arches

v8.1.2 suspicious
4.0
Medium Risk

Arches is an open-source, web-based, geospatial information system for cultural heritage inventory and management.

⚠ Tarball exceeded 25 MB — source code analysis was limited to package metadata only.

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package has low individual risk scores across various categories, but the metadata risk score of 3 out of 10 due to non-HTTPS links and a single package from a potentially new or inactive author raises suspicion.

  • Non-HTTPS links in metadata
  • Single package from possibly new or inactive author
Per-check LLM notes
  • Network: No network calls detected, which is normal unless the package requires network interactions for its functionality.
  • Shell: No shell execution patterns detected, indicating no immediate signs of executing system commands.
  • Obfuscation: No obfuscation patterns detected, suggesting low risk of malicious intent.
  • Credentials: No credential harvesting patterns detected, indicating safe handling of secrets.
  • Metadata: The presence of non-HTTPS links and a single package from a new or inactive author account raise some concerns, but no clear indicators of malicious intent.

📦 Package Quality Overall: Low (4.2/10)

○ Low Test Suite 1.0

No test suite detected

  • No test files or test-runner configuration detected
◈ Medium Documentation 7.0

Some documentation present

  • Documentation URL: "Documentation" -> https://arches.readthedocs.io
  • Detailed PyPI description (3708 chars)
○ Low Contributing Guide 2.0

No contributing guide or governance files found

  • No CONTRIBUTING, CODE_OF_CONDUCT, or governance files found
○ Low Type Annotations 1.0

No type annotations detected

  • No type annotations, py.typed marker, or stub files detected
✦ High Multiple Contributors 10.0

Active multi-contributor project

  • 13 unique contributor(s) across 100 commits in archesproject/arches
  • Active community — 5 or more distinct contributors

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation

No obfuscation patterns detected

Shell / Subprocess Execution

No shell execution patterns detected

Credential Harvesting

No credential harvesting patterns detected

Typosquatting

No typosquatting candidates detected

Registered Email Domain

No author email provided

Suspicious Page Links score 4.0

Found 2 suspicious link(s) on the package page

  • Non-HTTPS external link: http://archesproject.org/
  • Non-HTTPS external link: http://polite.technology/reportabug.html
Git Repository History

Repository archesproject/arches appears legitimate

Maintainer History score 2.0

1 maintainer concern(s) found

  • Author "Arches Project" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with arches 
Your task is to develop a mini-application that leverages the Arches package to manage and visualize cultural heritage sites within a specific region. This application will serve as a simplified version of a Cultural Heritage Inventory Management System. The goal is to allow users to input, edit, and query data about historical sites, as well as visualize these sites on a map. Here are the key features and steps to follow:

1. **Setup Environment**: Begin by setting up your development environment. Install Python and ensure you have access to the Arches package. Use Docker to set up the Arches environment if necessary.

2. **Database Configuration**: Configure the database to store information about cultural heritage sites. Each site should include fields such as name, location coordinates, historical significance, condition, and images.

3. **User Interface**: Develop a simple user interface using HTML, CSS, and JavaScript to interact with the backend API provided by Arches. Ensure the UI allows users to add new sites, update existing ones, and search for sites based on various criteria.

4. **Geospatial Visualization**: Integrate a map into the application using a library like Leaflet.js. Sites should be displayed as markers on the map, and users should be able to click on a marker to see more details about the site.

5. **Data Import/Export**: Implement functionality to import and export site data in CSV format. This will allow users to upload data from external sources and also download their records for backup purposes.

6. **Security Measures**: Ensure that the application has basic security measures in place, such as user authentication and authorization to prevent unauthorized access to sensitive information.

7. **Testing and Documentation**: Conduct thorough testing of all functionalities and document the setup process, usage instructions, and any limitations of the application.

By utilizing the Arches package, you will be able to leverage its powerful geospatial capabilities and data management features to create a robust application for managing cultural heritage sites. Your final deliverable should include a fully functional web application, along with documentation detailing how it was built and how to use it.

💬 Discussion Feed

Leave a comment

No discussion yet. Be the first to share your thoughts!