• merthyr1831@lemmy.world
    link
    fedilink
    arrow-up
    3
    ·
    1 year ago

    I fundamentally distrust the language package repos with a high share of unlicensed libraries in their repositories. It’s a basic legal step for protecting the software supply chain and supports the open source community.

    Also, it feels like a sign of immaturity from a package repo to have many unlicensed packages since most serious maintainers see a license as an important step in declaring your software “ready” for distribution. You just can’t assume a package will be maintained if the contributors aren’t going to do these basic steps.

    Dart’s package manager actively penalises packages without a license file (at least when browsing on the website directory). Many languages, including those better at enforcing license declarations, would benefit from a similar feature.