Most licenses not detected

[pethers]

Have been using https://www.mojohaus.org/license-maven-plugin/ to generate list of 3:rd party licenses example at https://hack23.github.io/cia/third-party-report.html .

But when using latest v3.0.0-beta-2 I get mostly "No License found for Dependency" : https://www.hack23.com/sonar/project/issues?id=com.hack23.cia%3Acia-all&resolved=false&rules=licensecheck%3Alicensecheck.unlisted&types=CODE_SMELL

Example "No License found for Dependency: com.amazonaws:aws-java-sdk-ec2" is detected as "The Apache Software License, Version 2.0" by maven-license-plugin but not by this plugin.

Have I missed something obvious ? When using license-maven-plugin, i actually have to specify license merges since a lots of project use different license string for the same project

`

GNU General Public License, version 2,with the Classpath Exception|GPLv2+CE|GPL2 w/ CPE|GNU General Public License, Version 2 with the Classpath Exception

        <licenseMerge>Common Public License|CPL</licenseMerge>
        <licenseMerge>Do What the Fuck You Want to Public License|WTFPL</licenseMerge>
        <licenseMerge>GNU Lesser General Public Licence (LGPL)|GNU Lesser General Public Licence|Lesser General Public License (LGPL)|GNU LESSER GENERAL PUBLIC LICENSE|GNU Lesser General Public License|LGPL</licenseMerge>
        <licenseMerge>GNU General Lesser Public License (LGPL) version 2.1|LGPL 2.1|GNU Lesser General Public License, Version 2.1</licenseMerge>
        <licenseMerge>The Apache Software License, Version 2.0|Apache License 2.0|Apache 2|Apache License, Version 2.0|Apache 2.0|Apache Software License - Version 2.0|Apache License, version 2.0|Apache License Version 2.0|ASF 2.0|AL 2.0</licenseMerge>
        <licenseMerge>The Apache Software License|Apache Software Licenses|ASL</licenseMerge>
        <licenseMerge>Eclipse Public License - Version 1.0|Eclipse Public License - v 1.0|Eclipse Public License (EPL), Version 1.0|Eclipse Public License 1.0</licenseMerge>
        <licenseMerge>Common Development and Distribution License (CDDL) version 1.0|Common Development and Distribution License (CDDL) v1.0|COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0|CDDL|Common Development and Distribution License</licenseMerge>
        <licenseMerge>Common Development and Distribution License (CDDL) version 1.1|CDDL 1.1</licenseMerge>
        <licenseMerge>The BSD License|BSD|BSD licence|BSD License</licenseMerge>
        <licenseMerge>Mozilla Public License Version 1.1|MPL 1.1</licenseMerge>
        <licenseMerge>The MIT License|MIT License|MIT license</licenseMerge>
        <licenseMerge>BSD style|dom4j|BSD-Style|BSD-Style License</licenseMerge>
      </licenseMerges>`

Do I need to specify extra licenses if the exact string don't match for this plugin as well ?

All the best

[pethers]

Found some more log from https://www.hack23.com/jenkins/view/Future/job/Citizen-Intelligence-Agency-Latest-Plugin-Dependencies/1993/consoleText

[INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache 2' [INFO] No licenses found for 'MPL 1.1' [INFO] No licenses found for 'LGPL 2.1' [INFO] No licenses found for 'Apache License 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Common Development and Distribution License' [INFO] No licenses found for 'GNU General Public License, Version 2 with the Classpath Exception' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'BSD-Style License' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'CDDL + GPLv2 with classpath exception' [INFO] No licenses found for 'GNU Library General Public License v2.1 or later' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'CDDL+GPL License' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'CDDL+GPL License' [INFO] No licenses found for 'CDDL/GPLv2+CE' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'BSD' [INFO] No licenses found for 'Similar to Apache License but with the acknowledgment clause removed' [INFO] No licenses found for 'MIT License' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Common Development and Distribution License (CDDL) v1.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'CDDL/GPLv2+CE' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'GNU Lesser General Public License v2.1 or later' [INFO] No licenses found for 'Eclipse Public License - v 1.0' [INFO] No licenses found for 'GNU Lesser General Public License' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache Software Licenses' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Eclipse Public License v1.0' [INFO] No licenses found for 'Eclipse Distribution License v. 1.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'BSD-Style License' [INFO] No licenses found for 'LGPL 2.1' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'GNU Library General Public License v2.1 or later' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache 2' [INFO] No licenses found for 'Apache 2' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'GNU Lesser General Public License v2.1 or later' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache 2' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'BSD-Style License' [INFO] No licenses found for 'CDDL 1.1' [INFO] No licenses found for 'GPL2 w/ CPE' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'BSD-Style License' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'BSD License' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'MIT License' [INFO] No licenses found for 'Apache 2' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'BSD-Style License' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'Eclipse Public License - v 1.0' [INFO] No licenses found for 'GNU Lesser General Public License' [INFO] No licenses found for 'CDDL+GPL License' [INFO] No licenses found for 'Apache License, Version 2.0' [INFO] No licenses found for 'Apache License, version 2.0' [INFO] No licenses found for 'The Apache Software License, Version 2.0' [INFO] No licenses found for 'BSD License' [INFO] No licenses found for 'BSD 3-clause New License'

So don't match any specified license, any way of including different license text to match the same license ?

[derkoe]

The problem is that Maven has no standard format for licenses - only free text. So each license has many different representations.

The plugin provides a mapping from Maven license string via regex to a license from the defined license list. For dependencies without a license you can also map groupId:artifactId to a license. This mapping has to be configured manually. You'll find the mapping under Administration > Configuration > License Check > Maven Licenses (or Maven Dependencies for the groupId:artifactId mapping).

Only very few defaults for Maven dependency mappings are provided there. In #15 we want to provide more defaults. PRs welcome :-)