Interesting suite of plugins for componet analysis java

[pethers]

A range of sonarqube plugins that cover different aspects of https://www.owasp.org/index.php/Component_Analysis

License : https://github.com/porscheinformatik/sonarqube-licensecheck
Known Vulnerabilities : https://github.com/SonarSecurityCommunity/dependency-check-sonar-plugin (already included)
Outdated Components : https://github.com/reallyinsane/mathan-dependency-updates-sonar-plugin

https://bitbucket.org/excentia/sonarqube-tattletale-plugin/src/master/ no 7.9(only 5.6) support but provides

Identify dependencies between JAR files
Spot if a class/package is located in multiple JAR files
Spot if the same JAR file is located in multiple locations

best regards