Maven Dependency Policies


This page describes the policies around the use of dependencies by the Apache Maven Developers in the process of developing Apache Maven itself.

This page does not apply to projects hosted outside of the Apache Maven project. In order to remove all doubt, this page only applies to code which has a Subversion URL that starts with

If you have stumbled across this page and you are working on code that does not have a Subversion URL starting with then this page does not apply to you. Or git repositories starting with:*


The Apache Maven PMC is tasked with ensuring (among other things) that all legal issues are addressed and that each and every release is the product of the community as a whole.

The Apache Maven project consists of quite a number of components. For the purposes of this policy, we will make a distinction between the core Maven distribution and all the other components.

The core Maven distribution is the binary and source distributions made available from the page.


This policy applies to all changes to dependencies as and from Subversion revision 1067464.

Core Maven Distribution Dependencies

All dependencies which are included in the Core Maven Distribution must either:

Votes for Category B licenses will be held on the mailing list. A majority of the PMC must vote in favour of a Category B licensed dependency before a release can be made containing that dependency.

Non-Core Dependencies

Non-Core components may only use Category A or Category B licenses.