maven-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Curtis Rueden <>
Subject Re: License Auditing
Date Mon, 05 Oct 2015 21:26:49 GMT
Hi Jim,

I struggled with licensing-related tooling too when I researched it awhile
back—and my needs were simpler than yours. We ended up using
license-maven-plugin to programmatically manage license headers of all our
sources, with a single header with unified copyright date range and
contributors list, which made things much easier. It sounds like your
licensing situation is substantially more heterogeneous.

I do not know of any excellent licensing-related tutorials for license
management, auditing or both. Maybe you could take the bull by the horns
and write a guide somewhere? It would surely be of great benefit to the
Maven community.


On Mon, Sep 28, 2015 at 11:13 AM, Jim Klo <> wrote:

> Hi,
> Looking for some guidance on doing some source license auditing.  My needs
> are two fold.  I need to track down all the licenses of all our
> dependencies, which there seems to be an abundance of plugins. But I also
> need to audit the licenses of our committed source, as many come from open
> and non-open projects, I need to track the individual files as well.
> I’ve started by using Apache RAT [1], which seems to be okay for auditing
> the source, but given that we have a significant number of modules,
> configuration of RAT is somewhat a pain (I have a bunch of custom license
> definitions and matchers) which seem to have to be added to every POM file
> (doesn’t like going into the parent POM likely because of the way we are
>  using Tycho).
> Can anyone recommend a plugin that might be better for my use case?  I’d
> like to be able to have a single config file (or artifact) that contains
> the license declarations, and then be able to reference that from all my
> modules.  The Codehaus License Maven Plugin [2] seems close to what I want,
> but I can’t seem to figure out how to get it to show me files that are
> missing license headers or even show me a per file license summary.  If
> anyone can point me to some examples or tutorials that explain this that
> would be much appreciated.
> [1]
> [2]
> Thanks,
> JK
> *Jim KloSenior Software EngineerCenter for Software EngineeringSRI
> International*
> *t. @nsomnac*

  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message