fix(publish): warn about missing license file (#24677)

Part of https://github.com/denoland/deno/issues/24676 , but just a
warning for now.

cli/tools/registry/diagnostics.rs

@@ -119,6 +119,10 @@ pub enum PublishDiagnostic {
     range: SourceRange,
   },
   SyntaxError(ParseDiagnostic),
+  MissingLicense {
+    /// This only exists because diagnostics require a location.
+    expected_path: PathBuf,
+  },
 }
 
 impl PublishDiagnostic {
@@ -168,6 +172,8 @@ impl Diagnostic for PublishDiagnostic {
       MissingConstraint { .. } => DiagnosticLevel::Error,
       BannedTripleSlashDirectives { .. } => DiagnosticLevel::Error,
       SyntaxError { .. } => DiagnosticLevel::Error,
+      // todo(#24676): make this an error in Deno 1.46
+      MissingLicense { .. } => DiagnosticLevel::Warning,
     }
   }
 
@@ -187,6 +193,7 @@ impl Diagnostic for PublishDiagnostic {
         Cow::Borrowed("banned-triple-slash-directives")
       }
       SyntaxError { .. } => Cow::Borrowed("syntax-error"),
+      MissingLicense { .. } => Cow::Borrowed("missing-license"),
     }
   }
 
@@ -208,6 +215,7 @@ impl Diagnostic for PublishDiagnostic {
       MissingConstraint { specifier, .. } => Cow::Owned(format!("specifier '{}' is missing a version constraint", specifier)),
       BannedTripleSlashDirectives { .. } => Cow::Borrowed("triple slash directives that modify globals are not allowed"),
       SyntaxError(diagnostic) => diagnostic.message(),
+      MissingLicense { .. } => Cow::Borrowed("missing license file"),
     }
   }
 
@@ -275,6 +283,9 @@ impl Diagnostic for PublishDiagnostic {
         text_info: Cow::Borrowed(text_info),
       },
       SyntaxError(diagnostic) => diagnostic.location(),
+      MissingLicense { expected_path } => DiagnosticLocation::Path {
+        path: expected_path.clone(),
+      },
     }
   }
 
@@ -355,6 +366,7 @@ impl Diagnostic for PublishDiagnostic {
         }],
       }),
       SyntaxError(diagnostic) => diagnostic.snippet(),
+      MissingLicense { .. } => None,
     }
   }
 
@@ -388,6 +400,9 @@ impl Diagnostic for PublishDiagnostic {
         Cow::Borrowed("remove the triple slash directive"),
       ),
       SyntaxError(diagnostic) => diagnostic.hint(),
+      MissingLicense { .. } => Some(
+        Cow::Borrowed("add a LICENSE file to the package and ensure it is not ignored from being published"),
+      ),
     }
   }
 
@@ -424,7 +439,8 @@ impl Diagnostic for PublishDiagnostic {
       | UnsupportedJsxTsx { .. }
       | ExcludedModule { .. }
       | MissingConstraint { .. }
-      | BannedTripleSlashDirectives { .. } => None,
+      | BannedTripleSlashDirectives { .. }
+      | MissingLicense { .. } => None,
     }
   }
 
@@ -474,6 +490,7 @@ impl Diagnostic for PublishDiagnostic {
         Cow::Borrowed("or set their 'lib' compiler option appropriately"),
       ]),
       SyntaxError(diagnostic) => diagnostic.info(),
+      MissingLicense { .. } => Cow::Borrowed(&[]),
     }
   }
 
@@ -507,6 +524,9 @@ impl Diagnostic for PublishDiagnostic {
         "https://jsr.io/go/banned-triple-slash-directives",
       )),
       SyntaxError(diagnostic) => diagnostic.docs_url(),
+      MissingLicense { .. } => {
+        Some(Cow::Borrowed("https://jsr.io/go/missing-license"))
+      }
     }
   }
 }

cli/tools/registry/mod.rs

@@ -462,6 +462,13 @@ impl PublishPreparer {
           &publish_paths,
           &diagnostics_collector,
         );
+
+        if !has_license_file(publish_paths.iter().map(|p| &p.specifier)) {
+          diagnostics_collector.push(PublishDiagnostic::MissingLicense {
+            expected_path: root_dir.join("LICENSE"),
+          });
+        }
+
         tar::create_gzipped_tarball(
           &publish_paths,
           LazyGraphSourceParser::new(&source_cache, &graph),
@@ -1187,6 +1194,36 @@ async fn check_if_git_repo_dirty(cwd: &Path) -> Option<String> {
   }
 }
 
+fn has_license_file<'a>(
+  mut specifiers: impl Iterator<Item = &'a ModuleSpecifier>,
+) -> bool {
+  let allowed_license_files = {
+    let files = HashSet::from([
+      "license",
+      "license.md",
+      "license.txt",
+      "licence",
+      "licence.md",
+      "licence.txt",
+    ]);
+    if cfg!(debug_assertions) {
+      for file in &files {
+        assert_eq!(*file, file.to_lowercase());
+      }
+    }
+    files
+  };
+  specifiers.any(|specifier| {
+    specifier
+      .path()
+      .rsplit_once('/')
+      .map(|(_, file)| {
+        allowed_license_files.contains(file.to_lowercase().as_str())
+      })
+      .unwrap_or(false)
+  })
+}
+
 #[allow(clippy::print_stderr)]
 fn ring_bell() {
   // ASCII code for the bell character.
@@ -1195,6 +1232,10 @@ fn ring_bell() {
 
 #[cfg(test)]
 mod tests {
+  use deno_ast::ModuleSpecifier;
+
+  use crate::tools::registry::has_license_file;
+
   use super::tar::PublishableTarball;
   use super::tar::PublishableTarballFile;
   use super::verify_version_manifest;
@@ -1296,4 +1337,31 @@ mod tests {
 
     assert!(verify_version_manifest(meta_bytes, &package).is_err());
   }
+
+  #[test]
+  fn test_has_license_files() {
+    fn has_license_file_str(expected: &[&str]) -> bool {
+      let specifiers = expected
+        .iter()
+        .map(|s| ModuleSpecifier::parse(s).unwrap())
+        .collect::<Vec<_>>();
+      has_license_file(specifiers.iter())
+    }
+
+    assert!(has_license_file_str(&["file:///LICENSE"]));
+    assert!(has_license_file_str(&["file:///license"]));
+    assert!(has_license_file_str(&["file:///LICENSE.txt"]));
+    assert!(has_license_file_str(&["file:///LICENSE.md"]));
+    assert!(has_license_file_str(&["file:///LICENCE"]));
+    assert!(has_license_file_str(&["file:///LICENCE.txt"]));
+    assert!(has_license_file_str(&["file:///LICENCE.md"]));
+    assert!(has_license_file_str(&[
+      "file:///other",
+      "file:///test/LICENCE.md"
+    ]),);
+    assert!(!has_license_file_str(&[
+      "file:///other",
+      "file:///test/tLICENSE"
+    ]),);
+  }
 }

tests/integration/publish_tests.rs

@@ -398,6 +398,7 @@ fn allow_dirty() {
   }));
 
   temp_dir.join("main.ts").write("");
+  temp_dir.join("LICENSE").write("");
 
   let cmd = Command::new("git")
     .arg("init")
@@ -418,6 +419,7 @@ Checking for slow types in the public API...
 
 Uncommitted changes:
 
+?? LICENSE
 ?? deno.json
 ?? main.ts
 

tests/specs/jsr/no_unused_params/publish.out

@@ -2,6 +2,7 @@ Check file:///[WILDLINE]/main.ts
 Checking for slow types in the public API...
 Check file:///[WILDLINE]/main.ts
 Simulating publish of @scope/package@0.0.0 with files:
+   file:///[WILDLINE]/LICENSE ([WILDLINE])
    file:///[WILDLINE]/__test__.jsonc ([WILDLINE])
    file:///[WILDLINE]/deno.json ([WILDLINE])
    file:///[WILDLINE]/main.out ([WILDLINE])

tests/specs/publish/bare_node_builtins/bare_node_builtins.out

@@ -6,6 +6,7 @@ Check file:///[WILDLINE]/mod.ts
 Checking for slow types in the public API...
 Check file:///[WILDLINE]/mod.ts
 Simulating publish of @foo/bar@1.0.0 with files:
+   file:///[WILDLINE]/LICENSE ([WILDLINE])
    file:///[WILDLINE]/deno.json (87B)
    file:///[WILDLINE]/mod.ts (121B)
 Warning Aborting due to --dry-run

tests/specs/publish/bare_node_builtins/no_warnings.out

@@ -1,5 +1,6 @@
 Checking for slow types in the public API...
 Simulating publish of @foo/bar@1.0.0 with files:
+   file:///[WILDLINE]/LICENSE ([WILDLINE])
    file:///[WILDLINE]/deno.json (87B)
    file:///[WILDLINE]/mod.ts (121B)
 Warning Aborting due to --dry-run

tests/specs/publish/byonm_dep/deno.jsonc

@@ -5,7 +5,7 @@
   "publish": {
     // this was previously causing issues because it would cause
     // external modules in the node_modules directory to be ignored
-    "include": ["mod.ts"]
+    "include": ["LICENSE", "mod.ts"]
   },
   "unstable": ["byonm", "sloppy-imports"]
 }

tests/specs/publish/byonm_dep/publish.out

@@ -2,6 +2,7 @@ Check file:///[WILDLINE]/mod.ts
 Checking for slow types in the public API...
 Check file:///[WILDLINE]/mod.ts
 Simulating publish of @scope/package@0.0.0 with files:
+   file:///[WILDLINE]/LICENSE ([WILDLINE])
    file:///[WILDLINE]/deno.jsonc ([WILDLINE])
    file:///[WILDLINE]/mod.ts ([WILDLINE])
 Warning Aborting due to --dry-run

tests/specs/publish/excluded_deno_jsonc/mod.out

@@ -1,6 +1,7 @@
 Check file:///[WILDLINE]mod.ts
 Checking for slow types in the public API...
 Simulating publish of @scope/pkg@1.0.0 with files:
+   file:///[WILDLINE]/LICENSE ([WILDLINE])
    file:///[WILDLINE]/deno.jsonc (74B)
    file:///[WILDLINE]/mod.ts (22B)
 Warning Aborting due to --dry-run

tests/specs/publish/missing_license/__test__.jsonc

@@ -0,0 +1,4 @@
+{
+  "args": "publish --token 'sadfasdf'",
+  "output": "mod.out"
+}

tests/specs/publish/missing_license/deno.json

@@ -0,0 +1,5 @@
+{
+  "name": "@scope/pkg",
+  "version": "1.0.0",
+  "exports": "./mod.ts"
+}

tests/specs/publish/missing_license/mod.out

@@ -0,0 +1,12 @@
+Check file:///[WILDLINE]/missing_license/mod.ts
+Checking for slow types in the public API...
+Check file:///[WILDLINE]/missing_license/mod.ts
+warning[missing-license]: missing license file
+ --> [WILDLINE]LICENSE
+  = hint: add a LICENSE file to the package and ensure it is not ignored from being published
+
+  docs: https://jsr.io/go/missing-license
+
+Publishing @scope/pkg@1.0.0 ...
+Successfully published @scope/pkg@1.0.0
+Visit http://127.0.0.1:4250/@scope/pkg@1.0.0 for details

tests/specs/publish/missing_license/mod.ts

@@ -0,0 +1,3 @@
+export function add(a: number, b: number): number {
+  return a + b;
+}

tests/specs/publish/npm_workspace/publish.out

@@ -6,10 +6,12 @@ Check file:///[WILDLINE]/npm_workspace/add/index.ts
 Check file:///[WILDLINE]/npm_workspace/subtract/index.ts
 [UNORDERED_START]
 Simulating publish of @scope/add@1.0.0 with files:
+   file:///[WILDLINE]/npm_workspace/add/LICENSE ([WILDLINE])
    file:///[WILDLINE]/npm_workspace/add/index.ts ([WILDLINE])
    file:///[WILDLINE]/npm_workspace/add/jsr.json ([WILDLINE])
    file:///[WILDLINE]/npm_workspace/add/package.json ([WILDLINE])
 Simulating publish of @scope/subtract@1.0.0 with files:
+   file:///[WILDLINE]/npm_workspace/subtract/LICENSE ([WILDLINE])
    file:///[WILDLINE]/npm_workspace/subtract/index.ts ([WILDLINE])
    file:///[WILDLINE]/npm_workspace/subtract/jsr.json ([WILDLINE])
    file:///[WILDLINE]/npm_workspace/subtract/package.json ([WILDLINE])