@gocortexio/npmgremlinbox-qpl-1-0-inria-2004
v2.1.0
Published
Q Public Licence 1.0 - INRIA 2004 variant
Maintainers
Readme
@gocortexio/npmgremlinbox-qpl-1-0-inria-2004
This is a benign GremlinBox supply chain security simulation package. It performs no malicious action and is safe to install into a development or production build to validate detection tooling.
Purpose
This package implements the SPDX licence identifier QPL-1.0-INRIA-2004 and embeds the full official licence text. It is intended for testing licence detection, licence-policy enforcement, and SPDX compliance checks. A scanner that inspects direct or transitive dependencies should detect this licence.
Installation
npm install @gocortexio/npmgremlinbox-qpl-1-0-inria-2004Usage
const pkg = require('@gocortexio/npmgremlinbox-qpl-1-0-inria-2004');
pkg.getLicenceIdentifier();
pkg.retrieveLicenceContent();
pkg.getPackageMetadata();What it does and does not do
- Does: return its SPDX licence identifier, the full licence text, and package metadata.
- Does not: contact the network, collect data, or run code at install time.
Project
Part of the GremlinBox supply chain security testing project: https://github.com/gocortexio/gremlinbox
Licence
QPL-1.0-INRIA-2004. See the LICENCE file in this package.
