Wrong license in package.json

[Joery-M]

The license field of package.json is MIT, but Apache-2.0 is defined in the LICENSE file.
Now this usually wouldn't matter, since the licenses are similar (for the most part). But tools like pnpm-licenses partially misinterpret the license to be MIT.

I don't know how much of a legal issue this is, since I've found packages like through that use both. But it just seems like sloppy to me.

Example:

1. Create a new npm project
2. Install pnpm
3. Run pnpm i @pkgjs/parseargs
4. Run npx pnpm-licenses list -o ./licenses.json
5. View the licenses.json file.

Result:

[
    {
        "name": "@pkgjs/parseargs",
        "license": "MIT", // Incorrect
        "author": "",
        "homepage": "https://github.com/pkgjs/parseargs#readme",
        "description": "Polyfill of future proposal for `util.parseArgs()`",
        "version": "0.11.0",
        "licenseText": "Apache License\n Version 2.0, January 2004... You get the idea" // Correct
    }
]

[shadowspawn]

That looks like an error in the initial commits. I looked at some other packages under https://github.com/pkgjs and they have Apache license file and "license": "Apache-2.0".

https://github.com/pkgjs/wiby/blob/a777be1032aa829969d8df4e4f696dfbe73616d5/package.json#L26

https://github.com/pkgjs/dependents/blob/c2e17122cfa574a6e20b3df751cf23def8ab9ccc/package.json#L12