@gocortexio/npmgremlinbox-tapr-ohl-1-0 2.1.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (4) hide show
  1. package/LICENCE +266 -0
  2. package/README.md +37 -0
  3. package/index.js +23 -0
  4. package/package.json +28 -0
package/LICENCE ADDED
@@ -0,0 +1,266 @@
1
+ The TAPR Open Hardware License
2
+ Version 1.0 (May 25, 2007)
3
+ Copyright 2007 TAPR - http://www.tapr.org/OHL
4
+
5
+ PREAMBLE
6
+
7
+ Open Hardware is a thing - a physical artifact, either electrical or
8
+ mechanical - whose design information is available to, and usable by,
9
+ the public in a way that allows anyone to make, modify, distribute, and
10
+ use that thing. In this preface, design information is called
11
+ "documentation" and things created from it are called "products."
12
+
13
+ The TAPR Open Hardware License ("OHL") agreement provides a legal
14
+ framework for Open Hardware projects. It may be used for any kind of
15
+ product, be it a hammer or a computer motherboard, and is TAPR's
16
+ contribution to the community; anyone may use the OHL for their Open
17
+ Hardware project.
18
+
19
+ Like the GNU General Public License, the OHL is designed to guarantee
20
+ your freedom to share and to create. It forbids anyone who receives
21
+ rights under the OHL to deny any other licensee those same rights to
22
+ copy, modify, and distribute documentation, and to make, use and
23
+ distribute products based on that documentation.
24
+
25
+ Unlike the GPL, the OHL is not primarily a copyright license. While
26
+ copyright protects documentation from unauthorized copying, modification,
27
+ and distribution, it has little to do with your right to make, distribute,
28
+ or use a product based on that documentation. For better or worse, patents
29
+ play a significant role in those activities. Although it does not prohibit
30
+ anyone from patenting inventions embodied in an Open Hardware design, and
31
+ of course cannot prevent a third party from enforcing their patent rights,
32
+ those who benefit from an OHL design may not bring lawsuits claiming that
33
+ design infringes their patents or other intellectual property.
34
+
35
+ The OHL addresses unique issues involved in the creation of tangible,
36
+ physical things, but does not cover software, firmware, or code loaded
37
+ into programmable devices. A copyright-oriented license such as the GPL
38
+ better suits these creations.
39
+
40
+ How can you use the OHL, or a design based upon it? While the terms and
41
+ conditions below take precedence over this preamble, here is a summary:
42
+
43
+ * You may modify the documentation and make products based upon it.
44
+
45
+ * You may use products for any legal purpose without limitation.
46
+
47
+ * You may distribute unmodified documentation, but you must include the
48
+ complete package as you received it.
49
+
50
+ * You may distribute products you make to third parties, if you either
51
+ include the documentation on which the product is based, or make it
52
+ available without charge for at least three years to anyone who requests
53
+ it.
54
+
55
+ * You may distribute modified documentation or products based on it, if
56
+ you:
57
+ * License your modifications under the OHL.
58
+ * Include those modifications, following the requirements stated
59
+ below.
60
+ * Attempt to send the modified documentation by email to any of the
61
+ developers who have provided their email address. This is a good
62
+ faith obligation - if the email fails, you need do nothing more
63
+ and may go on with your distribution.
64
+
65
+ * If you create a design that you want to license under the OHL, you
66
+ should:
67
+ * Include this document in a file named LICENSE (with the appropriate
68
+ extension) that is included in the documentation package.
69
+ * If the file format allows, include a notice like "Licensed under
70
+ the TAPR Open Hardware License (www.tapr.org/OHL)" in each
71
+ documentation file. While not required, you should also include
72
+ this notice on printed circuit board artwork and the product
73
+ itself; if space is limited the notice can be shortened or
74
+ abbreviated.
75
+ * Include a copyright notice in each file and on printed circuit
76
+ board artwork.
77
+ * If you wish to be notified of modifications that others may make,
78
+ include your email address in a file named "CONTRIB.TXT" or
79
+ something similar.
80
+
81
+ * Any time the OHL requires you to make documentation available to
82
+ others, you must include all the materials you received from the
83
+ upstream licensors. In addition, if you have modified the
84
+ documentation:
85
+ * You must identify the modifications in a text file (preferably
86
+ named "CHANGES.TXT") that you include with the documentation.
87
+ That file must also include a statement like "These modifications
88
+ are licensed under the TAPR Open Hardware License."
89
+ * You must include any new files you created, including any
90
+ manufacturing files (such as Gerber files) you create in the
91
+ course of making products.
92
+ * You must include both "before" and "after" versions of all files
93
+ you modified.
94
+ * You may include files in proprietary formats, but you must also
95
+ include open format versions (such as Gerber, ASCII, Postscript,
96
+ or PDF) if your tools can create them.
97
+
98
+ TERMS AND CONDITIONS
99
+
100
+ 1. Introduction
101
+ 1.1 This Agreement governs how you may use, copy, modify, and
102
+ distribute Documentation, and how you may make, have made, and
103
+ distribute Products based on that Documentation. As used in this
104
+ Agreement, to "distribute" Documentation means to directly or indirectly
105
+ make copies available to a third party, and to "distribute" Products
106
+ means to directly or indirectly give, loan, sell or otherwise transfer
107
+ them to a third party.
108
+
109
+ 1.2 "Documentation" includes:
110
+ (a) schematic diagrams;
111
+ (b) circuit or circuit board layouts, including Gerber and other
112
+ data files used for manufacture;
113
+ (c) mechanical drawings, including CAD, CAM, and other data files
114
+ used for manufacture;
115
+ (d) flow charts and descriptive text; and
116
+ (e) other explanatory material.
117
+ Documentation may be in any tangible or intangible form of expression,
118
+ including but not limited to computer files in open or proprietary
119
+ formats and representations on paper, film, or other media.
120
+
121
+ 1.3 "Products" include:
122
+ (a) circuit boards, mechanical assemblies, and other physical parts
123
+ and components;
124
+ (b) assembled or partially assembled units (including components
125
+ and subassemblies); and
126
+ (c) parts and components combined into kits intended for assembly
127
+ by others;
128
+ which are based in whole or in part on the Documentation.
129
+
130
+ 1.4 This Agreement applies to any Documentation which contains a
131
+ notice stating it is subject to the TAPR Open Hardware License, and to
132
+ all Products based in whole or in part on that Documentation. If
133
+ Documentation is distributed in an archive (such as a "zip" file) which
134
+ includes this document, all files in that archive are subject to this
135
+ Agreement unless they are specifically excluded. Each person who
136
+ contributes content to the Documentation is referred to in this
137
+ Agreement as a "Licensor."
138
+
139
+ 1.5 By (a) using, copying, modifying, or distributing the
140
+ Documentation, or (b) making or having Products made or distributing
141
+ them, you accept this Agreement, agree to comply with its terms, and
142
+ become a "Licensee." Any activity inconsistent with this Agreement will
143
+ automatically terminate your rights under it (including the immunities
144
+ from suit granted in Section 2), but the rights of others who have
145
+ received Documentation, or have obtained Products, directly or
146
+ indirectly from you will not be affected so long as they fully comply
147
+ with it themselves.
148
+
149
+ 1.6 This Agreement does not apply to software, firmware, or code
150
+ loaded into programmable devices which may be used in conjunction with
151
+ Documentation or Products. Such software is subject to the license
152
+ terms established by its copyright holder(s).
153
+
154
+ 2. Patents
155
+ 2.1 Each Licensor grants you, every other Licensee, and every
156
+ possessor or user of Products a perpetual, worldwide, and royalty-free
157
+ immunity from suit under any patent, patent application, or other
158
+ intellectual property right which he or she controls, to the extent
159
+ necessary to make, have made, possess, use, and distribute Products.
160
+ This immunity does not extend to infringement arising from modifications
161
+ subsequently made by others.
162
+
163
+ 2.2 If you make or have Products made, or distribute Documentation
164
+ that you have modified, you grant every Licensor, every other Licensee,
165
+ and every possessor or user of Products a perpetual, worldwide, and
166
+ royalty-free immunity from suit under any patent, patent application, or
167
+ other intellectual property right which you control, to the extent
168
+ necessary to make, have made, possess, use, and distribute Products.
169
+ This immunity does not extend to infringement arising from modifications
170
+ subsequently made by others.
171
+
172
+ 2.3 To avoid doubt, providing Documentation to a third party for the
173
+ sole purpose of having that party make Products on your behalf is not
174
+ considered "distribution,"\" and a third party's act of making Products
175
+ solely on your behalf does not cause that party to grant the immunity
176
+ described in the preceding paragraph.
177
+
178
+ 2.4 These grants of immunity are a material part of this Agreement,
179
+ and form a portion of the consideration given by each party to the
180
+ other. If any court judgment or legal agreement prevents you from
181
+ granting the immunity required by this Section, your rights under this
182
+ Agreement will terminate and you may no longer use, copy, modify or
183
+ distribute the Documentation, or make, have made, or distribute
184
+ Products.
185
+
186
+ 3. Modifications
187
+ You may modify the Documentation, and those modifications will become
188
+ part of the Documentation. They are subject to this Agreement, as are
189
+ Products based in whole or in part on them. If you distribute the
190
+ modified Documentation, or Products based in whole or in part upon it,
191
+ you must email the modified Documentation in a form compliant with
192
+ Section 4 to each Licensor who has provided an email address with the
193
+ Documentation. Attempting to send the email completes your obligations
194
+ under this Section and you need take no further action if any address
195
+ fails.
196
+
197
+ 4. Distributing Documentation
198
+ 4.1 You may distribute unmodified copies of the Documentation in its
199
+ entirety in any medium, provided that you retain all copyright and other
200
+ notices (including references to this Agreement) included by each
201
+ Licensor, and include an unaltered copy of this Agreement.
202
+ 4.2 You may distribute modified copies of the Documentation if you
203
+ comply with all the requirements of the preceding paragraph and:
204
+ (a) include a prominent notice in an ASCII or other open format
205
+ file identifying those elements of the Documentation that you
206
+ changed, and stating that the modifications are licensed under
207
+ the terms of this Agreement;
208
+ (b) include all new documentation files that you create, as well as
209
+ both the original and modified versions of each file you change
210
+ (files may be in your development tool's native file format,
211
+ but if reasonably possible, you must also include open format,
212
+ such as Gerber, ASCII, Postscript, or PDF, versions);
213
+ (c) do not change the terms of this Agreement with respect to
214
+ subsequent licensees; and
215
+ (d) if you make or have Products made, include in the Documentation
216
+ all elements reasonably required to permit others to make
217
+ Products, including Gerber, CAD/CAM and other files used for
218
+ manufacture.
219
+
220
+ 5. Making Products
221
+ 5.1 You may use the Documentation to make or have Products made,
222
+ provided that each Product retains any notices included by the Licensor
223
+ (including, but not limited to, copyright notices on circuit boards).
224
+ 5.2 You may distribute Products you make or have made, provided that
225
+ you include with each unit a copy of the Documentation in a form
226
+ consistent with Section 4. Alternatively, you may include either (i) an
227
+ offer valid for at least three years to provide that Documentation, at
228
+ no charge other than the reasonable cost of media and postage, to any
229
+ person who requests it; or (ii) a URL where that Documentation may be
230
+ downloaded, available for at least three years after you last distribute
231
+ the Product.
232
+
233
+ 6. NEW LICENSE VERSIONS
234
+ TAPR may publish updated versions of the OHL which retain the same
235
+ general provisions as the present version, but differ in detail to
236
+ address new problems or concerns, and carry a distinguishing version
237
+ number. If the Documentation specifies a version number which applies
238
+ to it and "any later version", you may choose either that version or any
239
+ later version published by TAPR. If the Documentation does not specify
240
+ a version number, you may choose any version ever published by TAPR.
241
+ TAPR owns the copyright to the OHL, but grants permission to any person
242
+ to copy, distribute, and use it in unmodified form.
243
+
244
+ 7. WARRANTY AND LIABILITY LIMITATIONS
245
+ 7.1 THE DOCUMENTATION IS PROVIDED ON AN"AS-IS" BASIS WITHOUT
246
+ WARRANTY OF ANY KIND, TO THE EXTENT PERMITTED BY APPLICABLE LAW. ALL
247
+ WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY
248
+ WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND
249
+ TITLE, ARE HEREBY EXPRESSLY DISCLAIMED.
250
+ 7.2 IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW WILL ANY LICENSOR
251
+ BE LIABLE TO YOU OR ANY THIRD PARTY FOR ANY DIRECT, INDIRECT,
252
+ INCIDENTAL, CONSEQUENTIAL, PUNITIVE, OR EXEMPLARY DAMAGES ARISING OUT OF
253
+ THE USE OF, OR INABILITY TO USE, THE DOCUMENTATION OR PRODUCTS,
254
+ INCLUDING BUT NOT LIMITED TO CLAIMS OF INTELLECTUAL PROPERTY
255
+ INFRINGEMENT OR LOSS OF DATA, EVEN IF THAT PARTY HAS BEEN ADVISED OF THE
256
+ POSSIBILITY OF SUCH DAMAGES.
257
+ 7.3 You agree that the foregoing limitations are reasonable due to
258
+ the non-financial nature of the transaction represented by this
259
+ Agreement, and acknowledge that were it not for these limitations, the
260
+ Licensor(s) would not be willing to make the Documentation available to
261
+ you.
262
+ 7.4 You agree to defend, indemnify, and hold each Licensor harmless
263
+ from any claim brought by a third party alleging any defect in the
264
+ design, manufacture, or operation of any Product which you make, have
265
+ made, or distribute pursuant to this Agreement.
266
+ ####
package/README.md ADDED
@@ -0,0 +1,37 @@
1
+ <!-- SPDX-License-Identifier: TAPR-OHL-1.0 -->
2
+ <!-- SPDX-FileCopyrightText: 2025 GremlinBox Maintainer <simon@sigre.xyz> -->
3
+
4
+ # @gocortexio/npmgremlinbox-tapr-ohl-1-0
5
+
6
+ This is a benign GremlinBox supply chain security simulation package. It performs no malicious action and is safe to install into a development or production build to validate detection tooling.
7
+
8
+ ## Purpose
9
+
10
+ This package implements the SPDX licence identifier TAPR-OHL-1.0 and embeds the full official licence text. It is intended for testing licence detection, licence-policy enforcement, and SPDX compliance checks. A scanner that inspects direct or transitive dependencies should detect this licence.
11
+
12
+ ## Installation
13
+
14
+ npm install @gocortexio/npmgremlinbox-tapr-ohl-1-0
15
+
16
+ ## Usage
17
+
18
+ ```javascript
19
+ const pkg = require('@gocortexio/npmgremlinbox-tapr-ohl-1-0');
20
+
21
+ pkg.getLicenceIdentifier();
22
+ pkg.retrieveLicenceContent();
23
+ pkg.getPackageMetadata();
24
+ ```
25
+
26
+ ## What it does and does not do
27
+
28
+ - Does: return its SPDX licence identifier, the full licence text, and package metadata.
29
+ - Does not: contact the network, collect data, or run code at install time.
30
+
31
+ ## Project
32
+
33
+ Part of the GremlinBox supply chain security testing project: https://github.com/gocortexio/gremlinbox
34
+
35
+ ## Licence
36
+
37
+ TAPR-OHL-1.0. See the LICENCE file in this package.
package/index.js ADDED
@@ -0,0 +1,23 @@
1
+ // SPDX-License-Identifier: TAPR-OHL-1.0
2
+ // SPDX-FileCopyrightText: 2025 GremlinBox Maintainer <simon@sigre.xyz>
3
+
4
+ 'use strict';
5
+ const fs = require('fs');
6
+ const path = require('path');
7
+
8
+ const LICENCE_IDENTIFIER = 'TAPR-OHL-1.0';
9
+ const PACKAGE_NAME = '@gocortexio/npmgremlinbox-tapr-ohl-1-0';
10
+ const VERSION = '2.1.0';
11
+
12
+ function getLicenceIdentifier() { return LICENCE_IDENTIFIER; }
13
+
14
+ function retrieveLicenceContent() {
15
+ try { return fs.readFileSync(path.join(__dirname, 'LICENCE'), 'utf8'); }
16
+ catch (e) { return 'Error: LICENCE file not found'; }
17
+ }
18
+
19
+ function getPackageMetadata() {
20
+ return { package_name: PACKAGE_NAME, version: VERSION, licence: LICENCE_IDENTIFIER, spdx_licence_id: LICENCE_IDENTIFIER };
21
+ }
22
+
23
+ module.exports = { getLicenceIdentifier, retrieveLicenceContent, getPackageMetadata };
package/package.json ADDED
@@ -0,0 +1,28 @@
1
+ {
2
+ "name": "@gocortexio/npmgremlinbox-tapr-ohl-1-0",
3
+ "version": "2.1.0",
4
+ "description": "TAPR Open Hardware Licence v1.0",
5
+ "main": "index.js",
6
+ "license": "TAPR-OHL-1.0",
7
+ "author": "GremlinBox Maintainer <simon@sigre.xyz>",
8
+ "homepage": "https://github.com/gocortexio/gremlinbox",
9
+ "keywords": [
10
+ "security",
11
+ "testing",
12
+ "licence",
13
+ "spdx",
14
+ "supply-chain"
15
+ ],
16
+ "engines": {
17
+ "node": ">=14.0.0"
18
+ },
19
+ "files": [
20
+ "index.js",
21
+ "LICENCE",
22
+ "README.md"
23
+ ],
24
+ "repository": {
25
+ "type": "git",
26
+ "url": "https://github.com/gocortexio/gremlinbox"
27
+ }
28
+ }