Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Tool to determine licenses for pom.xml dependencies [duplicate]

I'm looking for a tool that given a maven pom.xml file tells me all the licenses that are used by the dependencies (and recursively their dependencies). Does such a thing exist?

Ideally it would tell me:

  • For each dependency all licenses that apply
  • A summary list of a different licenses referenced.
like image 301
Carsten Avatar asked Nov 13 '09 04:11

Carsten


People also ask

How do I remove duplicate dependency?

Removing Duplicate Dependencies Once we have identified our duplicate dependencies, the simplest way to remove them is to delete them from pom. xml and keep only those unique dependencies that are used by our project.

How do I delete duplicate dependencies in Maven?

you can use mvn dependency:tree command to find duplicate dependencies into your project. Use the <exclusions> tag into <dependency> tag of the pom to exclude that duplicate dependencies from maven project. Save this answer.

What is artifact ID in POM xml?

artifactId is the name of the jar without version. If you created it, then you can choose whatever name you want with lowercase letters and no strange symbols. If it's a third party jar, you have to take the name of the jar as it's distributed.

How do you use dependency analysis?

Analyze dependenciesFrom the main menu, select Code | Analyze Code | Dependencies. Alternatively, if you want to analyze a specific item, right-click it in the Project tool window and select Analyze | Analyze Dependencies. In the dialog that opens, specify the scope of files that you want to analyze.


2 Answers

mvn project-info-reports:dependencies

then in target/site/dependencies.html you should see a pretty nice list of all your dependencies.

This is really taken from @Carsten, but I felt it was worth a full answer.

like image 157
Nathan Feger Avatar answered Oct 08 '22 20:10

Nathan Feger


Did you have a look at the maven-dependency-plugin?

In the report it does not only list all the (transitive) dependencies, but also groups them by licenses, as you can see in its own report.

like image 40
simon Avatar answered Oct 08 '22 18:10

simon