Hi Jim, I struggled with licensing-related tooling too when I researched it awhile back—and my needs were simpler than yours. We ended up using license-maven-plugin to programmatically manage license headers of all our sources, with a single header with unified copyright date range and contributors list, which made things much easier. It sounds like your licensing situation is substantially more heterogeneous.
I do not know of any excellent licensing-related tutorials for license management, auditing or both. Maybe you could take the bull by the horns and write a guide somewhere? It would surely be of great benefit to the Maven community. Regards, Curtis On Mon, Sep 28, 2015 at 11:13 AM, Jim Klo <jim....@sri.com> wrote: > Hi, > > Looking for some guidance on doing some source license auditing. My needs > are two fold. I need to track down all the licenses of all our > dependencies, which there seems to be an abundance of plugins. But I also > need to audit the licenses of our committed source, as many come from open > and non-open projects, I need to track the individual files as well. > > I’ve started by using Apache RAT [1], which seems to be okay for auditing > the source, but given that we have a significant number of modules, > configuration of RAT is somewhat a pain (I have a bunch of custom license > definitions and matchers) which seem to have to be added to every POM file > (doesn’t like going into the parent POM likely because of the way we are > using Tycho). > > Can anyone recommend a plugin that might be better for my use case? I’d > like to be able to have a single config file (or artifact) that contains > the license declarations, and then be able to reference that from all my > modules. The Codehaus License Maven Plugin [2] seems close to what I want, > but I can’t seem to figure out how to get it to show me files that are > missing license headers or even show me a per file license summary. If > anyone can point me to some examples or tutorials that explain this that > would be much appreciated. > > [1] > http://creadur.apache.org/rat/apache-rat-plugin/examples/custom-license.html > [2] > http://www.mojohaus.org/license-maven-plugin/examples/example-thirdparty.html > > Thanks, > > JK > > *Jim KloSenior Software EngineerCenter for Software EngineeringSRI > International* > *t. @nsomnac* > >
