@gocortexio/npmgremlinbox-lgpl-2-1
v2.1.0
Published
GNU Lesser General Public Licence version 2.1
Maintainers
Readme
@gocortexio/npmgremlinbox-lgpl-2-1
This is a benign GremlinBox supply chain security simulation package. It performs no malicious action and is safe to install into a development or production build to validate detection tooling.
Purpose
This package implements the SPDX licence identifier LGPL-2.1 and embeds the full official licence text. It is intended for testing licence detection, licence-policy enforcement, and SPDX compliance checks. A scanner that inspects direct or transitive dependencies should detect this licence.
Installation
npm install @gocortexio/npmgremlinbox-lgpl-2-1Usage
const pkg = require('@gocortexio/npmgremlinbox-lgpl-2-1');
pkg.getLicenceIdentifier();
pkg.retrieveLicenceContent();
pkg.getPackageMetadata();What it does and does not do
- Does: return its SPDX licence identifier, the full licence text, and package metadata.
- Does not: contact the network, collect data, or run code at install time.
Project
Part of the GremlinBox supply chain security testing project: https://github.com/gocortexio/gremlinbox
Licence
LGPL-2.1. See the LICENCE file in this package.
