> Thanks for your reply Dawid. So it is not automated and we have to check > for changes in the License and Notice files whenever we update a > dependency. Is that correct? >
Yes, that should be the practice, I think. This license metadata isn't standardized at all and it'll be difficult to automate. > I am considering adding a note for that in the dev-guide that helps > developers find the appropriate license and notice and also include an > additional step when adding or updating a dependency to check for updates > in these files too. Would that make sense? > +1. D.