Feature Description
Detect packages that look like typos of popular packages:
npm install lodahs # typo of lodash
npm install axois # typo of axios
Implementation Ideas
- Levenshtein distance to popular packages
- Maintain list of top 1000 npm/pypi packages
- Warn if name is within edit distance 2
Difficulty: Medium
Priority: Medium
Found in security audit 2024-01-06
Feature Description
Detect packages that look like typos of popular packages:
Implementation Ideas
Difficulty: Medium
Priority: Medium
Found in security audit 2024-01-06