Read OSS licenses for Gradle Dependencies. The script outputs a JSON file with the dependency, its URL on mvnrepository.com and the OSS license to STDOUT.
DISCLAIMER: if you use this script too extensively, your IP address might get blocked by mvnrepository.com!
Put this script into a file gradle-oss.sh
and make it executable:
#!/usr/bin/env bash
dep_file=$(mktemp /tmp/dep_file.XXXXXX)
trap "{ rm -f dep_file; }" EXIT
./gradlew allDeps | sed 's/^[^a-zA-Z]*//' | sort | uniq | grep ".*:.*:.*" | grep -v "(\*)" | grep -v " -> " > $dep_file
echo '['
while read dependency; do
dependency_url=$(echo $dependency | sed 's/\:/\//g' | sed 's/^/https:\/\/mvnrepository.com\/artifact\//')
license_and_url=$(curl --noproxy mvnrepository.com -s $dependency_url | tr '\n' ' ' | perl -pe 's/.*License<\/th><th>URL<\/th><\/tr><\/thead><tbody><tr><td>(.*?)<\/td>.*?a href="(.+?)".*/\1, \2/')
if (( ${#license_and_url} > 200 )); then
license_and_url='UNDEFINED'
fi
echo "{ \"lib\" : \"${dependency}\", \"url\" : \"${dependency_url}\", \"license_and_url\" : \"${license_and_url}\"},"
# use a sleep to avoid getting blocked by mvnrepository.com
sleep 4
done < $dep_file
echo ']'
If you want to create a CSV from that, use
./gradle-oss.sh | jq 'map([.lib, .url, .license_and_url] | join(", ")) | join("\n")'