How Do We Aggregate Licenses
If you develop a public software product that uses third party code, it's very likely that licenses force you to list them on some visible place. You can find them in your smartphone OS or even in a car if you have one with the onboard computer. You usually have to dig deep in the UI but it's there. In the same way, we have to provide licenses in our Model Governance Suite product. The easy way would be to aggregate all licenses and dump them somewhere just as they are. But we wanted to have a more sophisticated and automated solution that will produce formatted text output for UI and Excel overview file for us.
I won't go into the details since important information about usage is already written in the project repository. The License parser is able to read default outputs of Maven and NPM and produce a configurable text and Excel file. The user is able to provide a text template with replacement tags and adjust the look of text output according to his needs. The Excel file has configurable columns. The tool is also able to read a predefined JSON scheme so the user can provide another set of external licenses (when the dependency isn't coming from NPM and Maven).
As the last step that automates the execution, we have a Jenkins job that executes a Bash script. It clones and builds License parser from source code, clones all relevant MGS modules and executes mvn license:download-licenses and license-checker --json on them. The job then executes License parser. We also provide other licenses as a job parameter with a default value. Output files are then archived with a post-build action.
Since the tool was developed quickly and for our use-case, there is still a room for improvement technical-wise and feature-wise. If you think that the current version doesn't fulfill your needs, don't hesitate to fork our project on GitHub. Pull requests are welcomed.
Author: Luděk Novotný