Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

typosquat: check for prefixes being manipulated like suffixes #7921

Merged
merged 1 commit into from
Jan 12, 2024
Merged

typosquat: check for prefixes being manipulated like suffixes #7921

merged 1 commit into from
Jan 12, 2024

Conversation

LawnGnome
Copy link
Contributor

In #7571, we added checks for crate names that added or removed suffixes from popular crates. This has turned out to be a useful check! (Spoiler alert for the blog post I'm publishing next week.)

@Turbo87 pointed out that this can also apply to prefixes, especially cargo-. This generalises the suffix check to also check prefixes, and adjusts the typomania configuration to add cargo to the list of interesting affixes. For now, the same set of affixes will be used for both, but depending on what we see, a future tweak would be to separate the prefix and suffix lists. Let's see how that pans out.

In terms of implementation, I briefly toyed with making this generic over the prefix/suffix combination to remove the copy/paste code, then was reminded by rust-analyzer that std::str::pattern::Pattern isn't stable. I'd rather duplicate 20 lines than deal with that, so here we are.

@LawnGnome
typosquat: check for prefixes being manipulated like suffixes
997d98d 
In rust-lang#7571, we added checks for crate names that added or removed suffixes
from popular crates. This has turned out to be a useful check! (Spoiler
alert for the blog post I'm publishing next week.)

@Turbo87 pointed out that this can also apply to prefixes, especially
`cargo-`. This generalises the suffix check to also check prefixes, and
adjusts the typomania configuration to add `cargo` to the list of
interesting affixes. For now, the same set of affixes will be used for
both, but depending on what we see, a future tweak would be to separate
the prefix and suffix lists. Let's see how that pans out.

In terms of implementation, I briefly toyed with making this generic
over the prefix/suffix combination to remove the copy/paste code, then
was reminded by rust-analyzer that `std::str::pattern::Pattern` isn't
stable. I'd rather duplicate 20 lines than deal with that, so here we
are.
@LawnGnome LawnGnome added C-enhancement ✨ Category: Adding new behavior or a change to the way an existing feature works A-backend ⚙️ labels Jan 11, 2024
@LawnGnome LawnGnome self-assigned this Jan 11, 2024
Turbo87
Turbo87 approved these changes Jan 12, 2024
View reviewed changes
Copy link
Member

@Turbo87 Turbo87 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@LawnGnome LawnGnome merged commit f64c8d2 into rust-lang:main Jan 12, 2024
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Turbo87 Turbo87 Turbo87 approved these changes

Assignees

@LawnGnome LawnGnome

Labels
A-backend ⚙️ C-enhancement ✨ Category: Adding new behavior or a change to the way an existing feature works
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@LawnGnome @Turbo87