Restriction Lint: Crate License

[mehcode]

After seeing the new-ish cargo metadata lints, I was thinking it would interesting to have a lint like:

crate_license
Check the license information in the crate metadata and restrict to something.

I imagine a whitelist/blacklist of licenses would be what most want.

# in clippy.toml
blacklisted-licenses = ["MIT"]
whitelisted-licenses = ["MPL"]

This seems fairly straightforward to implement after reading some of the source for the cargo lints. If we want to do this I'd love to try to implement.

[phansch]

Seems like a good idea, especially for orgs that want to enforce certain licenses on their crates.

[Julusian]

Seems like a good idea, especially for orgs that want to enforce certain licenses on their crates.

It would be useful for anyone writing anything that is to be distributed, in either source or binary form, to encourage them to be compliant with licenses of crates they use.

It is currently very easy to not notice that one crate some dependencies deep is licensed GPL, which would then require your software to also be GPL

[mehcode]

Does there exist a reasonable default or should the blacklist/whitelist be empty?

If it's possible to know if license A is compatible with license B (where A is the root project and B is a dependency), that could be a reasonable default.

That can be decided after this is a thing of course.

[Manishearth]

I would keep it empty