{ "_comment": "Known legitimate packages that trigger false positive typosquatting alerts due to short names or Levenshtein proximity to top packages. Normalized: lowercase, hyphens. Extended in v7.0.0 with short-named legit packages observed flagged against top-200 (knip vs knex, oxlint vs eslint, tsx vs nx, etc.).", "npm": [ "ms", "acorn", "levn", "lie", "jsesc", "jiti", "bidi-js", "@babel/core", "preact", "esbuild", "tslib", "nanoid", "picocolors", "lru-cache", "deep-is", "flat-cache", "keyv", "punycode", "escalade", "fdir", "knip", "oxlint", "tsx", "nx", "rimraf", "glob", "tar", "zod", "ky", "ow", "esm", "ip", "qs", "url", "prettier", "vitest", "vite", "rollup", "swc", "turbo", "bun", "deno" ], "pypi": [ "six", "pip", "pytz", "toml", "idna", "attrs", "boto", "jedi", "uv", "ruff", "rich", "typer", "anyio" ] }