Hi Justin, thanks! So there is no need to list dependencies that are only defined in pom or package.json files? Currently, our LICENSE-binary and NOTICE-binary files only reference such dependencies. Can we safely delete these files when they are not bundled in the release artifact?
Dominik On 2020/04/16 09:31:58, Justin Mclean <[email protected]> wrote: > Hi, > > > They are just dependencies (defined either in pom.xml or package.json) - do > > we need to add the full license text for every single dependency? > > No you should mention them in LICENSE at all. You only need to mention things > that are bundled/included in the release artefact/tar file. > > > So far, we didn't see any known issues that would need to be mentioned here > > - but we thought it might be better to use the WIP disclaimer than the > > standard disclaimer as it mentions that the (currently empty) list is > > likely to be incomplete - what would you suggest in this case, should we > > prefer to use the other disclaimer instead of the WIP? > > For your first release I'd use the WIP one. If there’s an issue it has more > chance of passing an IPMC vote. But if you do know of any issues it would be > good to list them. > > Thanks, > Justin
