Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Beware typo-squatting: Package with name all lowercase was malware #7

Open
RPCMoritz opened this issue Jun 21, 2022 · 4 comments
Open

Beware typo-squatting: Package with name all lowercase was malware #7

RPCMoritz opened this issue Jun 21, 2022 · 4 comments

Comments

@RPCMoritz
Copy link

RPCMoritz commented Jun 21, 2022
edited
Loading

See this GHSA
My brief look at the code/npm repo indicate nothing overly untoward, there is no public discussion regarding this issue - yet it's being listed with a fairly stark warning.

Does anyone have any insights what's going on here?
@RPCMoritz
Copy link
Author

I've added it to this thread of likely similar issues.

@RPCMoritz
Copy link
Author

Okay, looks like classic typo-squatting - camelCase matters.

@Fonger
Copy link

Fonger commented Jun 21, 2022

Thanks for the clarification.
Maybe you can keep this issue open so others can rest assured if it's a false postivie

@RPCMoritz RPCMoritz changed the title Package listed as containing malware Beware typo-squatting: Package with name all lowercase was malware Jun 21, 2022
@RPCMoritz
Copy link
Author

I've reworded it a bit, so the information is more accessible.

@RPCMoritz RPCMoritz reopened this Jun 21, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Fonger @RPCMoritz