I need some general advice on type A vs type B CQs and releases, and how projects can make use of these types.
I understand (from the project handbook) that the difference is that type A is restricted to a license compatibility check while type B is a full due diligence on the source code. If a project's release contains type A-certified dependencies, that release should be advertised as a type-A release.
Previously we have always done full type-B releases of our framework. However, we're currently in the middle of prepping a new minor release of our project and we've managed to skip/forget logging CQs for a number of our (transitive) dependencies. To minimize the risk of missing the release deadline, I wonder if I should log the remaining CQs as type A so they get approved more quickly, and make it a type-A release as well. Apart from the fact that it gives a less strong legal guarantee to our
end users, are there any downsides to this that I should be aware of?