license-maven-plugin icon indicating copy to clipboard operation
license-maven-plugin copied to clipboard

Published 20 hours ago verified publisher icon mojohaus

Use URLs over license names

Open digulla opened this issue 6 years ago • 3 comments

I want to use the plugin to clear the IP which my projects are using. For that purpose, I think it would be much better to use the URL to group licenses, i.e. the POM should give me an option to assign a name to a URL and the license plugin should then use this name (and the specified URL) in the generated HTML report (and only the name on the command line).

This would mean the merge section of the plugin should be much smaller (since most dependencies will use the same URL even when they use different names) and it would only be a list of URLs (separated only by space since space isn't allowed in URLs).

But that would be a major change in how the plugin operates and I'm not sure how to proceed.

digulla avatar Jan 24 '19 12:01 digulla

Please add more details:

  • Which mojo(s) would be affected
  • Maybe try to sketch the new configuration needed here

ppalaga avatar Jan 24 '19 13:01 ppalaga

All code using ThirdPartyDetails would be affected in some way. Instead of names, the property licenses would return URLs. In addition, we would need a new bean which contains the names per URL plus methods to merge URLs.

On the command line, it should print "${name} (${url})", in reports, it should use <a href="${url}">${name}</a>.

As for the new config, I'd suggest this:

<licenseUrls>
	<licenseUrl>
		<name>Apache Public License 2.0</name>
		<url>https://opensource.org/licenses/Apache-2.0</url>
		<aliases>
			https://www.apache.org/licenses/LICENSE-2.0
			https://github.com/apache/maven/blob/maven-3.6.0/LICENSE
		</aliases>
	</licenseUrl>
</licenseUrls>

<missingLicenses>
	<missingLicense>
		<groupId>dom4j</groupId>
		<artifactId>dom4j</artifactId>
		<version>1.6.1</version>
		<url>https://github.com/dom4j/dom4j/blob/master/LICENSE</url>
	</missingLicense>
</missingLicenses

<licenseOverrides>
	<licenseOverride>
		<groupId>com.sun.xml.bind</groupId>
		<artifactId>*</artifactId> <!-- pattern -->
		<version>2.2.11</version>
		<url>https://opensource.org/licenses/CDDL-1.0</url>
	</licenseOverride>
</licenseOverrides>

That also demonstrates how to solve issue #211

digulla avatar Jan 24 '19 13:01 digulla

I'm not sure how to merge additional missing licenses and overrides. Maybe we can add dependencies to POM artifacts and the plugin would then parse its own configuration from the file (ignoring everything else).

This looks interesting: https://blog.sonatype.com/2011/01/maven-how-to-merging-plugin-configuration-in-complex-projects/

digulla avatar Jan 24 '19 13:01 digulla