From 1d516480a63c16a84908dffceeafa891e3fdabd8 Mon Sep 17 00:00:00 2001 From: Michael Garvin Date: Thu, 19 Feb 2026 10:41:11 -0800 Subject: [PATCH 1/2] deps: remove validate-npm-package-license --- package.json | 1 - 1 file changed, 1 deletion(-) diff --git a/package.json b/package.json index 9751503..a6a678f 100644 --- a/package.json +++ b/package.json @@ -25,7 +25,6 @@ "promzard": "^3.0.1", "read": "^5.0.1", "semver": "^7.7.2", - "validate-npm-package-license": "^3.0.4", "validate-npm-package-name": "^7.0.0" }, "devDependencies": { From a3ea7e866d8453dc300362bda2e16f0be0e8f097 Mon Sep 17 00:00:00 2001 From: Michael Garvin Date: Thu, 19 Feb 2026 10:50:43 -0800 Subject: [PATCH 2/2] fix: use license validation from @npmcli/package-json --- lib/default-input.js | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/lib/default-input.js b/lib/default-input.js index d72feee..7b9c8f4 100644 --- a/lib/default-input.js +++ b/lib/default-input.js @@ -2,7 +2,7 @@ const fs = require('fs/promises') const path = require('path') -const validateLicense = require('validate-npm-package-license') +const validateLicense = require('@npmcli/package-json/lib/license') const validateName = require('validate-npm-package-name') const npa = require('npm-package-arg') const semver = require('semver') @@ -264,12 +264,10 @@ if (!package.author) { const license = package.license || getConfig('license') || 'ISC' exports.license = yes ? license : prompt('license', license, (data) => { - const its = validateLicense(data) - if (its.validForNewPackages) { + if (validateLicense(data)) { return data } - const errors = (its.errors || []).concat(its.warnings || []) - return invalid(`Sorry, ${errors.join(' and ')}.`) + return invalid('Sorry, license should be a valid SPDX license expression') }) const type = package.type || getConfig('type') || 'commonjs'