PoC schedule-based malware check #7199

woodruffw · 2020-01-07T19:54:05Z

Like #7198, we'll need a schedule-based malware check for proofing.

The current proposal: a scheduled check for complete turnovers (i.e., no original or previous maintainers/role-holders remaining) in package ownership, graded against other suspicious indicators (IPs not previously seen for the package and/or its maintainers, new maintainers(s) are not in the community of any the the previous maintainers beyond a fixed window).

See #7096.

xmunoz · 2020-01-07T20:01:04Z

This might be too complicated for v1, but I think the idea behind sourcerank is really interesting:
https://libraries.io/pypi/requests

A high score combined with complete turnovers might be an interesting signal.

woodruffw · 2020-02-11T19:58:08Z

Merged; will close when this hits master.

woodruffw self-assigned this Jan 7, 2020

woodruffw added the malware-detection Issues related to automated malware detection. label Jan 7, 2020

woodruffw added this to the Package signing & detection/verification milestone Jan 7, 2020

woodruffw mentioned this issue Jan 7, 2020

Implement event-based and schedule-based malware checks #7096

Closed

woodruffw mentioned this issue Jan 30, 2020

malware/checks: PackageTurnover skeleton #7321

Merged

xmunoz closed this as completed Feb 18, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

PoC schedule-based malware check #7199

PoC schedule-based malware check #7199

woodruffw commented Jan 7, 2020

xmunoz commented Jan 7, 2020

woodruffw commented Feb 11, 2020

PoC schedule-based malware check #7199

PoC schedule-based malware check #7199

Comments

woodruffw commented Jan 7, 2020

xmunoz commented Jan 7, 2020

woodruffw commented Feb 11, 2020