Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Source License notice strip

See original GitHub issue

I have a project, for example:

Example

package.json

{
  "...": "",
  "main": "index.js",
  "scripts": {
    "...": "",
    "build": "react-scripts build"
  },
  "dependencies": {
    "...": "",
    "react-scripts": "2.1.5"
  }
}

index.js

/*!
 * project
 * Copyright 2019 Igor Vuchastyi
 * Licensed under MIT
 */

// Some other code

When i run npm run build it executes react-scripts build, then it creates build directory like this build/static/{css,js}/*.{css,js}.
JS files doesn't contain any license i have specified at the index.js. If i do it with webpack - webpack collect my license and put at the top of bundle.

I think react-scripts strips my license from bundle and from other packages.

My problem: i don't want use react-scripts eject, i don't want use any other which is forks of react-scripts or etc.
My question: is there a way to leave my License notice at top of each chunk produced by react-scripts?
I was searching for around 2 hours. Was googling, was searching in this repository. Found nothing about this thread.

Issue Analytics

State:
Created 5 years ago
Comments:17 (5 by maintainers)

Top GitHub Comments

5reactions

dynamiscommented, Mar 22, 2019

Larger bundle size is better than license violation especially in case of the default option.

I’ll suggest more options and I believe option 5 can solve both legal and bundle size problems:

1’. Keep (more) legal comments in chunk js file.

Same as option 1 but use different regexp. /^\**!|@preserve|@license|@cc_on/i for comments option. This is the default regexp of extractComments config of terser-webpack-plugin and this can keep most of legal notice comments.

2’. Extract (more) legal comment into `chunk.LICENSE` file.

Same as option 2 but use default regexp (/^\**!|@preserve|@license|@cc_on/i) of terser-webpack-plugin with adding extractComments: true.

see: https://github.com/webpack-contrib/terser-webpack-plugin#extractcomments

4. Extract legal comments and preserve @license comments.

We can preserve @license comments in chunk js file and extract other legal (i.e. /^**!|@preserve|@license|@cc_on/i) comments into chunk.LICENSE file with terser config like this:

      new TerserPlugin({
        terserOptions: {
          output: {
            comments: /@license/i,
          },
        },
        extractComments: true,
      }),

This comes from example usage of terser-webpack-plugin: https://github.com/webpack-contrib/terser-webpack-plugin#preserve-comments

5. Extract legal comments and add link to it from top of chunk js file.

Extract legal comments with extractComments: true terser option to make chunk.LICENSE file (same as option 2’) and add 1 line legal comment on top of the chunk js files:

/*! Create React App vX.X.X | (c) Facebook and other contributors | see chunk.LICENSE file for more license information */

This is the similar approach as jQuery:

/*! jQuery v3.3.1 | (c) JS Foundation and other contributors | jquery.org/license */

2reactions

dawnmistcommented, Oct 29, 2020

I’ve just arrived here because of a need to remain compliant with the attribution requirements for font-awesome. The comments are being stripped from where they were required to remain in the bundle.

So the answer to “why” is because I’m legally required to leave those comments alone, for them to remain in the bundle. From: https://fontawesome.com/license/free

Attribution Attribution is required by MIT, SIL OFL, and CC BY licenses. Downloaded Font Awesome Free files already contain embedded comments with sufficient attribution, so you shouldn’t need to do anything additional when using these files normally.

We’ve kept attribution comments terse, so we ask that you do not actively work to remove them from files, especially code. They’re a great way for folks to learn about Font Awesome.

Removing them all to the num.chunk.xxxxx.LICENSE.txt files is removing them from the code, and thus is not actually compliant with the license Attribution requirements for their use.

Top Results From Across the Web

Do you have to include a license notice with every source file?

I've seen many projects which only mention the license in the README or in a LICENSE or COPYING file. Your software is automatically...

The open source notice requirement in web-based applications

To make software open source, one or more licenses need to be declared applicable. With traditional applications, it was clear how to do ......

Steve Winslow | 10 January 2020 · the work is copyrighted;; the contributors of the code licensed it, · the contributors of the...

3rd Party Licensing Notice - Amazon Customer Service

You may obtain a copy of source code for Open Source Software licensed under such licenses at http://www.amazon.com/firetabletnotices. OFFER TO PROVIDE SOURCE ......

Open Source Compliance for SaaS Vendors - Heather Meeker

That is because most open source licenses do not have any conditions ... however, is that programmers usually strip licensing notices out of ......