Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Finding out the licenses of JAR libraries

Tags:

java

maven-2

jar

licensing

identification

I use Maven to build my web app projects, when I add some dependent library to the pom file, it again adds some more dependent jars to the project recursively. Is there a way to find out or restrict that only jars having a certain type of license - say Apache License, BSD etc should be included. Or is there a way to find out that a jar file is under GPL/ASL etc without going to the website for each jar in the application?

like image 290
Prabhu R Avatar asked Aug 17 '10 07:08

Prabhu R

People also ask

Are JAR files libraries?

A Java Archive, or JAR file, contains all of the various components that make up a self-contained, executable Java application, deployable Java applet or, most commonly, a Java library to which any Java Runtime Environment can link.

What is JAR library in Java?

A JAR (Java Archive) is a package file format typically used to aggregate many Java class files and associated metadata and resources (text, images, etc.) into one file to distribute application software or libraries on the Java platform. In simple words, a JAR file is a file that contains a compressed version of .

What is JAR operating system?

JAR stands for Java ARchive. It's a file format based on the popular ZIP file format and is used for aggregating many files into one. Although JAR can be used as a general archiving tool, the primary motivation for its development was so that Java applets and their requisite components (.

2 Answers

The Maven "Project Info Reports" plugin produces a Dependencies report that includes the Licenses for the dependencies. Here's an example.

Obviously, this depends on the dependent POMs declaring their dependencies properly, and it requires that you build your site documentation "online".

like image 64
Stephen C Avatar answered Oct 28 '22 01:10

Stephen C

During the acquisition of a company I was working for, the acquiring company used the following software / consultancy to do what you're describing.

http://www.blackducksoftware.com/transact

Although I'm guessing you were probably looking for a free alternative. There may be other methods, but the fact this company makes money doing this suggests an alternative is probably less thorough/accurate.

like image 35
lucas1000001 Avatar answered Oct 28 '22 00:10

lucas1000001
Sign in to Comment

Related questions

JavaMail Exchange Authentication
Why is it more memory efficient to read input as stream vs. string?
Decode JSON data in Java
Replacing EL in JSP with SpEL from Spring 3.0
How to encapsulate an array in Java
Java Math.cos() Method Does Not Return 0 When Expected
keySet field in HashMap is null
How to create a Java application which can be run by a click?
Java Antivirus... is it possible? How?
What are the default listeners in TestNG, and where do I find this list?
How to invoke a method in java using reflection
Maven repository for EJB 3.1 API
Why isn't JML implemented as Annotations in Java?
How to capture screen image with mouse pointer on it in Java
Java resource closing
How to create synthetic fields in java?
How to read the fully qualified name of a .class file
Jersey Viewable with status code
Java: resume Download in URLConnection
Does initialized java array go onto stack or heap?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!