Package Metadata

Author: —
Email: Apache Software Foundation <[email protected]>
PyPI: apache-superset-extensions-cli
Python: >=3.10
Versions: 6 releases
First release: 28 Aug 2025, 18:36 UTC
Analysed: 07 Jun 2026, 07:50 UTC
Source files: 16 .py files scanned

Project Links

Bug Tracker Changelog Documentation Homepage Repository

Classifiers

Development Status :: 3 - AlphaEnvironment :: ConsoleIntended Audience :: DevelopersOperating System :: OS IndependentProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Topic :: DatabaseTopic :: Scientific/Engineering :: Visualization

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows some potential red flags, particularly regarding incomplete metadata and a non-secure link, which could indicate issues with transparency and maintainership.

Metadata risk due to incomplete maintainer information
Presence of a non-secure link

Per-check LLM notes

Network: No network calls detected, which is normal and expected.
Shell: Shell execution is used to run npm commands for building or validating the environment, which seems aligned with typical build processes for front-end components.
Obfuscation: No obfuscation patterns detected, indicating low risk.
Credentials: No credential harvesting patterns detected, indicating low risk.
Metadata: The package has a non-secure link and the maintainer's information is incomplete.

📦 Package Quality Overall: Medium (7.0/10)

✦ High Test Suite 9.0

Test suite present — 8 test file(s) found

Test runner config found: pyproject.toml
8 test file(s) detected (e.g. test_cli_build.py)

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "Documentation" -> https://superset.apache.org/docs/
Detailed PyPI description (3701 chars)

○ Low Contributing Guide 2.0

No contributing guide or governance files found

No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found

◈ Medium Type Annotations 7.0

Partial type annotation coverage

Type checker (mypy / pyright / pytype) referenced in project
34 type-annotated function signatures detected in source

✦ High Multiple Contributors 10.0

Active multi-contributor project

15 unique contributor(s) across 100 commits in apache/superset
Active community — 5 or more distinct contributors

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

⚠ Shell / Subprocess Execution score 6.0

Found 3 shell execution pattern(s)

1) try: result = subprocess.run( # noqa: S603 ["npm", "-v"], # noqa: S607
validate_npm() res = subprocess.run( # noqa: S603 npm_command, # noqa: S607
sets…", fg="cyan") return subprocess.run( # noqa: S603 ["npm", "run", "build"], # noqa: S60

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: superset.apache.org>

⚠ Suspicious Page Links score 2.0

Found 1 suspicious link(s) on the package page

Non-HTTPS external link: http://www.apache.org/licenses/LICENSE-2.0

✓ Git Repository History

Repository apache/superset appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with apache-superset-extensions-cli

Create a mini-application that allows users to easily manage and deploy custom extensions for Apache Superset using the 'apache-superset-extensions-cli' package. This tool will streamline the process of creating, packaging, and deploying extensions for Apache Superset, making it easier for developers to customize their Superset instances.

The application should include the following features:
1. User-friendly CLI interface to interact with the 'apache-superset-extensions-cli'.
2. Ability to create new extension projects from templates.
3. Support for bundling and packaging extensions into distributable formats.
4. Automated deployment options for uploading extensions directly to a specified Superset instance.
5. Version control integration to track changes in extension projects.
6. Documentation generation for each extension project to help other developers understand its purpose and usage.

Your task is to design and implement this mini-application, ensuring it leverages the core functionalities provided by 'apache-superset-extensions-cli', such as extension creation, bundling, and management. Additionally, provide clear instructions on how to install and use your application, along with examples of how it simplifies the extension development process for Apache Superset.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (7.0/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue