Package Metadata

Author: Oliver Tonnhofer
Email: [email protected]
PyPI: MapProxy
Versions: 74 releases
First release: 10 Mar 2010, 16:31 UTC
Analysed: 05 Jun 2026, 16:14 UTC
Source files: 63 .py files scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableLicense :: OSI Approved :: Apache Software LicenseOperating System :: OS IndependentProgramming Language :: Python :: 3 :: OnlyProgramming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Internet :: Proxy ServersTopic :: Internet :: WWW/HTTP :: WSGI

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows moderate risks due to shell execution capabilities and lacks secure metadata practices, though no direct malicious activities were detected.

High shell risk due to subprocess usage
Insecure metadata links and missing GitHub repository

Per-check LLM notes

Network: Network calls are typical for packages that require external resource access or interaction with servers.
Shell: Executing scripts via subprocess can be risky as it may lead to unintended command execution, suggesting potential for misuse or exploitation.
Obfuscation: The observed patterns appear to be related to image processing and not indicative of malicious obfuscation.
Credentials: No patterns indicating credential harvesting were detected.
Metadata: The package has some minor red flags such as a non-secure link and no associated GitHub repository, but there's no strong evidence of malicious intent.

🔬 Heuristic Checks

⚠ Outbound Network Calls score 6.0

Found 4 network call pattern(s)

address'): sock = socket.create_connection((self.host, self.port),
)) self.req_session = requests.Session() self.db_initialised = False self.app_init_
rl(tile.coord) resp = requests.head(url) if resp.status_code == 404: # alrea
try: resp = requests.post(self.renderd_address, data=json.dumps(message))

⚠ Code Obfuscation score 10.0

Found 6 obfuscation pattern(s)

tile_data = BytesIO(base64.b64decode(doc['_attachments']['tile']['data'])) tile.image
s-1) mask = Image.eval(alpha, lambda a: 255 if a <= 128 else 0) img.pas
mask_channels.append(Image.eval(ch, lambda x: 255 if low_c <= x <= high_c else 0)) # mu
chan = ImageMath.eval( # type: ignore[attr-defined] "conv
ZE = 16 BUNDLEX_V1_HEADER = b'\x03\x00\x00\x00\x10\x00\x00\x00\x00\x40\x00\x00\x05\x00\x00\x00' BUNDLEX_V1_FOOTER_SIZE = 16 BUNDLEX_V1_FOOTER = b'\x00\x00
ZE = 16 BUNDLEX_V1_FOOTER = b'\x00\x00\x00\x00\x10\x00\x00\x00\x10\x00\x00\x00\x00\x00\x00\x00' INT64LE = struct.Struct('<Q') class BundleIndexV1:

⚠ Shell / Subprocess Execution score 2.0

Found 1 shell execution pattern(s)

try: p = subprocess.Popen([self.script], env=environ,

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: omniscale.de

⚠ Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

Non-HTTPS external link: http://mapproxy.github.io/mapproxy/latest/

✓ Git Repository History

No GitHub repository linked

No GitHub repository link found

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Oliver Tonnhofer" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with MapProxy

Create a web-based mini-application using Flask and MapProxy to serve as an efficient proxy for accessing various OpenStreetMap (OSM) tiles. This application will enable users to input specific geographic coordinates or address locations to view maps centered around those points. The goal is to demonstrate the power of MapProxy in accelerating and optimizing the retrieval of map tiles from different sources, thus providing a seamless user experience.

### Core Functionality:
- **User Interface**: Develop a simple, intuitive front-end interface where users can enter their desired location (latitude/longitude or address).
- **Backend Processing**: Utilize Flask to handle HTTP requests and MapProxy to manage the retrieval and caching of OSM tiles efficiently.
- **Map Display**: Implement a mechanism to render the retrieved map tiles into a coherent map image, centered on the specified location.

### Suggested Features:
1. **Auto-Completion for Addresses**: Integrate a feature that suggests possible addresses as the user types, enhancing usability.
2. **Customizable Zoom Levels**: Allow users to specify zoom levels for more precise control over the map's detail.
3. **Multiple Tile Sources**: Configure the application to support multiple tile sources, demonstrating MapProxy's ability to aggregate data from various providers.
4. **Caching Mechanism**: Highlight how MapProxy optimizes performance through its caching capabilities, reducing load times for frequently requested areas.
5. **Error Handling**: Implement robust error handling to manage issues like invalid inputs or failed tile retrievals gracefully.

### Utilizing MapProxy:
- **Configuration File Setup**: Create a configuration file for MapProxy specifying the tile sources and caching strategy.
- **Integration with Flask**: Set up routes in your Flask application to interact with MapProxy, requesting tiles based on user input.
- **Tile Retrieval**: Use MapProxy to fetch tiles from the configured sources, leveraging its caching mechanisms to improve performance.
- **Image Composition**: After receiving tiles from MapProxy, compose them into a single image to display to the user, centered on the queried location.