Henri Sivonen wrote:
This proposal makes sense to me when it comes to libraries that are
not vendored from crates.io. However, this seems very heavyweight and
only adds the Bugzilla metadata for crates.io crates. It seems to me
that declaring the Bugzilla component isn't worth the trouble of
having another metadata file in addition to Cargo.toml.
i agree; excluding third-party/rust from this makes sense.
sorry didn't explicitly call that out initially.
Additonally, the examples suggest that this invents new ad hoc license
identifiers. I suggest we not do that but instead use
https://spdx.org/licenses/ and have a script to enforce that bogus
values don't creep in.
thanks; updated.

glob — engineering workflow — moz://a

dev-platform mailing list

Reply via email to