'download licenses' goals do not exclude transitive dependencies #413
Labels
Comments
|
This seems not to be fixed any time soon... |
slawekjaranowski
added a commit
that referenced
this issue
Jul 2, 2023
Fixes #413 In the result mapping we need to use "GAV" to be compatible with the other classes in the plugin. While the exclude/includeArtifacts should still use the Artifact#getId, since the getDependencyTrail also uses that format, which is considered when we exclude all the transitive deps of excluded artifacts. Note that the added it is based on the already existing download-licenses-include-exclude-types, but with a small change in the settings to use excludeTransitiveDependencies instead. --------- Co-authored-by: Attila Puskas <[email protected]> Co-authored-by: Slawomir Jaranowski <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
When using any kind of exclusion configuration, like artifactFiltersUrl, excludedGroups or excludedArtifacts, then the excludeTransitiveDependencies does not work.
I think the reason is that the following two lines:
license-maven-plugin/src/main/java/org/codehaus/mojo/license/download/LicensedArtifactResolver.java
Line 219 in 4736bf6
license-maven-plugin/src/main/java/org/codehaus/mojo/license/download/LicensedArtifactResolver.java
Line 142 in 4736bf6
do not use MojoHelper.getArtifactId.
This LicensedArtifactResolver.java is pretty much a copy paste variant of the DependenciesTool.java, where the MojoHelper is added as expected.
license-maven-plugin/src/main/java/org/codehaus/mojo/license/api/DependenciesTool.java
Line 239 in 4736bf6
Therefore all goals affected by LicensedArtifactResolver (download-licenses, aggregate-download-licenses & licenses-xml-insert-versions) are broken regarding the excludeTransitiveDependencies setting, while the ones using DependenciesTool are ok.
The text was updated successfully, but these errors were encountered: