Add SPDX License Identifier to package.json

[szimmer-dap]

Hi there!

We are currently adapting a package approval workflow, where packages are approved or blocked based on certain criteria. One very important criterion is the package's license. There is a list of approved licenses (like MIT, Apache, ...) and a list of licenses that can not be used (like GPL).

Although your package seems to be under MIT license, it's hard to auto-approve them, because they don't use an SPDX tag (https://spdx.github.io/spdx-spec/v2-draft/SPDX-license-list/). As a result, the license does not show up in the package's metadata (compare e.g. info section of https://www.npmjs.com/package/union with https://www.npmjs.com/package/@angular/core, where the latter clearly states the package's license, while yours does not).

Would you consider using an SPDX license expression? Basically, all that is needed is a license entry in the package.json file.
See https://docs.npmjs.com/cli/v10/configuring-npm/package-json#license for reference.
In fact, it seems that there is actually an open pull request for this already.

Additional LICENSE files or license infos in README files can remain as they are (as long as they don't contradict the content of the "license" entry).

This would be a huge help for us, because without license information within packages' metadata we have to manually check and approve every single version of every package.