PyPi
A generic, spec-compliant, thorough implementation of the OAuth request-signing logic
| Public repositories of contributors | 7,830 |
| Followers of contributors | 25,000 |
| Repository forks | 486 |
| Open issues | 82 |
| Repository watchers | 64 |
| Number of contributors | 182 |
| Repository stars | 2,830 |
Package has a historical provenance match, confirming its source of origin.
Typosquatting is the risk of installing a malicious package that uses a name similar to a legitimate one.
Starjacking can mislead users into trusting a package, hiding malicious code behind inflated popularity.