Class: GemGuard::TyposquatChecker

Inherits:

Object

• Object
• GemGuard::TyposquatChecker

Defined in:

lib/gem_guard/typosquat_checker.rb

Constant Summary

POPULAR_GEMS_CACHE_TTL =

1 hour

3600

SIMILARITY_THRESHOLD =

0.8

MIN_POPULAR_GEM_DOWNLOADS =

1_000_000

Instance Method Summary

• #check_dependencies(dependencies) ⇒ Object
• #initialize ⇒ TyposquatChecker constructor

  A new instance of TyposquatChecker.

Constructor Details

#initialize ⇒ TyposquatChecker

Returns a new instance of TyposquatChecker.

# File 'lib/gem_guard/typosquat_checker.rb', line 11

def initialize
  @popular_gems_cache = nil
  @cache_timestamp = nil
end

Instance Method Details

#check_dependencies(dependencies) ⇒ Object

# File 'lib/gem_guard/typosquat_checker.rb', line 16

def check_dependencies(dependencies)
  suspicious_gems = []
  popular_gems = fetch_popular_gems

  dependencies.each do |dependency|
    suspicious_match = find_suspicious_match(dependency.name, popular_gems)
    if suspicious_match
      suspicious_gems << {
        gem_name: dependency.name,
        version: dependency.version,
        suspected_target: suspicious_match[:name],
        similarity_score: suspicious_match[:similarity],
        target_downloads: suspicious_match[:downloads],
        risk_level: calculate_risk_level(suspicious_match[:similarity])
      }
    end
  end

  suspicious_gems
end