search

cashapp / licensee

Gradle plugin which validates the licenses of your dependency graph match what you expect
https://cashapp.github.io/licensee/docs/1.x/
Apache License 2.0
626 stars 29 forks source link

"Unknown license URL 'null'" when POM only includes license name #40

Closed charleskorn closed 3 years ago

charleskorn commented 3 years ago

I have a reference to mockito-kotlin 3.2.0 in my project, which has the following in its POM:

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <!-- ...snip... -->
  <licenses>
    <license>
      <name>MIT</name>
    </license>
  </licenses>
</project>

This causes licensee to fail with this error message:

> Task :app:licensee FAILED
org.mockito.kotlin:mockito-kotlin:3.2.0
 - ERROR: Unknown license URL 'null' is NOT allowed

In this case, I'd expect licensee to use the <name> element and not attempt to match on the non-existent URL.

JakeWharton commented 3 years ago

Yep, falling back matching the name to a SPDX identifier in this case seems like the appropriate thing to do.

Will fix this week. For now you can add an exclude using the dependency coordinates.