archaeologist

v0.9.2 safe
2.0
Low Risk

Find and auto-delete dead code across 9 languages — with git intelligence and auto PR

🤖 AI Analysis

Final verdict: SAFE

The package appears safe based on the low risk scores for network and shell activities. The only concern is the limited metadata about the author, which might indicate a lack of transparency.

  • No network calls detected.
  • Git commands used for benign purposes.
  • Sparse author information.
Per-check LLM notes
  • Network: No network calls detected.
  • Shell: Git commands used for version control purposes, no signs of malicious shell execution.
  • Metadata: The author's information is sparse, indicating potential lack of transparency, but no other red flags are present.

📦 Package Quality Overall: Low (4.0/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

  • 1 test file(s) detected (e.g. test_runner.py)
◈ Medium Documentation 5.0

Some documentation present

  • Detailed PyPI description (3798 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
◈ Medium Type Annotations 5.0

Partial type annotation coverage

  • 57 type-annotated function signatures detected in source
○ Low Multiple Contributors 2.0

Single-author or unverifiable project

  • 1 unique contributor(s) across 18 commits in prathik-arun/deadcode-archaeologist
  • Single author with few commits — possibly a personal or throwaway project

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution score 10.0

Found 6 shell execution pattern(s)

  • s(project_path): result = subprocess.run(["git", "status", "--porcelain"],
  • h(project_path): result = subprocess.run(["git", "rev-parse", "--abbrev-ref", "HEAD"],
  • et(project_path, branch): subprocess.run(["git", "checkout", "-f", branch], cwd=project_path, capture
  • ath, capture_output=True) subprocess.run(["git", "branch", "-D", branch], cwd=project_path, capture_o
  • tuple[int, str]: result = subprocess.run(cmd, cwd=cwd, capture_output=True, text=True) return res
  • 0) try: result = subprocess.run( cmd, cwd=project_path,
Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

Email domain looks legitimate: example.com>

Suspicious Page Links

All external links appear legitimate

Git Repository History

Repository prathik-arun/deadcode-archaeologist appears legitimate

Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with archaeologist 
Create a code maintenance tool named 'CodeCleaner' using the Python package 'archaeologist'. This tool aims to streamline the process of identifying and removing dead code from projects written in any of the nine supported languages by 'archaeologist'. The application should integrate seamlessly with Git repositories, leveraging its intelligence to suggest deletions and even automatically generate Pull Requests (PRs) for review before making changes.

Step 1: Define the scope of 'CodeCleaner', including which languages it will support and how it interacts with Git repositories.
Step 2: Implement a user-friendly interface for interacting with 'CodeCleaner', allowing users to specify their repository URL, branch, and commit range.
Step 3: Integrate the 'archaeologist' package to scan the specified repository for dead code. Display a summary of findings, including lines of code that are not referenced.
Step 4: Allow users to manually select which identified dead code segments they wish to delete. Provide options for automatic deletion based on certain criteria, such as age of the code segment or lack of recent modifications.
Step 5: If automatic deletion is chosen, use 'archaeologist' to generate a Pull Request containing the proposed deletions. Ensure these PRs include comments explaining why each deletion was suggested.
Step 6: Implement a feature that allows users to review and confirm deletions before finalizing the changes. This ensures that no critical code is mistakenly removed.

Suggested Features:
- Integration with popular CI/CD pipelines for automated dead code detection during builds.
- A history log of all deletions made by 'CodeCleaner', along with reasons for deletion.
- Customizable settings for users to adjust the sensitivity of dead code detection.
- Support for multiple Git providers (GitHub, GitLab, Bitbucket).

Utilize the 'archaeologist' package's core functionalities to enhance the efficiency and accuracy of your 'CodeCleaner' application, ensuring that it becomes an indispensable tool for maintaining clean, efficient codebases.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!