You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@maven.apache.org by Anton Mazkovoi <an...@atlassian.com> on 2006/05/15 09:37:46 UTC

Dependencies License Report

Hi,

All of our projects (JIRA, Confluence) use maven 1.x for build
management (maven rules!). 

Each project has quite a large number of open source dependencies. We
need to build a report that lists the open source dependencies and their
license type.

For example, the report should show something like the following for
every dependency:

Apache Commons Collections
URL: http://jakarta.apache.org/commons/collections/
License Type: Apache 2.0
License URL:
http://www.ibiblio.org/maven/commons-collections/licenses/license.html


I believe one way of doing this would be to add properties, e.g.
<project.url> and <project.license.type> to each dependency in
project.xml:

    <dependency>
      <id>commons-collections</id>
      <version>3.1</version>
      <properties>
        <war.bundle>true</war.bundle>           
<project.url>http://jakarta.apache.org/commons/collections/</project.url>
        <project.license.type>Apache 2.0</project.license.type>
      </properties>
    </dependency>

Then write a maven plugin that would loop over the dependencies and
build a report based on these properties.

Is there something out there (like a maven plugin) that already does
this? Or has anyone got some existing code they do not mind sharing,
lying around?

If not, does my approach sound like a good idea?

Another thing I would like to look into, is getting maven to download
the actual license files for each dependency from:

  http://www.ibiblio.org/maven/

It looks like most of artifacts from above have a licenses sub
directory. However the contents of this subdirectory varies. For
example:

* http://www.ibiblio.org/maven/aptconvert/licenses/ 
    has LGPL.txt, 
* http://www.ibiblio.org/maven/commons-collections/licenses/ 
    has commons-collections.license and license.html 
* http://www.ibiblio.org/maven/ehcache/licenses/ 
    has LICENSE.txt, ehcache-1.1.license and ehcache-1.2beta4.license

Is there a convention to how the license files should be named? And, is
there something around that can pull down the license files for the
project's dependencies?

Thanks a lot for your help!

Anton


-- 
ATLASSIAN - http://www.atlassian.com
Australia's Fastest Growing Software Company 2002-05 [BRW Magazine]


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org

Re: Dependencies License Report

Posted by Carlos Sanchez <ca...@apache.org>.

Hi Anton,

Good to know that maven work for you ;)

This is something really easy to add in the Maven 2 project info
report http://maven.apache.org/plugins/maven-project-info-reports-plugin/
and we'll do it soon. For Maven 1 i'm afraid depends on a lower number
of people working on it. The information is on the poms inside
<licenses>, but poms in m2 format, so i don't know how hard it'd be to
access it from m1.

Regards

On 5/15/06, Anton Mazkovoi <an...@atlassian.com> wrote:
> Hi,
>
> All of our projects (JIRA, Confluence) use maven 1.x for build
> management (maven rules!).
>
> Each project has quite a large number of open source dependencies. We
> need to build a report that lists the open source dependencies and their
> license type.
>
> For example, the report should show something like the following for
> every dependency:
>
> Apache Commons Collections
> URL: http://jakarta.apache.org/commons/collections/
> License Type: Apache 2.0
> License URL:
> http://www.ibiblio.org/maven/commons-collections/licenses/license.html
>
>
> I believe one way of doing this would be to add properties, e.g.
> <project.url> and <project.license.type> to each dependency in
> project.xml:
>
>     <dependency>
>       <id>commons-collections</id>
>       <version>3.1</version>
>       <properties>
>         <war.bundle>true</war.bundle>
> <project.url>http://jakarta.apache.org/commons/collections/</project.url>
>         <project.license.type>Apache 2.0</project.license.type>
>       </properties>
>     </dependency>
>
> Then write a maven plugin that would loop over the dependencies and
> build a report based on these properties.
>
> Is there something out there (like a maven plugin) that already does
> this? Or has anyone got some existing code they do not mind sharing,
> lying around?
>
> If not, does my approach sound like a good idea?
>
> Another thing I would like to look into, is getting maven to download
> the actual license files for each dependency from:
>
>   http://www.ibiblio.org/maven/
>
> It looks like most of artifacts from above have a licenses sub
> directory. However the contents of this subdirectory varies. For
> example:
>
> * http://www.ibiblio.org/maven/aptconvert/licenses/
>     has LGPL.txt,
> * http://www.ibiblio.org/maven/commons-collections/licenses/
>     has commons-collections.license and license.html
> * http://www.ibiblio.org/maven/ehcache/licenses/
>     has LICENSE.txt, ehcache-1.1.license and ehcache-1.2beta4.license
>
> Is there a convention to how the license files should be named? And, is
> there something around that can pull down the license files for the
> project's dependencies?
>
> Thanks a lot for your help!
>
> Anton
>
>
> --
> ATLASSIAN - http://www.atlassian.com
> Australia's Fastest Growing Software Company 2002-05 [BRW Magazine]
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
> For additional commands, e-mail: users-help@maven.apache.org
>
>


-- 
I could give you my word as a Spaniard.
No good. I've known too many Spaniards.
                             -- The Princess Bride

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org

Re: Dependencies License Report

Posted by Stefan Arentz <st...@gmail.com>.

On 5/15/06, Anton Mazkovoi <an...@atlassian.com> wrote:

> Another thing I would like to look into, is getting maven to download
> the actual license files for each dependency from:
>
>   http://www.ibiblio.org/maven/
>
> It looks like most of artifacts from above have a licenses sub
> directory. However the contents of this subdirectory varies. For
> example:
>
> * http://www.ibiblio.org/maven/aptconvert/licenses/
>     has LGPL.txt,
> * http://www.ibiblio.org/maven/commons-collections/licenses/
>     has commons-collections.license and license.html
> * http://www.ibiblio.org/maven/ehcache/licenses/
>     has LICENSE.txt, ehcache-1.1.license and ehcache-1.2beta4.license
>
> Is there a convention to how the license files should be named? And, is
> there something around that can pull down the license files for the
> project's dependencies?

Why not simply link to the licenses directory instead of a specific file?

 S.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@maven.apache.org
For additional commands, e-mail: users-help@maven.apache.org