You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'd like to ensure that my projects don't breach and software licensing rules. It would be really handy if the plugin could detect incompatibility of the projects license with any of the licenses that are used by dependencies or between the dependencies themselves.
For example, mixing code under the original BSD license with code under the GPL (GNU General Public License) would violate license terms or mixing code under the Apache 2.0 license with that of GPL v2.
It would be great to have these issues be made apparent. At the very least it should be logged as a warning but as licensing rules are a legal issue, I'd prefer the default behaviour to fail the build if an incompatibility is found.
At the minute this can be achieved somewhat using excludedLicenses option with failOnBlacklist set to true:
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>license-maven-plugin</artifactId>
<version>2.0.0</version>
<executions>
<execution>
<id>add-third-party</id>
<phase>compile</phase>
<goals>
<goal>add-third-party</goal>
</goals>
<configuration>
<includeTransitiveDependencies>true</includeTransitiveDependencies>
</configuration>
</execution>
</executions>
<configuration>
<failOnMissing>true</failOnMissing>
<excludedLicenses>Some License that cannot be used in my project</excludedLicenses>
<failOnBlacklist>true</failOnBlacklist>
</configuration>
</plugin>
but it's not ideal. Not only does this require licenseMerges to get things working correctly but it's also down to the user to make sure they exclude licenses correctly. Some default rules could be handled by license-maven-plugin for the more common licenses.
Please add support for failOnIncompatibility
The text was updated successfully, but these errors were encountered:
I'd like to ensure that my projects don't breach and software licensing rules. It would be really handy if the plugin could detect incompatibility of the projects license with any of the licenses that are used by dependencies or between the dependencies themselves.
For example, mixing code under the original BSD license with code under the GPL (GNU General Public License) would violate license terms or mixing code under the Apache 2.0 license with that of GPL v2.
It would be great to have these issues be made apparent. At the very least it should be logged as a warning but as licensing rules are a legal issue, I'd prefer the default behaviour to fail the build if an incompatibility is found.
At the minute this can be achieved somewhat using excludedLicenses option with failOnBlacklist set to true:
but it's not ideal. Not only does this require licenseMerges to get things working correctly but it's also down to the user to make sure they exclude licenses correctly. Some default rules could be handled by license-maven-plugin for the more common licenses.
Please add support for failOnIncompatibility
The text was updated successfully, but these errors were encountered: