Package Metadata

Author: —
Email: Apache Software Foundation <[email protected]>
PyPI: apache-airflow-providers-amazon
Python: >=3.10
Versions: 228 releases
First release: 09 Nov 2020, 22:43 UTC
Analysed: 07 Jun 2026, 06:47 UTC
Source files: 61 .py files scanned

Project Links

Bug Tracker Changelog Documentation Mastodon Slack Chat Source Code YouTube

Classifiers

Development Status :: 5 - Production/StableEnvironment :: ConsoleEnvironment :: Web EnvironmentFramework :: Apache AirflowFramework :: Apache Airflow :: ProviderIntended Audience :: DevelopersIntended Audience :: System AdministratorsProgramming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12

🤖 AI Analysis

Final verdict: SAFE

The package appears to be legitimate with low risk indicators. While there is a moderate credential risk due to handling AWS credentials, the overall activities align with expected behaviors for an Amazon provider package.

moderate credential risk
legitimate network interactions

Per-check LLM notes

Network: The network calls are likely for legitimate AWS S3 signing and IDP endpoint interaction, which align with the package's probable functionality.
Shell: No shell execution patterns detected, indicating no immediate risk from this aspect.
Obfuscation: Base64 decoding is commonly used for data serialization and not necessarily indicative of malicious activity.
Credentials: The detection of environment variable checks for AWS credentials suggests potential handling of sensitive information, which needs further review to ensure proper security practices.
Metadata: The package shows some minor red flags but does not indicate high risk of being malicious or part of a supply-chain attack.

📦 Package Quality Overall: Medium (6.2/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

✦ High Documentation 9.0

Well-documented package

Documentation URL: "Documentation" -> https://airflow.apache.org/docs/apache-airflow-providers-ama
3 documentation file(s) (e.g. ec2.py)
Detailed PyPI description (8339 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 7.0

Partial type annotation coverage

Type checker (mypy / pyright / pytype) referenced in project
229 type-annotated function signatures detected in source

✦ High Multiple Contributors 10.0

Active multi-contributor project

46 unique contributor(s) across 100 commits in apache/airflow
Active community — 5 or more distinct contributors

🔬 Heuristic Checks

⚠ Outbound Network Calls score 3.0

Found 2 network call pattern(s)

ems()}, } response = requests.post(f"{signer_url}/v1/aws/s3/sign", headers=signer_headers, json
, idp_url) session = requests.Session() # Configurable Retry when querying the IDP endpoi

⚠ Code Obfuscation score 4.0

Found 2 obfuscation pattern(s)

username, password = base64.b64decode(auth_data["authorizationToken"]).decode("utf-8").split(":")
under the License. __path__ = __import__("pkgutil").extend_path(__path__, __name__) # Licensed to the Apache S

✓ Shell / Subprocess Execution

No shell execution patterns detected

⚠ Credential Harvesting score 2.5

Found 1 credential access pattern(s)

_web_identity_token_file") or os.getenv( "AWS_WEB_IDENTITY_TOKEN_FILE" ) return FileWebId

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: airflow.apache.org>

⚠ Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

Non-HTTPS external link: http://www.apache.org/licenses/LICENSE-2.0

✓ Git Repository History

Repository apache/airflow appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with apache-airflow-providers-amazon

Develop a small but fully-functional application that leverages the 'apache-airflow-providers-amazon' package to automate the process of managing AWS S3 buckets. Your task is to create a Data Pipeline Manager that can perform the following operations:

1. List all S3 buckets within a specific AWS account.
2. Create a new S3 bucket with customizable configurations such as region and encryption settings.
3. Upload files from local storage to a specified S3 bucket.
4. Download files from a specified S3 bucket to local storage.
5. Delete files or entire buckets from AWS S3.

Your application should use Apache Airflow to schedule these tasks at regular intervals or trigger them based on certain conditions (e.g., when a file is added to a local directory).

To achieve this, you will need to set up an Apache Airflow environment and install the 'apache-airflow-providers-amazon' package. This package provides operators and hooks to interact with AWS services, making it easier to integrate S3 operations into your workflow. For each operation mentioned above, you'll write custom DAGs (Directed Acyclic Graphs) using Apache Airflow, which define the sequence and dependencies of the tasks.

Additionally, implement a user-friendly command-line interface (CLI) that allows users to specify which action they want to perform and any necessary parameters, such as the bucket name, file paths, and desired configuration options. The CLI should also handle authentication and authorization to AWS services seamlessly.

The project should include documentation on setting up the environment, running the CLI, and understanding the structure of the DAGs. Ensure that the application is robust, handling exceptions gracefully and providing informative feedback to the user.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (6.2/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue