When a developer opens a pull request, scan the for typosquats (i.e. package names that are actually typos) and warn the developer with a comment.