#typosquatting #typogard #typosquat

typomania

A toolbox to check for typosquatting in package registries

3 releases

0.1.2 Nov 10, 2023
0.1.1 Oct 13, 2023
0.1.0 Sep 27, 2023
Download history 16/week @ 2024-06-01 36/week @ 2024-06-08 30/week @ 2024-06-15 30/week @ 2024-06-22 10/week @ 2024-06-29 13/week @ 2024-07-06 21/week @ 2024-07-13 37/week @ 2024-07-20 40/week @ 2024-07-27 39/week @ 2024-08-03 24/week @ 2024-08-10 12/week @ 2024-08-17 18/week @ 2024-08-24 33/week @ 2024-08-31 17/week @ 2024-09-07 16/week @ 2024-09-14

85 downloads per month

MIT/Apache

38KB
788 lines

typomania

The typomania project is a port to Rust of the excellent typogard, originally by a team led by Matthew Taylor at the University of Kansas and published alongside the Defending Against Package Typosquatting paper, and adapted by Dan Gardner for crates.io specifically.

Rather than being hard coded to a specific registry, this crate provides the same set of primitives that typogard uses to detect potential typosquatting as a reusable library that can be adapted to any registry by implementing the traits provided in this crate.

Features

  • rayon (enabled by default): enables Harness::check, which provides functionality to check many packages in parallel using Rayon.

Examples

Fake registry

A basic example is provided in examples/registry.rs that fakes a registry and then matches packages against it. To see it operate with some packages that generate potential typosquats, try:

cargo run --example registry -- -t abc,foo,foo-2 foo2 abd

crates.io

An example project that uses this crate to analyse a crates.io database dump can be found at typomania-crates.

Code of Conduct

The Rust Foundation has adopted a Code of Conduct that we expect project participants to adhere to. Please read the full text so that you can understand what actions will and will not be tolerated.

Contributing

See CONTRIBUTING.md.

Licenses

Rust is primarily distributed under the terms of both the MIT license and the Apache License (Version 2.0), with documentation portions covered by the Creative Commons Attribution 4.0 International license..

See LICENSE-APACHE, LICENSE-MIT, LICENSE-documentation, and COPYRIGHT for details.

You can also read more under the Foundation's intellectual property policy.

Other Policies

You can read about other Rust Foundation policies in the footer of the Foundation website.

Dependencies

~2.1–2.9MB
~56K SLoC