Your use of jsonfilter: ^1.1.2 suffers from this issue, namely that that package indicates no precise license (just stating "BSD" as the license which is not a valid SPDX identifier expected in the package.jsonlicense field) nor does the version of JSONStream that it is depending on have any license info (its updated version does, but not the 0.8.4 version jsonfilter is pegged to).
To make your project and its users avoid potentially being in violation of license terms, please drop this dependency (or if possible, work with jsonfilter to get them to officially clarify and add a proper license to package.json along with their JSONStream dependency being updated (or removed) so it similarly has a clarified license status).
Hi,
Your use of
jsonfilter: ^1.1.2
suffers from this issue, namely that that package indicates no precise license (just stating "BSD" as the license which is not a valid SPDX identifier expected in thepackage.json
license
field) nor does the version ofJSONStream
that it is depending on have any license info (its updated version does, but not the0.8.4
versionjsonfilter
is pegged to).To make your project and its users avoid potentially being in violation of license terms, please drop this dependency (or if possible, work with
jsonfilter
to get them to officially clarify and add a properlicense
topackage.json
along with their JSONStream dependency being updated (or removed) so it similarly has a clarified license status).Thank you!