Extraneous `licenses.xml` entries in plugins with CasC dependency

### Jenkins and plugins versions report

Discovered during the release of matrix-auth 3.2.3 which updated the BOM version.

Updating the BOM dependency to 2483.v3b_22f030990a_ or newer added a bunch of bogus license entries in the plugin's about page (`target/<artifactid>/META-INF/licenses.xml`). I bisected this to #2539.

The following repo contains the pom.xml for a "hello world" plugin in a few "good" and "bad" states:
https://github.com/daniel-beck/bom-2539-casc-1714

In my local testing it wasn't as simple as having the CasC dependency (only), without the test dependencies it didn't happen. So I'm filing this here.

### What Operating System are you using (both controller, and any agents involved in the problem)?

n/a

### Reproduction steps

See above

### Expected Results

![Image](https://github.com/user-attachments/assets/d161d2a1-6d52-48de-9d83-43c6a31c3161)

### Actual Results

![Image](https://github.com/user-attachments/assets/7f9292a2-9fbf-4f47-b597-b1e3c188beb0)


### Anything else?

_No response_

### Are you interested in contributing a fix?

_No response_

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Extraneous `licenses.xml` entries in plugins with CasC dependency #3819

Jenkins and plugins versions report

What Operating System are you using (both controller, and any agents involved in the problem)?

Reproduction steps

Expected Results

Actual Results

Anything else?

Are you interested in contributing a fix?

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Extraneous licenses.xml entries in plugins with CasC dependency #3819

Description