updated and excluded dependencies

pom.xml

@@ -31,7 +31,7 @@
 		<cryptomator.integrations.linux.version>1.0.0-beta1</cryptomator.integrations.linux.version>
 		<cryptomator.fuse.version>1.3.1</cryptomator.fuse.version>
 		<cryptomator.dokany.version>1.3.1</cryptomator.dokany.version>
-		<cryptomator.webdav.version>1.2.2</cryptomator.webdav.version>
+		<cryptomator.webdav.version>1.2.3</cryptomator.webdav.version>
 
 		<!-- 3rd party dependencies -->
 		<javafx.version>16</javafx.version>
@@ -39,8 +39,9 @@
 		<jwt.version>3.15.0</jwt.version>
 		<easybind.version>2.2</easybind.version>
 		<guava.version>30.1.1-jre</guava.version>
-		<dagger.version>2.35.1</dagger.version>
+		<dagger.version>2.37</dagger.version>
 		<gson.version>2.8.6</gson.version>
+		<zxcvbn.version>1.5.2</zxcvbn.version>
 		<slf4j.version>1.7.30</slf4j.version>
 		<logback.version>1.2.3</logback.version>
 
@@ -136,7 +137,6 @@
 			<version>2.11.0</version>
 		</dependency>
 
-
 		<!-- EasyBind -->
 		<dependency>
 			<groupId>com.tobiasdiez</groupId>
@@ -148,7 +148,7 @@
 		<dependency>
 			<groupId>com.nulab-inc</groupId>
 			<artifactId>zxcvbn</artifactId>
-			<version>1.3.0</version>
+			<version>${zxcvbn.version}</version>
 		</dependency>
 
 		<!-- Google -->
@@ -156,6 +156,29 @@
 			<groupId>com.google.guava</groupId>
 			<artifactId>guava</artifactId>
 			<version>${guava.version}</version>
+			<exclusions>
+				<!-- see https://github.com/google/guava/wiki/UseGuavaInYourBuild#what-about-guavas-own-dependencies -->
+				<exclusion>
+					<groupId>com.google.guava</groupId>
+					<artifactId>listenablefuture</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>com.google.code.findbugs</groupId>
+					<artifactId>jsr305</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>org.checkerframework</groupId>
+					<artifactId>checker-qual</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>com.google.errorprone</groupId>
+					<artifactId>error_prone_annotations</artifactId>
+				</exclusion>
+				<exclusion>
+					<groupId>com.google.j2objc</groupId>
+					<artifactId>j2objc-annotations</artifactId>
+				</exclusion>
+			</exclusions>
 		</dependency>
 		<dependency>
 			<groupId>com.google.dagger</groupId>

src/main/java/module-info.java

@@ -18,16 +18,16 @@ module org.cryptomator.desktop {
 	requires javafx.fxml;
 	requires com.tobiasdiez.easybind;
 	requires com.google.common;
-	requires com.google.gson; // really?
+	requires com.google.gson;
+	requires com.nulabinc.zxcvbn;
 	requires org.slf4j;
 	requires org.apache.commons.lang3;
+	requires dagger;
 
 	/* TODO: filename-based modules: */
-	requires dagger;
 	requires static javax.inject; /* ugly dagger/guava crap */
 	requires java.jwt;
 	requires com.fasterxml.jackson.databind; // TODO: tmp fix, waiting for https://github.com/auth0/java-jwt/pull/484
-	requires zxcvbn;
 	requires logback.classic;
 	requires logback.core;
 

src/main/resources/license/THIRD-PARTY.txt

@@ -11,20 +11,15 @@ GNU General Public License for more details.
 You should have received a copy of the GNU General Public License
 along with this program.  If not, see http://www.gnu.org/licenses/.
 
-Cryptomator uses 47 third-party dependencies under the following licenses:
+Cryptomator uses 31 third-party dependencies under the following licenses:
         Apache License v2.0:
-			- jffi (com.github.jnr:jffi:1.2.23 - http://github.com/jnr/jffi)
-			- jnr-a64asm (com.github.jnr:jnr-a64asm:1.0.0 - http://nexus.sonatype.org/oss-repository-hosting.html/jnr-a64asm)
-			- jnr-constants (com.github.jnr:jnr-constants:0.9.15 - http://github.com/jnr/jnr-constants)
-			- jnr-ffi (com.github.jnr:jnr-ffi:2.1.12 - http://github.com/jnr/jnr-ffi)
-			- FindBugs-jsr305 (com.google.code.findbugs:jsr305:3.0.2 - http://findbugs.sourceforge.net/)
+			- Jackson-annotations (com.fasterxml.jackson.core:jackson-annotations:2.11.0 - http://github.com/FasterXML/jackson)
+			- Jackson-core (com.fasterxml.jackson.core:jackson-core:2.11.0 - https://github.com/FasterXML/jackson-core)
+			- jackson-databind (com.fasterxml.jackson.core:jackson-databind:2.11.0 - http://github.com/FasterXML/jackson)
 			- Gson (com.google.code.gson:gson:2.8.6 - https://github.com/google/gson/gson)
-			- Dagger (com.google.dagger:dagger:2.35.1 - https://github.com/google/dagger)
-			- error-prone annotations (com.google.errorprone:error_prone_annotations:2.5.1 - http://nexus.sonatype.org/oss-repository-hosting.html/error_prone_parent/error_prone_annotations)
+			- Dagger (com.google.dagger:dagger:2.37 - https://github.com/google/dagger)
 			- Guava InternalFutureFailureAccess and InternalFutures (com.google.guava:failureaccess:1.0.1 - https://github.com/google/guava/failureaccess)
 			- Guava: Google Core Libraries for Java (com.google.guava:guava:30.1.1-jre - https://github.com/google/guava/guava)
-			- Guava ListenableFuture only (com.google.guava:listenablefuture:9999.0-empty-to-avoid-conflict-with-guava - https://github.com/google/guava/listenablefuture)
-			- J2ObjC Annotations (com.google.j2objc:j2objc-annotations:1.3 - https://github.com/google/j2objc/)
 			- Apache Commons CLI (commons-cli:commons-cli:1.4 - http://commons.apache.org/proper/commons-cli/)
 			- javax.inject (javax.inject:javax.inject:1 - http://code.google.com/p/atinject/)
 			- Java Native Access (net.java.dev.jna:jna:5.7.0 - https://github.com/java-native-access/jna)
@@ -38,15 +33,7 @@ Cryptomator uses 47 third-party dependencies under the following licenses:
 			- Jetty :: Server Core (org.eclipse.jetty:jetty-server:10.0.2 - https://eclipse.org/jetty/jetty-server)
 			- Jetty :: Servlet Handling (org.eclipse.jetty:jetty-servlet:10.0.2 - https://eclipse.org/jetty/jetty-servlet)
 			- Jetty :: Utilities (org.eclipse.jetty:jetty-util:10.0.2 - https://eclipse.org/jetty/jetty-util)
-			- Jetty :: Webapp Application Support (org.eclipse.jetty:jetty-webapp:10.0.2 - https://eclipse.org/jetty/jetty-webapp)
-			- Jetty :: XML utilities (org.eclipse.jetty:jetty-xml:10.0.2 - https://eclipse.org/jetty/jetty-xml)
 			- Jetty :: Servlet API and Schemas for JPMS and OSGi (org.eclipse.jetty.toolchain:jetty-servlet-api:4.0.6 - https://eclipse.org/jetty/jetty-servlet-api)
-        BSD:
-			- asm (org.ow2.asm:asm:7.1 - http://asm.ow2.org/)
-			- asm-analysis (org.ow2.asm:asm-analysis:7.1 - http://asm.ow2.org/)
-			- asm-commons (org.ow2.asm:asm-commons:7.1 - http://asm.ow2.org/)
-			- asm-tree (org.ow2.asm:asm-tree:7.1 - http://asm.ow2.org/)
-			- asm-util (org.ow2.asm:asm-util:7.1 - http://asm.ow2.org/)
         Eclipse Public License - Version 1.0:
 			- Jetty :: Servlet API and Schemas for JPMS and OSGi (org.eclipse.jetty.toolchain:jetty-servlet-api:4.0.6 - https://eclipse.org/jetty/jetty-servlet-api)
         Eclipse Public License - Version 2.0:
@@ -56,33 +43,23 @@ Cryptomator uses 47 third-party dependencies under the following licenses:
 			- Jetty :: Server Core (org.eclipse.jetty:jetty-server:10.0.2 - https://eclipse.org/jetty/jetty-server)
 			- Jetty :: Servlet Handling (org.eclipse.jetty:jetty-servlet:10.0.2 - https://eclipse.org/jetty/jetty-servlet)
 			- Jetty :: Utilities (org.eclipse.jetty:jetty-util:10.0.2 - https://eclipse.org/jetty/jetty-util)
-			- Jetty :: Webapp Application Support (org.eclipse.jetty:jetty-webapp:10.0.2 - https://eclipse.org/jetty/jetty-webapp)
-			- Jetty :: XML utilities (org.eclipse.jetty:jetty-xml:10.0.2 - https://eclipse.org/jetty/jetty-xml)
         Eclipse Public License - v 1.0:
 			- Logback Classic Module (ch.qos.logback:logback-classic:1.2.3 - http://logback.qos.ch/logback-classic)
 			- Logback Core Module (ch.qos.logback:logback-core:1.2.3 - http://logback.qos.ch/logback-core)
-        Eclipse Public License - v 2.0:
-			- jnr-posix (com.github.jnr:jnr-posix:3.0.54 - http://nexus.sonatype.org/oss-repository-hosting.html/jnr-posix)
         GNU Lesser General Public License:
 			- Logback Classic Module (ch.qos.logback:logback-classic:1.2.3 - http://logback.qos.ch/logback-classic)
 			- Logback Core Module (ch.qos.logback:logback-core:1.2.3 - http://logback.qos.ch/logback-core)
-        GPLv2:
-			- jnr-posix (com.github.jnr:jnr-posix:3.0.54 - http://nexus.sonatype.org/oss-repository-hosting.html/jnr-posix)
         GPLv2+CE:
 			- javafx-base (org.openjfx:javafx-base:16 - https://openjdk.java.net/projects/openjfx/javafx-base/)
 			- javafx-controls (org.openjfx:javafx-controls:16 - https://openjdk.java.net/projects/openjfx/javafx-controls/)
 			- javafx-fxml (org.openjfx:javafx-fxml:16 - https://openjdk.java.net/projects/openjfx/javafx-fxml/)
 			- javafx-graphics (org.openjfx:javafx-graphics:16 - https://openjdk.java.net/projects/openjfx/javafx-graphics/)
         LGPL 2.1:
-			- jnr-posix (com.github.jnr:jnr-posix:3.0.54 - http://nexus.sonatype.org/oss-repository-hosting.html/jnr-posix)
 			- Java Native Access (net.java.dev.jna:jna:5.7.0 - https://github.com/java-native-access/jna)
 			- Java Native Access Platform (net.java.dev.jna:jna-platform:5.7.0 - https://github.com/java-native-access/jna)
         MIT License:
 			- java jwt (com.auth0:java-jwt:3.15.0 - https://github.com/auth0/java-jwt)
-			- jnr-x86asm (com.github.jnr:jnr-x86asm:1.0.2 - http://github.com/jnr/jnr-x86asm)
-			- jnr-fuse (com.github.serceman:jnr-fuse:0.5.5 - https://github.com/SerCeMan/jnr-fuse)
-			- zxcvbn4j (com.nulab-inc:zxcvbn:1.3.0 - https://github.com/nulab/zxcvbn4j)
-			- Checker Qual (org.checkerframework:checker-qual:3.8.0 - https://checkerframework.org)
+			- zxcvbn4j (com.nulab-inc:zxcvbn:1.5.2 - https://github.com/nulab/zxcvbn4j)
 			- SLF4J API Module (org.slf4j:slf4j-api:1.7.30 - http://www.slf4j.org)
         The BSD 2-Clause License:
 			- EasyBind (com.tobiasdiez:easybind:2.2 - https://github.com/tobiasdiez/EasyBind)