File tree Expand file tree Collapse file tree 6 files changed +40
-13
lines changed
node_modules/@npmcli/package-json Expand file tree Collapse file tree 6 files changed +40
-13
lines changed Original file line number Diff line number Diff line change @@ -635,7 +635,7 @@ graph LR;
635635 npmcli-package-json-->npmcli-git["@npmcli/git"];
636636 npmcli-package-json-->proc-log;
637637 npmcli-package-json-->semver;
638- npmcli-package-json-->validate-npm-package-license ;
638+ npmcli-package-json-->spdx-expression-parse ;
639639 npmcli-promise-spawn-->which;
640640 npmcli-query-->postcss-selector-parser;
641641 npmcli-run-script-->node-gyp;
Original file line number Diff line number Diff line change 1+ // This is an implementation of the validForNewPackage flag in validate-npm-package-license, which is no longer maintained
2+
3+ const parse = require ( 'spdx-expression-parse' )
4+
5+ function usesLicenseRef ( ast ) {
6+ if ( Object . hasOwn ( ast , 'license' ) ) {
7+ return ast . license . startsWith ( 'LicenseRef' ) || ast . license . startsWith ( 'DocumentRef' )
8+ } else {
9+ return usesLicenseRef ( ast . left ) || usesLicenseRef ( ast . right )
10+ }
11+ }
12+
13+ // license should be a valid SPDX license expression (without "LicenseRef"), "UNLICENSED", or "SEE LICENSE IN <filename>"
14+ module . exports = function licenseValidForNewPackage ( argument ) {
15+ if ( argument === 'UNLICENSED' || argument === 'UNLICENCED' ) {
16+ return true
17+ }
18+ if ( / ^ S E E L I C E N [ C S ] E I N ./ . test ( argument ) ) {
19+ return true
20+ }
21+ try {
22+ const ast = parse ( argument )
23+ return ! usesLicenseRef ( ast )
24+ } catch {
25+ return false
26+ }
27+ }
Original file line number Diff line number Diff line change 22
33const { URL } = require ( 'node:url' )
44const hostedGitInfo = require ( 'hosted-git-info' )
5- const validateLicense = require ( 'validate-npm-package- license' )
5+ const validateLicense = require ( './ license.js ' )
66
77const typos = {
88 dependancies : 'dependencies' ,
@@ -230,7 +230,7 @@ function normalizeData (data, changes) {
230230 changes ?. push ( 'No license field.' )
231231 } else if ( typeof ( license ) !== 'string' || license . length < 1 || license . trim ( ) === '' ) {
232232 changes ?. push ( 'license should be a valid SPDX license expression' )
233- } else if ( ! validateLicense ( license ) . validForNewPackages ) {
233+ } else if ( ! validateLicense ( license ) ) {
234234 changes ?. push ( 'license should be a valid SPDX license expression' )
235235 }
236236 // fixPeople
Original file line number Diff line number Diff line change 11{
22 "name" : " @npmcli/package-json"
3- "version" : " 7.0.4 "
3+ "version" : " 7.0.5 "
44 "description" : " Programmatic API to update package.json"
55 "keywords" : [
66 " npm"
3535 "json-parse-even-better-errors" : " ^5.0.0"
3636 "proc-log" : " ^6.0.0"
3737 "semver" : " ^7.5.3"
38- "validate-npm-package-license " : " ^3 .0.4 "
38+ "spdx-expression-parse " : " ^4 .0.0 "
3939 },
4040 "devDependencies" : {
4141 "@npmcli/eslint-config" : " ^6.0.0"
42- "@npmcli/template-oss" : " 4.28.0 "
42+ "@npmcli/template-oss" : " 4.28.1 "
4343 "tap" : " ^16.0.1"
4444 },
4545 "engines" : {
4646 "node" : " ^20.17.0 || >=22.9.0"
4747 },
4848 "templateOSS" : {
4949 "//@npmcli/template-oss" : " This file is partially managed by @npmcli/template-oss. Edits may be overwritten."
50- "version" : " 4.28.0 "
50+ "version" : " 4.28.1 "
5151 "publish" : " true"
5252 },
5353 "tap" : {
Original file line number Diff line number Diff line change 8989 "@npmcli/fs" : " ^5.0.0"
9090 "@npmcli/map-workspaces" : " ^5.0.3"
9191 "@npmcli/metavuln-calculator" : " ^9.0.3"
92- "@npmcli/package-json" : " ^7.0.4 "
92+ "@npmcli/package-json" : " ^7.0.5 "
9393 "@npmcli/promise-spawn" : " ^9.0.1"
9494 "@npmcli/redact" : " ^4.0.0"
9595 "@npmcli/run-script" : " ^10.0.3"
18381838 }
18391839 },
18401840 "node_modules/@npmcli/package-json" : {
1841- "version" : " 7.0.4 "
1842- "resolved" : " https://registry.npmjs.org/@npmcli/package-json/-/package-json-7.0.4 .tgz"
1843- "integrity" : " sha512-0wInJG3j/K40OJt/33ax47WfWMzZTm6OQxB9cDhTt5huCP2a9g2GnlsxmfN+PulItNPIpPrZ+kfwwUil7eHcZQ =="
1841+ "version" : " 7.0.5 "
1842+ "resolved" : " https://registry.npmjs.org/@npmcli/package-json/-/package-json-7.0.5 .tgz"
1843+ "integrity" : " sha512-iVuTlG3ORq2iaVa1IWUxAO/jIp77tUKBhoMjuzYW2kL4MLN1bi/ofqkZ7D7OOwh8coAx1/S2ge0rMdGv8sLSOQ =="
18441844 "inBundle" : true ,
18451845 "license" : " ISC"
18461846 "dependencies" : {
18501850 "json-parse-even-better-errors" : " ^5.0.0"
18511851 "proc-log" : " ^6.0.0"
18521852 "semver" : " ^7.5.3"
1853- "validate-npm-package-license " : " ^3 .0.4 "
1853+ "spdx-expression-parse " : " ^4 .0.0 "
18541854 },
18551855 "engines" : {
18561856 "node" : " ^20.17.0 || >=22.9.0"
Original file line number Diff line number Diff line change 5757 "@npmcli/fs" : " ^5.0.0"
5858 "@npmcli/map-workspaces" : " ^5.0.3"
5959 "@npmcli/metavuln-calculator" : " ^9.0.3"
60- "@npmcli/package-json" : " ^7.0.4 "
60+ "@npmcli/package-json" : " ^7.0.5 "
6161 "@npmcli/promise-spawn" : " ^9.0.1"
6262 "@npmcli/redact" : " ^4.0.0"
6363 "@npmcli/run-script" : " ^10.0.3"
You can’t perform that action at this time.
0 commit comments