Opened 7 months ago
Last modified 5 months ago
#48579 new enhancement
Should we reconsider the External Libraries mentions on the credits.php page?
| Reported by: |
|
Owned by: | |
|---|---|---|---|
| Milestone: | Awaiting Review | Priority: | low |
| Severity: | normal | Version: | |
| Component: | Help/About | Keywords: | |
| Focuses: | docs | Cc: |
Description
Initially added in #17518
At that time the number of third-party libraries used was pretty small. These days we have over a million npm dependencies. I don't have the exact number of "direct dependencies" but that's probably more than a hundred.
I was wondering if we should rethink that part? Should we just highlight the big dependencies? How to decide if a dependency is big enough? Or maybe we can just remove it?
Note: See
TracTickets for help on using
tickets.
Been thinking about this for a while. Generally there are two types of dependencies: software used for "building", and software that is redistributed with WP. When redistributing open source software (afaik) it is considered best practice to "give credit where credit is due", even if that's not explicitly mentioned in the license.
Looking at the npm dependencies: most, if not all, are distributed under the MIT license which requires retainment of the copyright notices (if any). This is already the case, it happens "automatically" when building. See:
https://build.trac.wordpress.org/browser/tags/5.3.2/wp-includes/js/dist/vendor/react.js#L1,
https://build.trac.wordpress.org/browser/tags/5.3.2/wp-includes/js/dist/vendor/lodash.js#L2.
This is also the case for the "non-npm" dependencies:
https://build.trac.wordpress.org/browser/tags/5.3.2/wp-includes/js/jquery/jquery.js#L1
https://build.trac.wordpress.org/browser/tags/5.3.2/wp-includes/js/jquery/ui/core.min.js#L1
https://build.trac.wordpress.org/browser/tags/5.3.2/wp-includes/js/mediaelement/mediaelement.js#L1
https://build.trac.wordpress.org/browser/tags/5.3.2/wp-includes/js/backbone.js#L1.
As far as I see there are three options: