Starjacking
Package registries rely on self-reported metadata, including information about the source repository. This practice allows malicious package publishers to include metadata that points to a reputable package, a technique known as "starjacking." The name refers to the act of hijacking the reputation (stars) of a legitimate project.
You might think the solution is to ensure only one package exists for each repository. However, several factors complicate the analysis in this area:
- Some high-quality projects don't publish metadata, leaving them effectively "unclaimed" in package repository metadata.
- Some repositories intentionally produce multiple packages. For example, DefinitelyTyped publishes npm packages for over a thousand TypeScript libraries from a single repository.
Sigstore signatures as formal proof-of-origin represent the long-term direction that offers the most promise of addressing the issue systematically. A prominent element of Trusty is drawing attention to the presence (or absence) of Sigstore signatures.
How Trusty detects potential starjacking attempts
Trusty analyzes the packages in a registry and identifies packages claiming the same source repository. This information is combined with the Trusty assessment for each package to build a list of same-origin packages that show signs of higher risk. These packages may be attempts at starjacking.