aedev-project-manager

v0.3.27 suspicious
5.0
Medium Risk

aedev namespace package portion project_manager: maintain Python projects locally and remotely

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits medium network interaction risk without any signs of malicious activities such as shell execution, obfuscation, or credential harvesting. However, the maintainer's limited package history raises suspicion.

  • Medium network interaction risk
  • Single-package maintainer
Per-check LLM notes
  • Network: The observed network calls suggest the package interacts with external APIs, possibly for authentication and API-based operations, which could indicate data transmission beyond normal package functionality.
  • Shell: No shell execution patterns were detected.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The maintainer has only one package, indicating a new or less active account, which could be suspicious but not conclusive evidence of malice.

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • }/{repo_name}' response = requests.get(url, headers={"Authorization": f"token {token}", "Accept": "
  • oken) try: res = requests.post(api_url, json=payload, headers=headers, timeout=timeout)
  • /repos" res = requests.post(api_url, json=payload, headers=headers, timeout=timeout)
  • if not (empty := requests.get(api_url, **requests_kwargs).json().get('empty', "unset")):
  • ', "unset")): requests.patch(api_url, json={'default_branch': main_branch}, **requests_kw
  • raise Exception("simulating requests.post() exception") with patch('aedev.project_manager.cod
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: gmail.com

Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "AndiEcker" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aedev-project-manager 
Create a fully-functional mini-application called 'ProjectSyncer' that leverages the 'aedev-project-manager' Python package to manage local and remote Python projects seamlessly. Your application should have the following core functionalities:

1. **Project Initialization**: Users should be able to initialize a new project both locally and on a remote server using SSH. The application should handle the creation of directories, setting up a virtual environment, and installing dependencies specified in a requirements.txt file.

2. **Project Synchronization**: Implement a feature that allows users to synchronize their local project changes with the remote version and vice versa. This includes uploading code changes to the remote server and downloading updates from it. Ensure that conflicts are managed gracefully.

3. **Dependency Management**: Provide an interface for adding, removing, and updating dependencies within the project. These operations should be reflected both locally and remotely.

4. **Environment Configuration**: Allow users to configure and switch between different environments (development, testing, production) both locally and remotely. Each environment should have its own set of configurations and dependencies.

5. **Remote Execution**: Enable users to execute Python scripts and commands directly on the remote server through the application.

6. **Logging and Notifications**: Implement logging for all actions performed by the user, including errors and warnings. Additionally, provide notifications when synchronization is complete or if there are any issues during the process.

7. **User Interface**: Develop a simple but intuitive command-line interface (CLI) for interacting with the application. Consider adding basic help and documentation within the CLI itself.

The 'aedev-project-manager' package will be utilized throughout the development of ProjectSyncer. Specifically, it will handle the initialization and management of Python projects locally and remotely. Use its functions to create, update, and delete directories, manage virtual environments, and handle SSH connections to remote servers. The package's capabilities for managing project files and dependencies will be crucial in implementing the synchronization and dependency management features.