Typosquatting?

Marcin Biegun's Avatar

Marcin Biegun

03 Jul, 2014 06:25 PM

I've installed gem "bunlder" by accident. It contains only an empty skeleton for a gem, but it's a potential scam that could wipe out the local files or something. It was installed by 3000 times in last 2 weeks.

I think it should be removed. Do RubyGems have a policy for typosquatting?

https://rubygems.org/gems/bunlder

  1. Support Staff 1 Posted by Evan Phoenix on 22 Aug, 2014 06:03 PM

    Evan Phoenix's Avatar

    The gem in question is an empty shell gem but it does not contain an malicious code. Typo squatting is not something that is easily resolved because it has many meanings. For now, there is no issue with this gem.

  2. Evan Phoenix closed this discussion on 22 Aug, 2014 06:03 PM.

Comments are currently closed for this discussion. You can start a new one.

Keyboard shortcuts

Generic

? Show this help
ESC Blurs the current field

Comment Form

r Focus the comment reply box
^ + ↩ Submit the comment

You can use Command ⌘ instead of Control ^ on Mac

Recent Discussions

30 Oct, 2014 04:34 PM
30 Oct, 2014 02:46 PM
28 Oct, 2014 09:51 AM
23 Oct, 2014 05:37 PM
21 Oct, 2014 10:47 AM