Went to update bumped version of an optional dependency we package and then realized it wasn't in the third party manifest or notices.
Since optional dependencies are installed by default, seems like it is important to include these in licensing. While users may skip these on purpose, or they may fail and allow install to continue, that won't be the standard case.
Desired Behavior
Either pull optional dependencies in under the "dependencies" section or add a new optionalDependencies section.
Leaning towards adding optionalDependencies, which is what I'm going to do in our notices manually.
Summary
Went to update bumped version of an optional dependency we package and then realized it wasn't in the third party manifest or notices.
Since optional dependencies are installed by default, seems like it is important to include these in licensing. While users may skip these on purpose, or they may fail and allow install to continue, that won't be the standard case.
Desired Behavior
Either pull optional dependencies in under the "dependencies" section or add a new
optionalDependenciessection.Leaning towards adding
optionalDependencies, which is what I'm going to do in our notices manually.Example package.json entry:
I'm on version:
@newrelic/newrelic-oss-cli/0.0.6 darwin-x64 node-v12.16.1