Claude Warren created RAT-518:
---------------------------------
Summary: License configuration without approved section approves
all licenses in file.
Key: RAT-518
URL: https://issues.apache.org/jira/browse/RAT-518
Project: Apache RAT
Issue Type: Bug
Components: core engine
Affects Versions: 0.17
Reporter: Claude Warren
If a second XML configuration file is specified that defines new licenses but
does have an approved section, then all the licenses are assumed to be approved.
This is a holdover from a very early implementation where only approved
licences were assumed.
The change should be made in the XMLConfigurationReader.approvedLicenseId
method where an empty approvedFamilies list is assumed to mean all the families
are approved.
Since the default.xml specifies which licenses are approved and there are very
few cases where users are adding additional licenses, we should make the change
so that only explicitly approved licenses are listed as approved.
Otherwise, it is very difficult to define extra licenses for reporting that are
unapproved.
The workaround is to list an already approved license in the approved section.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
