dbjorge
commented
9 months ago Updating to a more recent esbuild would also enable us to use esbuild-plugin-license to automate the production of LICENSE-3RD-PARTY.txt. I used something like this to validate #4304:
// /build/tasks/esbuild.js
const esbuildPluginLicense = require('esbuild-plugin-license').default;
// To use this, add the following option to the esbuild build() invocation:
//
// plugins: [noticeFileGeneratorPlugin]
const noticeFileGeneratorPlugin = esbuildPluginLicense({
banner: undefined, // handled by intro.stub
thirdParty: {
includePrivate: false,
output: {
file: 'LICENSE-3RD-PARTY.txt',
template(dependencies) {
const renderedDependencies = dependencies.map((dep) => {
const header = `${dep.packageJson.name}@${dep.packageJson.version} :: ${dep.packageJson.license}`;
return `${header}\n---\n${dep.licenseText}`;
})
return renderedDependencies.join('\n===\n');
},
}
}
});
When bundling, esbuild discards all comments from the code. This could give the impression that the third-party dependencies that come bundled in axe-core fall under Deque's copyright statement at the top of axe.js.
This is solved by ESBuils 13+, which by default preserves legal comments. But because axe-core is pinned on ESBuild 11 we're missing out on this important feature.