bizob2828
commented
3 years ago We removed this dep in our chain. I know this is an issue but I'm goin to close
Closed michaelgoin closed 3 years ago
bizob2828
commented
3 years ago We removed this dep in our chain. I know this is an issue but I'm goin to close
Description
Recently found a module that had a dual-license of MIT and Apache 2.0. In the package.json, they had "MIT" defined. In the module, they had both LICENSE.APACHE2 and LICENSE.MIT files.
The tool took the name from the package.json "MIT" but then grabbed the license content from the LICENSE.APACHE2 file. I'm guessing it just grabs the first file starting with LICENSE.
Expected Behavior
Our direction was to essentially "pick-one" in use and keep consistent. As such, I'd recommend the tool likely do the same.
I'm thinking the most straightforward approach would be...
If the package.json says "MIT" then it should match LICENSE or LICENSE.MIT files. If it says "Apache 2.0" it should match LICENSE or LICENSE.APACHE2 files.
Additional context
See this module for an example of dual-license: https://github.com/dominictarr/through