als-finder

v1.1.1 safe
3.0
Low Risk

A high-performance, cloud-native CLI engine for discovering and parsing raw LiDAR point cloud metadata.

🤖 AI Analysis

Final verdict: SAFE

The package appears safe based on the analysis notes, showing no signs of malicious activities or obfuscation. However, the low community engagement and single-package maintainer status suggest a need for caution in terms of long-term support and security updates.

  • Low risk scores in all categories except metadata.
  • Single-package maintainer with low community engagement.
Per-check LLM notes
  • Network: The network calls appear to be fetching necessary resources or data required for the package's functionality.
  • Shell: The shell executions seem to be related to running PDAL commands, likely for processing spatial data, which is consistent with the package's probable purpose.
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The maintainer has only one package and the repository lacks community engagement, indicating potential lack of maintenance or scrutiny.

📦 Package Quality Overall: Medium (5.6/10)

✦ High Test Suite 9.0

Test suite present — 3 test file(s) found

  • 3 test file(s) detected (e.g. test_noaa_fast_stac.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (47448 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 7.0

Partial type annotation coverage

  • Type checker (mypy / pyright / pytype) referenced in project
  • 30 type-annotated function signatures detected in source
◈ Medium Multiple Contributors 5.0

Limited contributor diversity

  • 1 unique contributor(s) across 100 commits in cms-2024-hudak/als-finder
  • Single author but highly active (100 commits)

🔬 Heuristic Checks

Outbound Network Calls score 9.0

Found 6 network call pattern(s)

  • (url): try: req = urllib.request.Request(url, headers={'User-Agent': 'Mozilla/5.0'})
  • '}) return json.loads(urllib.request.urlopen(req, timeout=5).read().decode()) except:
  • AATableParser() with urllib.request.urlopen(url) as response: # Read the whole index (it
  • _idx.zip" urllib.request.urlretrieve(tile_idx_url, zip_path)
  • ept_resp = requests.get(url, timeout=5) if ept_resp.status_code
  • Chunking with requests.get(source, stream=True) as r: r.raise_for_s
Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • t subprocess try: subprocess.run(['pdal', '--version'], capture_output=True, check=True)
  • ry: res = subprocess.run(['pdal', 'info', '--metadata', str(probe_file.absolute())],
  • try: subprocess.run( ['pdal', 'tindex', 'create', str(raw_in
  • m_index_path.unlink() subprocess.run(['pdal', 'tindex', 'create', str(interim_index_path), '-f',
  • y natively. res = subprocess.run( ['pdal', 'info', '--boundary', str(laz_file
  • me} natively...") subprocess.run(['pdal', 'pipeline', '-s'], input=pdal_json.encode('utf-8'),
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: unr.edu

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Jonathan Greenberg" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with als-finder 
Create a mini-application named 'LiDARViewer' that leverages the 'als-finder' Python package to provide users with a simple yet powerful tool for exploring raw LiDAR point cloud data. This application should enable users to upload their own LiDAR datasets, discover metadata such as the number of points, spatial extent, and timestamp information, and visualize basic statistics about the dataset.

Steps to create the application:
1. Set up a basic Python environment with Flask for the web interface and integrate 'als-finder' as a dependency.
2. Develop a user-friendly web interface where users can upload their LiDAR files.
3. Implement a backend function using 'als-finder' to parse uploaded LiDAR files and extract metadata.
4. Display the extracted metadata in a structured format on the web interface.
5. Add functionality to visualize basic statistics (e.g., point density distribution over the spatial extent).
6. Ensure the application handles errors gracefully and provides meaningful feedback to the user.
7. Deploy the application on a cloud service like AWS or Heroku for easy access.

Suggested Features:
- Upload functionality with file type validation for LiDAR data formats.
- Metadata display including number of points, bounding box coordinates, and time range.
- Basic visualization of point cloud data, focusing on a heatmap of point density.
- Error handling and informative messages for unsupported file types or parsing issues.
- User authentication and session management for saving user preferences and datasets.

How 'als-finder' is Utilized:
- Use 'als-finder' to process uploaded LiDAR files and extract essential metadata quickly and efficiently.
- Leverage 'als-finder's ability to work with raw LiDAR data to support a wide range of file formats and ensure compatibility with various datasets.
- Employ 'als-finder' to enhance the performance of your application by offloading complex data processing tasks.