typosquatting 0.5.1 → 0.5.2
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/CHANGELOG.md +4 -0
- data/lib/typosquatting/cli.rb +14 -4
- data/lib/typosquatting/lookup.rb +8 -1
- data/lib/typosquatting/version.rb +1 -1
- metadata +1 -1
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: ff5dc5582c8ebad3ac16a8b50049ad6cdd7548f997b30bda99c142b7e1d963c6
|
|
4
|
+
data.tar.gz: 6fdf68f18de9969b03882d792eefd7f202c10805b9537bb6a836d6a7801afb74
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 2bd2c78dfb4e8cf2f24215dba5c9b0530fdce251fa792e3879263f41116ea635170b7d90b90edf3fd80f488a6691369abbf4c7836131b1e991c363aa64a5c8a5
|
|
7
|
+
data.tar.gz: 9e14b81b0c28192820544920b2d135d6f3f6209ced87ef7ca2f8b02079d1d11f9632931d9464a95bb27d27a013a6b0c0fbe31e6c94c1caa03a77e86e41439ebf
|
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,9 @@
|
|
|
1
1
|
## [Unreleased]
|
|
2
2
|
|
|
3
|
+
## [0.5.2] - 2026-01-06
|
|
4
|
+
|
|
5
|
+
- Exclude removed/unpublished packages from typosquat detection (fixes false positives for reserved names)
|
|
6
|
+
|
|
3
7
|
## [0.5.1] - 2026-01-04
|
|
4
8
|
|
|
5
9
|
- Filter duplicate packages in SBOM checking to avoid redundant results and API calls
|
data/lib/typosquatting/cli.rb
CHANGED
|
@@ -291,22 +291,24 @@ module Typosquatting
|
|
|
291
291
|
case options[:format]
|
|
292
292
|
when "json"
|
|
293
293
|
data = results.map do |r|
|
|
294
|
-
{
|
|
294
|
+
hash = {
|
|
295
295
|
name: r[:variant].name,
|
|
296
296
|
algorithm: r[:variant].algorithm,
|
|
297
297
|
exists: r[:result].exists?,
|
|
298
298
|
registries: r[:result].registries
|
|
299
299
|
}
|
|
300
|
+
hash[:status] = r[:result].status if r[:result].status
|
|
301
|
+
hash
|
|
300
302
|
end
|
|
301
303
|
puts JSON.pretty_generate(data)
|
|
302
304
|
when "csv"
|
|
303
|
-
puts "name,algorithm,exists,registries"
|
|
305
|
+
puts "name,algorithm,exists,status,registries"
|
|
304
306
|
results.each do |r|
|
|
305
|
-
puts "#{r[:variant].name},#{r[:variant].algorithm},#{r[:result].exists?},\"#{r[:result].registries.join("; ")}\""
|
|
307
|
+
puts "#{r[:variant].name},#{r[:variant].algorithm},#{r[:result].exists?},#{r[:result].status},\"#{r[:result].registries.join("; ")}\""
|
|
306
308
|
end
|
|
307
309
|
else
|
|
308
310
|
results.each do |r|
|
|
309
|
-
status = r[:result]
|
|
311
|
+
status = format_status(r[:result])
|
|
310
312
|
if options[:verbose]
|
|
311
313
|
puts "#{r[:variant].name} (#{r[:variant].algorithm}) - #{status}"
|
|
312
314
|
puts " registries: #{r[:result].registries.join(", ")}" if r[:result].exists?
|
|
@@ -321,6 +323,14 @@ module Typosquatting
|
|
|
321
323
|
end
|
|
322
324
|
end
|
|
323
325
|
|
|
326
|
+
def format_status(result)
|
|
327
|
+
return result.status.upcase if result.status == "removed"
|
|
328
|
+
return "available" unless result.exists?
|
|
329
|
+
return result.status.upcase if result.status
|
|
330
|
+
|
|
331
|
+
"EXISTS"
|
|
332
|
+
end
|
|
333
|
+
|
|
324
334
|
def output_confusion_results(results, options)
|
|
325
335
|
case options[:format]
|
|
326
336
|
when "json"
|
data/lib/typosquatting/lookup.rb
CHANGED
|
@@ -200,7 +200,13 @@ module Typosquatting
|
|
|
200
200
|
|
|
201
201
|
Result = Struct.new(:name, :purl, :packages, :ecosystem, keyword_init: true) do
|
|
202
202
|
def exists?
|
|
203
|
-
|
|
203
|
+
return false if packages.empty?
|
|
204
|
+
|
|
205
|
+
status != "removed"
|
|
206
|
+
end
|
|
207
|
+
|
|
208
|
+
def status
|
|
209
|
+
packages.map { |p| p["status"] }.compact.first
|
|
204
210
|
end
|
|
205
211
|
|
|
206
212
|
def registries
|
|
@@ -212,6 +218,7 @@ module Typosquatting
|
|
|
212
218
|
name: name,
|
|
213
219
|
purl: purl,
|
|
214
220
|
exists: exists?,
|
|
221
|
+
status: status,
|
|
215
222
|
registries: registries,
|
|
216
223
|
packages: packages
|
|
217
224
|
}
|