The typosquatting Marshall shows duplicate entries
Opened this issue · 0 comments
lirantal commented
Reproduce:
npm install --save ghtml
✔ Supply Chain Security
✔ Checking for known vulnerabilities
✔ Verifying registry signatures for package
✔ Verifying package provenance
✔ Identifying package author...
⚠ Package Health
✖ Checking for typosquatting
✔ Checking availability of a LICENSE
✔ Checking package maturity
⚠ Malware Detection
✔ Checking package for pre/post install scripts
✔ Identifying package repository...
✖ Detecting expired domains for authors account...
✔ Checking package download popularity
Detected possible issues with the following packages:
[ghtml@latest]
- Package name could be a typosquatting attempt for popular package(s): html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html, html
- Unable to resolve domain for maintainer e-mail, could be an expired account: gurgun.day