I use many open-source libraries in my project and I use license-maven-plugin to gather information about them. I can see all the license texts in the target directory and THIRD-PARTY-included-modules.txt as follows:
Lists of 144 third-party dependencies.
(Apache License 2.0) Commons Codec (commons-codec:commons-codec:1.8 - http://commons.apache.org/proper/commons-codec/)
(Apache License 2.0) Commons IO (commons-io:commons-io:1.4 - http://commons.apache.org/io/)
(Apache License 2.0) Commons Logging (commons-logging:commons-logging:1.1.3 - http://commons.apache.org/proper/commons-logging/)
(CDDL) JavaBeans Activation Framework (JAF) (javax.activation:activation:1.0.2 - http://java.sun.com/products/javabeans/jaf/index.jsp)
...(and 140 more lines)
However, this doesn't seem to match the legal obligations:
(from MIT license) The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
As far as I can read, I'm supposed to include notices such as:
Copyright (C) 2011, 2014, 2015 Tatsuhiro Tsujikawa
How am I supposed to gather the copyright notices that I should include in the About page?
Here is my pom.xml:
<project ...>
<build>
<plugins>
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>license-maven-plugin</artifactId>
<version>1.8</version>
<configuration>
<!--
mvn clean license:add-third-party license:download-licenses
-->
<projectName>Play SQL PageObjects</projectName>
<licenseName>Commercial License</licenseName>
<organizationName>Play SQL S.A.S.U.</organizationName>
<inceptionYear>2015</inceptionYear>
<!-- Files we input into license-maven-plugin -->
<licenseFile>${basedir}/src/license/PLAY_SQL_LICENSE.txt</licenseFile>
<useMissingFile>true</useMissingFile>
<!-- The input file with the list of licenses, for those which can't be found automatically -->
<missingFile>src/license/THIRD-PARTY.properties</missingFile>
<!-- Same as 'missingFile' but in XML, probably -->
<licensesConfigFile>src/license/licenses-manual.xml</licensesConfigFile>
<!-- Output folder -->
<outputDirectory>${project.basedir}/target/classes/META-INF/licenses</outputDirectory>
<!-- Text with the output list of all licenses. Just contains the list of projects and websites, does not contain the copyright notices -->
<thirdPartyFilename>THIRD-PARTY-included-modules.txt</thirdPartyFilename>
<!-- XML with the output list of all licenses -->
<licensesOutputFile>target/classes/META-INF/licenses/licenses-generated.xml</licensesOutputFile>
<!-- Folder with an output dump of all license text. Usually they contain the license template (for APL2) but not the copyright notices. -->
<licensesOutputDirectory>target/classes/META-INF/licenses/text</licensesOutputDirectory>
<includedScopes>compile</includedScopes>
<excludedScopes>test|provided|runtime|system</excludedScopes>
<excludedGroups>com.playsql</excludedGroups>
<licenseMerges>
<licenseMerge>Apache License 2.0|The Apache Software License|Version 2.0,Apache License, Version 2.0|The Apache Software License, Version 2.0|Apache License, Version 2.0|Apache 2</licenseMerge>
</licenseMerges>
</configuration>
</plugin>
How am I supposed to gather the copyright notices with the license-maven-plugin (or any other tool)?
I've used the attribution maven plugin for this purpose. It generates an XML file that contains all the known license data for the dependencies in the same POM. You can then include this XML file in your packaged code and use it to display an "about" page.
I do not know of any effecient copyright scanner/collector available as a Maven plugin. But you can you use the ScanCode toolkit to collect copyrights: it has been designed for this and other related purposes. (disclaimer: I am one of the devs there)
This requires only a Python 2.7 interpreter and once installed, run ./scancode -c to get the copyrights in JSON format.
It should be rather easy to wrap scancode that in a Maven plugin. Help wanted!
See https://github.com/nexB/scancode-toolkit
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With