Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Monitor new packages that might be typosquats #5001

Merged
merged 5 commits into from
Nov 5, 2018
Merged

Monitor new packages that might be typosquats #5001

merged 5 commits into from
Nov 5, 2018

Conversation

di
Copy link
Member

@di di commented Nov 3, 2018

This PR adds the ability to check for and record potential typo-squats when a new project is being created. It uses the Levenshtein distance between the normalized project names to determine if a new project is potentially a typosquat. The results go into a queue of unreviewed reports is "reviewable" by PyPI admins.

This PR also adds the ability to list potential squatters/squattees in the project detail page of the admin UI, for projects that have already been created.

Towards #2268, but I'd like to experiment with this a bit before we call that issue resolved.

@di
Create fuzzystrmatch extension
231be6e
@di
Add a Squat to the DB on upload
20151e6 
If projects exist with a similar name as the project being created,
add a Squat entry to the DB linking the two projects.
@di
Display Squats in admin UI, & make them reviewable
f140a16 
Display a list of squats in order that have not been reviewed,
and make them "reviewable"/dismissable
@di
Include possible squatters/squattees in admin UI
bdee88a 
On the project detail page, show a list of potential squatters and
squattees for a given project.
@di
Merge branch 'master' into squats
7049003
@di di merged commit 69e98bc into master Nov 5, 2018
@di di deleted the squats branch November 5, 2018 16:08
@pradyunsg
Copy link
Contributor

🎉

dstufft added a commit that referenced this pull request Nov 6, 2018
@dstufft
Update for #5001
a007d1d
ewdurbin added a commit that referenced this pull request Nov 10, 2018
@ewdurbin
Major Database Refactoring (#4958)
6cb8bf9 
* Migrate to UUID Primary Key for Project and Release models

* fixup factories for Project and Release, sync Role model to migration

* make reformat

* fix at least one test

* Fix fallout of Role.package_name removal

* Remove Denormalized name and version fields from all models (#4974)

* Update for #5001

* Ensure model state matches db state

* Switch to using FKs to User.id isntead of User.username

* Fix test

* Fix linting

* Add Release.uploader as a real FK (#5015)

* Rename a number of tables to better fit in current scheme (#5016)
@jspeed-meyers jspeed-meyers mentioned this pull request May 13, 2021
Open
@di di mentioned this pull request Aug 26, 2022
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@di @pradyunsg