This is an automated email from the ASF dual-hosted git repository.
zstan pushed a commit to branch ignite-3.1.0
in repository https://gitbox.apache.org/repos/asf/ignite-3.git
The following commit(s) were added to refs/heads/ignite-3.1.0 by this push:
new 63d72cdbbf2 IGNITE-26472 Add gradle task to verify licenses from 3-rd
party dependencies (#6716)
63d72cdbbf2 is described below
commit 63d72cdbbf2a0c32e1b1aea72a74fae2191a5b31
Author: Vadim Pakhnushev <[email protected]>
AuthorDate: Thu Oct 9 15:01:42 2025 +0300
IGNITE-26472 Add gradle task to verify licenses from 3-rd party
dependencies (#6716)
Add a couple of new Gradle tasks, most useful are `generateLicenseReport`
and `checkLicense`.
First one generates a HTML license report in the
`packaging/build/reports/dependency-license/index.html` directory, which lists
all the dependencies of the distribution grouped by the license type.
Second checks all dependencies' licenses against the allowed licenses list.
I verified somewhat manually that the list of dependencies produced by the
`checkLicense` task in the `project-licenses-for-check-license-task.json`
contains at least all non-ignite dependencies produced by the `installDist`
tasks in the `db` and `cli` folders for our distributions.
---
check-rules/allowed-licenses.json | 39 +++++++++++++++++++++++++++++++++++++++
gradle/libs.versions.toml | 3 ++-
packaging/build.gradle | 11 +++++++++++
3 files changed, 52 insertions(+), 1 deletion(-)
diff --git a/check-rules/allowed-licenses.json
b/check-rules/allowed-licenses.json
new file mode 100644
index 00000000000..70fcf1ee849
--- /dev/null
+++ b/check-rules/allowed-licenses.json
@@ -0,0 +1,39 @@
+{
+ "allowedLicenses": [
+ {
+ "moduleLicense": "Apache License, Version 2.0",
+ "moduleName": ".*",
+ "moduleVersion": ".*"
+ },
+ {
+ "moduleLicense": "CDDL + GPLv2 with classpath exception",
+ "moduleName": ".*",
+ "moduleVersion": ".*"
+ },
+ {
+ "moduleLicense": "Eclipse Public License - v 2.0",
+ "moduleName": ".*",
+ "moduleVersion": ".*"
+ },
+ {
+ "moduleLicense": "MIT License",
+ "moduleName": ".*",
+ "moduleVersion": ".*"
+ },
+ {
+ "moduleLicense": "MIT-0",
+ "moduleName": ".*",
+ "moduleVersion": ".*"
+ },
+ {
+ "moduleLicense": "The 2-Clause BSD License",
+ "moduleName": ".*",
+ "moduleVersion": ".*"
+ },
+ {
+ "moduleLicense": "The 3-Clause BSD License",
+ "moduleName": ".*",
+ "moduleVersion": ".*"
+ }
+ ]
+}
diff --git a/gradle/libs.versions.toml b/gradle/libs.versions.toml
index e3c88bd98f7..7c80354c31c 100644
--- a/gradle/libs.versions.toml
+++ b/gradle/libs.versions.toml
@@ -98,7 +98,7 @@ japicmp = "0.23.1"
#Tools
pmdTool = "7.13.0"
-# NOTE: do not update checlstyle to 11.x.x+, because newer versions are not
compatible with Java 11.
+# NOTE: do not update checkstyle to 11.x.x+, because newer versions are not
compatible with Java 11.
checkstyleTool = "10.26.1"
spotbugsTool = "4.9.6"
@@ -118,6 +118,7 @@ ideaext = "org.jetbrains.gradle.plugin.idea-ext:1.3"
spotbugs = "com.github.spotbugs:6.4.2"
jmh = 'me.champeau.jmh:0.7.3'
jmhReport = 'io.morethan.jmhreport:0.9.6'
+license = 'com.github.jk1.dependency-license-report:2.9'
[libraries]
diff --git a/packaging/build.gradle b/packaging/build.gradle
index 1ef76af97d5..6c171b7027b 100644
--- a/packaging/build.gradle
+++ b/packaging/build.gradle
@@ -20,6 +20,7 @@ plugins {
id 'signing'
alias(libs.plugins.docker)
alias(libs.plugins.checksum)
+ alias(libs.plugins.license)
}
java {
@@ -27,6 +28,8 @@ java {
targetCompatibility = JavaVersion.VERSION_11
}
+import com.github.jk1.license.filter.LicenseBundleNormalizer
+import com.github.jk1.license.render.InventoryHtmlReportRenderer
import org.apache.tools.ant.filters.ReplaceTokens
import org.gradle.crypto.checksum.Checksum
@@ -189,3 +192,11 @@ def prepareRelease = tasks.register('prepareRelease',
Copy) {
include '*.jar'
into file("$buildDir/release")
}
+
+licenseReport {
+ configurations = ['dbArtifacts', 'cliArtifacts']
+ excludeBoms = true
+ renderers = [new InventoryHtmlReportRenderer()]
+ allowedLicensesFile = new
File("$rootDir/check-rules/allowed-licenses.json")
+ filters = [new LicenseBundleNormalizer()]
+}
