You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We use the licenseFinder to analyze Maven projects which also contain many of our own dependencies.
The dependency_decisions.yml seems to only allow maven dependencies defined by their ArtifactId, which is not a unique identifier and therefore leads to wrong reporting of assigned licenses.
See the following very simple example with two artifacts with same artifactId (and different groupIds - so maven build itself works fine):
- - :license
- calculation-api
- some Other license
- :who: me:why: the license is misspelled in the library:versions: []
- - :license
- calculation-api
- ourOwnLicense
- :who: me:why: its our own internal artifact:versions: []
There should be a way to add the groupId to the dependency_decision.yml for unique identification.
The text was updated successfully, but these errors were encountered:
We use the licenseFinder to analyze Maven projects which also contain many of our own dependencies.
The dependency_decisions.yml seems to only allow maven dependencies defined by their ArtifactId, which is not a unique identifier and therefore leads to wrong reporting of assigned licenses.
See the following very simple example with two artifacts with same artifactId (and different groupIds - so maven build itself works fine):
There should be a way to add the groupId to the dependency_decision.yml for unique identification.
The text was updated successfully, but these errors were encountered: