "commons-beanutils:commons-beanutils@1.7.0": ["source_code", "code_signature"],
         "commons-chain:commons-chain@1.1": ["code_signature"],
-        "org.jboss.logging:commons-logging-jboss-logging@1.0.0.Final": ["code_signature"],
-        "org.jboss.logmanager:jboss-logmanager@3.1.2.Final": ["code_signature"],
-        "org.jboss.logging:jboss-logging@3.6.1.Final": ["code_signature"],
-        "aopalliance:aopalliance@1.0": ["code_signature"],
-        "org.aesh:readline@2.6": ["code_signature"],
-        "org.aesh:aesh@2.8.2": ["code_signature", "source_code_sha"],
-        "org.wildfly.common:wildfly-common@2.0.1": ["code_signature"],
-        "org.jboss.logging:jboss-logging-annotations@3.0.4.Final": ["code_signature"],
-        "org.jboss.threads:jboss-threads@3.8.0.Final": ["code_signature"],
-        "org.jboss.slf4j:slf4j-jboss-logmanager@2.0.0.Final": ["code_signature", "source_code_sha"],
+        "commons-cli:commons-cli@1.8.0": ["source_code_sha"],
+        "commons-codec:commons-codec@1.16.1": ["source_code_sha"],
         "commons-codec:commons-codec@1.17.1": ["source_code_sha"],
-        "commons-io:commons-io@2.18.0": ["source_code_sha"],
-        "org.eclipse.sisu:org.eclipse.sisu.plexus@0.9.0.M3": ["source_code_sha"],
-        "org.eclipse.sisu:org.eclipse.sisu.inject@0.9.0.M3": ["source_code_sha"],
         "commons-codec:commons-codec@1.18.0": ["source_code_sha"],
-        "org.apache.httpcomponents:httpclient@4.5.14": ["source_code_sha"],
-        "org.apache.httpcomponents:httpcore@4.4.16": ["source_code_sha"],
-        "com.google.guava:guava@33.4.0-jre": ["source_code_sha"],
-        "commons-cli:commons-cli@1.8.0": ["source_code_sha"],
-        "org.apache.commons:commons-lang3@3.17.0": ["source_code_sha"],
+        "commons-digester:commons-digester@1.8": ["code_signature"],
+        "commons-io:commons-io@2.11.0": ["source_code_sha"],
+        "commons-io:commons-io@2.14.0": ["source_code_sha"],
+        "commons-io:commons-io@2.16.1": ["source_code_sha"],
+        "commons-io:commons-io@2.18.0": ["source_code_sha"],
+        "dom4j:dom4j@1.1": ["source_code", "code_signature"],
         "io.github.crac:org-crac@0.1.3": ["source_code_sha"],
-        "org.junit.platform:junit-platform-launcher@1.10.5": ["source_code_sha"],
-        "org.junit.platform:junit-platform-engine@1.10.5": ["source_code_sha"],
-        "org.junit.platform:junit-platform-commons@1.10.5": ["source_code_sha"],
-        "org.apache.commons:commons-compress@1.27.1": ["source_code_sha"],
-        "org.jdom:jdom2@2.0.6.1": ["source_code_sha"],
+        "io.vertx:vertx-auth-common@4.5.13": ["source_code_sha"],
+        "io.vertx:vertx-uri-template@4.5.13": ["source_code_sha"],
+        "io.vertx:vertx-web-client@4.5.13": ["source_code_sha"],
+        "io.vertx:vertx-web-common@4.5.13": ["source_code_sha"],
         "jakarta.el:jakarta.el-api@5.0.1": ["source_code_sha"],
         "jakarta.interceptor:jakarta.interceptor-api@2.2.0": ["source_code_sha"],
-        "org.apache.commons:commons-collections4@4.4": ["source_code_sha"],
         "jakarta.json:jakarta.json-api@2.1.3": ["source_code_sha"],
-        "org.twdata.maven:mojo-executor@2.4.0": ["source_code_sha"],
-        "commons-io:commons-io@2.16.1": ["source_code_sha"],
-        "org.apache.commons:commons-lang3@3.14.0": ["source_code_sha"],
-        "commons-io:commons-io@2.14.0": ["source_code_sha"],
-        "commons-io:commons-io@2.11.0": ["source_code_sha"],
+        "javax.inject:javax.inject@1": ["code_signature"],
+        "om.kohlschutter.junixsocket:junixsocket-core@2.10.1": ["code_signature"],
+        "org.aesh:aesh@2.8.2": ["code_signature", "source_code_sha"],
+        "org.aesh:readline@2.6": ["code_signature"],
+        "org.apache.commons:commons-collections4@4.4": ["source_code_sha"],
         "org.apache.commons:commons-compress@1.26.1": ["source_code_sha"],
-        "commons-codec:commons-codec@1.16.1": ["source_code_sha"],
+        "org.apache.commons:commons-compress@1.27.1": ["source_code_sha"],
         "org.apache.commons:commons-lang3@3.12.0": ["source_code_sha"],
-        "io.vertx:vertx-web-client@4.5.13": ["source_code_sha"],
-        "io.vertx:vertx-uri-template@4.5.13": ["source_code_sha"],
-        "io.vertx:vertx-web-common@4.5.13": ["source_code_sha"],
-        "io.vertx:vertx-auth-common@4.5.13": ["source_code_sha"],
+        "org.apache.commons:commons-lang3@3.14.0": ["source_code_sha"],
+        "org.apache.commons:commons-lang3@3.17.0": ["source_code_sha"],
+        "org.apache.httpcomponents:httpclient@4.5.14": ["source_code_sha"],
+        "org.apache.httpcomponents:httpcore@4.4.16": ["source_code_sha"],
+        "org.codehaus.plexus:plexus-i18n@1.0-beta-10": ["code_signature"],
+        "org.eclipse.sisu:org.eclipse.sisu.inject@0.9.0.M3": ["source_code_sha"],
+        "org.eclipse.sisu:org.eclipse.sisu.plexus@0.9.0.M3": ["source_code_sha"],
+        "org.iq80.snappy:snappy@0.4": ["source_code"],
+        "org.jboss.logging:commons-logging-jboss-logging@1.0.0.Final": ["code_signature"],
+        "org.jboss.logging:jboss-logging-annotations@3.0.4.Final": ["code_signature"],
+        "org.jboss.logging:jboss-logging@3.6.1.Final": ["code_signature"],
+        "org.jboss.logmanager:jboss-logmanager@3.1.2.Final": ["code_signature"],
         "org.jboss.marshalling:jboss-marshalling@2.2.2.Final": ["source_code_sha"],
-        "om.kohlschutter.junixsocket:junixsocket-core@2.10.1": ["code_signature"]
+        "org.jboss.slf4j:slf4j-jboss-logmanager@2.0.0.Final": ["code_signature", "source_code_sha"],
+        "org.jboss.threads:jboss-threads@3.8.0.Final": ["code_signature"],
+        "org.jdom:jdom2@2.0.6.1": ["source_code_sha"],
+        "org.junit.platform:junit-platform-commons@1.10.5": ["source_code_sha"],
+        "org.junit.platform:junit-platform-engine@1.10.5": ["source_code_sha"],
+        "org.junit.platform:junit-platform-launcher@1.10.5": ["source_code_sha"],
+        "org.sonatype.plexus:plexus-cipher@1.4": ["source_code"],
+        "org.sonatype.plexus:plexus-sec-dispatcher@1.3": ["source_code"],
+        "org.twdata.maven:mojo-executor@2.4.0": ["source_code_sha"],
+        "org.wildfly.common:wildfly-common@2.0.1": ["code_signature"],
+        "oro:oro@2.0.8": ["source_code", "code_signature"]
     },
     "ignore-if-parent": {
         "com.diffplug.spotless:spotless-maven-plugin@2.44.3": ["source_code_sha"],