Third party file includes licenses not on list of allowed licenses in case of dual licensed libraries

[tkowalcz]

I am using license plugin version 2.0.0 and maven version 3.8.6.

I have a dual licensed dependency (e.g. JNA which is LGPL and Apache 2.0). I would like to create a report (third party file) that does not mention the LGPL license as it is not allowed by my project.

The behaviour of the license plugin seems to be counterintuitive and not allows to achieve that. Let me explain below.

JNA will be installed in the LicenseMap under two entries. If one of the licenses is on the excludedLicenses list (and failOnBlacklist is true) the build will fail. It is not intuitive to me as I expect that dual licensed dependencies will be ok if just one of the licenses is allowed.

When I use includedLicenses instead then the build will work as expected (plugin recognises that library has one of the licenses that is on allow list). But then during report creation the dependency is still assigned to both licenses.

I would like to get rid of the mention of licenses that are not allowed (not on includedLicenses list).

Is it possible to change that behaviour, or maybe expose the includedLicenses to the freemarker template engine? (I don't like the latter approach as this would entail duplicating the license filtering logic already present in the plugin).

I'd be happy to provide a PR if someone can suggest along which lines it should go.