arduino · giacomocusinato · Feb 25, 2026 · Feb 19, 2026 · Feb 19, 2026 · Feb 20, 2026
diff --git a/.github/workflows/check-npm-dependencies-task.yml b/.github/workflows/check-npm-dependencies-task.yml
@@ -11,6 +11,8 @@ on:
       - ".licensed.json"
       - ".licensed.ya?ml"
       - ".npmrc"
+      - "go.mod"
+      - "go.sum"
       - "Taskfile.ya?ml"
       - "**/.gitmodules"
       - "**/package.json"
@@ -22,6 +24,8 @@ on:
       - ".npmrc"
       - ".licensed.json"
       - ".licensed.ya?ml"
+      - "go.mod"
+      - "go.sum"
       - "Taskfile.ya?ml"
       - "**/.gitmodules"
       - "**/package.json"
@@ -82,8 +86,10 @@ jobs:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           version: 5.x
 
-      - name: Install Task
-        uses: go-task/setup-task@v1
+      - name: Install Go
+        uses: actions/setup-go@v6
+        with:
+          go-version-file: go.mod
 
       - name: Setup Node.js
         uses: actions/setup-node@v6
@@ -94,7 +100,11 @@ jobs:
         run: sudo apt update -y && sudo apt install -y libxkbfile-dev libsecret-1-dev
 
       - name: Update dependencies license metadata cache
-        run: task --silent general:cache-dep-licenses
+        run: |
+          go tool \
+            github.com/go-task/task/v3/cmd/task \
+              --silent \
+              general:cache-dep-licenses
 
       - name: Check for outdated cache
         id: diff
@@ -146,8 +156,10 @@ jobs:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           version: 5.x
 
-      - name: Install Task
-        uses: go-task/setup-task@v1
+      - name: Install Go
+        uses: actions/setup-go@v6
+        with:
+          go-version-file: go.mod
 
       - name: Setup Node.js
         uses: actions/setup-node@v6
@@ -158,4 +170,8 @@ jobs:
         run: sudo apt update -y && sudo apt install -y libxkbfile-dev libsecret-1-dev
 
       - name: Check for dependencies with unapproved licenses
-        run: task --silent general:check-dep-licenses
+        run: |
+          go tool \
+            github.com/go-task/task/v3/cmd/task \
+              --silent \
+              general:check-dep-licenses
diff --git a/.licenses/npm/@vscode/debugprotocol.dep.yml b/.licenses/npm/@vscode/debugprotocol.dep.yml
@@ -4,7 +4,7 @@ version: 1.68.0
 type: npm
 summary: Npm module with declarations for the Visual Studio Code debug protocol
 homepage:
-license: other
+license: mit
 licenses:
 - sources: License.txt
   text: "Copyright (c) Microsoft Corporation\n\nAll rights reserved. \n\nMIT License\n\nPermission

diff --git a/.licenses/npm/concat-map.dep.yml b/.licenses/npm/concat-map.dep.yml
@@ -4,7 +4,7 @@ version: 0.0.1
 type: npm
 summary: concatenative mapdashery
 homepage:
-license: other
+license: mit
 licenses:
 - sources: LICENSE
   text: |

diff --git a/.licenses/npm/expand-template.dep.yml b/.licenses/npm/expand-template.dep.yml
@@ -4,7 +4,7 @@ version: 2.0.3
 type: npm
 summary: Expand placeholders in a template string
 homepage: https://github.com/ralphtheninja/expand-template
-license: other
+license: mit
 licenses:
 - sources: LICENSE
   text: |-

diff --git a/.licenses/npm/fast-json-stable-stringify.dep.yml b/.licenses/npm/fast-json-stable-stringify.dep.yml
@@ -5,7 +5,7 @@ type: npm
 summary: deterministic `JSON.stringify()` - a faster version of substack's json-stable-strigify
   without jsonify
 homepage: https://github.com/epoberezkin/fast-json-stable-stringify
-license: other
+license: mit
 licenses:
 - sources: LICENSE
   text: |

diff --git a/.licenses/npm/from.dep.yml b/.licenses/npm/from.dep.yml
@@ -4,7 +4,7 @@ version: 0.1.7
 type: npm
 summary: Easy way to make a Readable Stream
 homepage:
-license: other
+license: mit
 licenses:
 - sources: LICENSE.APACHE2
   text: |

diff --git a/.licenses/npm/github-from-package.dep.yml b/.licenses/npm/github-from-package.dep.yml
@@ -4,7 +4,7 @@ version: 0.0.0
 type: npm
 summary: return the github url from a package.json file
 homepage: https://github.com/substack/github-from-package
-license: other
+license: mit
 licenses:
 - sources: LICENSE
   text: |

diff --git a/.licenses/npm/google-protobuf.dep.yml b/.licenses/npm/google-protobuf.dep.yml
@@ -4,7 +4,7 @@ version: 3.21.4
 type: npm
 summary: Protocol Buffers for JavaScript
 homepage:
-license: other
+license: bsd-3-clause
 licenses:
 - sources: LICENSE.md
   text: |

diff --git a/.licenses/npm/json-schema-typed.dep.yml b/.licenses/npm/json-schema-typed.dep.yml
@@ -4,7 +4,7 @@ version: 7.0.3
 type: npm
 summary: JSONSchema TypeScript definitions.
 homepage: https://github.com/typeslick/json-schema-typed
-license: other
+license: bsd-2-clause
 licenses:
 - sources: LICENSE
   text: |+

diff --git a/.licenses/npm/minimist.dep.yml b/.licenses/npm/minimist.dep.yml
@@ -4,7 +4,7 @@ version: 1.2.8
 type: npm
 summary: parse argument options
 homepage: https://github.com/minimistjs/minimist
-license: other
+license: mit
 licenses:
 - sources: LICENSE
   text: |

diff --git a/.licenses/npm/mkdirp-0.5.6.dep.yml b/.licenses/npm/mkdirp-0.5.6.dep.yml
@@ -4,7 +4,7 @@ version: 0.5.6
 type: npm
 summary: Recursively mkdir, like `mkdir -p`
 homepage:
-license: other
+license: mit
 licenses:
 - sources: LICENSE
   text: |

diff --git a/.licenses/npm/mkdirp-1.0.4.dep.yml b/.licenses/npm/mkdirp-1.0.4.dep.yml
@@ -4,7 +4,7 @@ version: 1.0.4
 type: npm
 summary: Recursively mkdir, like `mkdir -p`
 homepage:
-license: other
+license: mit
 licenses:
 - sources: LICENSE
   text: |

diff --git a/.licenses/npm/semver-compare.dep.yml b/.licenses/npm/semver-compare.dep.yml
@@ -4,7 +4,7 @@ version: 1.0.0
 type: npm
 summary: compare two semver version strings, returning -1, 0, or 1
 homepage: https://github.com/substack/semver-compare
-license: other
+license: mit
 licenses:
 - sources: LICENSE
   text: |

diff --git a/.licenses/npm/through.dep.yml b/.licenses/npm/through.dep.yml
@@ -4,7 +4,7 @@ version: 2.3.8
 type: npm
 summary: simplified stream construction
 homepage: https://github.com/dominictarr/through
-license: other
+license: mit
 licenses:
 - sources: LICENSE.APACHE2
   text: |

diff --git a/.licenses/npm/type-fest-0.13.1.dep.yml b/.licenses/npm/type-fest-0.13.1.dep.yml
@@ -4,7 +4,7 @@ version: 0.13.1
 type: npm
 summary: A collection of essential TypeScript types
 homepage:
-license: other
+license: mit
 licenses:
 - sources: license
   text: |

diff --git a/.licenses/npm/type-fest-0.21.3.dep.yml b/.licenses/npm/type-fest-0.21.3.dep.yml
@@ -4,7 +4,7 @@ version: 0.21.3
 type: npm
 summary: A collection of essential TypeScript types
 homepage:
-license: other
+license: mit
 licenses:
 - sources: license
   text: |

diff --git a/.licenses/npm/vscode-oniguruma.dep.yml b/.licenses/npm/vscode-oniguruma.dep.yml
@@ -4,7 +4,7 @@ version: 1.6.1
 type: npm
 summary: VSCode oniguruma bindings
 homepage:
-license: other
+license: mit
 licenses:
 - sources: LICENSE.txt
   text: |

diff --git a/Taskfile.yml b/Taskfile.yml
@@ -17,6 +17,27 @@ tasks:
     deps:
       - task: general:cache-dep-licenses
     cmds:
+      - |
+        MATCHES="$(
+          find \
+            .licenses \
+            -regex '.+\.yml' \
+            -type f \
+            -print0 \
+          | \
+            xargs \
+              --null \
+              go tool \
+                github.com/mikefarah/yq/v4 \
+                  'select(.license == "other") | filename'
+        )"
+        if [[ "$MATCHES" != "" ]]; then
+          printf "%s" "$MATCHES"
+          echo
+          echo "The license cache files above have the license set to 'other'. Please manually define the license type and retry."
+          echo "See: https://github.com/arduino/tooling-project-assets/blob/main/workflow-templates/check-go-dependencies-task.md#unrecognized-licenses"
+          exit 1
+        fi
       - licensed status
 
   general:check-licensed: