Packages are missing licenses and copyright notice

[wkeithchau]

The licenses and copyright notices are missing from the repo.
Would these packages be using the same copyright notice as the main Meteor repo? Possible to release new versions with licensing.

[radekmie]

Not a lawyer, but I think that the "license": "MIT" line in package.json should be enough.

[StorytellerCZ]

I do recall a few years back that for corporate people a dedicated license file is needed. Is that correct @wkeithchau

[wkeithchau]

Yep, you're spot on @StorytellerCZ .
At least for us, the license file needs to be attached to a published version. If you add a license file now, the current version still isn't valid. A new version needs to be released (I don't believe we can install Meteor packages based off of a GitHub URL/commit?).

[StorytellerCZ]

You can copy them locally and use them.

[wkeithchau]

Can a new version of the package be created as well?
Our legal is quite finicky. The recently added license cannot be applied retrospectively. We would usually reference a git tag (which looks out-of-sync) or a git commit. The git commit for the latest version (2.7.2) does not include the license file that we need.

[StorytellerCZ]

@Grubba27

[Grubba27]

Like this? https://github.com/meteor/react-packages/releases/tag/react-meteor-data%402.7.2

[wkeithchau]

That will help make referencing the source code easier.
I was thinking more of a version bump (and new version published) since 2.7.2 was released prior to the license being added.

[StorytellerCZ]

Also having the LICENSE file at the root of the repository is enough or does it have to also be in the folder from which the package is published as well?

[wkeithchau]

At the root directory of the repository is fine.