> Thanks for your reply Dawid. So it is not automated and we have to check
> for changes in the License and Notice files whenever we update a
> dependency. Is that correct?
>

Yes, that should be the practice, I think. This license metadata isn't
standardized at all and it'll be difficult to automate.


> I am considering adding a note for that in the dev-guide that helps
> developers find the appropriate license and notice and also include an
> additional step when adding or updating a dependency to check for updates
> in these files too. Would that make sense?
>

+1.

D.

Reply via email to