A URL returning a plain text file that contains include/exclude artifact filters in the following format:

# this is a comment
include gaPattern org\.my-org:my-artifact
include gaPattern org\.other-org:other-artifact
exclude gaPattern org\.yet-anther-org:.*
include scope compile
include scope test
exclude scope system
include type jar
exclude type war

If true, the mojo will delete all files from licensesOutputDirectory and then download them all anew; otherwise the deletion before the download does not happen.

This may be useful if you have removed some dependencies and you want the stale license files to go away. cleanLicensesOutputDirectory = true is not implied by forceDownload because users may have other files there in licensesOutputDirectory that were not downloaded by the plugin.

See also: removeOrphanLicenseFiles

Connect request timeout in milliseconds passed to the HTTP client when downloading licenses from remote URLs.

Connect timeout in milliseconds passed to the HTTP client when downloading licenses from remote URLs.

What to do on any license download related error. The possible values are:

ErrorRemedy#ignore: all errors are ignored

ErrorRemedy#warn: all errors are output to the log as warnings

ErrorRemedy#failFast: a org.apache.maven.plugin.MojoFailureException is thrown on the first download related error

ErrorRemedy#xmlOutput: error messages are added as <downloaderMessages> to licensesErrorsFile; in case there are error messages, the build will fail after processing all dependencies

A filter to exclude some ArtifactsIds This is a regular expression applied to artifactIds.

A filter to exclude some GroupIds This is a regular expression that is applied to groupIds (not an ant pattern).

A filter to exclude some scopes.

A filter to exclude some types.

Exclude transitive dependencies from excluded artifacts.

If true, all encountered dependency license URLs are downloaded, no matter what is there in licensesConfigFile and licensesOutputFile; otherwise licensesConfigFile, licensesOutputFile (eventually persisted from a previous build) and the content of licensesOutputDirectory are considered sources of valid information - i.e. only URLs that do not appear to have been downloaded in the past will be downloaded. If your licensesOutputDirectory contains only license files downloaded by this plugin, you may consider combining forceDownload with setting cleanLicensesOutputDirectory true

A filter to include only some ArtifactsIds This is a regular expression applied to artifactIds.

A filter to include only some GroupIds This is a regular expression applied to artifactIds.

A filter to include only some scopes, if let empty then all scopes will be used (no filter).

A filter to include only some types, if let empty then all types will be used (no filter).

If true both optional and non-optional dependencies will be included in the list of artifacts for creating the license report; otherwise only non-optional dependencies will be considered.

Include transitive dependencies when downloading license files.

A list of sanitizers to process the content of license files before storing them locally and before computing their sha1 sums. Useful for removing parts of the content that change over time.

The content sanitizers are applied in alphabetical order by id.

Set useDefaultContentSanitizers to true to apply the built-in content sanitizers.

An example:

<licenseContentSanitizers>
  <licenseContentSanitizer>
    <id>fedoraproject.org-0</id>
    <urlRegexp>.*fedoraproject\\.org.*</urlRegexp><!-- Apply this sanitizer to URLs that contain fedora.org -->
    <contentRegexp>\"wgRequestId\":\"[^\"]*\"</contentRegexp><!-- wgRequestId value changes with every -->
                                                             <!-- request so we just remove it -->
    <contentReplacement>\"wgRequestId\":\"\"</contentReplacement>
  </licenseContentSanitizer>
  <licenseContentSanitizer>
    <id>opensource.org-0</id>
    <urlRegexp>.*opensource\\.org.*</urlRegexp><!-- Apply this sanitizer to URLs that contain opensource.org -->
    <contentRegexp>jQuery\\.extend\\(Drupal\\.settings[^\\n]+</contentRegexp><!-- Drupal\\.settings contain -->
                                                                             <!-- some clutter that changes -->
                                                                             <!-- often so we just remove it -->
    <contentReplacement></contentReplacement>
  </licenseContentSanitizer>
</licenseContentSanitizers>

See also: useDefaultContentSanitizers

To merge licenses in the Excel file.

Each entry represents a merge (first license is main license to keep), licenses are separated by |.

Example:

<licenseMerges>
<licenseMerge>The Apache Software License|Version 2.0,Apache License, Version 2.0</licenseMerge>
</licenseMerges>
</pre>

A file containing dependencies whose licenses could not be downloaded for some reason. The format is similar to licensesCalcOutputFile but the entries in licensesCalcErrorFile have <downloaderMessage> elements attached to them. Those should explain what kind of error happened during the processing of the given dependency.

The Calc output file used if writeCalcFile is true, containing a mapping between each dependency and its license information. With extended information, if available.
See also: writeCalcFile, AggregateDownloadLicensesMojo.extendedInfo

A file containing the license data (most notably license names and license URLs) missing in pom.xml files of the dependencies.

Note that since 1.18, if you set errorRemedy to xmlOutput the format of licensesErrorsFile is the same as the one of licensesConfigFile. So you can use licensesErrorsFile as a base for licensesConfigFile.

Since 1.18, the format of the file is as follows:

<licenseSummary>
  <dependencies>
    <dependency>
      <groupId>\Qaopalliance\E</groupId><!-- A regular expression -->
      <artifactId>\Qaopalliance\E</artifactId><!-- A regular expression -->
      <!-- <version>.*</version> A version pattern is optional, .* being the default.
      <matchLicenses>
        <!-- Match a list of licenses with a single entry having name "Public Domain" -->
        <license>
          <name>\QPublic Domain\E</name><!-- A regular expression -->
        </license>
      </matchLicenses>
      <licenses approved="true" /><!-- Leave the matched dependency as is. -->
                                  <!-- In this particular case we approve that code in the Public -->
                                  <!-- Domain does not need any license URL. -->
    </dependency>
    <dependency>
        <groupId>\Qasm\E</groupId>
      <artifactId>\Qasm\E</artifactId>
      <matchLicenses>
        <!-- Match an empty list of licenses -->
      </matchLicenses>
      <!-- Replace the list of licenses in all matching dependencies with the following licenses -->
      <licenses>
        <license>
          <name>BSD 3-Clause ASM</name>
          <url>https://gitlab.ow2.org/asm/asm/raw/ASM_3_1_MVN/LICENSE.txt</url>
        </license>
      </licenses>
    </dependency>
    <dependency>
      <groupId>\Qca.uhn.hapi\E</groupId>
      <artifactId>.*</artifactId>
      <matchLicenses>
        <!-- Match a list of licenses with the following three entries in order: -->
        <license>
          <name>\QHAPI is dual licensed (MPL, GPL)\E</name>
          <comments>\QHAPI is dual licensed under both the Mozilla Public License and the GNU General Public License.\E\s+\QWhat this means is that you may choose to use HAPI under the terms of either license.\E\s+\QYou are both permitted and encouraged to use HAPI, royalty-free, within your applications,\E\s+\Qwhether they are free/open-source or commercial/closed-source, provided you abide by the\E\s+\Qterms of one of the licenses below.\E\s+\QYou are under no obligations to inform the HAPI project about what you are doing with\E\s+\QHAPI, but we would love to hear about it anyway!\E</comments>
        </license>
        <license>
          <name>\QMozilla Public License 1.1\E</name>
          <url>\Qhttp://www.mozilla.org/MPL/MPL-1.1.txt\E</url>
          <file>\Qmozilla public license 1.1 - index.0c5913925d40.txt\E</file>
        </license>
        <license>
          <name>\QGNU General Public License\E</name>
          <url>\Qhttp://www.gnu.org/licenses/gpl.txt\E</url>
          <file>\Qgnu general public license - gpl.txt\E</file>
        </license>
      </matchLicenses>
      <licenses approved="true" /><!-- It is OK that the first entry has no URL -->
    </dependency>
  </dependencies>
</licenseSummary>

Before 1.18 the format was the same as the one of licensesOutputFile and the groupIds and artifactIds were matched as plain text rather than regular expressions. No other elements (incl. versions) were matched at all. Since 1.18 the backwards compatibility is achieved by falling back to plain text matching of groupIds and artifactIds if the given <dependency> does not contain the <matchLicenses> element.

Relationship to other parameters:

• License names and license URLs licensesConfigFile is applied before licenseUrlReplacements
• licenseUrlReplacements are applied before licenseUrlFileNames
• licenseUrlFileNames have higher precedence than <file> elements in licensesConfigFile
• licenseUrlFileNames are ignored when organizeLicensesByDependencies is true

A file containing dependencies whose licenses could not be downloaded for some reason. The format is similar to licensesOutputFile but the entries in licensesErrorsFile have <downloaderMessage> elements attached to them. Those should explain what kind of error happened during the processing of the given dependency.

A file containing dependencies whose licenses could not be downloaded for some reason. The format is similar to licensesExcelOutputFile but the entries in licensesExcelErrorFile have <downloaderMessage> elements attached to them. Those should explain what kind of error happened during the processing of the given dependency.

The Excel output file used if writeExcelFile is true, containing a mapping between each dependency and its license information. With extended information, if available.
See also: writeExcelFile, AggregateDownloadLicensesMojo.extendedInfo

The directory to which the dependency licenses should be written.

The output file containing a mapping between each dependency and its license information.

Encoding used to (1) read the file specified in #licensesConfigFile and (2) write the file specified in licensesOutputFile.

An end of line constant name denoting the EOL string to use when redering the licenses.xml file. Possible values are LF, CRLF, AUTODETECT and PLATFORM.

When the value AUTODETECT is used, the mojo will use whatever EOL value is used in the first existing of the following files: #licensesConfigFile, ${basedir}/pom.xml.

The value PLATFORM is deprecated but still kept for backwards compatibility reasons.

A map that helps to select local files names for the content downloaded from license URLs.

Keys in the map are the local file names. These files will be created under licensesOutputDirectory.

Values are white space (" \t\n\r") separated lists of regular expressions that will be used to match license URLs. The regular expressions are compiled using java.util.regex.Pattern.CASE_INSENSITIVE. Note that various characters that commonly occur in URLs have special meanings in regular extensions. Therefore, consider using regex quoting as described in java.util.regex.Pattern - e.g. http://example\.com or \Qhttp://example.com\E

In addition to URL patterns, the list can optionally contain a sha1 checksum of the expected content. This is to ensure that the content delivered by a URL does not change without notice. Note that strict checking of the checksum happens only when forceDownload is true. Otherwise the mojo assumes that the URL -> local name mapping is correct and downloads from the URL only if the local file does not exist.

A special value-less entry <spdx/> can be used to activate built-in license names that are based on license IDs from https://spdx.org/licenses. The built-in SPDX mappings can be overridden by the subsequent entries. To see which SPDX mappings are built-in, add the <spdx/> entry and run the mojo with debug log level, e.g. using -X or {-Dorg.slf4j.simpleLogger.log.org.codehaus.mojo.license=debug} on the command line.

An example:

<licenseUrlFileNames>
  <spdx/><!-- A special element to activate built-in file name entries based on spdx.org license IDs -->
  <bsd-antlr.html>
      sha1:81ffbd1712afe8cdf138b570c0fc9934742c33c1
      https?://(www\.)?antlr\.org/license\.html
  </bsd-antlr.html>
  <cddl-gplv2-ce.txt>
      sha1:534a3fc9ae1076409bb00d01127dbba1e2620e92
      \Qhttps://raw.githubusercontent.com/javaee/activation/master/LICENSE.txt\E
  </cddl-gplv2-ce.txt>
</licenseUrlFileNames>

Relationship to other parameters:

• License names and license URLs licensesConfigFile is applied before licenseUrlReplacements
• licenseUrlReplacements are applied before licenseUrlFileNames
• licenseUrlFileNames have higher precedence than <file> elements in licensesConfigFile
• licenseUrlFileNames are ignored when organizeLicensesByDependencies is true

A list of regexp:replacement pairs that should be applied to file names for storing licenses.

Note that these patterns are not applied to file names defined in licenseUrlFileNames.

List of regexps/replacements applied to the license urls prior to download.

License urls that match a regular expression will be replaced by the corresponding replacement. Replacement is performed with java.util.regex.Matcher#replaceAll(String) java.util.regex.Matcher#replaceAll(String) so you can take advantage of capturing groups to facilitate flexible transformations.

If the replacement element is omitted, this is equivalent to an empty replacement string.

The replacements are applied in the same order as they are present in the configuration. The default replacements (that can be activated via useDefaultUrlReplacements) are appended to licenseUrlReplacements

The id field of LicenseUrlReplacement is optional and is useful only if you want to override some of the default replacements.

<licenseUrlReplacements>
  <licenseUrlReplacement>
    <regexp>\Qhttps://glassfish.java.net/public/CDDL+GPL_1_1.html\E</regexp>
    <replacement>https://oss.oracle.com/licenses/CDDL+GPL-1.1</replacement>
  </licenseUrlReplacement>
  <licenseUrlReplacement>
    <regexp>https://(.*)</regexp><!-- replace https with http -->
    <replacement>http://$1</replacement>
  </licenseUrlReplacement>
  <licenseUrlReplacement>
    <id>github.com-0</id><!-- An optional id to override the default replacement with the same id -->
    <regexp>^https?://github\.com/([^/]+)/([^/]+)/blob/(.*)$</regexp><!-- replace GitHub web UI with raw -->
    <replacement>https://raw.githubusercontent.com/$1/$2/$3</replacement>
  </licenseUrlReplacement>
</licenseUrlReplacements>

Relationship to other parameters:

• Default URL replacements can be unlocked by setting useDefaultUrlReplacements to true.
• License names and license URLs licensesConfigFile is applied before licenseUrlReplacements
• licenseUrlReplacements are applied before licenseUrlFileNames
• licenseUrlFileNames have higher precedence than <file> elements in licensesConfigFile
• licenseUrlFileNames are ignored when organizeLicensesByDependencies is true

Settings offline flag (will not download anything if setted to true).

A flag to organize the licenses by dependencies. When this is done, each dependency will get its full license file, even if already downloaded for another dependency.

Deprecated. Use errorRemedy instead

Before 1.18, quiet having value false suppressed any license download related warnings in the log. After 1.18 (incl.), the behavior depends on the value of errorRemedy:

quiet	errorRemedy	effective errorRemedy
true	warn	ignore
false	warn	warn
true or false	ignore	ignore
true or false	failFast	failFast
true or false	xmlOutput	xmlOutput

If true the files referenced from licensesOutputFile before executing the mojo but not referenced from licensesOutputFile after executing the mojo will be deleted; otherwise neither before:after diffing nor any file deletions will happen.

Compared to cleanLicensesOutputDirectory that removes all files from licensesOutputDirectory before downloading all licenses anew, the removeOrphanLicenseFiles removes only files that are certainly not needed anymore, e.g. due to a removal of a dependency. removeOrphanLicenseFiles thus allows to avoid downloading the license files of dependencies that were downloaded in the past and are still available in licensesOutputDirectory.

See also: cleanLicensesOutputDirectory

A flag to skip the goal.

Socket timeout in milliseconds passed to the HTTP client when downloading licenses from remote URLs.

No description.

If true the default content sanitizers will be added to the internal java.util.Map of sanitizes before adding licenseContentSanitizers by their id; otherwise the default content sanitizers will not be added to the internal java.util.Map of sanitizes.

Any individual content sanitizer from the set of default sanitizers can be overriden via licenseContentSanitizers if the same id is used in licenseContentSanitizers.

To view the list of default content sanitizers, set useDefaultContentSanitizers to true and run the mojo with debug log level, e.g. using -X or {-Dorg.slf4j.simpleLogger.log.org.codehaus.mojo.license=debug} on the command line.

See also: licenseContentSanitizers

If true the default license URL replacements be added to the internal java.util.Map of URL replacements before adding licenseUrlReplacements by their id; otherwise the default license URL replacements will not be added to the internal java.util.Map of URL replacements.

Any individual URL replacement from the set of default URL replacements can be overriden via licenseUrlReplacements if the same id is used in licenseUrlReplacements.

To view the list of default URL replacements, set useDefaultUrlReplacements to true and run the mojo with debug log level, e.g. using -X or {-Dorg.slf4j.simpleLogger.log.org.codehaus.mojo.license=debug} on the command line.

See also: licenseUrlReplacements

Write LibreOffice Calc file (ODS) for goal license:aggregate-download-licenses.

Write Microsoft Office Excel file (XLSX) for goal license:aggregate-download-licenses.

If true, licensesOutputFile and licensesErrorsFile will contain <version> elements for each <dependency>; otherwise the <version> licensesOutputFile and licensesErrorsFile elements will not be appended under <dependency> elements in Might be useful if you want to keep the licensesOutputFile under source control and you do not want to see the changing dependency versions there.