[Docs] package impersonation at https://pypi.org/project/modular-ai/ - Githubissues

modularml / max

A collection of sample programs, notebooks, and tools which highlight the power of the MAX Platform

https://www.modular.com

Other

314 stars 41 forks source link

[Docs] package impersonation at https://pypi.org/project/modular-ai/ #224

Open guidorice opened 1 week ago

guidorice commented 1 week ago

Where is the problem?

https://pypi.org/project/modular-ai/

What can we do better?

There appears to be someone squatting here: https://pypi.org/project/modular-ai/

The package "modular-ai" on PyPI appears to be an example of what's often called "package impersonation" or "brand impersonation" in the context of software repositories. This is similar to typosquatting, but instead of using a misspelled name, it's using a name that seems official or related to a known brand or project. (claude)

Maybe PyPi has a reconciliation process for project names?

Anything else?

No response

ehsanmok commented 1 week ago

Thank you very much for reporting! we are looking into it.