Benchmark package for testing SCA and repository firewall behavior. v1.0.0 is safe and prints "Hello World".
npm install supplychain-firewall-benchmark-helloA benign benchmark package to evaluate how SCA tools and repository firewalls behave with a clean baseline.
``bash`
npx supplychain-firewall-benchmark-helloor, after installing globally
scfbh
Hello world from supplychain-firewall-benchmark-hello v1.0.0. First version is just a happy and clean package :D
Versions
v1.0.0 is safe and side-effect-free.
Later versions may include controlled test artifacts (EICAR test file, obfuscated install hook) for research purposes.v1.10.0 includes an EICAR test file. This may trigger some AV alarms.
v1.10.1 pushes a small update to the entrypoint with suspicious obfuscated code.
v1.10.2 expands the obfuscated code execution to