The dependency report in the soon-to-be-released next version, 2.1, of MPIR plugin lists the license used (assuming the license section is filled in in the particular pom). That should help verifying the licenses used and needed.
Kalle On Mon, Jun 30, 2008 at 8:53 AM, Ishaaq Chandy <[EMAIL PROTECTED]> wrote: > Or libraries that illegally (whether maliciously or not) have > not-redistributable transitive dependencies of their own that are not > compatible with their own licenses. > > So, yes, I agree, you can't really legally rely on that - you'd have to > manually check each dep down the whole dependency tree - not something > you'd > trust an automated tool like maven to do. > > I'd hasten to add that that is not what I'm expecting maven to do - I fully > expect to have to manually maintain an internal repo, but I don't want to > have to go through that laborious process for each test and plugin dep, but > from this thread and my own investigations I have come to the rueful > conclusion that it is not possible, at least not with the current version > of > maven. > > 2008/7/1 Nigel Magnay <[EMAIL PROTECTED]>: > > > > > > > There would be other ways to accomplish this -- for instance, if Maven > > were > > > aware of the license (if it were published in the POM), you could put > > > > It is published in the pom. > > > > You'd probably still have to cope with libraries that are (say) GPL, > > but don't declare themselves in the pom as such. > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > >
