feat(enrichment): typosquat & dependency-confusion analyzer

[nickmopen]

Summary

Adds a REES analyzer (#1501) that flags two supply-chain risks for the dependencies a PR newly adds — the heavy/external name analysis the no-checkout claude --print reviewer cannot do. Additive + fail-safe: it fills its own typosquat findings key and degrades independently like every other analyzer.

Detects (unscoped names only)

• Typosquat — a newly-added unscoped dep whose name is a near-miss of a bundled popular package:
  • homoglyph / separator variant (canonical-form match, e.g. l0dash, lo-dash → lodash),
  • distance-1 Damerau-Levenshtein edit (e.g. expres → express), with a short-name guard and a known-legitimate near-neighbour allowlist (e.g. preact is not flagged as a near-miss of react). Pure + offline.
• Dependency-confusion — an unscoped name that returns a definitive 404 on the public registry is publicly claimable (namespace-takeover). Transient/unknown registry states fail safe (no finding).

Scope note — scoped packages are intentionally not analyzed. An npm scope is namespace-protected (it cannot be published to without owning it), so a popular tail under any scope — @types/react, @chakra-ui/react, @acme/express — is not claimable impersonation. There is no offline source of truth that distinguishes a legitimate scoped package from a hypothetical malicious one, so classifying scoped names would only manufacture false positives. The analyzer therefore restricts to the unscoped flat namespace, which is the real typosquat/confusion surface. (This deliberately narrows the issue's "scope-swap" idea to keep the analyzer precise.)

Implementation (established review-enrichment/ pattern)

1. TyposquatFinding type + typosquat? key in src/types.ts
2. src/analyzers/typosquat.ts — pure helpers (damerauLevenshtein, canonicalize, classifyTyposquat, isPublished) + scanTyposquat(req, fetch, opts); reuses extractDependencyChanges to read added (not bumped) deps
3. Registered in the src/brief.ts ANALYZERS registry
4. Public-safe block in src/render.ts (renders package@version + reason only — never manifest contents)
5. node:test units in a separate test/typosquat.test.ts (avoids colliding with concurrent analyzer PRs on enrichment.test.ts)

Validation

From review-enrichment/ (Node 24):

npm test   # build + node --test: 132 pass / 0 fail

Covers edit-distance/transposition/bounded early-exit, homoglyph + separator canonicalization, short-name guard, known-legit exemption, scoped-name non-classification (incl. @chakra-ui/react), registry 404/200/5xx/throw/abort, version-bump-ignored, scoped-name skipped, fail-safe, and the rendered public-safe block.

Closes #1501

[gittensory-orb]

Tip

🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩

✅ Gittensory review — safe to merge

5 files · 1 AI reviewer · no blockers · readiness 55/100 · CI green · clean

✅ Approved — safe to merge

Review summary
The change adds a new enrichment analyzer for newly added dependency names, wires it into the analyzer registry, extends the structured finding type, and renders the resulting typosquat/confusion findings. The implementation is mostly coherent and fail-safe: scoped packages are explicitly excluded before near-miss and registry checks, registry uncertainty returns no finding, and the new tests cover the main pure and scan paths. The notable rough edge is documentation/test coverage around limits and stale wording, not a must-fix correctness break in the shown code.

Signal	Result	Evidence
Code review	✅ No blockers	1 reviewer
Linked issue	✅ Linked	#1501
Related work	⚠️ 3 scoped overlaps	Top overlaps are listed below; lower-confidence bulk is hidden.
Review load	❌ 8/20	Readiness component derived from cached public PR metadata and labels; size label size:L.
Validation evidence	❌ 5/25	Cached preflight status is hold.
Open PR queue	❌ 3/10	15 open PR(s), 9 likely reviewable, 6 unlinked.
Contributor context	✅ Confirmed Gittensor contributor	nickmopen; Gittensor profile; 50 PR(s), 1 issue(s).
Gate result	✅ Passing	No configured blocker found.

Nits — 6 non-blocking

• nit: review-enrichment/src/analyzers/typosquat.ts:2 still says the analyzer detects `scope-swap`, but review-enrichment/src/analyzers/typosquat.ts:113 intentionally returns `null` for every scoped name, so the file header should be changed to match the implemented contract.
• nit: review-enrichment/test/typosquat.test.ts does not exercise the `maxDeps` or `maxConfusionQueries` limit branches in review-enrichment/src/analyzers/typosquat.ts:170-171 and review-enrichment/src/analyzers/typosquat.ts:193, which are part of the new analyzer behavior.
• nit: review-enrichment/src/render.ts:226 appends `item.reason` directly into the prompt text; today those reasons are internally generated, but keeping rendered analyzer strings consistently escaped would make this path harder to misuse later.
• Update the analyzer header in review-enrichment/src/analyzers/typosquat.ts:1-4 to remove `scope-swap` and state the same unscoped-only scope used by `classifyTyposquat`.
• Add focused tests in review-enrichment/test/typosquat.test.ts for `limits.maxDeps` and `limits.maxConfusionQueries`, including the skipped-query path after the cap is reached.
• Readiness score is below the configured threshold — Use the readiness panel as advisory maintainer context; the score does not block this PR.

Review context

• Author: nickmopen
• Role context: outside_contributor
• Public audience mode: oss maintainer
• Lane context: Repository registration is not available in the local Gittensory cache.
• Public profile languages: not available
• Official Gittensor activity: 50 PR(s), 1 issue(s).
• Related work: Items reference the same linked issue feat(enrichment): Typosquat & dependency-confusion detector #1501. (issue #1501)
• Related work: Open PR work references issue feat(enrichment): Typosquat & dependency-confusion detector #1501. (issue #1501)
• Related work: Titles/paths share 6 meaningful terms. (issue #1501, issue #1505)
• Additional title-only matches omitted; title-only overlap does not block.

Contributor next steps

• Review top overlaps.
• Add scope summary.
• Fix blocker.
• Expect slower review.
• Refresh registry data or choose a registered active repo.
• Check active issues and PRs before submitting.

Signal definitions

• Related work = same linked issue, overlapping active PRs, or title/path similarity.
• Review load = cached public PR metadata such as size labels, changed paths, and preflight status.
• Open PR queue = repo-wide review pressure; it is not a PR quality failure.
• Contributor context = public GitHub/Gittensor identity context; non-Gittensor status is not a blocker.

Review details

Generated from public PR metadata and the diff. Advisory only; deterministic signals remain authoritative.

The change adds a new enrichment analyzer for newly added dependency names, wires it into the analyzer registry, extends the structured finding type, and renders the resulting typosquat/confusion findings. The implementation is mostly coherent and fail-safe: scoped packages are explicitly excluded before near-miss and registry checks, registry uncertainty returns no finding, and the new tests cover the main pure and scan paths. The notable rough edge is documentation/test coverage around limits and stale wording, not a must-fix correctness break in the shown code.

Nits (5)

• nit: review-enrichment/src/analyzers/typosquat.ts:2 still says the analyzer detects `scope-swap`, but review-enrichment/src/analyzers/typosquat.ts:113 intentionally returns `null` for every scoped name, so the file header should be changed to match the implemented contract.
• nit: review-enrichment/test/typosquat.test.ts does not exercise the `maxDeps` or `maxConfusionQueries` limit branches in review-enrichment/src/analyzers/typosquat.ts:170-171 and review-enrichment/src/analyzers/typosquat.ts:193, which are part of the new analyzer behavior.
• nit: review-enrichment/src/render.ts:226 appends `item.reason` directly into the prompt text; today those reasons are internally generated, but keeping rendered analyzer strings consistently escaped would make this path harder to misuse later.
• Update the analyzer header in review-enrichment/src/analyzers/typosquat.ts:1-4 to remove `scope-swap` and state the same unscoped-only scope used by `classifyTyposquat`.
• Add focused tests in review-enrichment/test/typosquat.test.ts for `limits.maxDeps` and `limits.maxConfusionQueries`, including the skipped-query path after the cap is reached.

_{🟩 Safe / merged · 🟦 Advisory · 🟨 Held for review · 🟥 Blocked / closed}

---

💰 Earn for open-source contributions like this. Gittensor lets GitHub contributors earn for the work they already do — register to start earning →.

Checked by Gittensory, a quiet PR intelligence layer for OSS maintainers.

• Re-run Gittensory review