Plugin Commit Check: Verify License Declarations

[Ipstenu]

I know we do some pre-flight checks on plugins before commit (like if the code 'complies' etc). Can we add in a check for readme.txt to verify that there's a line that starts License: and it's _not_ just that?

Like enforce people to actually darn well declare their license or no SVN. That would be a nice way to enforce the CYA :)

[dd32]

In [3897] I've started to ingest the license headers into the new plugin directory so we can run some stats to see what kind of impact this change would have.

Early indications are that probably about 50% of popular plugins list it, although they're haphazard in how they list the license (GPLv2 or later vs GPLv2+ vs GNU General Public License v2.0 or later vs GPL V2 or latest vs even GPLv2 or later (of-course) :) )

[Ipstenu]

Stage 1: Declare a license.

Stage 2: "As of Date X, your license must be on this list of GPLv2 (or later) compatible terms."?

We could probably get away with "License: GPLv[2|3]*" for much of it. Having to curate a list of acceptable terms would be a pain to start, but once it's done then it's just a mild annoyance.

[Ipstenu]

Use ​https://spdx.org/licenses/ to validate license format. If we could somehow automate checking "These are GPLv2+ compatible" that would be brilliant.

[Ipstenu]

Uploaded patch 1944.diff - This just checks that new plugins declared a license at all.

[dd32]

In 9648:

Plugin Directory: Require a license be specified in the readme.txt.

Props Ipstenu.
Fixes #4719.
See #1944.

[casiepa]

See also #5126

[dd32]

In 12526:

Plugin Directory: Ingest the License and License URI readme fields on plugin upload.

See #1944, [3897].

[dd32]

#5126 was marked as a duplicate.

[dd32]

In 13618:

Plugin Directory: Readme: Validate that the license field contains a likely valid license.

This adds to the existing "no license" with two new ones:

• Warning: License appears to be not-GPL-compatible, invalid
• Note: We could not parse the license specified, unknown

Fixes #1944.

[dd32]

looking at the license values used, at by at least 3 plugins (because the long-tail is really long)..

Notably, you'll see a bunch of things you might assume is GPL - for example, "GNU Version 2", but those are NOT the names of the license and are therefor invalid.

Count	License Header	Outcome
30,292	GPLv2 or later	OK
10,724	*Not Specified*	license_missing
4,120	GPLv3	OK
2,994	GPLv2	OK
2,303	GPLv3 or later	OK
650	GPL2	OK
627	MIT	OK
341	GNU General Public License v3.0	OK
339	GPL-2.0+	OK
328	GPL v2 or later	OK
318	GPL-2.0-or-later	OK
138	GPL3	OK
121	GPLv3 or later License	OK
119	GPL v3	OK
112	GPL	OK
105	GPL-3.0	OK
95	GNU Version 2 or Any Later Version	unknown_license
94	GPL v2	OK
91	GPL-3.0-or-later	OK
90	GNU General Public License v2.0 or later	OK
87	MIT License	OK
87	GPL2+	OK
81	GPLv2+	OK
72	GPL2 or later	OK
71	GNU General Public License v2 or later	OK
58	GPL v3 or later	OK
56	GNU AGPLv3	OK
51	GPL-2.0	OK
44	Apache 2.0	OK
41	GNU General Public License v2	OK
41	GNU GENERAL PUBLIC LICENSE	OK
36	GNU General Public License v3 or later	OK
35	MIT/Expat	OK
35	GPLv2 or later.	OK
34	GPL-3.0+	OK
33	GPLv2 (or later)	OK
33	WTFPL	OK
30	GNU General Public License v3	OK
25	Apache-2.0	OK
23	GNU General Public License v2.0	OK
23	Apache License, Version 2.0	OK
23	GPL 2.0	OK
22	Apache License 2.0	OK
18	GPLv3+	OK
18	GNU General Public License v3.0 or later	OK
17	LGPLv3	OK
17	proprietary	invalid_license
16	Public Domain	OK
16	AGPLv3 or later	OK
16	GPL 3.0	OK
14	BSD-3-Clause	OK
14	GPL-3	OK
14	GPLv3 or later.	OK
14	GPLv3.0	OK
14	GPL v3 o posterior	OK
13	GNU GPLv3	OK
13	GPL v3.0	OK
13	GPLv2 or later (	OK
13	GPLv2 or later license	OK
13	GNU Version 3 or Any Later Version	unknown_license
12	Free	unknown_license
12	GNU GENERAL PUBLIC LICENSE Version 3	OK
11	Apache v2.0	OK
11	GNU General Public License v2.0 (or later)	OK
11	BSD	unknown_license
11	GPL3+	OK
11	GNU GPL v2	OK
10	The MIT License (MIT)	OK
10	GPLv2 or later (of-course)	OK
10	GPLv2 or Alter	OK
10	GNUGPLv3	OK
9	AGPLv3	OK
9	GPL3 or later	OK
9	GNU	unknown_license
9	GNU General Public License version 3 or later	OK
9	later	unknown_license
9	GPL-v3	OK
9	AGPL-3.0	OK
9	GNU GPL v2 or higher	OK
9	GPLv2 or later (or compatible)	OK
8	GPL 2	OK
8	GNU General Public License 3.0 or newer (GPL)	OK
8	GNU General Public License (GPL) version 3	OK
7	License: GPLv2 or later	OK
7	The MIT License	OK
7	GNU Version 2	unknown_license
7	GPL v2+	OK
7	GPL v2.0	OK
7	Custom	unknown_license
7	LGPLv3 or later	OK
6	GPL version 3 or any later version	OK
6	GPLv2 and (components under MIT License)	OK
6	GNU General Public License (GPL), v3 (or newer)	OK
6	GPLv2 only	OK
6	GPL 2.0+	OK
6	GPLv2 or later (if another license is not provided)	OK
6	GNU GPL v3	OK
6	GLPv2 or later	unknown_license
6	GPLv3 or later license and included	OK
6	GNU Public License	unknown_license
6	GPLv2License	OK
6	MIT License (MIT)	OK
6	LGPL v2.1	OK
5	GNU General Public License, version 3 (GPL-3.0)	OK
5	GPL-3.0 License	OK
5	GNU General Public License v2 (or later)	OK
5	GNU General Public License, version 3 (GPLv3)	OK
5	GPL v3, see LICENSE	OK
5	GPLv2 or any later version	OK
5	ISC	OK
5	GNU General Public License, version 2	OK
5	GPLv3 or higher	OK
5	LGPL	OK
5	GPLz2	OK
5	GPL-3.0 or later	OK
5	GPLv2 or later License URI:	OK
5	AGPL	OK
5	Apache 2	OK
5	HAQV1	unknown_license
5	MIT License/X11	OK
5	MPL-2.0	OK
5	GPL-3.0-only	OK
4	GNU General Public License version 2 or later	OK
4	GPLv2 or late	OK
4	Unlicense	OK
4	GNU/GPLv2	OK
4	GPL 2.0 or later	OK
4	GNU GPL	OK
4	GPLv3 License	OK
4	3-clause BSD	OK
4	WTFPL license	OK
4	GNU GPLv2+	OK
4	GPLv3 or Any Later Version	OK
4	Apache License	unknown_license
4	GNU General Public License (GPL) 3.0	OK
4	Apache2.0	OK
4	GNU GPLv2	OK
4	GNU AGPL v3.0	OK
4	LGPL v3.0	OK
4	GPL 3.0 or later	OK
4	Expat License	OK
4	GNU v3.0 License	unknown_license
4	GNU General Public License, v2 or higher	OK
4	GPL 2+	OK
3	LGPLv2.1	OK
3	GPL v2.0 or later	OK
3	GPL or later	OK
3	Gpl V2 or latest	OK
3	GP2	unknown_license
3	GPL v2 or later	OK
3	CC0	OK
3	Modified BSD License	OK
3	BSD 2-Clause License	OK
3	GPL-2.0 or later	OK
3	GNU3	unknown_license
3	See www.stockdio.com/wordpress for details.	unknown_license
3	GPL version 2 or later	OK
3	BSD-2	OK
3	GNU/GPL	OK
3	Modified BSD	OK
3	GPLv2 or higher	OK
3	GPLv1	OK
3	MPL2	OK
3	GPLv2 or later(	OK
3	Mozilla Public License Version 2.0	OK
3	MPL 2.0	OK
3	GPLv3 License URI:	OK
3	GNU General Public License, version 3.0 (GPL-3.0)	OK
3	GNU GENERAL PUBLIC LICENSE 3.0	OK
3	Yes	unknown_license
3	GNU GPL v2 or later	OK
3	GPL-2	OK
3	Apache License - 2.0	OK
3	GPLv2 or later (of course!)	OK
3	GNU Version 2 or Any Later Version.	unknown_license
3	GNUv3 or later	unknown_license
3	GPLv3 ONLY	OK
3	GPLv2 o superior	OK
3	Massachusetts Institute of Technology (MIT) license	OK
3	GPLv2 or laterLicense	OK
3	Personal Use	invalid_license
3	GNU GPL v3 or later	OK
3	cS	unknown_license