ansible-el-compat

v0.1.6 safe
3.0
Low Risk

Ansible collection carlijoy.compat — backport of ansible.builtin.dnf for EL8 + ansible-core >= 2.17 via /usr/libexec/platform-python

🤖 AI Analysis

Final verdict: SAFE

The package poses minimal risk due to its low obfuscation and credential risks, and there is no clear evidence of malicious intent. However, it has a moderate metadata risk score due to limited maintainer history and low repository activity.

  • Low obfuscation and credential risks
  • Moderate metadata risk due to lack of maintainer history and low activity
Per-check LLM notes
  • Obfuscation: No obfuscation patterns detected, indicating low risk.
  • Credentials: No credential harvesting patterns detected, indicating low risk.
  • Metadata: The package shows some red flags such as lack of maintainer history and low repository activity, but no clear signs of malice.

📦 Package Quality Overall: Medium (5.0/10)

✦ High Test Suite 9.0

Test suite present — 3 test file(s) found

  • Test runner config found: conftest.py
  • Test runner config found: pyproject.toml
  • 3 test file(s) detected (e.g. conftest.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (6940 chars)
○ Low Contributing Guide 4.0

No contributing guide or governance files found

  • Development Status classifier >= Beta
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 25 type-annotated function signatures detected in source
○ Low Multiple Contributors 2.0

Single-author or unverifiable project

  • 1 unique contributor(s) across 10 commits in CarliJoy/ansible-el-compat
  • Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • ey_dir / "id_ed25519.pub" subprocess.run( [ "ssh-keygen", "-t",
  • ns the image tag. """ subprocess.run( [ "docker", "buildx",
  • a crashed previous run). subprocess.run(["docker", "rm", "-f", container_name], capture_output=True)
  • sort_keys=False)) return subprocess.run( [ "ansible-playbook", "-i",
  • / _DNF_BUNDLE_SCRIPT subprocess.run(["uv", "run", str(script)], check=True, cwd=self.root)
  • stall ansible-core") subprocess.run( [ ansible_galaxy,
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: users.noreply.github.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History score 2.5

Git history flags: Repository has zero stars and zero forks

  • Repository has zero stars and zero forks
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with ansible-el-compat 
Create a mini-application called 'ELManager' that leverages the 'ansible-el-compat' package to manage software packages on Red Hat Enterprise Linux (RHEL) 8 and CentOS Stream 8 systems using Ansible playbooks. This application will provide a simple command-line interface (CLI) for users to install, update, and remove packages on their RHEL/CentOS 8 systems, ensuring compatibility with Ansible-core versions greater than 2.17.

Step 1: Set up the development environment by installing Python, pip, and the 'ansible-el-compat' package. Additionally, ensure you have access to a RHEL 8 or CentOS Stream 8 system to test your application.

Step 2: Design the structure of the 'ELManager' application. It should include a main module that handles user input and calls specific functions based on the commands provided. These functions will interact with the 'ansible-el-compat' package to execute tasks such as installing, updating, and removing packages.

Step 3: Implement the functionality to install packages. Use the 'carlijoy.compat.dnf' module from the 'ansible-el-compat' package to create a playbook that installs specified packages on the target system. Ensure that the playbook can be executed from within the application.

Step 4: Add the ability to update packages. Utilize the 'carlijoy.compat.dnf' module to create another playbook that updates all installed packages or a specified set of packages. The application should allow users to specify which packages they want to update.

Step 5: Incorporate a feature to remove packages. Using the 'carlijoy.compat.dnf' module, design a playbook that removes specified packages from the system. Ensure that the removal process is safe and does not cause system instability.

Step 6: Enhance the application by adding error handling and validation checks. For instance, validate if the specified package exists before attempting to install or remove it. Also, handle potential errors that might occur during the execution of the playbooks.

Step 7: Create a user-friendly CLI for the 'ELManager' application. The CLI should display a menu with options for installing, updating, and removing packages, along with an option to exit the application. Use argparse or similar libraries to parse command-line arguments effectively.

Step 8: Test the 'ELManager' application thoroughly. Verify that each function works correctly and that the application behaves as expected under various scenarios. Pay special attention to edge cases and unexpected inputs.

Suggested Features:
- Option to display a list of all installed packages on the system.
- Support for specifying multiple packages at once for installation, update, and removal operations.
- Ability to save playbooks for future use or reference.
- Logging of actions performed by the application for auditing purposes.