[reiz]

You could use the VersionEye Maven Plugin for that: https://github.com/versioneye/versioneye_maven_plugin. It checks your dependencies against a license whitelist on the VersionEye server and if there is a violation it breaks your build on your CI server. That way you can enforce a license policy continuously. It's much better than just checking licenses once a year ;-)

I'm working on VersionEye since a couple years, it's a similar project and I open sourced it last week: https://blog.versioneye.com/2016/06/28/versioneye-goes-open-.... I'm following Andrews activities since a while and like what he did with libraries.io. Great job! As both projects have a big overlap and are open source now I'm open for collaboration :)