This is an automated email from the ASF dual-hosted git repository.
jdaugherty pushed a commit to branch feature/sbom
in repository https://gitbox.apache.org/repos/asf/grails-core.git
The following commit(s) were added to refs/heads/feature/sbom by this push:
new ab53f0e8fc feedback: turn off license text to save on jar file sizes
ab53f0e8fc is described below
commit ab53f0e8fc7b0610d92ae015ee584648ef13d7a1
Author: James Daugherty <[email protected]>
AuthorDate: Mon Sep 22 17:06:55 2025 -0400
feedback: turn off license text to save on jar file sizes
---
gradle/sbom-config.gradle | 35 ++++-------------------------------
1 file changed, 4 insertions(+), 31 deletions(-)
diff --git a/gradle/sbom-config.gradle b/gradle/sbom-config.gradle
index 05138edf9f..c5b27d895d 100644
--- a/gradle/sbom-config.gradle
+++ b/gradle/sbom-config.gradle
@@ -67,6 +67,9 @@ sbomTask.configure { CycloneDxTask it ->
[email protected](['runtimeClasspath'])
[email protected](['compileClasspath', 'testRuntimeClasspath'])
+ // turn off license text since it's base64 encoded & will inflate the jar
sizes
+ [email protected](false)
+
// disable xml output
it.xmlOutput.unsetConvention()
@@ -84,56 +87,26 @@ sbomTask.configure { CycloneDxTask it ->
def licenses = [
'Apache-2.0' : [
id: 'Apache-2.0',
- name: 'Apache License 2.0',
- text: [
- contentType: 'text/plain',
- encoding: 'base64',
- content:
'QXBhY2hlIExpY2Vuc2UKVmVyc2lvbiAyLjAsIEphbnVhcnkgMjAwNApodHRwOi8vd3d3LmFwYWNoZS5vcmcvbGljZW5zZXMvCgpURVJNUyBBTkQgQ09ORElUSU9OUyBGT1IgVVNFLCBSRVBST0RVQ1RJT04sIEFORCBESVNUUklCVVRJT04KCjEuIERlZmluaXRpb25zLgoKIkxpY2Vuc2UiIHNoYWxsIG1lYW4gdGhlIHRlcm1zIGFuZCBjb25kaXRpb25zIGZvciB1c2UsIHJlcHJvZHVjdGlvbiwgYW5kIGRpc3RyaWJ1dGlvbiBhcyBkZWZpbmVkIGJ5IFNlY3Rpb25zIDEgdGhyb3VnaCA5IG9mIHRoaXMgZG9jdW1lbnQuCgoiTGljZW5zb3IiIHNoYWxsIG1lYW4gdGhlIGNvcHlyaWdodCBvd25lciBvci
[...]
- ],
url: 'https://www.apache.org/licenses/LICENSE-2.0'
],
'BSD-2-Clause' : [
id: 'BSD-2-Clause',
- name: 'BSD 2-Clause "Simplified" License',
- text: [
- contentType: 'text/plain',
- encoding: 'base64',
- content:
'Q29weXJpZ2h0IDxZRUFSPiA8Q09QWVJJR0hUIEhPTERFUj4KClJlZGlzdHJpYnV0aW9uIGFuZCB1c2UgaW4gc291cmNlIGFuZCBiaW5hcnkgZm9ybXMsIHdpdGggb3Igd2l0aG91dCBtb2RpZmljYXRpb24sIGFyZSBwZXJtaXR0ZWQgcHJvdmlkZWQgdGhhdCB0aGUgZm9sbG93aW5nIGNvbmRpdGlvbnMgYXJlIG1ldDoKCjEuIFJlZGlzdHJpYnV0aW9ucyBvZiBzb3VyY2UgY29kZSBtdXN0IHJldGFpbiB0aGUgYWJvdmUgY29weXJpZ2h0IG5vdGljZSwgdGhpcyBsaXN0IG9mIGNvbmRpdGlvbnMgYW5kIHRoZSBmb2xsb3dpbmcgZGlzY2xhaW1lci4KCjIuIFJlZGlzdHJpYnV0aW9ucyBpbiBiaW5hcn
[...]
- ],
url: 'https://opensource.org/license/bsd-3-clause/'
],
'BSD-3-Clause' : [
id: 'BSD-3-Clause',
- name: 'BSD 3-Clause "New" or "Revised" License',
- text: [
- contentType: 'text/plain',
- encoding: 'base64',
- content:
'Q29weXJpZ2h0IChjKSA8eWVhcj4gPG93bmVyPi4gCgpSZWRpc3RyaWJ1dGlvbiBhbmQgdXNlIGluIHNvdXJjZSBhbmQgYmluYXJ5IGZvcm1zLCB3aXRoIG9yIHdpdGhvdXQgbW9kaWZpY2F0aW9uLCBhcmUgcGVybWl0dGVkIHByb3ZpZGVkIHRoYXQgdGhlIGZvbGxvd2luZyBjb25kaXRpb25zIGFyZSBtZXQ6CgoxLiBSZWRpc3RyaWJ1dGlvbnMgb2Ygc291cmNlIGNvZGUgbXVzdCByZXRhaW4gdGhlIGFib3ZlIGNvcHlyaWdodCBub3RpY2UsIHRoaXMgbGlzdCBvZiBjb25kaXRpb25zIGFuZCB0aGUgZm9sbG93aW5nIGRpc2NsYWltZXIuCgoyLiBSZWRpc3RyaWJ1dGlvbnMgaW4gYmluYXJ5IGZvcm
[...]
- ],
url: 'https://opensource.org/license/bsd-3-clause/'
],
// Variant of Apache 1.1 license. Approved by legal LEGAL-707
'OpenSymphony' : [
- id: 'Apache-1.1', // this isn't officially recognized
by SPDX, but is considered compatible with Apache 1.1
+ // id is optional and the opensymphony license doesn't
have an SPDX id
name: 'The OpenSymphony Software License, Version 1.1',
- text: [
- contentType: 'text/plain',
- encoding: 'base64',
- content:
'PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT09PT0KVGhlIE9wZW5TeW1waG9ueSBTb2Z0d2FyZSBMaWNlbnNlLCBWZXJzaW9uIDEuMQoKKHRoaXMgbGljZW5zZSBpcyBkZXJpdmVkIGFuZCBmdWxseSBjb21wYXRpYmxlIHdpdGggdGhlIEFwYWNoZSBTb2Z0d2FyZQpMaWNlbnNlIC0gc2VlIGh0dHA6Ly93d3cuYXBhY2hlLm9yZy9MSUNFTlNFLnR4dCkKCkNvcHlyaWdodCAoYykgMjAwMSBUaGUgT3BlblN5bXBob255IEdyb3VwLiBBbGwgcmlnaHRzIHJlc2VydmVkLgoKUmVkaXN0cmlidXRpb24gYW5kIHVzZSBpbiBzb3VyY2UgYW
[...]
- ],
url:
'https://raw.githubusercontent.com/sitemesh/sitemesh2/refs/heads/master/LICENSE.txt'
],
'UPL-1.0' : [
id: 'UPL-1.0',
- name: 'Universal Permissive License (UPL), Version
1.0',
- text: [
- contentType: 'text/plain',
- encoding: 'base64',
- content:
'Q29weXJpZ2h0IChjKSBbeWVhcl0gW2NvcHlyaWdodCBob2xkZXJzXQoKVGhlIFVuaXZlcnNhbCBQZXJtaXNzaXZlIExpY2Vuc2UgKFVQTCksIFZlcnNpb24gMS4wCgpTdWJqZWN0IHRvIHRoZSBjb25kaXRpb24gc2V0IGZvcnRoIGJlbG93LCBwZXJtaXNzaW9uIGlzIGhlcmVieSBncmFudGVkIHRvIGFueQpwZXJzb24gb2J0YWluaW5nIGEgY29weSBvZiB0aGlzIHNvZnR3YXJlLCBhc3NvY2lhdGVkIGRvY3VtZW50YXRpb24gYW5kL29yIGRhdGEKKGNvbGxlY3RpdmVseSB0aGUgIlNvZnR3YXJlIiksIGZyZWUgb2YgY2hhcmdlIGFuZCB1bmRlciBhbnkgYW5kIGFsbCBjb3B5cmlnaHQKcmlnaHRzIG
[...]
- ],
url: 'https://oss.oracle.com/licenses/upl/'
],
-
]
def licenseMapping = [
