Skip to main content

Starjacking

Package registries rely on self-reported metadata, including information about the source repository. This practice allows malicious package publishers to include metadata that points to a reputable package, a technique known as "starjacking." The name refers to the act of hijacking the reputation (stars) of a legitimate project.

You might think the solution is to ensure only one package exists for each repository. However, several factors complicate the analysis in this area:

  1. Some high-quality projects don't publish metadata, leaving them effectively "unclaimed" in package repository metadata.
  2. Some repositories intentionally produce multiple packages. For example, DefinitelyTyped publishes npm packages for over a thousand TypeScript libraries from a single repository.

Sigstore signatures as formal proof-of-origin represent the long-term direction that offers the most promise of addressing the issue systematically. A prominent element of Stacklok Insight is drawing attention to the presence (or absence) of Sigstore signatures.

How Stacklok Insight detects potential starjacking attempts

Stacklok Insight analyzes the packages in a registry and identifies packages claiming the same source repository. This information is combined with the Stacklok Insight assessment for each package to build a list of same-origin packages that show signs of higher risk. These packages may be attempts at starjacking.