From 78b8d14955c4b31bd8e4937cddb18ee2d506c5db Mon Sep 17 00:00:00 2001
From: Christoph Pirkl <christoph.pirkl@exasol.com>
Date: Mon, 3 Jul 2023 13:28:34 +0200
Subject: [PATCH 1/2] #57: Updated dependencies

---
 README.md                    |  2 +-
 dependencies.md              | 73 +++++++++++++++++++-----------------
 doc/changes/changelog.md     |  1 +
 doc/changes/changes_0.6.9.md | 48 ++++++++++++++++++++++++
 pk_generated_parent.pom      | 50 ++++++++++++++++++------
 pom.xml                      | 43 ++++++++++-----------
 6 files changed, 145 insertions(+), 72 deletions(-)
 create mode 100644 doc/changes/changes_0.6.9.md

diff --git a/README.md b/README.md
index ba0ad23..8229587 100644
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 # UDF Debugging Tools for Java
 
 [![Build Status](https://github.com/exasol/udf-debugging-java/actions/workflows/ci-build.yml/badge.svg)](https://github.com/exasol/udf-debugging-java/actions/workflows/ci-build.yml)
-[![Maven Central – udf-debugging-java](https://img.shields.io/maven-central/v/com.exasol/udf-debugging-java)](https://search.maven.org/artifact/com.exasol/udf-debugging-java)
+[![Maven Central &ndash; udf-debugging-java](https://img.shields.io/maven-central/v/com.exasol/udf-debugging-java)](https://search.maven.org/artifact/com.exasol/udf-debugging-java)
 
 [![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=com.exasol%3Audf-debugging-java&metric=alert_status)](https://sonarcloud.io/dashboard?id=com.exasol%3Audf-debugging-java)
 
diff --git a/dependencies.md b/dependencies.md
index 880f428..a75fc87 100644
--- a/dependencies.md
+++ b/dependencies.md
@@ -10,8 +10,8 @@
 | [JaCoCo :: Core][5]                     | [Eclipse Public License 2.0][6]                                                                              |
 | [BucketFS Java][7]                      | [MIT License][8]                                                                                             |
 | [exasol-test-setup-abstraction-java][9] | [MIT License][10]                                                                                            |
-| [Apache Commons Compress][11]           | [Apache License, Version 2.0][12]                                                                            |
-| [SLF4J API Module][13]                  | [MIT License][14]                                                                                            |
+| [Apache Commons Compress][11]           | [Apache-2.0][12]                                                                                             |
+| [SLF4J JDK14 Binding][13]               | [MIT License][14]                                                                                            |
 
 ## Test Dependencies
 
@@ -38,28 +38,29 @@
 | Dependency                                              | License                                        |
 | ------------------------------------------------------- | ---------------------------------------------- |
 | [SonarQube Scanner for Maven][29]                       | [GNU LGPL 3][30]                               |
-| [Apache Maven Compiler Plugin][31]                      | [Apache License, Version 2.0][12]              |
-| [Apache Maven Enforcer Plugin][32]                      | [Apache License, Version 2.0][12]              |
+| [Apache Maven Compiler Plugin][31]                      | [Apache-2.0][12]                               |
+| [Apache Maven Enforcer Plugin][32]                      | [Apache-2.0][12]                               |
 | [Maven Flatten Plugin][33]                              | [Apache Software Licenese][12]                 |
 | [Maven Dependency Plugin][34]                           | [The Apache Software License, Version 2.0][35] |
 | [Project keeper maven plugin][36]                       | [The MIT License][37]                          |
 | [org.sonatype.ossindex.maven:ossindex-maven-plugin][38] | [ASL2][35]                                     |
-| [Maven Surefire Plugin][39]                             | [Apache License, Version 2.0][12]              |
+| [Maven Surefire Plugin][39]                             | [Apache-2.0][12]                               |
 | [Versions Maven Plugin][40]                             | [Apache License, Version 2.0][12]              |
-| [Apache Maven Deploy Plugin][41]                        | [Apache License, Version 2.0][12]              |
-| [Apache Maven GPG Plugin][42]                           | [Apache License, Version 2.0][12]              |
-| [Apache Maven Source Plugin][43]                        | [Apache License, Version 2.0][12]              |
-| [Apache Maven Javadoc Plugin][44]                       | [Apache License, Version 2.0][12]              |
-| [Nexus Staging Maven Plugin][45]                        | [Eclipse Public License][46]                   |
-| [Maven Failsafe Plugin][47]                             | [Apache License, Version 2.0][12]              |
-| [JaCoCo :: Maven Plugin][48]                            | [Eclipse Public License 2.0][6]                |
-| [error-code-crawler-maven-plugin][49]                   | [MIT License][50]                              |
-| [Reproducible Build Maven Plugin][51]                   | [Apache 2.0][35]                               |
-| [Maven Clean Plugin][52]                                | [The Apache Software License, Version 2.0][35] |
-| [Maven Resources Plugin][53]                            | [The Apache Software License, Version 2.0][35] |
-| [Maven JAR Plugin][54]                                  | [The Apache Software License, Version 2.0][35] |
-| [Maven Install Plugin][55]                              | [The Apache Software License, Version 2.0][35] |
-| [Maven Site Plugin 3][56]                               | [The Apache Software License, Version 2.0][35] |
+| [duplicate-finder-maven-plugin Maven Mojo][41]          | [Apache License 2.0][42]                       |
+| [Apache Maven Deploy Plugin][43]                        | [Apache-2.0][12]                               |
+| [Apache Maven GPG Plugin][44]                           | [Apache License, Version 2.0][12]              |
+| [Apache Maven Source Plugin][45]                        | [Apache License, Version 2.0][12]              |
+| [Apache Maven Javadoc Plugin][46]                       | [Apache-2.0][12]                               |
+| [Nexus Staging Maven Plugin][47]                        | [Eclipse Public License][48]                   |
+| [Maven Failsafe Plugin][49]                             | [Apache-2.0][12]                               |
+| [JaCoCo :: Maven Plugin][50]                            | [Eclipse Public License 2.0][6]                |
+| [error-code-crawler-maven-plugin][51]                   | [MIT License][52]                              |
+| [Reproducible Build Maven Plugin][53]                   | [Apache 2.0][35]                               |
+| [Maven Clean Plugin][54]                                | [The Apache Software License, Version 2.0][35] |
+| [Maven Resources Plugin][55]                            | [The Apache Software License, Version 2.0][35] |
+| [Maven JAR Plugin][56]                                  | [The Apache Software License, Version 2.0][35] |
+| [Maven Install Plugin][57]                              | [The Apache Software License, Version 2.0][35] |
+| [Maven Site Plugin 3][58]                               | [The Apache Software License, Version 2.0][35] |
 
 [0]: https://github.com/eclipse-ee4j/jsonp
 [1]: https://projects.eclipse.org/license/epl-2.0
@@ -102,19 +103,21 @@
 [38]: https://sonatype.github.io/ossindex-maven/maven-plugin/
 [39]: https://maven.apache.org/surefire/maven-surefire-plugin/
 [40]: https://www.mojohaus.org/versions/versions-maven-plugin/
-[41]: https://maven.apache.org/plugins/maven-deploy-plugin/
-[42]: https://maven.apache.org/plugins/maven-gpg-plugin/
-[43]: https://maven.apache.org/plugins/maven-source-plugin/
-[44]: https://maven.apache.org/plugins/maven-javadoc-plugin/
-[45]: http://www.sonatype.com/public-parent/nexus-maven-plugins/nexus-staging/nexus-staging-maven-plugin/
-[46]: http://www.eclipse.org/legal/epl-v10.html
-[47]: https://maven.apache.org/surefire/maven-failsafe-plugin/
-[48]: https://www.jacoco.org/jacoco/trunk/doc/maven.html
-[49]: https://github.com/exasol/error-code-crawler-maven-plugin/
-[50]: https://github.com/exasol/error-code-crawler-maven-plugin/blob/main/LICENSE
-[51]: http://zlika.github.io/reproducible-build-maven-plugin
-[52]: http://maven.apache.org/plugins/maven-clean-plugin/
-[53]: http://maven.apache.org/plugins/maven-resources-plugin/
-[54]: http://maven.apache.org/plugins/maven-jar-plugin/
-[55]: http://maven.apache.org/plugins/maven-install-plugin/
-[56]: http://maven.apache.org/plugins/maven-site-plugin/
+[41]: https://github.com/basepom/duplicate-finder-maven-plugin
+[42]: http://www.apache.org/licenses/LICENSE-2.0.html
+[43]: https://maven.apache.org/plugins/maven-deploy-plugin/
+[44]: https://maven.apache.org/plugins/maven-gpg-plugin/
+[45]: https://maven.apache.org/plugins/maven-source-plugin/
+[46]: https://maven.apache.org/plugins/maven-javadoc-plugin/
+[47]: http://www.sonatype.com/public-parent/nexus-maven-plugins/nexus-staging/nexus-staging-maven-plugin/
+[48]: http://www.eclipse.org/legal/epl-v10.html
+[49]: https://maven.apache.org/surefire/maven-failsafe-plugin/
+[50]: https://www.jacoco.org/jacoco/trunk/doc/maven.html
+[51]: https://github.com/exasol/error-code-crawler-maven-plugin/
+[52]: https://github.com/exasol/error-code-crawler-maven-plugin/blob/main/LICENSE
+[53]: http://zlika.github.io/reproducible-build-maven-plugin
+[54]: http://maven.apache.org/plugins/maven-clean-plugin/
+[55]: http://maven.apache.org/plugins/maven-resources-plugin/
+[56]: http://maven.apache.org/plugins/maven-jar-plugin/
+[57]: http://maven.apache.org/plugins/maven-install-plugin/
+[58]: http://maven.apache.org/plugins/maven-site-plugin/
diff --git a/doc/changes/changelog.md b/doc/changes/changelog.md
index 14bcd2c..4796e0d 100644
--- a/doc/changes/changelog.md
+++ b/doc/changes/changelog.md
@@ -1,5 +1,6 @@
 # Changes
 
+* [0.6.9](changes_0.6.9.md)
 * [0.6.8](changes_0.6.8.md)
 * [0.6.7](changes_0.6.7.md)
 * [0.6.6](changes_0.6.6.md)
diff --git a/doc/changes/changes_0.6.9.md b/doc/changes/changes_0.6.9.md
new file mode 100644
index 0000000..566c5cf
--- /dev/null
+++ b/doc/changes/changes_0.6.9.md
@@ -0,0 +1,48 @@
+# Udf Debugging Java 0.6.9, released 2023-07-03
+
+Code name: Upgrade dependencies on top of 0.6.8
+
+## Summary
+
+This release fixes the following vulnerability in `provided` dependency `io.netty:netty-handler`:
+* CVE-2023-34462, severity CWE-770: Allocation of Resources Without Limits or Throttling (6.5)
+
+## Security
+
+* #57: Upgraded dependencies
+
+## Dependency Updates
+
+### Compile Dependency Updates
+
+* Updated `com.exasol:bucketfs-java:3.0.0` to `3.1.0`
+* Updated `com.exasol:error-reporting-java:1.0.0` to `1.0.1`
+* Updated `jakarta.json:jakarta.json-api:2.1.1` to `2.1.2`
+* Updated `org.apache.commons:commons-compress:1.22` to `1.23.0`
+* Updated `org.jacoco:org.jacoco.core:0.8.8` to `0.8.10`
+* Removed `org.slf4j:slf4j-api:2.0.6`
+* Added `org.slf4j:slf4j-jdk14:2.0.7`
+
+### Test Dependency Updates
+
+* Updated `com.exasol:exasol-testcontainers:6.5.1` to `6.6.0`
+* Updated `org.jacoco:org.jacoco.agent:0.8.8` to `0.8.10`
+* Updated `org.junit.jupiter:junit-jupiter-engine:5.9.2` to `5.9.3`
+* Updated `org.junit.jupiter:junit-jupiter-params:5.9.2` to `5.9.3`
+* Updated `org.mockito:mockito-junit-jupiter:5.1.1` to `5.4.0`
+* Updated `org.testcontainers:junit-jupiter:1.17.6` to `1.18.3`
+
+### Plugin Dependency Updates
+
+* Updated `com.exasol:error-code-crawler-maven-plugin:1.2.2` to `1.2.3`
+* Updated `com.exasol:project-keeper-maven-plugin:2.9.3` to `2.9.7`
+* Updated `org.apache.maven.plugins:maven-compiler-plugin:3.10.1` to `3.11.0`
+* Updated `org.apache.maven.plugins:maven-deploy-plugin:3.0.0` to `3.1.1`
+* Updated `org.apache.maven.plugins:maven-enforcer-plugin:3.1.0` to `3.3.0`
+* Updated `org.apache.maven.plugins:maven-failsafe-plugin:3.0.0-M8` to `3.0.0`
+* Updated `org.apache.maven.plugins:maven-javadoc-plugin:3.4.1` to `3.5.0`
+* Updated `org.apache.maven.plugins:maven-surefire-plugin:3.0.0-M8` to `3.0.0`
+* Added `org.basepom.maven:duplicate-finder-maven-plugin:1.5.1`
+* Updated `org.codehaus.mojo:flatten-maven-plugin:1.3.0` to `1.4.1`
+* Updated `org.codehaus.mojo:versions-maven-plugin:2.14.2` to `2.15.0`
+* Updated `org.jacoco:jacoco-maven-plugin:0.8.8` to `0.8.9`
diff --git a/pk_generated_parent.pom b/pk_generated_parent.pom
index 39d60f1..3b5cb6c 100644
--- a/pk_generated_parent.pom
+++ b/pk_generated_parent.pom
@@ -3,7 +3,7 @@
     <modelVersion>4.0.0</modelVersion>
     <groupId>com.exasol</groupId>
     <artifactId>udf-debugging-java-generated-parent</artifactId>
-    <version>0.6.8</version>
+    <version>0.6.9</version>
     <packaging>pom</packaging>
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
@@ -53,7 +53,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-compiler-plugin</artifactId>
-                <version>3.10.1</version>
+                <version>3.11.0</version>
                 <configuration>
                     <source>${java.version}</source>
                     <target>${java.version}</target>
@@ -62,7 +62,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-enforcer-plugin</artifactId>
-                <version>3.1.0</version>
+                <version>3.3.0</version>
                 <executions>
                     <execution>
                         <id>enforce-maven</id>
@@ -72,7 +72,7 @@
                         <configuration>
                             <rules>
                                 <requireMavenVersion>
-                                    <version>3.6.3</version>
+                                    <version>[3.8.7,3.9.0)</version>
                                 </requireMavenVersion>
                             </rules>
                         </configuration>
@@ -82,7 +82,7 @@
             <plugin>
                 <groupId>org.codehaus.mojo</groupId>
                 <artifactId>flatten-maven-plugin</artifactId>
-                <version>1.3.0</version>
+                <version>1.4.1</version>
                 <configuration>
                     <updatePomFile>true</updatePomFile>
                     <flattenMode>oss</flattenMode>
@@ -121,7 +121,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
-                <version>3.0.0-M8</version>
+                <version>3.0.0</version>
                 <configuration>
                     <!-- Set the highest log level for coverage testing, so that we
           have a chance to reach branches in the logging lambdas too. -->
@@ -132,7 +132,7 @@
             <plugin>
                 <groupId>org.codehaus.mojo</groupId>
                 <artifactId>versions-maven-plugin</artifactId>
-                <version>2.14.2</version>
+                <version>2.15.0</version>
                 <executions>
                     <execution>
                         <id>display-updates</id>
@@ -147,10 +147,36 @@
                     <rulesUri>file:///${project.basedir}/versionsMavenPluginRules.xml</rulesUri>
                 </configuration>
             </plugin>
+            <plugin>
+                <groupId>org.basepom.maven</groupId>
+                <artifactId>duplicate-finder-maven-plugin</artifactId>
+                <version>1.5.1</version>
+                <executions>
+                    <execution>
+                        <id>default</id>
+                        <phase>verify</phase>
+                        <goals>
+                            <goal>check</goal>
+                        </goals>
+                    </execution>
+                </executions>
+                <configuration>
+                    <printEqualFiles>true</printEqualFiles>
+                    <failBuildInCaseOfDifferentContentConflict>true</failBuildInCaseOfDifferentContentConflict>
+                    <failBuildInCaseOfEqualContentConflict>true</failBuildInCaseOfEqualContentConflict>
+                    <failBuildInCaseOfConflict>true</failBuildInCaseOfConflict>
+                    <checkCompileClasspath>true</checkCompileClasspath>
+                    <checkRuntimeClasspath>true</checkRuntimeClasspath>
+                    <checkTestClasspath>false</checkTestClasspath>
+                    <quiet>true</quiet>
+                    <preferLocal>true</preferLocal>
+                    <useResultFile>false</useResultFile>
+                </configuration>
+            </plugin>
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-deploy-plugin</artifactId>
-                <version>3.0.0</version>
+                <version>3.1.1</version>
                 <configuration>
                     <skip>true</skip>
                 </configuration>
@@ -191,7 +217,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-javadoc-plugin</artifactId>
-                <version>3.4.1</version>
+                <version>3.5.0</version>
                 <executions>
                     <execution>
                         <id>attach-javadocs</id>
@@ -232,7 +258,7 @@
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-failsafe-plugin</artifactId>
-                <version>3.0.0-M8</version>
+                <version>3.0.0</version>
                 <configuration>
                     <!-- Set the highest log level for coverage testing, so that we have a chance to reach branches
           <property>	                      in the logging lambdas too. -->
@@ -253,7 +279,7 @@
             <plugin>
                 <groupId>org.jacoco</groupId>
                 <artifactId>jacoco-maven-plugin</artifactId>
-                <version>0.8.8</version>
+                <version>0.8.9</version>
                 <executions>
                     <execution>
                         <id>prepare-agent</id>
@@ -294,7 +320,7 @@
             <plugin>
                 <groupId>com.exasol</groupId>
                 <artifactId>error-code-crawler-maven-plugin</artifactId>
-                <version>1.2.2</version>
+                <version>1.2.3</version>
                 <executions>
                     <execution>
                         <id>verify</id>
diff --git a/pom.xml b/pom.xml
index ef012c1..18c968c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -2,14 +2,13 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <artifactId>udf-debugging-java</artifactId>
-    <version>0.6.8</version>
+    <version>0.6.9</version>
     <name>udf-debugging-java</name>
     <description>Utilities for debugging, profiling and code coverage measure for UDFs.</description>
     <url>https://github.com/exasol/udf-debugging-java/</url>
     <properties>
-        <junit.version>5.9.2</junit.version>
-        <vscommon.version>11.0.0</vscommon.version>
-        <jacoco.version>0.8.8</jacoco.version>
+        <junit.version>5.9.3</junit.version>
+        <jacoco.version>0.8.10</jacoco.version>
     </properties>
     <distributionManagement>
         <snapshotRepository>
@@ -25,7 +24,7 @@
         <dependency>
             <groupId>jakarta.json</groupId>
             <artifactId>jakarta.json-api</artifactId>
-            <version>2.1.1</version>
+            <version>2.1.2</version>
         </dependency>
         <dependency>
             <groupId>org.glassfish</groupId>
@@ -36,7 +35,7 @@
         <dependency>
             <groupId>com.exasol</groupId>
             <artifactId>error-reporting-java</artifactId>
-            <version>1.0.0</version>
+            <version>1.0.1</version>
         </dependency>
         <dependency>
             <groupId>org.jacoco</groupId>
@@ -53,12 +52,12 @@
         <dependency>
             <groupId>com.exasol</groupId>
             <artifactId>bucketfs-java</artifactId>
-            <version>3.0.0</version>
+            <version>3.1.0</version>
         </dependency>
         <dependency>
             <groupId>com.exasol</groupId>
             <artifactId>exasol-test-setup-abstraction-java</artifactId>
-            <version>2.0.0</version>
+            <version>2.0.2</version>
             <!-- This is not a compile-dependency since it would pull a lot of transitive
             dependencies (like the AWS
             SDK) into project where it's absolutely not
@@ -70,12 +69,7 @@
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-compress</artifactId>
-            <version>1.22</version>
-        </dependency>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-api</artifactId>
-            <version>2.0.6</version>
+            <version>1.23.0</version>
         </dependency>
         <!-- test dependencies -->
         <dependency>
@@ -93,7 +87,7 @@
         <dependency>
             <groupId>org.mockito</groupId>
             <artifactId>mockito-junit-jupiter</artifactId>
-            <version>5.1.1</version>
+            <version>5.4.0</version>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -106,13 +100,13 @@
         <dependency>
             <groupId>com.exasol</groupId>
             <artifactId>exasol-testcontainers</artifactId>
-            <version>6.5.1</version>
+            <version>6.6.0</version>
             <scope>test</scope>
         </dependency>
         <dependency>
             <groupId>org.testcontainers</groupId>
             <artifactId>junit-jupiter</artifactId>
-            <version>1.17.6</version>
+            <version>1.18.3</version>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -127,6 +121,12 @@
             <version>1.2.0</version>
             <scope>test</scope>
         </dependency>
+        <dependency>
+            <!-- Enable log output for integration tests -->
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-jdk14</artifactId>
+            <version>2.0.7</version>
+        </dependency>
     </dependencies>
     <build>
         <plugins>
@@ -151,7 +151,7 @@
             <plugin>
                 <groupId>com.exasol</groupId>
                 <artifactId>project-keeper-maven-plugin</artifactId>
-                <version>2.9.3</version>
+                <version>2.9.7</version>
                 <executions>
                     <execution>
                         <goals>
@@ -165,11 +165,6 @@
                 <artifactId>ossindex-maven-plugin</artifactId>
                 <configuration>
                     <excludeVulnerabilityIds>
-                        <!-- io.netty:netty-handler: Not a vulnerability in netty but how it
-                        is
-                        configured by the client software.amazon.awssdk:netty-nio-client. We are not
-                        affected, see https://github.com/aws/aws-sdk-java-v2/issues/3263 for details -->
-                        <exclude>sonatype-2020-0026</exclude>
                         <!-- Transitive dependency fr.turri:aXMLRPC used by
                         com.exasol:bucketfs-java.
                         CVE-2020-36641 is reported
@@ -185,7 +180,7 @@
     <parent>
         <artifactId>udf-debugging-java-generated-parent</artifactId>
         <groupId>com.exasol</groupId>
-        <version>0.6.8</version>
+        <version>0.6.9</version>
         <relativePath>pk_generated_parent.pom</relativePath>
     </parent>
 </project>

From 0967bd77d2a4b7cd0a0a933169622ef4c7aaa297 Mon Sep 17 00:00:00 2001
From: Christoph Pirkl <christoph.pirkl@exasol.com>
Date: Mon, 3 Jul 2023 13:57:09 +0200
Subject: [PATCH 2/2] Fix duplicate classes

---
 dependencies.md              | 115 ++++++++++++++++++-----------------
 doc/changes/changes_0.6.9.md |   5 ++
 pom.xml                      |  13 ++--
 3 files changed, 71 insertions(+), 62 deletions(-)

diff --git a/dependencies.md b/dependencies.md
index a75fc87..3b9c4a4 100644
--- a/dependencies.md
+++ b/dependencies.md
@@ -29,38 +29,38 @@
 
 ## Runtime Dependencies
 
-| Dependency                   | License                                                                                                      |
-| ---------------------------- | ------------------------------------------------------------------------------------------------------------ |
-| [JSON-P Default Provider][0] | [Eclipse Public License 2.0][1]; [GNU General Public License, version 2 with the GNU Classpath Exception][2] |
+| Dependency            | License                                                                                                      |
+| --------------------- | ------------------------------------------------------------------------------------------------------------ |
+| [Eclipse Parsson][29] | [Eclipse Public License 2.0][1]; [GNU General Public License, version 2 with the GNU Classpath Exception][2] |
 
 ## Plugin Dependencies
 
 | Dependency                                              | License                                        |
 | ------------------------------------------------------- | ---------------------------------------------- |
-| [SonarQube Scanner for Maven][29]                       | [GNU LGPL 3][30]                               |
-| [Apache Maven Compiler Plugin][31]                      | [Apache-2.0][12]                               |
-| [Apache Maven Enforcer Plugin][32]                      | [Apache-2.0][12]                               |
-| [Maven Flatten Plugin][33]                              | [Apache Software Licenese][12]                 |
-| [Maven Dependency Plugin][34]                           | [The Apache Software License, Version 2.0][35] |
-| [Project keeper maven plugin][36]                       | [The MIT License][37]                          |
-| [org.sonatype.ossindex.maven:ossindex-maven-plugin][38] | [ASL2][35]                                     |
-| [Maven Surefire Plugin][39]                             | [Apache-2.0][12]                               |
-| [Versions Maven Plugin][40]                             | [Apache License, Version 2.0][12]              |
-| [duplicate-finder-maven-plugin Maven Mojo][41]          | [Apache License 2.0][42]                       |
-| [Apache Maven Deploy Plugin][43]                        | [Apache-2.0][12]                               |
-| [Apache Maven GPG Plugin][44]                           | [Apache License, Version 2.0][12]              |
-| [Apache Maven Source Plugin][45]                        | [Apache License, Version 2.0][12]              |
-| [Apache Maven Javadoc Plugin][46]                       | [Apache-2.0][12]                               |
-| [Nexus Staging Maven Plugin][47]                        | [Eclipse Public License][48]                   |
-| [Maven Failsafe Plugin][49]                             | [Apache-2.0][12]                               |
-| [JaCoCo :: Maven Plugin][50]                            | [Eclipse Public License 2.0][6]                |
-| [error-code-crawler-maven-plugin][51]                   | [MIT License][52]                              |
-| [Reproducible Build Maven Plugin][53]                   | [Apache 2.0][35]                               |
-| [Maven Clean Plugin][54]                                | [The Apache Software License, Version 2.0][35] |
-| [Maven Resources Plugin][55]                            | [The Apache Software License, Version 2.0][35] |
-| [Maven JAR Plugin][56]                                  | [The Apache Software License, Version 2.0][35] |
-| [Maven Install Plugin][57]                              | [The Apache Software License, Version 2.0][35] |
-| [Maven Site Plugin 3][58]                               | [The Apache Software License, Version 2.0][35] |
+| [SonarQube Scanner for Maven][30]                       | [GNU LGPL 3][31]                               |
+| [Apache Maven Compiler Plugin][32]                      | [Apache-2.0][12]                               |
+| [Apache Maven Enforcer Plugin][33]                      | [Apache-2.0][12]                               |
+| [Maven Flatten Plugin][34]                              | [Apache Software Licenese][12]                 |
+| [Maven Dependency Plugin][35]                           | [The Apache Software License, Version 2.0][36] |
+| [Project keeper maven plugin][37]                       | [The MIT License][38]                          |
+| [org.sonatype.ossindex.maven:ossindex-maven-plugin][39] | [ASL2][36]                                     |
+| [Maven Surefire Plugin][40]                             | [Apache-2.0][12]                               |
+| [Versions Maven Plugin][41]                             | [Apache License, Version 2.0][12]              |
+| [duplicate-finder-maven-plugin Maven Mojo][42]          | [Apache License 2.0][43]                       |
+| [Apache Maven Deploy Plugin][44]                        | [Apache-2.0][12]                               |
+| [Apache Maven GPG Plugin][45]                           | [Apache License, Version 2.0][12]              |
+| [Apache Maven Source Plugin][46]                        | [Apache License, Version 2.0][12]              |
+| [Apache Maven Javadoc Plugin][47]                       | [Apache-2.0][12]                               |
+| [Nexus Staging Maven Plugin][48]                        | [Eclipse Public License][49]                   |
+| [Maven Failsafe Plugin][50]                             | [Apache-2.0][12]                               |
+| [JaCoCo :: Maven Plugin][51]                            | [Eclipse Public License 2.0][6]                |
+| [error-code-crawler-maven-plugin][52]                   | [MIT License][53]                              |
+| [Reproducible Build Maven Plugin][54]                   | [Apache 2.0][36]                               |
+| [Maven Clean Plugin][55]                                | [The Apache Software License, Version 2.0][36] |
+| [Maven Resources Plugin][56]                            | [The Apache Software License, Version 2.0][36] |
+| [Maven JAR Plugin][57]                                  | [The Apache Software License, Version 2.0][36] |
+| [Maven Install Plugin][58]                              | [The Apache Software License, Version 2.0][36] |
+| [Maven Site Plugin 3][59]                               | [The Apache Software License, Version 2.0][36] |
 
 [0]: https://github.com/eclipse-ee4j/jsonp
 [1]: https://projects.eclipse.org/license/epl-2.0
@@ -91,33 +91,34 @@
 [26]: https://github.com/exasol/test-db-builder-java/blob/main/LICENSE
 [27]: https://github.com/itsallcode/junit5-system-extensions
 [28]: http://www.eclipse.org/legal/epl-v20.html
-[29]: http://sonarsource.github.io/sonar-scanner-maven/
-[30]: http://www.gnu.org/licenses/lgpl.txt
-[31]: https://maven.apache.org/plugins/maven-compiler-plugin/
-[32]: https://maven.apache.org/enforcer/maven-enforcer-plugin/
-[33]: https://www.mojohaus.org/flatten-maven-plugin/
-[34]: http://maven.apache.org/plugins/maven-dependency-plugin/
-[35]: http://www.apache.org/licenses/LICENSE-2.0.txt
-[36]: https://github.com/exasol/project-keeper/
-[37]: https://github.com/exasol/project-keeper/blob/main/LICENSE
-[38]: https://sonatype.github.io/ossindex-maven/maven-plugin/
-[39]: https://maven.apache.org/surefire/maven-surefire-plugin/
-[40]: https://www.mojohaus.org/versions/versions-maven-plugin/
-[41]: https://github.com/basepom/duplicate-finder-maven-plugin
-[42]: http://www.apache.org/licenses/LICENSE-2.0.html
-[43]: https://maven.apache.org/plugins/maven-deploy-plugin/
-[44]: https://maven.apache.org/plugins/maven-gpg-plugin/
-[45]: https://maven.apache.org/plugins/maven-source-plugin/
-[46]: https://maven.apache.org/plugins/maven-javadoc-plugin/
-[47]: http://www.sonatype.com/public-parent/nexus-maven-plugins/nexus-staging/nexus-staging-maven-plugin/
-[48]: http://www.eclipse.org/legal/epl-v10.html
-[49]: https://maven.apache.org/surefire/maven-failsafe-plugin/
-[50]: https://www.jacoco.org/jacoco/trunk/doc/maven.html
-[51]: https://github.com/exasol/error-code-crawler-maven-plugin/
-[52]: https://github.com/exasol/error-code-crawler-maven-plugin/blob/main/LICENSE
-[53]: http://zlika.github.io/reproducible-build-maven-plugin
-[54]: http://maven.apache.org/plugins/maven-clean-plugin/
-[55]: http://maven.apache.org/plugins/maven-resources-plugin/
-[56]: http://maven.apache.org/plugins/maven-jar-plugin/
-[57]: http://maven.apache.org/plugins/maven-install-plugin/
-[58]: http://maven.apache.org/plugins/maven-site-plugin/
+[29]: https://github.com/eclipse-ee4j/parsson
+[30]: http://sonarsource.github.io/sonar-scanner-maven/
+[31]: http://www.gnu.org/licenses/lgpl.txt
+[32]: https://maven.apache.org/plugins/maven-compiler-plugin/
+[33]: https://maven.apache.org/enforcer/maven-enforcer-plugin/
+[34]: https://www.mojohaus.org/flatten-maven-plugin/
+[35]: http://maven.apache.org/plugins/maven-dependency-plugin/
+[36]: http://www.apache.org/licenses/LICENSE-2.0.txt
+[37]: https://github.com/exasol/project-keeper/
+[38]: https://github.com/exasol/project-keeper/blob/main/LICENSE
+[39]: https://sonatype.github.io/ossindex-maven/maven-plugin/
+[40]: https://maven.apache.org/surefire/maven-surefire-plugin/
+[41]: https://www.mojohaus.org/versions/versions-maven-plugin/
+[42]: https://github.com/basepom/duplicate-finder-maven-plugin
+[43]: http://www.apache.org/licenses/LICENSE-2.0.html
+[44]: https://maven.apache.org/plugins/maven-deploy-plugin/
+[45]: https://maven.apache.org/plugins/maven-gpg-plugin/
+[46]: https://maven.apache.org/plugins/maven-source-plugin/
+[47]: https://maven.apache.org/plugins/maven-javadoc-plugin/
+[48]: http://www.sonatype.com/public-parent/nexus-maven-plugins/nexus-staging/nexus-staging-maven-plugin/
+[49]: http://www.eclipse.org/legal/epl-v10.html
+[50]: https://maven.apache.org/surefire/maven-failsafe-plugin/
+[51]: https://www.jacoco.org/jacoco/trunk/doc/maven.html
+[52]: https://github.com/exasol/error-code-crawler-maven-plugin/
+[53]: https://github.com/exasol/error-code-crawler-maven-plugin/blob/main/LICENSE
+[54]: http://zlika.github.io/reproducible-build-maven-plugin
+[55]: http://maven.apache.org/plugins/maven-clean-plugin/
+[56]: http://maven.apache.org/plugins/maven-resources-plugin/
+[57]: http://maven.apache.org/plugins/maven-jar-plugin/
+[58]: http://maven.apache.org/plugins/maven-install-plugin/
+[59]: http://maven.apache.org/plugins/maven-site-plugin/
diff --git a/doc/changes/changes_0.6.9.md b/doc/changes/changes_0.6.9.md
index 566c5cf..850d3d9 100644
--- a/doc/changes/changes_0.6.9.md
+++ b/doc/changes/changes_0.6.9.md
@@ -23,6 +23,11 @@ This release fixes the following vulnerability in `provided` dependency `io.nett
 * Removed `org.slf4j:slf4j-api:2.0.6`
 * Added `org.slf4j:slf4j-jdk14:2.0.7`
 
+### Runtime Dependency Updates
+
+* Added `org.eclipse.parsson:parsson:1.1.2`
+* Removed `org.glassfish:jakarta.json:2.0.1`
+
 ### Test Dependency Updates
 
 * Updated `com.exasol:exasol-testcontainers:6.5.1` to `6.6.0`
diff --git a/pom.xml b/pom.xml
index 18c968c..ceb1ad2 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,5 +1,7 @@
 <?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
     <artifactId>udf-debugging-java</artifactId>
     <version>0.6.9</version>
@@ -27,9 +29,9 @@
             <version>2.1.2</version>
         </dependency>
         <dependency>
-            <groupId>org.glassfish</groupId>
-            <artifactId>jakarta.json</artifactId>
-            <version>2.0.1</version>
+            <groupId>org.eclipse.parsson</groupId>
+            <artifactId>parsson</artifactId>
+            <version>1.1.2</version>
             <scope>runtime</scope>
         </dependency>
         <dependency>
@@ -96,7 +98,8 @@
             <version>1.3</version>
             <scope>test</scope>
         </dependency>
-        <!--Integration test dependencies-->
+        <!--Integration
+        test dependencies-->
         <dependency>
             <groupId>com.exasol</groupId>
             <artifactId>exasol-testcontainers</artifactId>