Skip to content

feat: Improve NPM download parameters and provide computed version #376

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
sdn4z wants to merge 1 commit into from
Closed

feat: Improve NPM download parameters and provide computed version #376

sdn4z wants to merge 1 commit into from

Conversation

@sdn4z
Copy link
Collaborator

@sdn4z sdn4z commented Oct 29, 2025
edited
Loading

This PR:

  • improves the downloading method of the NPM packages, since we were getting some errors (mostly timeouts) that were causing the download to fail.
  • Provides a new version of the top npm packages (npm_formatted.json), that will speed up the process of comparing typosquats on namespaces (refs Tweak thresholds for typosquat detection #97)

@github-actions github-actions bot added feature and removed feature labels Oct 29, 2025
@sdn4z
Copy link
Collaborator Author

sdn4z commented Oct 29, 2025

/lgtm review

github-actions[bot]
github-actions bot reviewed Oct 29, 2025
View reviewed changes
Copy link
Contributor

@github-actions github-actions bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🦉 lgtm Review

Score: Nitpicks 🤓

🔍 Summary

This PR is a solid improvement. The refactoring of the package download script using Pydantic data classes is a great step towards more maintainable and structured code. The changes to improve the reliability of the NPM package download process are also well-justified and correctly implemented.

However, I've found a critical path issue in the GitHub workflow that needs to be fixed. I've also included a couple of suggestions to improve code quality regarding logging and dependency management.

Once these changes are addressed, the PR should be in great shape.

More information
  • Id: c446d6a3aa444d31b22f8931c0d9738e
  • Model: gemini-2.5-pro
  • Created at: 2025-10-29T13:34:37.391967+00:00
Usage summary
  • Request count: 2
  • Request tokens: 234,909
  • Response tokens: 15,131
  • Total tokens: 250,040

See the 📚 lgtm-ai repository for more information about lgtm.

@github-actions github-actions bot added feature and removed feature labels Oct 29, 2025
@sdn4z sdn4z marked this pull request as ready for review October 29, 2025 13:42
@sdn4z sdn4z requested a review from scastlara as a code owner October 29, 2025 13:42
@sdn4z sdn4z marked this pull request as draft October 29, 2025 13:46
@sdn4z sdn4z closed this Oct 30, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] left review comments

@scastlara scastlara Awaiting requested review from scastlara scastlara is a code owner

Assignees

No one assigned

Labels

feature

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@sdn4z