sonarqube-licensecheck
sonarqube-licensecheck copied to clipboard
adding feature to match maven dependencies by version also
Feature allowing maven dependency matching by also using the version of the library. Some libraries, for example iText, switched licensing from one version to another: https://github.com/ymasory/iText-4.2.0 (v4.x used LGPL/MPL) while from v5.x onward uses AGPL -> https://mvnrepository.com/artifact/com.itextpdf/itextpdf
Therefore there are cases when you want to match a certain library and version to a certain license, but not for all versions of the library.
I have tried to implement the feature with as little side-effects as possible, what has been matching will continue to match, at most it would match something that it didn't use to match. Maybe, if needed, a visual UI setting such as "use version too when matching" could be added.