Or libraries that illegally (whether maliciously or not) have not-redistributable transitive dependencies of their own that are not compatible with their own licenses.
So, yes, I agree, you can't really legally rely on that - you'd have to manually check each dep down the whole dependency tree - not something you'd trust an automated tool like maven to do. I'd hasten to add that that is not what I'm expecting maven to do - I fully expect to have to manually maintain an internal repo, but I don't want to have to go through that laborious process for each test and plugin dep, but from this thread and my own investigations I have come to the rueful conclusion that it is not possible, at least not with the current version of maven. 2008/7/1 Nigel Magnay <[EMAIL PROTECTED]>: > > > > There would be other ways to accomplish this -- for instance, if Maven > were > > aware of the license (if it were published in the POM), you could put > > It is published in the pom. > > You'd probably still have to cope with libraries that are (say) GPL, > but don't declare themselves in the pom as such. > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
