2007/11/23, maarten roosendaal <[EMAIL PROTECTED]>: > > I was wondering that if you make an application for a large corporate firm > using Maven 2, what problems can you expect regarding licenses of > (transitive) dependencies. Some licenses force you to make the application > you made, based on their open source product, open source and make it > available to the community. The corporate firm probably will not be amused > by this but it could lead to legal issues. I'm not too familair with all > licenses but this point was made by someone who does know a lot.
I think that you are interested in this: http://people.apache.org/~cliffs/3party.html Is there a way to enforce this with Maven (probably not) or should you do > something with the blacklist of say Archiva. I suppose that there is no Maven plugin that does this. Included source code, though, can be checked using the RAT maven plugin: http://mojo.codehaus.org/rat-maven-plugin/ Ciao Antonio
