Affects Version/s: 3.2.1, 3.3.9, 3.5.4
Fix Version/s: 3.6.0
While preparing Maven distribution, maven-remote-resources-plugin uses appended-resources/META-INF/LICENSE.vm to add content to LICENSE and try to download licenses for all dependencies that are not Apache licensed (see end of LICENSE and resulting lib/*.license in Maven binary distribution, since Maven 3.2.1
License file is not downloaded only when project/license/name is strictly equal to "The Apache Software License, Version 2.0": this is too restrictive, as we see Apache license downloaded many times from https://www.apache.org/ (causing some issues with https:
After debugging these cases, additional patterns for Apache license exist and need to be added to exception list in appended-resources/META-INF/LICENSE.vm:
- "Apache License, Version 2.0"
- "The Apache Software License, Version 2.0"
- "Apache Public License 2.0"