-
Bartek Jaskulski authoredFollowing WordPress Plugin Review Team recommendation, allow original `composer.json` file to be available in distribution package. The reasoning of WP Team: > We noticed that your plugin is using Composer to handle library > dependencies, that's great as it will help maintaining and updating > your plugin in the future while avoiding collisions with other plugins > that are using same libraries. The composer.json file describes the > dependencies of your project and may contain other metadata as > well. It's a small file that typically can be found in the top-most > directory of your plugin. As one of the strengths of open source is > the ability to review, observe, and adapt code, we would like to ask > you to include that file in your plugin, even if it is only used for > development purposes. This will allow others to exercise the open > source freedoms from which we all benefit. It's best to comply with those recommendation to avoid bounce-backs in the future during free plugin review, considering that `composer.json` itself will not cause any harm and will not reveal any disclosed information about our plugin architecture or company internals. Following, I don't think it is necessary to include `composer.lock` file, which holds the information of exact version of installed dependencies. Signed-off-by:Bart Jaskulski <bjaskulski@protonmail.com>
Bartek Jaskulski authoredFollowing WordPress Plugin Review Team recommendation, allow original `composer.json` file to be available in distribution package. The reasoning of WP Team: > We noticed that your plugin is using Composer to handle library > dependencies, that's great as it will help maintaining and updating > your plugin in the future while avoiding collisions with other plugins > that are using same libraries. The composer.json file describes the > dependencies of your project and may contain other metadata as > well. It's a small file that typically can be found in the top-most > directory of your plugin. As one of the strengths of open source is > the ability to review, observe, and adapt code, we would like to ask > you to include that file in your plugin, even if it is only used for > development purposes. This will allow others to exercise the open > source freedoms from which we all benefit. It's best to comply with those recommendation to avoid bounce-backs in the future during free plugin review, considering that `composer.json` itself will not cause any harm and will not reveal any disclosed information about our plugin architecture or company internals. Following, I don't think it is necessary to include `composer.lock` file, which holds the information of exact version of installed dependencies. Signed-off-by:
Loading