diff --git a/projects/pluto/README.md b/projects/pluto/README.md index 5cb3617e3..6b666aebd 100644 --- a/projects/pluto/README.md +++ b/projects/pluto/README.md @@ -34,4 +34,12 @@ To format the code, run the following command: NOTE: The Spotless plugin also runs as part of the CI pipeline. Build will fail if the code is not formatted correctly. +### Licenses +The project uses the Gradle license plugin to manage licenses. To check if the licenses of the dependencies +are compatible with list of allowed licenses defined in [allowed-licenses.json](allowed-licenses.json), +run the following command: + +```bash +./gradlew :checkLicense +``` diff --git a/projects/pluto/allowed-licenses.json b/projects/pluto/allowed-licenses.json new file mode 100644 index 000000000..c3c7e4514 --- /dev/null +++ b/projects/pluto/allowed-licenses.json @@ -0,0 +1,28 @@ +{ + "allowedLicenses": [ + { + "moduleLicense": "Apache License, Version 2.0" + }, + { + "moduleLicense": "MIT License" + }, + { + "moduleLicense": "MIT-0" + }, + { + "moduleLicense": "Eclipse Public License - v 1.0" + }, + { + "moduleLicense": "Eclipse Public License - v 2.0" + }, + { + "moduleLicense": "Creative Commons Legal Code" + }, + { + "moduleLicense": "Bouncy Castle Licence" + }, + { + "moduleLicense": "PUBLIC DOMAIN" + } + ] +} diff --git a/projects/pluto/build.gradle b/projects/pluto/build.gradle index aec18f57a..db8f6e9a9 100644 --- a/projects/pluto/build.gradle +++ b/projects/pluto/build.gradle @@ -13,6 +13,7 @@ plugins { id "org.owasp.dependencycheck" version '8.2.1' id 'io.spring.dependency-management' version '1.1.4' id "com.diffplug.spotless" version "6.25.0" + id 'com.github.jk1.dependency-license-report' version '2.9' } group 'nl.fairspace' @@ -98,3 +99,9 @@ dependencyManagement { mavenBom "org.springframework.cloud:spring-cloud-dependencies:${springCloudVersion}" } } + +import com.github.jk1.license.filter.LicenseBundleNormalizer +licenseReport { + filters = [new LicenseBundleNormalizer(bundlePath: "$projectDir/license-normalizer-bundle.json")] + allowedLicensesFile = new File("$projectDir/allowed-licenses.json") +} diff --git a/projects/pluto/license-normalizer-bundle.json b/projects/pluto/license-normalizer-bundle.json new file mode 100644 index 000000000..fc338b12c --- /dev/null +++ b/projects/pluto/license-normalizer-bundle.json @@ -0,0 +1,10 @@ +{ + "bundles" : [ + { "bundleName" : "apache2", "licenseName" : "Apache License, Version 2.0", "licenseUrl" : "http://www.apache.org/licenses/LICENSE-2.0" } + ], + "transformationRules" : [ + { "bundleName" : "apache2", "licenseNamePattern" : ".*The Apache Software License, Version 2.0.*" }, + { "bundleName" : "apache2", "licenseNamePattern" : "Apache 2" }, + { "bundleName" : "apache2", "licenseNamePattern" : "Apache License 2.0" } + ] +} diff --git a/projects/saturn/README.md b/projects/saturn/README.md index 2693cc0b1..b7b6e2688 100644 --- a/projects/saturn/README.md +++ b/projects/saturn/README.md @@ -34,4 +34,12 @@ To format the code, run the following command: NOTE: The Spotless plugin also runs as part of the CI pipeline. Build will fail if the code is not formatted correctly. +### Licenses +The project uses the Gradle license plugin to manage licenses. To check if the licenses of the dependencies +are compatible with list of allowed licenses defined in [allowed-licenses.json](allowed-licenses.json), +run the following command: + +```bash +./gradlew :checkLicense +``` diff --git a/projects/saturn/allowed-licenses.json b/projects/saturn/allowed-licenses.json new file mode 100644 index 000000000..cd9c55d42 --- /dev/null +++ b/projects/saturn/allowed-licenses.json @@ -0,0 +1,37 @@ +{ + "allowedLicenses": [ + { + "moduleLicense": "Apache License, Version 2.0" + }, + { + "moduleLicense": "MIT License" + }, + { + "moduleLicense": "MIT-0" + }, + { + "moduleLicense": "Eclipse Public License - v 1.0" + }, + { + "moduleLicense": "Eclipse Public License - v 2.0" + }, + { + "moduleLicense": "The 3-Clause BSD License" + }, + { + "moduleLicense": "The 2-Clause BSD License" + }, + { + "moduleLicense": "Creative Commons Legal Code" + }, + { + "moduleLicense": "Bouncy Castle Licence" + }, + { + "moduleLicense": "Similar to Apache License but with the acknowledgment clause removed" + }, + { + "moduleLicense": "PUBLIC DOMAIN" + } + ] +} diff --git a/projects/saturn/build.gradle b/projects/saturn/build.gradle index c5eadb827..81b9a3012 100644 --- a/projects/saturn/build.gradle +++ b/projects/saturn/build.gradle @@ -17,6 +17,7 @@ plugins { id 'jacoco' id "org.owasp.dependencycheck" version "8.2.1" id "com.diffplug.spotless" version "6.25.0" + id 'com.github.jk1.dependency-license-report' version '2.9' } group 'io.fairspace' @@ -116,3 +117,9 @@ test { jvmArgs = ['--add-opens', 'java.base/java.util=ALL-UNNAMED'] useJUnitPlatform() } + +import com.github.jk1.license.filter.LicenseBundleNormalizer +licenseReport { + filters = [new LicenseBundleNormalizer(bundlePath: "$projectDir/license-normalizer-bundle.json")] + allowedLicensesFile = new File("$projectDir/allowed-licenses.json") +} diff --git a/projects/saturn/license-normalizer-bundle.json b/projects/saturn/license-normalizer-bundle.json new file mode 100644 index 000000000..fc338b12c --- /dev/null +++ b/projects/saturn/license-normalizer-bundle.json @@ -0,0 +1,10 @@ +{ + "bundles" : [ + { "bundleName" : "apache2", "licenseName" : "Apache License, Version 2.0", "licenseUrl" : "http://www.apache.org/licenses/LICENSE-2.0" } + ], + "transformationRules" : [ + { "bundleName" : "apache2", "licenseNamePattern" : ".*The Apache Software License, Version 2.0.*" }, + { "bundleName" : "apache2", "licenseNamePattern" : "Apache 2" }, + { "bundleName" : "apache2", "licenseNamePattern" : "Apache License 2.0" } + ] +}