diff --git a/DEPENDENCIES b/DEPENDENCIES index ea2c16354..109436eae 100644 --- a/DEPENDENCIES +++ b/DEPENDENCIES @@ -101,9 +101,9 @@ maven/mavencentral/dev.failsafe/failsafe/3.3.2, Apache-2.0, approved, #9268 maven/mavencentral/info.picocli/picocli/4.7.4, Apache-2.0, approved, #4365 maven/mavencentral/io.github.classgraph/classgraph/4.8.154, MIT, approved, CQ22530 maven/mavencentral/io.github.classgraph/classgraph/4.8.162, MIT, approved, CQ22530 -maven/mavencentral/io.micrometer/micrometer-commons/1.12.3, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #11679 -maven/mavencentral/io.micrometer/micrometer-core/1.12.3, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #11678 -maven/mavencentral/io.micrometer/micrometer-observation/1.12.3, Apache-2.0, approved, #11680 +maven/mavencentral/io.micrometer/micrometer-commons/1.12.2, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #11679 +maven/mavencentral/io.micrometer/micrometer-core/1.12.2, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #11678 +maven/mavencentral/io.micrometer/micrometer-observation/1.12.2, Apache-2.0, approved, #11680 maven/mavencentral/io.netty/netty-buffer/4.1.100.Final, Apache-2.0, approved, CQ21842 maven/mavencentral/io.netty/netty-buffer/4.1.101.Final, Apache-2.0, approved, CQ21842 maven/mavencentral/io.netty/netty-codec-dns/4.1.100.Final, Apache-2.0 AND BSD-3-Clause AND MIT, approved, CQ20926 @@ -204,6 +204,7 @@ maven/mavencentral/net.minidev/json-smart/2.5.0, Apache-2.0, approved, clearlyde maven/mavencentral/net.sf.saxon/Saxon-HE/12.3, MPL-2.0-no-copyleft-exception AND (LicenseRef-scancode-proprietary-license AND MPL-2.0-no-copyleft-exception) AND (MPL-2.0-no-copyleft-exception AND X11) AND (MIT AND MPL-2.0-no-copyleft-exception) AND (MPL-1.0 AND MPL-2.0-no-copyleft-exception) AND (Apache-2.0 AND MPL-2.0-no-copyleft-exception) AND MPL-1.0, restricted, #13191 maven/mavencentral/org.antlr/antlr4-runtime/4.11.1, BSD-3-Clause, approved, clearlydefined maven/mavencentral/org.apache.commons/commons-compress/1.24.0, Apache-2.0 AND BSD-3-Clause AND bzip2-1.0.6 AND LicenseRef-Public-Domain, approved, #10368 +maven/mavencentral/org.apache.commons/commons-compress/1.25.0, Apache-2.0, approved, #11600 maven/mavencentral/org.apache.commons/commons-lang3/3.11, Apache-2.0, approved, CQ22642 maven/mavencentral/org.apache.commons/commons-lang3/3.12.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.apache.commons/commons-lang3/3.13.0, Apache-2.0, approved, #9820 @@ -226,9 +227,9 @@ maven/mavencentral/org.apache.maven.doxia/doxia-core/1.12.0, Apache-2.0, approve maven/mavencentral/org.apache.maven.doxia/doxia-logging-api/1.12.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.apache.maven.doxia/doxia-module-xdoc/1.12.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.apache.maven.doxia/doxia-sink-api/1.12.0, Apache-2.0, approved, clearlydefined -maven/mavencentral/org.apache.sshd/sshd-common/2.12.1, Apache-2.0 AND ISC, approved, #12842 -maven/mavencentral/org.apache.sshd/sshd-core/2.12.1, Apache-2.0, approved, #12841 -maven/mavencentral/org.apache.sshd/sshd-sftp/2.12.1, Apache-2.0, approved, #12840 +maven/mavencentral/org.apache.sshd/sshd-common/2.12.0, Apache-2.0 AND ISC, approved, #12842 +maven/mavencentral/org.apache.sshd/sshd-core/2.12.0, Apache-2.0, approved, #12841 +maven/mavencentral/org.apache.sshd/sshd-sftp/2.12.0, Apache-2.0, approved, #12840 maven/mavencentral/org.apache.xbean/xbean-reflect/3.7, Apache-2.0, approved, clearlydefined maven/mavencentral/org.apiguardian/apiguardian-api/1.1.2, Apache-2.0, approved, clearlydefined maven/mavencentral/org.assertj/assertj-core/3.25.1, Apache-2.0, approved, #12585 @@ -247,154 +248,154 @@ maven/mavencentral/org.codehaus.plexus/plexus-container-default/2.1.0, Apache-2. maven/mavencentral/org.codehaus.plexus/plexus-utils/3.1.1, , approved, CQ16492 maven/mavencentral/org.codehaus.plexus/plexus-utils/3.3.0, , approved, CQ21066 maven/mavencentral/org.codehaus.woodstox/stax2-api/4.2.1, BSD-2-Clause, approved, #2670 -maven/mavencentral/org.eclipse.edc/api-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/api-observability/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/asset-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/asset-index-sql/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/asset-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/auth-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/auth-tokenbased/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/autodoc-processor/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/aws-s3-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/aws-s3-test/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/azure-blob-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/azure-test/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/boot/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/callback-event-dispatcher/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/callback-http-dispatcher/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/catalog-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/catalog-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/catalog-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/configuration-filesystem/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/connector-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/contract-agreement-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/contract-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/contract-definition-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/contract-definition-store-sql/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/contract-negotiation-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/contract-negotiation-store-sql/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/contract-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/control-api-configuration/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/control-plane-aggregate-services/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/control-plane-api-client-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/control-plane-api-client/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/control-plane-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/control-plane-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/control-plane-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/core-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/crypto-common/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/data-address-http-data-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/data-plane-aws-s3/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/data-plane-azure-storage/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/data-plane-client/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/data-plane-control-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/data-plane-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/data-plane-http-oauth2-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/data-plane-http-oauth2/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/data-plane-http-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/data-plane-http/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/data-plane-public-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/data-plane-selector-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/data-plane-selector-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/data-plane-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/data-plane-util/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-api-configuration/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-catalog-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-catalog-http-dispatcher/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-catalog-transform/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-catalog/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-http-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-http-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-negotiation-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-negotiation-http-dispatcher/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-negotiation-transform/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-negotiation/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-transfer-process-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-transfer-process-http-dispatcher/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-transfer-process-transform/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp-transfer-process/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/dsp/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/http-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/http/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/iam-mock/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-did-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-did-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-hub-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-hub-credentials/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-hub-did-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-hub-did/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-hub-keypairs/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-hub-participants/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-hub-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-hub-store-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-trust-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-trust-issuers-configuration/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-trust-service/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-trust-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-trust-sts-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-trust-sts-client-configuration/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-trust-sts-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-trust-sts-embedded/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-trust-sts-remote-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-trust-sts-remote/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-trust-sts-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/identity-trust-transform/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/jersey-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/jersey-micrometer/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/jersey-providers/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/jetty-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/jetty-micrometer/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/json-ld-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/json-ld/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/junit/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/jws2020/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/jwt-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/jwt-verifiable-credentials/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/ldp-verifiable-credentials/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/management-api-configuration/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/management-api-test-fixtures/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/management-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/micrometer-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/oauth2-client/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/oauth2-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/policy-definition-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/policy-definition-store-sql/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/policy-engine-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/policy-engine/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/policy-evaluator/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/policy-model/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/policy-monitor-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/policy-monitor-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/policy-monitor-store-sql/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/policy-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/runtime-metamodel/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/security/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/sql-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/sql-lease/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/sql-pool-apache-commons/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/state-machine/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/token-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/token-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/transaction-datasource-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/transaction-local/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/transaction-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/transfer-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/transfer-data-plane-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/transfer-data-plane/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/transfer-process-api/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/transfer-process-store-sql/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/transfer-pull-http-dynamic-receiver/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/transfer-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/transform-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/transform-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/util/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/validator-core/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/validator-data-address-http-data/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/validator-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/vault-azure/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/vault-hashicorp/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc -maven/mavencentral/org.eclipse.edc/web-spi/0.5.2-SNAPSHOT, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/api-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/api-observability/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/asset-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/asset-index-sql/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/asset-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/auth-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/auth-tokenbased/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/autodoc-processor/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/aws-s3-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/aws-s3-test/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/azure-blob-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/azure-test/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/boot/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/callback-event-dispatcher/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/callback-http-dispatcher/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/catalog-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/catalog-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/catalog-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/configuration-filesystem/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/connector-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/contract-agreement-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/contract-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/contract-definition-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/contract-definition-store-sql/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/contract-negotiation-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/contract-negotiation-store-sql/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/contract-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/control-api-configuration/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/control-plane-aggregate-services/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/control-plane-api-client-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/control-plane-api-client/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/control-plane-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/control-plane-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/control-plane-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/core-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/crypto-common/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/data-address-http-data-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/data-plane-aws-s3/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/data-plane-azure-storage/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/data-plane-client/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/data-plane-control-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/data-plane-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/data-plane-http-oauth2-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/data-plane-http-oauth2/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/data-plane-http-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/data-plane-http/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/data-plane-public-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/data-plane-selector-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/data-plane-selector-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/data-plane-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/data-plane-util/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-api-configuration/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-catalog-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-catalog-http-dispatcher/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-catalog-transform/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-catalog/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-http-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-http-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-negotiation-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-negotiation-http-dispatcher/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-negotiation-transform/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-negotiation/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-transfer-process-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-transfer-process-http-dispatcher/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-transfer-process-transform/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp-transfer-process/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/dsp/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/http-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/http/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/iam-mock/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-did-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-did-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-hub-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-hub-credentials/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-hub-did-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-hub-did/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-hub-keypairs/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-hub-participants/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-hub-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-hub-store-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-trust-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-trust-issuers-configuration/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-trust-service/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-trust-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-trust-sts-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-trust-sts-client-configuration/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-trust-sts-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-trust-sts-embedded/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-trust-sts-remote-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-trust-sts-remote/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-trust-sts-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/identity-trust-transform/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/jersey-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/jersey-micrometer/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/jersey-providers/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/jetty-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/jetty-micrometer/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/json-ld-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/json-ld/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/junit/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/jws2020/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/jwt-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/jwt-verifiable-credentials/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/ldp-verifiable-credentials/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/management-api-configuration/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/management-api-test-fixtures/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/management-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/micrometer-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/oauth2-client/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/oauth2-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/policy-definition-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/policy-definition-store-sql/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/policy-engine-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/policy-engine/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/policy-evaluator/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/policy-model/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/policy-monitor-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/policy-monitor-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/policy-monitor-store-sql/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/policy-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/runtime-metamodel/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/security/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/sql-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/sql-lease/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/sql-pool-apache-commons/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/state-machine/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/token-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/token-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/transaction-datasource-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/transaction-local/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/transaction-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/transfer-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/transfer-data-plane-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/transfer-data-plane/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/transfer-process-api/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/transfer-process-store-sql/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/transfer-pull-http-dynamic-receiver/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/transfer-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/transform-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/transform-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/util/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/validator-core/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/validator-data-address-http-data/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/validator-spi/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/vault-azure/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/vault-hashicorp/0.5.1, Apache-2.0, approved, technology.edc +maven/mavencentral/org.eclipse.edc/web-spi/0.5.1, Apache-2.0, approved, technology.edc maven/mavencentral/org.eclipse.jetty.toolchain/jetty-jakarta-servlet-api/5.0.2, EPL-2.0 OR Apache-2.0, approved, rt.jetty maven/mavencentral/org.eclipse.jetty.toolchain/jetty-jakarta-websocket-api/2.0.0, EPL-2.0 OR Apache-2.0, approved, rt.jetty maven/mavencentral/org.eclipse.jetty.websocket/websocket-core-client/11.0.20, EPL-2.0 OR Apache-2.0, approved, rt.jetty @@ -417,8 +418,8 @@ maven/mavencentral/org.eclipse.jetty/jetty-servlet/11.0.20, EPL-2.0 OR Apache-2. maven/mavencentral/org.eclipse.jetty/jetty-util/11.0.20, EPL-2.0 OR Apache-2.0, approved, rt.jetty maven/mavencentral/org.eclipse.jetty/jetty-webapp/11.0.20, EPL-2.0 OR Apache-2.0, approved, rt.jetty maven/mavencentral/org.eclipse.jetty/jetty-xml/11.0.20, EPL-2.0 OR Apache-2.0, approved, rt.jetty -maven/mavencentral/org.flywaydb/flyway-core/10.8.1, Apache-2.0, approved, #13291 -maven/mavencentral/org.flywaydb/flyway-database-postgresql/10.8.1, Apache-2.0, approved, #13290 +maven/mavencentral/org.flywaydb/flyway-core/10.7.2, Apache-2.0, approved, #13235 +maven/mavencentral/org.flywaydb/flyway-database-postgresql/10.7.2, Apache-2.0, approved, #13236 maven/mavencentral/org.glassfish.hk2.external/aopalliance-repackaged/3.0.5, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.glassfish maven/mavencentral/org.glassfish.hk2/hk2-api/3.0.5, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.glassfish maven/mavencentral/org.glassfish.hk2/hk2-locator/3.0.5, EPL-2.0 OR GPL-2.0-only with Classpath-exception-2.0, approved, ee4j.glassfish @@ -460,8 +461,10 @@ maven/mavencentral/org.jetbrains/annotations/24.1.0, Apache-2.0, approved, clear maven/mavencentral/org.junit-pioneer/junit-pioneer/2.2.0, EPL-2.0, approved, #11857 maven/mavencentral/org.junit.jupiter/junit-jupiter-api/5.10.1, EPL-2.0, approved, #9714 maven/mavencentral/org.junit.jupiter/junit-jupiter-api/5.10.2, EPL-2.0, approved, #9714 +maven/mavencentral/org.junit.jupiter/junit-jupiter-api/5.9.3, EPL-2.0, approved, #3133 maven/mavencentral/org.junit.jupiter/junit-jupiter-engine/5.10.1, EPL-2.0, approved, #9711 maven/mavencentral/org.junit.jupiter/junit-jupiter-engine/5.10.2, EPL-2.0, approved, #9711 +maven/mavencentral/org.junit.jupiter/junit-jupiter-engine/5.9.3, EPL-2.0, approved, #3125 maven/mavencentral/org.junit.jupiter/junit-jupiter-params/5.10.1, EPL-2.0, approved, #9708 maven/mavencentral/org.junit.jupiter/junit-jupiter-params/5.10.2, EPL-2.0, approved, #9708 maven/mavencentral/org.junit.platform/junit-platform-commons/1.10.2, EPL-2.0, approved, #9715 @@ -496,43 +499,74 @@ maven/mavencentral/org.slf4j/slf4j-api/1.7.36, MIT, approved, CQ13368 maven/mavencentral/org.slf4j/slf4j-api/1.7.7, MIT, approved, CQ9827 maven/mavencentral/org.slf4j/slf4j-api/2.0.12, MIT, approved, #5915 maven/mavencentral/org.slf4j/slf4j-api/2.0.9, MIT, approved, #5915 +maven/mavencentral/org.testcontainers/database-commons/1.19.4, Apache-2.0, approved, #10345 maven/mavencentral/org.testcontainers/database-commons/1.19.5, Apache-2.0, approved, #10345 +maven/mavencentral/org.testcontainers/jdbc/1.19.4, Apache-2.0, approved, #10348 maven/mavencentral/org.testcontainers/jdbc/1.19.5, Apache-2.0, approved, #10348 maven/mavencentral/org.testcontainers/junit-jupiter/1.19.3, MIT, approved, #10344 +maven/mavencentral/org.testcontainers/junit-jupiter/1.19.4, MIT, approved, #10344 maven/mavencentral/org.testcontainers/junit-jupiter/1.19.5, MIT, approved, #10344 +maven/mavencentral/org.testcontainers/postgresql/1.19.4, MIT, approved, #10350 maven/mavencentral/org.testcontainers/postgresql/1.19.5, MIT, approved, #10350 +maven/mavencentral/org.testcontainers/testcontainers/1.19.4, Apache-2.0 AND MIT, approved, #10347 maven/mavencentral/org.testcontainers/testcontainers/1.19.5, Apache-2.0 AND MIT, approved, #10347 maven/mavencentral/org.testcontainers/vault/1.19.5, MIT, approved, #10852 maven/mavencentral/org.xmlresolver/xmlresolver/5.2.0, Apache-2.0, approved, clearlydefined maven/mavencentral/org.yaml/snakeyaml/2.0, Apache-2.0 AND (Apache-2.0 OR BSD-3-Clause OR EPL-1.0 OR GPL-2.0-or-later OR LGPL-2.1-or-later), approved, #7275 maven/mavencentral/org.yaml/snakeyaml/2.2, Apache-2.0 AND (Apache-2.0 OR BSD-3-Clause OR EPL-1.0 OR GPL-2.0-or-later OR LGPL-2.1-or-later), approved, #10232 -maven/mavencentral/software.amazon.awssdk/annotations/2.24.5, Apache-2.0, approved, #13251 -maven/mavencentral/software.amazon.awssdk/apache-client/2.24.5, Apache-2.0, approved, #13257 -maven/mavencentral/software.amazon.awssdk/arns/2.24.5, Apache-2.0, approved, #13243 -maven/mavencentral/software.amazon.awssdk/auth/2.24.5, Apache-2.0, approved, #13256 -maven/mavencentral/software.amazon.awssdk/aws-core/2.24.5, Apache-2.0, approved, #13240 -maven/mavencentral/software.amazon.awssdk/aws-query-protocol/2.24.5, Apache-2.0, approved, #13262 -maven/mavencentral/software.amazon.awssdk/aws-xml-protocol/2.24.5, Apache-2.0, approved, #13247 -maven/mavencentral/software.amazon.awssdk/checksums-spi/2.24.5, Apache-2.0, approved, #13245 -maven/mavencentral/software.amazon.awssdk/checksums/2.24.5, Apache-2.0, approved, #13242 -maven/mavencentral/software.amazon.awssdk/crt-core/2.24.5, Apache-2.0, approved, #13252 -maven/mavencentral/software.amazon.awssdk/endpoints-spi/2.24.5, Apache-2.0, approved, #13246 -maven/mavencentral/software.amazon.awssdk/http-auth-aws/2.24.5, Apache-2.0, approved, #13253 -maven/mavencentral/software.amazon.awssdk/http-auth-spi/2.24.5, Apache-2.0, approved, #13264 -maven/mavencentral/software.amazon.awssdk/http-auth/2.24.5, Apache-2.0, approved, #13248 -maven/mavencentral/software.amazon.awssdk/http-client-spi/2.24.5, Apache-2.0, approved, #13259 -maven/mavencentral/software.amazon.awssdk/iam/2.24.5, , restricted, clearlydefined -maven/mavencentral/software.amazon.awssdk/identity-spi/2.24.5, Apache-2.0, approved, #13244 -maven/mavencentral/software.amazon.awssdk/json-utils/2.24.5, Apache-2.0, approved, #13261 -maven/mavencentral/software.amazon.awssdk/metrics-spi/2.24.5, Apache-2.0, approved, #13239 -maven/mavencentral/software.amazon.awssdk/netty-nio-client/2.24.5, Apache-2.0, approved, #13260 -maven/mavencentral/software.amazon.awssdk/profiles/2.24.5, Apache-2.0, approved, #13258 -maven/mavencentral/software.amazon.awssdk/protocol-core/2.24.5, Apache-2.0, approved, #13241 -maven/mavencentral/software.amazon.awssdk/regions/2.24.5, Apache-2.0, approved, #13255 -maven/mavencentral/software.amazon.awssdk/s3-transfer-manager/2.24.5, Apache-2.0, approved, #13263 -maven/mavencentral/software.amazon.awssdk/s3/2.24.5, Apache-2.0, approved, #13254 -maven/mavencentral/software.amazon.awssdk/sdk-core/2.24.5, Apache-2.0, approved, #13265 -maven/mavencentral/software.amazon.awssdk/sts/2.24.5, , restricted, clearlydefined -maven/mavencentral/software.amazon.awssdk/third-party-jackson-core/2.24.5, Apache-2.0, approved, #13249 -maven/mavencentral/software.amazon.awssdk/utils/2.24.5, Apache-2.0, approved, #13250 +maven/mavencentral/software.amazon.awssdk/annotations/2.22.9, Apache-2.0, approved, #12618 +maven/mavencentral/software.amazon.awssdk/annotations/2.24.1, Apache-2.0, approved, #13251 +maven/mavencentral/software.amazon.awssdk/apache-client/2.22.9, Apache-2.0, approved, #12633 +maven/mavencentral/software.amazon.awssdk/apache-client/2.24.1, Apache-2.0, approved, #13257 +maven/mavencentral/software.amazon.awssdk/arns/2.22.9, Apache-2.0, approved, #12647 +maven/mavencentral/software.amazon.awssdk/arns/2.24.1, Apache-2.0, approved, #13243 +maven/mavencentral/software.amazon.awssdk/auth/2.22.9, Apache-2.0, approved, #12622 +maven/mavencentral/software.amazon.awssdk/auth/2.24.1, Apache-2.0, approved, #13256 +maven/mavencentral/software.amazon.awssdk/aws-core/2.22.9, Apache-2.0, approved, #12640 +maven/mavencentral/software.amazon.awssdk/aws-core/2.24.1, Apache-2.0, approved, #13240 +maven/mavencentral/software.amazon.awssdk/aws-query-protocol/2.22.9, Apache-2.0, approved, #12645 +maven/mavencentral/software.amazon.awssdk/aws-query-protocol/2.24.1, Apache-2.0, approved, #13262 +maven/mavencentral/software.amazon.awssdk/aws-xml-protocol/2.22.9, Apache-2.0, approved, #12628 +maven/mavencentral/software.amazon.awssdk/aws-xml-protocol/2.24.1, Apache-2.0, approved, #13247 +maven/mavencentral/software.amazon.awssdk/checksums-spi/2.22.9, Apache-2.0, approved, #12642 +maven/mavencentral/software.amazon.awssdk/checksums-spi/2.24.1, Apache-2.0, approved, #13245 +maven/mavencentral/software.amazon.awssdk/checksums/2.22.9, Apache-2.0, approved, #12641 +maven/mavencentral/software.amazon.awssdk/checksums/2.24.1, Apache-2.0, approved, #13242 +maven/mavencentral/software.amazon.awssdk/crt-core/2.22.9, Apache-2.0, approved, #12635 +maven/mavencentral/software.amazon.awssdk/crt-core/2.24.1, Apache-2.0, approved, #13252 +maven/mavencentral/software.amazon.awssdk/endpoints-spi/2.22.9, Apache-2.0, approved, #12624 +maven/mavencentral/software.amazon.awssdk/endpoints-spi/2.24.1, Apache-2.0, approved, #13246 +maven/mavencentral/software.amazon.awssdk/http-auth-aws/2.22.9, Apache-2.0, approved, #12637 +maven/mavencentral/software.amazon.awssdk/http-auth-aws/2.24.1, Apache-2.0, approved, #13253 +maven/mavencentral/software.amazon.awssdk/http-auth-spi/2.22.9, Apache-2.0, approved, #12638 +maven/mavencentral/software.amazon.awssdk/http-auth-spi/2.24.1, Apache-2.0, approved, #13264 +maven/mavencentral/software.amazon.awssdk/http-auth/2.22.9, Apache-2.0, approved, #12626 +maven/mavencentral/software.amazon.awssdk/http-auth/2.24.1, Apache-2.0, approved, #13248 +maven/mavencentral/software.amazon.awssdk/http-client-spi/2.22.9, Apache-2.0, approved, #12627 +maven/mavencentral/software.amazon.awssdk/http-client-spi/2.24.1, Apache-2.0, approved, #13259 +maven/mavencentral/software.amazon.awssdk/iam/2.22.9, Apache-2.0, approved, clearlydefined +maven/mavencentral/software.amazon.awssdk/identity-spi/2.22.9, Apache-2.0, approved, #12636 +maven/mavencentral/software.amazon.awssdk/identity-spi/2.24.1, Apache-2.0, approved, #13244 +maven/mavencentral/software.amazon.awssdk/json-utils/2.22.9, Apache-2.0, approved, #12646 +maven/mavencentral/software.amazon.awssdk/json-utils/2.24.1, Apache-2.0, approved, #13261 +maven/mavencentral/software.amazon.awssdk/metrics-spi/2.22.9, Apache-2.0, approved, #12649 +maven/mavencentral/software.amazon.awssdk/metrics-spi/2.24.1, Apache-2.0, approved, #13239 +maven/mavencentral/software.amazon.awssdk/netty-nio-client/2.22.9, Apache-2.0, approved, #12644 +maven/mavencentral/software.amazon.awssdk/netty-nio-client/2.24.1, Apache-2.0, approved, #13260 +maven/mavencentral/software.amazon.awssdk/profiles/2.22.9, Apache-2.0, approved, #12620 +maven/mavencentral/software.amazon.awssdk/profiles/2.24.1, Apache-2.0, approved, #13258 +maven/mavencentral/software.amazon.awssdk/protocol-core/2.22.9, Apache-2.0, approved, #12648 +maven/mavencentral/software.amazon.awssdk/protocol-core/2.24.1, Apache-2.0, approved, #13241 +maven/mavencentral/software.amazon.awssdk/regions/2.22.9, Apache-2.0, approved, #12643 +maven/mavencentral/software.amazon.awssdk/regions/2.24.1, Apache-2.0, approved, #13255 +maven/mavencentral/software.amazon.awssdk/s3-transfer-manager/2.24.1, Apache-2.0, approved, #13263 +maven/mavencentral/software.amazon.awssdk/s3/2.22.9, Apache-2.0, approved, #12630 +maven/mavencentral/software.amazon.awssdk/s3/2.24.1, Apache-2.0, approved, #13254 +maven/mavencentral/software.amazon.awssdk/sdk-core/2.22.9, Apache-2.0, approved, #12639 +maven/mavencentral/software.amazon.awssdk/sdk-core/2.24.1, Apache-2.0, approved, #13265 +maven/mavencentral/software.amazon.awssdk/sts/2.22.9, Apache-2.0, approved, clearlydefined +maven/mavencentral/software.amazon.awssdk/third-party-jackson-core/2.22.9, Apache-2.0, approved, #12629 +maven/mavencentral/software.amazon.awssdk/third-party-jackson-core/2.24.1, Apache-2.0, approved, #13249 +maven/mavencentral/software.amazon.awssdk/utils/2.22.9, Apache-2.0, approved, #12631 +maven/mavencentral/software.amazon.awssdk/utils/2.24.1, Apache-2.0, approved, #13250 maven/mavencentral/software.amazon.eventstream/eventstream/1.0.1, Apache-2.0, approved, clearlydefined diff --git a/docs/usage/management-api-walkthrough/02_policies.md b/docs/usage/management-api-walkthrough/02_policies.md index f58ebf77f..324d5b53d 100644 --- a/docs/usage/management-api-walkthrough/02_policies.md +++ b/docs/usage/management-api-walkthrough/02_policies.md @@ -1,7 +1,31 @@ -# Creating a Policy Definition +# Policies -A policy is a declaration of a Data Consumer's rights and duties. Policies themselves make no statements about the -object that they may grant access and usage permission to. They are created at the EDC like this: +## Policies in Catena-X + +In the EDC, policies are pure [ODRL (Open Digital Rights Language)](https://www.w3.org/TR/odrl-model/). +Like the payloads of the [Dataspace Protocol](1-management-api-overview), they are written in **JSON-LD**. Even if the +user only has rudimentary knowledge of [JSON-LD](https://json-ld.org/), the [**policy playground +**](https://eclipse-tractusx.github.io/tutorial-resources/policy-playground/) will provide a good starting point to +start +writing policies. It is important to keep in mind that the extensive ODRL-context (that the EDC is aware of) allows for +ergonomic reuse of the vocabulary in individual policies. + +### Policies & Verifiable Credentials (VC) + +#### General Information + +Catena-X uses policies to determine access to and use of data. The policies refer to verifiable credentials (VC) that +are stored in the Wallets. Catena-X uses the principle of self-sovereign identity (SSI). + +The key architectural principle underlying this specification is that policy definitions must be decoupled from their +corresponding VC schema. Namely, the specific **constraints** ( +see [ODRL-classes](#odrl-information-model-classes-excerpt)) +and shape of the VC schema must not be reflected in the policy definition. This allows VC schemas to be altered without +impacting policy definitions. + +### Creating a Policy Definition + +Policies can be created in the EDC as follows: ```http POST /v3/assets HTTP/1.1 @@ -13,10 +37,191 @@ Content-Type: application/json ```json { "@context": { + "@vocab": "https://w3id.org/edc/v0.0.1/ns/", "odrl": "http://www.w3.org/ns/odrl/2/" }, - "@type": "PolicyDefinitionRequestDto", - "@id": "", + "@type": "PolicyDefinitionRequest", + "@id": "{{POLICY_ID}}", + "policy": { + "@type": "odrl:Set", + "odrl:permission": [ + { + "odrl:action": { + "@id": "odrl:use" + }, + "odrl:constraint": [ + { + "odrl:leftOperand": { + "@value": "BusinessPartnerNumber" + }, + "odrl:operator": { + "@id": "odrl:eq" + }, + "odrl:rightOperand": "" + } + ] + } + ] + } +} +``` + +| Variable | Content | +|------------------------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `@context` | In JSON-LD, `@context` is a fundamental concept used to define the mapping of terms used within the JSON-LD document to specific IRIs (Internationalized Resource Identifiers). It provides a way to establish a shared understanding of the vocabulary used in a JSON-LD document, making it possible to create structured and semantically rich data that can be easily integrated with other data sources on the web. | +| `@context`.`odrl:` | Prefixes allow you to define short aliases for longer IRIs. For example, instead of repeatedly using the full IRI [http://www.w3.org/ns/odrl/2/](http://www.w3.org/ns/odrl/2/), you can define a prefix like "odrl" and append a segment/fragment to identify the resource in the namespace. | +| `@id` | A Policy MUST have one uid property value (of type IRI) to identify the Policy. Note: The `@id` is on the upper level. It is a database policy definition which wraps the ODRL policy. | +| `policy`.`@type` | A Set Policy is the default Policy subclass. The Set is aimed at scenarios where there is an open criteria for the semantics of the policy expressions and typically refined by other systems/profiles that process the information at a later time. No privileges are granted to any Party (if defined). More detailed information about the possible policy subclasses can be found [here](https://w3c.github.io/poe/model/#infoModel). | +| `policy`.`permission` | A Policy MUST have at least one permission, prohibition, or obligation property values. | +| `policy`.`permission`.`action` | "use" the target asset (under a specific permission), currently only the action "use" is used by Catena-X | +| `policy`.`permission`.`constraint` | A boolean/logical expression that refines an Action and Party/Asset collection or the conditions applicable to a Rule. The leftOperand instances MUST clearly be defined to indicate the semantics of the Constraint. Catena-X will use the **left operand** of a *constraint* to associate a specific verifiable credential (VC). As most are use-case-agreements, [this notation](https://github.com/eclipse-tractusx/tractusx-profiles/blob/main/cx/policy/specs/policy.mapping.md) is useful. **Right Operand:** The rightOperand is the value of the Constraint that is to be compared to the leftOperand. | + +Please note that in JSON-LD, structures that may look different may actually have the same meaning. They may be expanded +or compacted, define additional `@context` objects, refer to a predefined outside `context` or others. Using a parser +or the [json-ld playground](https://json-ld.org/playground/) helps to be consistent. + +If the creation of the `policy-definition` was successful, the Management-API will return HTTP 200. + +#### Catena-X specific `constraints` + +This implementation (`tractusx-edc`) contains extensions that trigger specific behavior when encountering specific +policies. + +1. **Checks against the use-case**: The [cx-policy extension](https://github.com/eclipse-tractusx/tractusx-edc/tree/main/edc-extensions/cx-policy/src/main/java/org/eclipse/tractusx/edc/policy/cx) is responsible to resolve a use-case-specific +leftOperand against a VC. The list of use-case credentials can be found [here](https://github.com/eclipse-tractusx/tractusx-profiles/tree/main/cx/credentials/samples). +2. **Checks against the BPN**: The [BPN-validation extension](https://github.com/eclipse-tractusx/tractusx-edc/tree/main/edc-extensions/bpn-validation) allows to define either a single Business Partner +authorized to pass the constraint or define a group of BPNs that may pass and can be extended at runtime. +3. **Checks for temporal validity**: If a usage policy is defined against a HTTP-based asset accessible via EDR-tokens, +the Data Provider can prohibit issuance of new tokens by defining a specific constraint based on the +[contract validity check extension](https://github.com/eclipse-edc/Connector/blob/main/docs/developer/contract-duration/contract-validity-check.md) + +### Access & Usage Policies + +In Catena-X, a distinction is made between **Access** and **Usage** Policies. + +- **access policy:** determines whether a particular consumer is offered an asset or not. For example, we may want to +restrict certain assets such that only consumers within a particular geography can see them. Consumers outside that +geography wouldn't even have them in their catalog. +- **usage policy or contract policy:** determines the conditions for initiating a contract negotiation for a particular +asset. Note that does not automatically guarantee the successful creation of a contract, it merely expresses the +eligibility to start the negotiation. The terms "usage policy" and "contract policy" are used synonymously! + +**The Access and Usage Policies are not distinguished by any special semantics, but rather by the time at which they are +checked.** + +Whether a policy is used as access or usage policy is determined during [contract definition](03_contractdefinitions.md). + +### Exemplary scenarios + +For the following Scenarios, we assume there is a **Partner 1 (provider)** who wants to provide Data for **Partner 2 +(consumer)** + +- Partner 1 (provider) has the Business-Partner-Number BPN12345. +- Partner 2 (consumer) has the Business-Partner-Number BPN6789. + +Partner 2 (consumer) signed the **Traceability Framework Agreement** and followed all the necessary steps that the +Credential appears within Partner 2s identity. + +So for this example, if Partner 2 does a catalog request to Partner 1, the following credential is provided to +Partner 1: + +```json +{ + "@context": [ + "https://w3id.org/2023/catenax/credentials/summary/v1" + ], + "id": "", + "type": [ + "VerifiableCredential", + "SummaryCredential" + ], + "issuer": "", + "issuanceDate": "2023-06-02T12:00:00Z", + "expirationDate": "2022-06-16T18:56:59Z", + "credentialSubject": { + "id": "", + "holderIdentifier": "BPN6789", + "items": [ + "MembershipCredential", + "TraceabilityCredential" + ], + "contractTemplates": "https://public.catena-x.org/contracts/" + } +} +``` +> Note: This specific credential schema will not be supported in upcoming releases but serves the purpose to illustrate +> what such a credential may look like. + +#### Scenario 1 + +Partner 1 wants to create an Access Policy, that Partner 2 can only receive the Contract offer if its BPN matches AND if +it has the Traceability Credential (Traceability Contract Signed). If one of those is missing, Partner 2 won't receive a +Contract Offer. + +##### Partner 1 - Access Policy Example + +```json + { + "@context": { + "odrl": "http://www.w3.org/ns/odrl/2/" + }, + "@type": "PolicyDefinitionRequest", + "@id": "{{POLICY_ID}}", + "policy": { + "@type": "Policy", + "odrl:permission": [ + { + "odrl:action": "use", + "odrl:constraint": { + "@type": "LogicalConstraint", + "odrl:and": [ + { + "@type": "Constraint", + "odrl:leftOperand": "BusinessPartnerNumber", + "odrl:operator": { + "@id": "odrl:eq" + }, + "odrl:rightOperand": "{{CONSUMERS_BPN}}" + }, + { + "@type": "Constraint", + "odrl:leftOperand": "FrameworkAgreement.traceability", + "odrl:operator": { + "@id": "odrl:eq" + }, + "odrl:rightOperand": "active" + } + ] + } + } + ] + } +} +``` + +Each `leftOperand` is resolved by the EDC against a property in the participant's Verfiable Credential. Thus the exact +data structure may not always match between the VC and the policy. + +##### Desired Outcome + +Partner 2 receives the Contract Offer because the BPNs are matching and he owns the Traceability Credential. + +#### Scenario 2 + +Partner 1 wants to create an Access Policy, that Partner 2 can receive the Contract Offer if its BPN matches. But a +Contract Agreement should only be created if Partner 2 also signed the Traceability Framework Agreement. So in this +case, Partner 2 should receive the Contract Offer in the first place, regardless if it signed the Traceability Framework +Agreement. The signing of the Agreement should be checked at the time of contract negotiation. + +##### Partner 1 - Access Policy Example (Scenario 2) + +```json +{ + "@context": { + "odrl": "http://www.w3.org/ns/odrl/2/" + }, + "@type": "PolicyDefinitionRequest", + "@id": "{{POLICY_ID}}", "policy": { "@type": "Policy", "odrl:permission": [ @@ -28,29 +233,185 @@ Content-Type: application/json "odrl:operator": { "@id": "odrl:eq" }, - "odrl:rightOperand": "" + "odrl:rightOperand": "{{BPN6789}}" + } + } + ] + } +} +``` + +##### Partner 1 - Usage/Contract Policy Example (Scenario 2) + +```json + { + "@context": { + "odrl": "http://www.w3.org/ns/odrl/2/" + }, + "@type": "PolicyDefinitionRequest", + "@id": "{{POLICY_ID}}", + "policy": { + "@type": "Policy", + "odrl:permission": [ + { + "odrl:action": "use", + "odrl:constraint": { + "@type": "Constraint", + "odrl:leftOperand": "FrameworkAgreement.traceability", + "odrl:operator": { + "@id": "odrl:eq" + }, + "odrl:rightOperand": "active" } } ] } } +``` +##### Desired Outcome (Scenario 2) + +Partner 2 receives the Contract Offer and is able to negotiate the contract because he owns the Traceability Credential. + +#### Scenario 3 + +Partner 1 wants to create an Access Policy that Partner 2 can receive the Contract Offer if the BPN is matching AND +Partner 2 is identified as a Dismantler (owns the "DismantlerCredential"). + +##### Partner 1 - Access Policy Example (Scenario 3) + +```json +{ + "@context": { + "odrl": "http://www.w3.org/ns/odrl/2/" + }, + "@type": "PolicyDefinitionRequest", + "@id": "{{POLICY_ID}}", + "policy": { + "@type": "Policy", + "odrl:permission": [ + { + "odrl:action": "use", + "odrl:constraint": { + "@type": "LogicalConstraint", + "odrl:and": [ + { + "@type": "Constraint", + "odrl:leftOperand": "BusinessPartnerNumber", + "odrl:operator": { + "@id": "odrl:eq" + }, + "odrl:rightOperand": "{{BPN6789}}" + }, + { + "@type": "Constraint", + "odrl:leftOperand": "Dismantler", + "odrl:operator": { + "@id": "odrl:eq" + }, + "odrl:rightOperand": "active" + } + ] + } + } + ] + } +} ``` -In the EDC, policies are pure [ODRL (Open Digital Rights Language)](https://www.w3.org/TR/odrl-model/). -Like the payloads of the [Dataspace Protocol](1-management-api-overview), they are written in JSON-LD. Even if the user -only has rudimentary knowledge of JSON-LD, the [policy playground](https://eclipse-tractusx.github.io/tutorial-resources/policy-playground/) -will provide a good starting point to start writing policies. It is important to keep in mind that the extensive ODRL- -context (that the EDC is aware of) allows for ergonomic reuse of the vocabulary in individual policies. +##### Desired Outcome (Scenario 3) + +Partner 2 does not receive the Contract Offer as he does not own the Dismantler Credential and is therefore not able to +negotiate the contract or request the data. + +#### Scenario 4 + +Partner 1 wants to create an Access Policy that Partner 2 can receive the Contract Offer if the BPN is matching. +Further, Partner 1 only wants to create an Agreement if Partner 2 is identified as a Dismantler (owns the +"DismantlerCredential"). Otherwise the Negotiation has to fail. + +##### Partner 1 - Access Policy Example (Scenario 4) + +```json +{ + "@context": { + "odrl": "http://www.w3.org/ns/odrl/2/" + }, + "@type": "PolicyDefinitionRequest", + "@id": "{{POLICY_ID}}", + "policy": { + "@type": "Policy", + "odrl:permission": [ + { + "odrl:action": "use", + "odrl:constraint": { + "@type": "LogicalConstraint", + "odrl:and": [ + { + "@type": "Constraint", + "odrl:leftOperand": "BusinessPartnerNumber", + "odrl:operator": { + "@id": "odrl:eq" + }, + "odrl:rightOperand": "{{BPN6789}}" + } + ] + } + } + ] + } +} +``` + +##### Partner 1 - Usage/Contract Policy Example (Scenario 4) + +```json +{ + "@context": { + "odrl": "http://www.w3.org/ns/odrl/2/" + }, + "@type": "PolicyDefinitionRequest", + "@id": "{{POLICY_ID}}", + "policy": { + "@type": "Policy", + "odrl:permission": [ + { + "odrl:action": "use", + "odrl:constraint": { + "@type": "LogicalConstraint", + "odrl:and": [ + { + "@type": "Constraint", + "odrl:leftOperand": "Dismantler", + "odrl:operator": { + "@id": "odrl:eq" + }, + "odrl:rightOperand": "active" + } + ] + } + } + ] + } +} +``` + +##### Desired Outcome (Scenario 4) + +Partner 2 receives the Contract Offer in the first place. -## Writing Policies for the EDC +The contract negotiation, started by Partner 2 fails because he has not been identified as Dismantler and therefore does +not own the Dismantler Credential. -ODRL's model and expressiveness surpass the EDC's current ability to interpret the policies and derive behavior from -them. This must be kept in mind even when Data Offers based on policies are not yet published to the Dataspace. Here again, -configuring the wrong policies is a risk for unsafe and non-compliant behavior. This is exacerbated by the fact that -the EDC interprets policies it can't evaluate as true by default. A couple of examples: +#### Writing Policies for the EDC + +ℹ️ ODRL's model and expressiveness surpass the EDC's current ability to interpret the policies and derive behavior from +them. This must be kept in mind even when Data Offers based on policies are not yet published to the Dataspace. Here +again, configuring the wrong policies is a risk for unsafe and non-compliant behavior. This is exacerbated by the fact +that the EDC interprets policies it can't evaluate as true by default. A couple of examples: + +#### Let all pass -### Let all pass ```json { "@context": { @@ -69,12 +430,12 @@ the EDC interprets policies it can't evaluate as true by default. A couple of ex } ``` -### Only let a Business Partner Group pass +#### Only let a Business Partner Group pass A Business Partner Group is a group of BPNs that are allowed to pass this constraint. A BPN can be added to a group even after a Contract Offer for a certain BPN-Group was published. The groups are persisted and maintained in the Provider's Control Plane. The EDC-Management-API's `/business-partner-groups` endpoint offers CRUD-operations for -it. +it. ```json { @@ -103,7 +464,7 @@ it. ``` -### Chaining Constraints +#### Chaining Constraints Constraints can be chained together via logical constraints. This is currently implemented for `odrl:and`, `odrl:or` and `odrl:xone` (exactly one constraint evaluates to `true`). @@ -146,22 +507,75 @@ and `odrl:xone` (exactly one constraint evaluates to `true`). } ``` -Some permission-constraints trigger specific behavior in the EDC. That should be kept in mind when designing policies -and requires an understanding of how the EDC evaluates and acts upon them. +## Additional Information about Policies + +ℹ️ All explanations in this chapter "General Information about Policies" were taken from the +following [source](https://w3c.github.io/poe/model/). + +### Introduction + +Several business scenarios require expressing what are the permitted and prohibited actions over resources. These +permitted/prohibited actions are usually expressed under the form of policies, i.e., expressions that indicate those +uses and re-uses of the content which are conformant with existing regulations or to the constraints assigned by the +owner. Policies may also be enriched with additional information, i.e., who are the entities in charge of the definition +of such Policy and those who are required to conform to it, what are the additional constrains to be associated with the +Permissions, Prohibitions and Duties expressed by the Policy. The ability to express these concepts and relationships is +important both for the producers of content, i.e., they may state in a clear way what are the permitted and the +prohibited actions to prevent misuse, and for the consumers, i.e., they may know precisely what resources they are +allowed to use and re-use to avoid breaking any rules, laws or the owner's constraints. This specification describes a +common approach to expressing these policy concepts. + +### Semantic Model + +The ODRL Information Model defines the underlying semantic model for permission, prohibition, and obligation statements +describing content usage. The information model covers the core concepts, entities and relationships that provide the +foundational model for content usage statements. These machine-readable policies may be linked directly with the content +they are associated to with the aim to allow consumers to easily retrieve this information. + +#### ODRL Information Model classes (excerpt) -| `leftOperand` | `rightOperand` | usage in
[Contract Definition](03_contractdefinitions.md) | description | -|--------------------------------------------------------------|--------------------------------------------------|-----------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `BusinessPartnerNumber` | a BPNL | access or contract | _This function is deprecated._
The leftOperand "BusinessPartnerNumber" will trigger a check against the property in a Consumer's Verfifiable Credential (VC) that holds said BPNL. | -| `https://w3id.org/tractusx/v0.0.1/ns/BusinessPartnerGroup` | a Business Partner Group | access or contract | see [above](#only-let-a-business-partner-group-pass). The `leftOperand` is in this case not queried from the Consumer's VC but acts as a signal to check the Consumer's BPN for membership in the designated Business Partner Group. | -| `https://w3id.org/edc/v0.0.1/ns/InForceDate` | json-object with properties `@value` and `@type` | contract | If the negotiation via either [Contract Negotiation](05_contractnegotiations.md) or the [EDR process](07_edrs.md) is successful, the EDC will only renew short-lived Data-Plane tokens for a contract if the contract is still valid (in force). Start and end dates can be set with absolute timestamps or relative to the time of the contract agreement. For exact syntax, visit the [playground](https://eclipse-tractusx.github.io/tutorial-resources/policy-playground/). | -| `https://w3id.org/tractusx/v0.0.1/ns/FrameworkAgreement.pcf` | "active" | access or contract | Framework agreements in Catena-X are legal documents signed by a Business Partner to participate in a Business Scenario. In return, her credential is enhanced with a reference to the corresponding framework agreement - like in this case `pcf`. A complete list of framework agreements is maintained by the Catena-X association in standards CX-0049 and -0050. | +| Class | Description | +|--------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| `Policy` | A non-empty group of Permissions (via the permission property) and/or Prohibitions (via the prohibition property) and/or Duties (via the obligation property). | +| `Set` | Subclass of `Policy`:Supports expressing generic Rules | +| `Action` | An operation on an Asset | +| `Rule` | An abstract concept that represents the common characteristics of Permissions, Prohibitions, and Duties. | +| `Prohibition` | Subclass of `Rule`: The ability to exercise an Action over an Asset. The Permission MAY also have the duty property that expresses an agreed Action that MUST be exercised (as a pre-condition to be granted the Permission). | +| `Permission` | Subclass of `Rule`: The inability to exercise an Action over an Asset. | +| `Duty` | Subclass of `Rule`: The obligation to exercise an Action. | +| `Constraint/LogicalConstraint` | A boolean/logical expression that refines an Action and Party/Asset collection or the conditions applicable to a Rule. | -For more on the integration of Verifiable Credentials and the EDC in Catena-X, see the [specification of the Identity -and Trust Protocol (IATP)](https://github.com/eclipse-tractusx/identity-trust). +#### The `Policy` Class (excerpt) -## Notice +The Policy class has the following properties (see example below): + +- A Policy MUST have one uid property value (of type IRI [rfc3987]) to identify the Policy. +- A Policy MUST have at least one permission, prohibition, or obligation property values of type Rule. (See the + Permission, Prohibition, and Obligation sections for more details.) + +#### The `Set` Class + +An ODRL Policy of subclass `Set` represents any combination of Rules. The `Set` Policy subclass is also the **default** +subclass of Policy (if none is specified). + +Example: + +```json +{ + "@context": "http://www.w3.org/ns/odrl.jsonld", + "@type": "Set", + "@id": "", + "target": "", + "permission": [ + { + "action": "use" + } + ] +} +``` -This work is licensed under the [CC-BY-4.0](https://creativecommons.org/licenses/by/4.0/legalcode). +ℹ️ For the examples in this document, the ODRL Policy subclasses are mapped to the JSON-LD `@type` tokens. The above +example could have also used `Policy` type instead of `Set` type (**as they are equivalent**). - SPDX-License-Identifier: CC-BY-4.0 - SPDX-FileCopyrightText: 2023 Contributors of the Eclipse Foundation