Metadata-Version: 2.4
Name: semgrep-malware-demo-safe-wrapper
Version: 0.0.1
Summary: DEMO ONLY — innocent-looking package that pulls in semgrep-malware-demo-aws-cred-read transitively.
Project-URL: Homepage, https://github.com/semgrep/malware-proxy-rules
Project-URL: Source, https://github.com/semgrep/malware-proxy-rules/tree/main/demos/python-aws-cred-read
Author: Semgrep malware-proxy-rules demo
License: MIT
Keywords: demo,do-not-use,fixture,semgrep
Classifier: Development Status :: 7 - Inactive
Classifier: Intended Audience :: Developers
Classifier: License :: OSI Approved :: MIT License
Classifier: Programming Language :: Python :: 3
Classifier: Topic :: Software Development :: Testing
Requires-Python: >=3.8
Requires-Dist: semgrep-malware-demo-aws-cred-read==0.0.1
Description-Content-Type: text/markdown

# semgrep-malware-demo-safe-wrapper

**⚠️ DEMO PACKAGE — DO NOT USE IN PRODUCTION ⚠️**

A deliberately innocent-looking package whose own source code contains
nothing suspicious — but which declares
[`semgrep-malware-demo-aws-cred-read`](https://pypi.org/project/semgrep-malware-demo-aws-cred-read/)
as a runtime dependency.

The point: scanning this package's source alone is clean. Resolving its
dependency tree surfaces the demo "malware" transitively. Used to
demonstrate why dependency-aware scanning matters.

This package does nothing useful. Do not install it for any real purpose.
