Hacker News new | past | comments | ask | show | jobs | submit login

Or someone needs to approve suspiciously named packages.

How do you determine what is a suspicious package without reviewing every new package by hand?

You could base it off edit distance with all the other packages. If the distance is too close, then it needs manual approval.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact