| ▲ | Hackbraten 10 hours ago | |||||||
Checking the README for similarity to other packages can cause false positives for benign, legitimate forks. | ||||||||
| ▲ | maxbond 10 hours ago | parent [-] | |||||||
Sure, I'm not saying those projects should be automatically deleted or something. Just that it's worth looking into. Maybe you put a message on the package's page notifying potential users and put it into a moderation queue. Maybe a volunteer takes a look at it, and if they find something, they hit the "report malware" button. Maybe you ask for confirmation if they try to add such a package on the command line. Just spit balling. | ||||||||
| ||||||||