I’m doing license check in my company (for audit). It’s easy to do in each microservice (I will just run mvn project-info-reports:dependencies and will get the report), but we have several hundred spring boot microservices and they mostly use dependencies from Spring BOM, so it would be great to minimize number of repositories to check. Does Spring Boot team have some requirement for managed dependencies in BOM, more specifically that they must have permissive OSS license (like Apache, MIT etc.)?