Third Party Licenses

Denim Group End User License Agreement

This page lists component licensed software being used as part of the ThreadFix software.

ThreadFix Main

ICU License: ICU4J
Unamed: JPA 2.0 API, threadfix, threadfix-cli, threadfix-entities, threadfix-ham, threadfix-importers, threadfix-service-interfaces
LGPL, version 2.1: Java Native Access, Java Native Access Platform
Public Domain: AOP alliance
CDDL + GPLv2 with classpath exception: Java Servlet API
Apache 2: EasyMock, Objenesis
Unknown: “Java Concurrency in Practice” book annotations, AntLR, Castor, Java Transaction API, annotations, com.microsoft.tfs.sdk, dom4j, esapi, jdtcore, jstl, mx4j-tools, org.osgi.core, xml-apis
provided without support or warranty: JSON (JavaScript Object Notation)
GNU Lesser General Public License: CSS Parser, Hibernate Annotations, Hibernate Core, Hibernate Core Aggregator, JasperReports
Mozilla Public License version 2.0: HtmlUnit Core JS
BSD License: webbit
Apache License: HttpClient, HttpCore, HttpMime
Apache 2.0: Quartz Enterprise Job Scheduler
Common Public License Version 1.0: JUnit
Common Development and Distribution License (CDDL) v1.0: Enterprise JavaBeans (EJB) 3.0
The GNU General Public License, Version 2: MySQL java connector
Bouncy Castle License: Legion of the Bouncy Castle Java Cryptography APIs
ASF 2.0: Code Generation Library
Eclipse Public License – Version 1.0: Jetty :: Http Utility, Jetty :: IO Utility, Jetty :: Utilities, Jetty :: Websocket
GNU LESSER GENERAL PUBLIC LICENSE: Hibernate Commons Annotations
Mozilla Public License: iText, a Free Java-PDF library
The Apache Software License, Version 1.1: Sitemesh
BSD: ASM Core, UrlRewriteFilter
LGPL 2.1: Javassist
Apache License, Version 2.0: Bean Validation API, Hibernate Validator, HtmlUnit, The Netty Project
Bouncy Castle Licence: Bouncy Castle CMS and S/MIME API, Bouncy Castle OpenPGP API, Bouncy Castle PKIX, CMS, EAC, TSP, PKCS, OCSP, CMP, and CRMF APIs, Bouncy Castle Provider
The Apache Software License, Version 2.0: ActiveIO :: Core, ActiveMQ :: Core, ActiveMQ :: KahaDB, ActiveMQ Protocol Buffers Implementation and Compiler, Apache Log4j, Apache POI, Apache WebServices Common Utilities, Apache XBean :: Spring, Apache XML-RPC Client Library, Apache XML-RPC Common Library, Commons BeanUtils, Commons CLI, Commons Codec, Commons Collections, Commons Digester, Commons Exec, Commons FileUpload, Commons IO, Commons Lang, Commons Logging, Commons Net, Data Mapper for Jackson, Gson, Guava: Google Core Libraries for Java, J2EE Management 1.1, JASYPT: Java Simplified Encryption, JMS 1.1, Jackson, Logging, Neko HTML, StAX API, Validator, Xalan Java, Xalan Java Serializer, Xerces2-j, XmlBeans, selenium-android-driver, selenium-api, selenium-chrome-driver, selenium-firefox-driver, selenium-htmlunit-driver, selenium-ie-driver, selenium-iphone-driver, selenium-java, selenium-jetty-repacked, selenium-remote-driver, selenium-safari-driver, selenium-server, selenium-support, spring-aop, spring-asm, spring-beans, spring-context, spring-context-support, spring-core, spring-expression, spring-instrument, spring-jdbc, spring-jms, spring-ldap-core, spring-ldap-core-tiger, spring-orm, spring-security-acl, spring-security-config, spring-security-core, spring-security-ldap, spring-security-taglibs, spring-security-web, spring-test, spring-tx, spring-web, spring-webmvc
Revised BSD: JSch
The W3C Software License: Simple API for CSS
HSQLDB License, a BSD open source license: HSQLDB Database
GNU Lesser General Public Licence: jcommon, jfreechart
Eclipse Distribution License (New BSD License): JGit – Core
Apache Software License – Version 2.0: Jetty :: Http Utility, Jetty :: IO Utility, Jetty :: Utilities, Jetty :: Websocket
MIT License: SLF4J API Module, SLF4J LOG4J-12 Binding
GNU Lesser General Public License (LGPL), Version 2.1: Data Mapper for Jackson, Jackson
Apache License Version 2.0: SnakeYAML

ThreadFix CLI

Unamed: JPA 2.0 API, threadfix-cli, threadfix-entities
GNU LESSER GENERAL PUBLIC LICENSE: Hibernate Commons Annotations
Unknown: AntLR, Codec, Java Transaction API, SLF4J API Module, annotations, commons-collections, dom4j
Apache License: HttpClient
Apache License, Version 2.0: Bean Validation API, Hibernate Validator
Common Public License Version 1.0: JUnit
GNU Lesser General Public License: Hibernate Annotations, Hibernate Core
The Apache Software License, Version 2.0: Apache Log4j, Commons CLI, Commons Configuration, Commons IO, Commons Lang, Gson, Jackson, Logging, XML Commons External Components XML APIs
Common Development and Distribution License (CDDL) v1.0: Enterprise JavaBeans (EJB) 3.0

ThreadFix Endpoints CLI

Unamed: JPA 2.0 API, threadfix-endpoint-cli, threadfix-entities, threadfix-ham
GNU LESSER GENERAL PUBLIC LICENSE: Hibernate Commons Annotations
Unknown: AntLR, Java Transaction API, SLF4J API Module, annotations, commons-collections, dom4j
Apache License, Version 2.0: Bean Validation API, Hibernate Validator
GNU Lesser General Public License: Hibernate Annotations, Hibernate Core
The Apache Software License, Version 2.0: Apache Log4j, Commons IO, Commons Lang, Jackson, XML Commons External Components XML APIs
Common Development and Distribution License (CDDL) v1.0: Enterprise JavaBeans (EJB) 3.0

ThreadFix Importers CLI

ASF 2.0: Code Generation Library
Unamed: JPA 2.0 API, threadfix-cli-importers, threadfix-entities, threadfix-ham, threadfix-importers
ICU License: ICU4J
CDDL + GPLv2 with classpath exception: Java Servlet API
Public Domain: AOP alliance
Apache 2: EasyMock, Objenesis
GNU LESSER GENERAL PUBLIC LICENSE: Hibernate Commons Annotations
Unknown: AntLR, Java Transaction API, annotations, commons-collections, commons-digester, dom4j, jstl, org.osgi.core
BSD: ASM Core
Apache License, Version 2.0: Bean Validation API, Hibernate Validator
LGPL 2.1: Javassist
provided without support or warranty: JSON (JavaScript Object Notation)
The Apache Software License, Version 2.0: ActiveIO :: Core, ActiveMQ :: Core, ActiveMQ :: KahaDB, ActiveMQ Protocol Buffers Implementation and Compiler, Apache Log4j, Apache WebServices Common Utilities, Apache XML-RPC Client Library, Apache XML-RPC Common Library, Commons BeanUtils, Commons Codec, Commons IO, Commons Lang, Commons Logging, Commons Net, Data Mapper for Jackson, J2EE Management 1.1, JASYPT: Java Simplified Encryption, JMS 1.1, Jackson, Lang, Logging, Validator, XML Commons External Components XML APIs, spring-aop, spring-asm, spring-beans, spring-context, spring-context-support, spring-core, spring-expression, spring-instrument, spring-jdbc, spring-jms, spring-orm, spring-test, spring-tx, spring-web, spring-webmvc
GNU Lesser General Public License: Hibernate Annotations, Hibernate Core, Hibernate Core Aggregator
HSQLDB License, a BSD open source license: HSQLDB Database
Apache License: HttpClient, HttpCore
Common Public License Version 1.0: JUnit
MIT License: SLF4J API Module, SLF4J LOG4J-12 Binding
The MIT License: Mockito
Common Development and Distribution License (CDDL) v1.0: Enterprise JavaBeans (EJB) 3.0
The GNU General Public License, Version 2: MySQL java connector

ThreadFix ZAP Plugin

Unamed: JPA 2.0 API, Zap-Plugin, threadfix-cli, threadfix-entities
HSQLDB License: HSQLDB
GNU Lesser General Public License (LGPL): Jericho HTML Parser
GNU General Public License v3: JBroFuzz, JBroFuzzEncoder
GNU LESSER GENERAL PUBLIC LICENSE: Hibernate Commons Annotations
Unknown: AntLR, Java Transaction API, SLF4J API Module, annotations, dom4j, java-getopt, jgoodies-looks, lablib-checkboxtree, xom, zap, zaphelp
GNU General Public License, version 2: Ostermiller Java Utilities
Apache License, Version 2.0: Bean Validation API, Hibernate Validator
Bouncy Castle Licence: Bouncy Castle CMS and S/MIME API, Bouncy Castle Provider
Eclipse Public License (EPL): Jericho HTML Parser
GNU Lesser General Public License: Hibernate Annotations, Hibernate Core
The Apache Software License, Version 2.0: Apache Log4j, Commons BeanUtils, Commons CLI, Commons Codec, Commons Collections, Commons Configuration, Commons IO, Commons Lang, Commons Logging, Gson, Jackson, SQLite JDBC, XML Commons External Components XML APIs, ezmorph, java-diff-utils, json-lib
Similar to Apache License but with the acknowledgment clause removed: JDOM
Lesser General Public License (LGPL): Swing Layout Extensions, SwingX Commons
GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: BrowserLauncher2
GNU General Public License – Version 2 with the class path exception: JavaHelp Search
GNU Lesser General Public Licence: jcommon, jfreechart
Apache License: HttpClient, HttpCore, HttpMime
Common Public License Version 1.0: JUnit
Common Development and Distribution License (CDDL) v1.0: Enterprise JavaBeans (EJB) 3.0
Modified BSD License: RSyntaxTextArea

ThreadFix Burp Plugin

Unamed: Burp-Plugin, JPA 2.0 API, threadfix-cli, threadfix-entities
GNU LESSER GENERAL PUBLIC LICENSE: Hibernate Commons Annotations
Unknown: AntLR, Codec, Java Transaction API, SLF4J API Module, annotations, commons-collections, dom4j
Apache License: HttpClient
Apache License, Version 2.0: Bean Validation API, Hibernate Validator
GNU Lesser General Public License: Hibernate Annotations, Hibernate Core
The Apache Software License, Version 2.0: Apache Log4j, Commons CLI, Commons IO, Commons Lang, Gson, Jackson, Logging, XML Commons External Components XML APIs
Common Development and Distribution License (CDDL) v1.0: Enterprise JavaBeans (EJB) 3.0