Include license in JAR
cnsgithub opened this issue · 4 comments
I'd like to reuse owasp-java-encoder in a project licensed under Apache 2.0.
To avoid third-party runtime dependencies, I decided to use Maven Shade Plugin that includes and relocates the owasp-java-encoder classes during packaging.
To include your BSD 3 license, which is required to be legally allowed (BSD 3), I wanted to use org.apache.maven.plugins.shade.resource.IncludeResourceTransformer
.
Unfortunately, owasp-java-encoder doesn't include its LICENSE in the META-INF folder.
So, could you please include your license in the JAR?
@jmanico Thank you for your answer. Manually including the license is a good idea, albeit not feasible for me.
However, I just found a better and more generic method to include licenses of third-party libs by using License Maven Plugin, especially the goals aggregate-download-licenses
and add-third-party
. That also works for owasp-java-encoder since the encoder-parent POM contains valid license
information.
Including the license within your JAR directly would be nice anyway.
We're going to do a new "WE ARE STILL HERE" release next week and will make sure this get fixed.
This is now live with version 1.2.2!