I have a "license" in my package.json, why is npm/yarn saying it is missing?

Question

On running yarn install I see a warning every time that there is no license filed even though I have defined one:

$ jq . package.json 
{
  "name": "license-example",
  "version": "1.0.0",
  "main": "index.js",
  "license": "UNLICENSED",
  "dependencies": {
    "lodash": "^4.17.4",
    "moment": "^2.18.1"
  }
}

which according to the npm defintion should be valid:

Finally, if you do not wish to grant others the right to use a private or unpublished package under any terms:

{ "license": "UNLICENSED" }

Here's the output:

yarn install
yarn install v0.27.5
warning ../package.json: No license field
[1/4] Resolving packages...
success Already up-to-date.
Done in 0.09s.

My main goal is for that warning to disappear, yet I also don't want to provide an invalid open-source LICENSE to make the warning go away, even if it is an internal project that never will be seen on the outside.

How to mark a yarn project as proprietary without a warning appearing?

Answer 1

Yarn is broken and needs to be fixed. UNLICENSED is a valid designator for the license field, but yarn does not recognize it because the developers have not kept that up to date.

Note this answer is 6 years after the question was posed. But they have not prioritized this update.

Just tested this with a package.json containing: private: true, license: "UNLICENSED"

on yarn version 1.22.19

and the warning still appears. Best thing to do is ignore the warning it is simply a nuisance. -- Updates -- Note it has been suggested that adding --ignore-scripts can turn off this warning, but it doesn't ONLY turn off this warning it has other consequences.

By not treating UNLICENCED as an equally valid entry as ISC for example, this warning can encourage some very harmful engineering practices in an enterprise environment such as selecting the default open source license for code that is being developed as proprietary work for hire code for an employer. This can pose a serious risk to that employer's ability to retain ownership of IP they have paid good money to develop.

Answer 2

If the error persists, just check your system root at C:\Users\User you will see a package.json and yarn.lock files, delete them, the warning will go. These are the files interfering with your project

Answer 3

Take a closer look at the message:

warning ../package.json: No license field

It's referring to a package.json one directory level higher.
Fix that one by either entering a license field or a private: true or delete it because it probably should not be there anyway ;-)

Answer 4

I am new to the react, but I find, the most simplest way is: just add the "private": true, to your package.json file. That's it.

Answer 5

I had similar issue, i just upgraded the version of Node and every thing worked fine.....

Answer 6

After trying multiple solutions, i found there were following files in root, need to delete:

cd ~
~$ rm -rf package.json
~$ rm -rf yarn.lock
~$ rm -rf package-lock.json

Answer 7

I got stuck in the same error and I found that when we add package.json or yarn, some files can be there in the system roots. So, the errors are from there the system root. You can simply remove those files and the error will not be there anymore.

1. just cd ~, then you can find package.json & yarn.lock.
2. rm -rf package.json or rm -rf yarn.lock

Answer 8

For yarn and npm, the default behavior is that they look up into the parent directories.

I had an outdated and forgotten package.json in my home folder without a license field:

~/package.json

When running yarn install within my project:

~/my-project/package.json

yarn then also found the one in my home directory and reported the error for that one. I mistook that for my project's package.json.

The warning makes that clear by preceding the path with .. for the parent folder.

warning ../package.json: No license field

After removing that outdated package.json I get the expected output:

yarn install v0.27.5
[1/4] Resolving packages...
success Already up-to-date.
Done in 0.88s.

Answer 9

I was getting the following warning along with some other licensing warnings.

warning package.json: No license field
warning react-material-dashboard@0.3.0: No license field

All I did was, update the package.json file's private property to be true.

{
  "name": "some-application-name",
  "author": "Keet Sugathadasa",
  "email": "email",
  "license": "MIT",
  "version": "0.0.1",
  "private": true,
  ...
}

With this, I no longer got any No license field warnings when I do yarn install. To understand why, please see this question.

{"private": true} means, that npm will refuse to publish it, to prevent accidental publication of private repositories.

For more on this, see the following links. https://docs.npmjs.com/files/package.json#private https://flaviocopes.com/package-json/#private

Answer 10

Just make sure you are in the directory that contains the package.json file, then just yarn or npm install then serve it as you please.

I am currently running a project without the license field and it works perfectly, I don't think that can return an error.

Also, see more information regarding the mandatory fields you need for your package to run and other tips regarding the package.json file with yarn/npm:

https://classic.yarnpkg.com/en/docs/package-json/

https://docs.npmjs.com/files/package.json