-
Notifications
You must be signed in to change notification settings - Fork 49
OSS Find Squats
Gabe Stocco edited this page Jun 4, 2021
·
1 revision
Identifies potential typo-squatting for a given package.
USAGE:
Find Squat Candidates for the Given Packages:
oss-find-squats --format text [options] package-urls...
-o, --output-file (Default: ) send the command output to a file instead of stdout
-f, --format (Default: text) selct the output format(text|sarifv1|sarifv2)
-q, --quiet (Default: false) Suppress console output.
-s, --sleep-delay (Default: 0) Number of ms to sleep between checks.
--help Display this help screen.
--version Display version information.
The package-url specifier is described at https://github.com/package-url/purl-spec:
pkg:cargo/rand The latest version of Rand (via crates.io)
pkg:cocoapods/AFNetworking The latest version of AFNetworking (via cocoapods.org)
pkg:composer/Smarty/Smarty The latest version of Smarty (via Composer/ Packagist)
pkg:cpan/Apache-ACEProxy The latest version of Apache::ACEProxy (via cpan.org)
pkg:cran/ACNE@0.8.0 Version 0.8.0 of ACNE (via cran.r-project.org)
pkg:gem/rubytree@* All versions of RubyTree (via rubygems.org)
pkg:golang/sigs.k8s.io/yaml The latest version of sigs.k8s.io/yaml (via proxy.golang.org)
pkg:github/Microsoft/DevSkim The latest release of DevSkim (via GitHub)
pkg:hackage/a50@* All versions of a50 (via hackage.haskell.org)
pkg:maven/org.apdplat/deep-qa The latest version of org.apdplat.deep-qa (via repo1.maven.org)
pkg:npm/express The latest version of Express (via npm.org)
pkg:nuget/Newtonsoft.JSON The latest version of Newtonsoft.JSON (via nuget.org)
pkg:pypi/django@1.11.1 Version 1.11.1 fo Django (via pypi.org)
pkg:ubuntu/zerofree The latest version of zerofree from Ubuntu (via packages.ubuntu.com)
pkg:vsm/MLNET/07 The latest version of MLNET.07 (from marketplace.visualstudio.com)
pkg:url/foo@1.0?url=<URL> The direct URL <URL>