Closed brettz9 closed 4 years ago
@brettz9 I wrote that package.json
doc. If it's unclear, we should fix it. Don't use an object. Use a string.
A number of old packages with license
objects have corrections in npm-license-corrections.
I think the npm docs are clear that one should not use objects, but the term "deprecated" suggests to me that it is still technically permitted, at least until such time as a later version of npm prohibits its use, at which time it will no longer be "deprecated" but "obsolete". This is at least the way I have seen browser specs using the term and though new items are encouraged from using it, the current system will still support them.
Re: npm-license-corrections
, I see--good to know; perhaps I'll file the ones I discover there, at least if the project owners do not respond to update. Thanks!
@brettz9 npm will not reject npm publish
commands or tarballs with arbitrary data in package.json
's license
property. But only one kind of data are valid, SPDX expressions or SEE LICENSE IN $place
magic strings.
Closing since corrections
satisfies. Thanks!
As well as
licenses
,license
has allowed an albeit now deprecated object per https://docs.npmjs.com/files/package.json#license(While a comment states, "Not valid metadata", it goes on to say "Those styles are now deprecated", i.e., they are not entirely rejected yet.)
Some packages still use this format, so weren't being found for approval. I think this format, and the array format, should be supported.
Thanks!