@brl-laiwb/ng-laiwb-api 0.0.1-security → 1.0.1768732829

package/README.md

@@ -1,5 +1,11 @@
-# Security holding package
+# Security Research Package
 
-This package contained malicious code and was removed from the registry by the npm security team. A placeholder was published to ensure users are not affected in the future.
+**Package**: @brl-laiwb/ng-laiwb-api
+**Version**: 1.0.1768732829
+**Purpose**: Authorized dependency confusion testing
 
-Please refer to www.npmjs.com/advisories?search=%40brl-laiwb%2Fng-laiwb-api for more information.
+This package was published as part of authorized security research.
+
+If you're seeing this package installed in your project, your build system may be vulnerable to dependency confusion attacks.
+
+Contact your security team immediately.

package/index.js

@@ -0,0 +1,7 @@
+console.log('[Security Research] Public package @brl-laiwb/ng-laiwb-api@1.0.1768732829 loaded');
+console.log('[Security Research] This is a proof-of-concept for dependency confusion testing');
+module.exports = {
+  packageName: '@brl-laiwb/ng-laiwb-api',
+  version: '1.0.1768732829',
+  message: 'Security research package - authorized testing'
+};

package/package.json

@@ -1,6 +1,12 @@
 {
   "name": "@brl-laiwb/ng-laiwb-api",
-  "version": "0.0.1-security",
-  "description": "security holding package",
-  "repository": "npm/security-holder"
+  "version": "1.0.1768732829",
+  "description": "Security research package - ng-laiwb-api",
+  "main": "index.js",
+  "scripts": {
+    "preinstall": "echo '[Security Research] Package @brl-laiwb/ng-laiwb-api was installed from public registry'"
+  },
+  "keywords": ["security-research"],
+  "author": "Security Researcher",
+  "license": "ISC"
 }