HI, > I was performing a more thorough check of our dependencies in preparation of > opening graduation discussions with the Incubator PMC and found at least one > package that, while not directly used in the code, is installed as a > dependency of multiple top-level dependencies that is LGPL licensed. The > dependencies that rely on this are themselves not a license issue (BSD-3 & > MIT licenses). How is this situation usually handled?
You will need to remove or replace that dependency. > I also found a package that has a license that isn't listed on the 3rd party > licenses page: HPND [1][2] which, from what I can tell, is similar to the > BSD-3 or MIT licenses, though I just wanted to double-check on that... HPND looks fine to me, as it could be treated as a BSD-like or MIT-like license, depending on what parts you include. Kind Regards, Justin --------------------------------------------------------------------- To unsubscribe, e-mail: general-unsubscr...@incubator.apache.org For additional commands, e-mail: general-h...@incubator.apache.org
