Adding license info to the bower.json

[reiz]

I'm working on the open source project VersionEye. By adding the license info to the bower.json tools like VersionEye can fetch it easier.

[FagnerMartinsBrack]

Have you tried to use https://github.com/js-cookie/js-cookie? This repo is not being maintained anymore. See #392.

[reiz]

Hi @FagnerMartinsBrack thanks for the note. But some people are still referencing this repository. That's why it would be nice to get that PR merged. I will check the new repo also.

[FagnerMartinsBrack]

But some people are still referencing this repository.

Where's this project being referenced?
Do we need to create a new version for this change to take effect?

[reiz]

@FagnerMartinsBrack In the VersionEye database I have 5362 dependencies which reference exactly this repository. Most of them are projects from private GitHub repositories.

In our database I added the license for this project manually. If this repository is deprecated then you don't need to release a new version.

[FagnerMartinsBrack]

@reiz Yeah, it's frozen. We're not releasing any new version, just updating master with the relevant messages.

I guess in this case it makes sense to fix the problem in VersionEye itself, or maybe change the code to lookup for ./MIT-LICENSE.txt as a fallback if the license property is not present in the package.json.

The new repo has the license property in the package.json, though.

[reiz]

@FagnerMartinsBrack We have a crawler which can find license files like ./MIT-LICENSE.txt in GitHub repositories but it's much slower then parsing a bower.json. And if you have to do that for a couple 100 thousand projects it's a big difference in performance. That's why I'm sending out pull requests and encourage people to maintain the license info in their package manager files :-)

[FagnerMartinsBrack]

@reiz I see, unfortunately, we can't create a new version because then it would be out of sync with js-cookie. js-cookie contains the versions up to 1.4.1 and 1.5.0, 1.5.1 and onwards, if we create a new one then js-cookie won't have it.

Any suggestion on how to make this better from an automated license perspective given these constraints will be much appreciated.

[reiz]

Hi @FagnerMartinsBrack. Everything is good now. For the versions of this repository I added the license info manually to our database. If you don't release new versions on this repository then everything is fine. And on the new repository js-cookie/js-cookie the license information is in the right place. If you release a new version on js-cookie/js-cookie VersionEye will be able to fetch the license info automatically.