PuLP

v3.3.2 safe
4.0
Medium Risk

PuLP is an LP modeler written in python. PuLP can generate MPS or LP files and call GLPK, COIN CLP/CBC, CPLEX, and GUROBI to solve linear problems.

πŸ€– AI Analysis

Final verdict: SAFE

PuLP v3.3.2 is deemed safe based on low risks across network, shell, obfuscation, and credential handling. The metadata risk slightly elevates concern due to non-secure links and single-authorship, but there's no evidence of malicious activity.

  • No network calls
  • Legitimate use of shell execution for solver commands
  • Transparent code without obfuscation
  • No credential harvesting
Per-check LLM notes
  • Network: No network calls detected, which is normal and expected.
  • Shell: Shell execution is used to run external commands like 'sed' and 'cbc', likely for solving linear programming problems as PuLP does not natively support all solvers. This is potentially legitimate but requires further investigation into the specific use cases.
  • Obfuscation: No obfuscation patterns detected, suggesting normal and transparent code.
  • Credentials: No credential harvesting patterns detected, indicating safe handling of user information.
  • Metadata: The presence of non-secure links and a single-package author suggests potential risks, but no strong indicators of malicious intent.

πŸ”¬ Heuristic Checks

βœ“ Outbound Network Calls

No suspicious network call patterns found

βœ“ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • , "w") return_code = subprocess.call(cmd, stdout=pipe, stderr=pipe, shell=True) if retur
  • sed-ignore] cbc = subprocess.Popen( args, stdout=pipe, stderr=pipe, stdin=devnu
  • else: cbc = subprocess.Popen(args, stdout=pipe, stderr=pipe, stdin=devnull) if cb
  • s.devnull, "w") rc = subprocess.call(solvecmds, shell=True, stdout=msgpipe, stderr=msgpipe)
  • self.msg: cplex = subprocess.Popen( self.path, stdin=subprocess
  • else: cplex = subprocess.Popen(self.path, stdin=subprocess.PIPE) cplex_cmds = "read
βœ“ Credential Harvesting

No credential harvesting patterns detected

⚠ Typosquatting score 3.0

Possible typosquat of: pip

  • "PuLP" is 2 edit(s) from "pip"
βœ“ Registered Email Domain

Email domain looks legitimate: gmail.com>

⚠ Suspicious Page Links score 8.0

Found 4 suspicious link(s) on the package page

  • Non-HTTPS external link: http://www.gnu.org/software/glpk/glpk.html
  • Non-HTTPS external link: http://www.cplex.com/
  • Non-HTTPS external link: http://www.gurobi.com/
  • Non-HTTPS external link: http://mipcl-cpp.appspot.com/
βœ“ Git Repository History

Repository coin-or/pulp appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "J.S. Roy" appears to have only 1 package on PyPI (new or inactive account)
βœ“ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

πŸ’‘ AI App Starter Prompt

Use this prompt to build a project with PuLP 
Create a Python-based mini-application that helps users optimize their daily schedules by minimizing stress and maximizing productivity using the PuLP package. This application will take into account various factors such as the time required for each activity, the level of stress associated with each activity, and user preferences for breaks and leisure activities. Here’s a step-by-step guide on how to implement this application:

1. **Define the Problem**: Explain that the goal is to create a schedule that minimizes total stress while ensuring all necessary tasks are completed within a given day.
2. **Input Gathering**: Develop a user-friendly interface (or command-line input) where users can input their daily activities including start times, end times, stress levels, and any constraints like mandatory breaks or preferred leisure activities.
3. **Model Formulation**: Use PuLP to formulate the optimization problem. Define decision variables representing whether each activity is included in the schedule, and constraints such as no overlapping activities and minimum break requirements. The objective function should aim to minimize the sum of stress levels across all selected activities.
4. **Solver Integration**: Utilize PuLP’s capabilities to call an appropriate solver (e.g., CBC) to find the optimal solution to the formulated problem.
5. **Output Presentation**: Display the optimized schedule back to the user in a readable format, showing the order of activities, total stress level, and any adjustments made to meet constraints.
6. **Additional Features**:
   - Allow users to set different weights for stress reduction versus productivity increase.
   - Implement a feature to suggest alternative schedules if the initial one is not feasible or satisfactory.
   - Include a graphical representation of the schedule using matplotlib or similar visualization libraries.
7. **Testing and Validation**: Ensure the application works correctly under various scenarios by testing it with predefined sets of activities and comparing the results with expected outcomes.
8. **Documentation**: Provide comprehensive documentation explaining how to install dependencies, run the application, and interpret the output.

This project will demonstrate how linear programming can be applied to real-world scheduling problems, showcasing the power and flexibility of the PuLP library.