Mr. Glass
Chris John Riley 
Installs/Popularity of OSS libraries is not a good signal for trust. Typosquatting common PyPi packages using various methods.
- PyPi Popularity based on stars ⭐
- Copies stars from the GitHub repo you supply
- Code you supply doesn't need to come from this repo however!
One of several options available.