@gocortexio/npmgremlinbox-agpl-3-0-only
v2.1.0
Published
GNU Affero General Public Licence version 3.0 only
Maintainers
Readme
@gocortexio/npmgremlinbox-agpl-3-0-only
This is a benign GremlinBox supply chain security simulation package. It performs no malicious action and is safe to install into a development or production build to validate detection tooling.
Purpose
This package implements the SPDX licence identifier AGPL-3.0-only and embeds the full official licence text. It is intended for testing licence detection, licence-policy enforcement, and SPDX compliance checks. A scanner that inspects direct or transitive dependencies should detect this licence.
Installation
npm install @gocortexio/npmgremlinbox-agpl-3-0-onlyUsage
const pkg = require('@gocortexio/npmgremlinbox-agpl-3-0-only');
pkg.getLicenceIdentifier();
pkg.retrieveLicenceContent();
pkg.getPackageMetadata();What it does and does not do
- Does: return its SPDX licence identifier, the full licence text, and package metadata.
- Does not: contact the network, collect data, or run code at install time.
Project
Part of the GremlinBox supply chain security testing project: https://github.com/gocortexio/gremlinbox
Licence
AGPL-3.0-only. See the LICENCE file in this package.
