Skip to content

A toolbox to check for typosquatting in package registries

License

Unknown and 2 other licenses found

Licenses found

Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT
CC-BY-4.0
LICENSE-documentation
Notifications You must be signed in to change notification settings

rustfoundation/typomania

typomania

The typomania project is a port to Rust of the excellent typogard, originally by a team led by Matthew Taylor at the University of Kansas and published alongside the Defending Against Package Typosquatting paper, and adapted by Dan Gardner for crates.io specifically.

Rather than being hard coded to a specific registry, this crate provides the same set of primitives that typogard uses to detect potential typosquatting as a reusable library that can be adapted to any registry by implementing the traits provided in this crate.

Features

  • rayon (enabled by default): enables Harness::check, which provides functionality to check many packages in parallel using Rayon.

Examples

Fake registry

A basic example is provided in examples/registry.rs that fakes a registry and then matches packages against it. To see it operate with some packages that generate potential typosquats, try:

cargo run --example registry -- -t abc,foo,foo-2 foo2 abd

crates.io

An example project that uses this crate to analyse a crates.io database dump can be found at typomania-crates.

The Rust Foundation has adopted a Code of Conduct that we expect project participants to adhere to. Please read the full text so that you can understand what actions will and will not be tolerated.

Contributing

See CONTRIBUTING.md.

Licenses

Rust is primarily distributed under the terms of both the MIT license and the Apache License (Version 2.0), with documentation portions covered by the Creative Commons Attribution 4.0 International license..

See LICENSE-APACHE, LICENSE-MIT, LICENSE-documentation, and COPYRIGHT for details.

You can also read more under the Foundation's intellectual property policy.

Other Policies

You can read about other Rust Foundation policies in the footer of the Foundation website.

About

A toolbox to check for typosquatting in package registries

Resources

License

Unknown and 2 other licenses found

Licenses found

Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT
CC-BY-4.0
LICENSE-documentation

Code of conduct

Stars

Watchers

Forks

Packages

No packages published

Languages