Package Metadata

Author: —
Email: Fritz Davenport <[email protected]>, CETA Team <[email protected]>, Astronomer <[email protected]>
PyPI: astronomer-starship
Python: >=3.6
Versions: 52 releases
First release: 28 Sept 2022, 19:34 UTC
Analysed: 07 Jun 2026, 16:35 UTC
Source files: 18 .py files scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableFramework :: Apache AirflowIntended Audience :: DevelopersProgramming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.6Programming Language :: Python :: 3.7Programming Language :: Python :: 3.8Programming Language :: Python :: 3.9

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits moderate risks due to potential code obfuscation and the use of pickle for deserialization, despite no clear signs of malicious intent or credential harvesting.

High obfuscation risk due to base64 decoding and pickle loading
Inactive author with missing metadata

Per-check LLM notes

Network: The use of unverified HTTPS connections can pose a risk, but the PUT request to a presigned URL might be legitimate for certain applications like file uploads.
Shell: No shell execution patterns were detected.
Obfuscation: The presence of base64 decoding and pickle loading suggests potential for obfuscating code or hiding sensitive information.
Credentials: No clear evidence of credential harvesting is present, but the use of pickle could pose a risk if untrusted data is deserialized.
Metadata: The author's name is missing and the author seems to be inactive, which raises some suspicion but not enough to conclusively determine malice.

📦 Package Quality Overall: Medium (6.0/10)

◈ Medium Test Suite 6.0

Partial test coverage signals detected

Test runner config found: pyproject.toml

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (1607 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

81 type-annotated function signatures detected in source

✦ High Multiple Contributors 10.0

Active multi-contributor project

9 unique contributor(s) across 100 commits in astronomer/starship
Active community — 5 or more distinct contributors

🔬 Heuristic Checks

⚠ Outbound Network Calls score 3.0

Found 2 network call pattern(s)

try: upload = requests.put( presigned_url, data=json.du
try: async with httpx.AsyncClient(verify=False, timeout=30.0) as client: # noqa: S501 # nose

⚠ Code Obfuscation score 6.0

Found 3 obfuscation pattern(s)

run_id, value=base64.b64decode(value), **kwargs, )
und_i != -1: output = base64.decodebytes("\n".join(log_lines[found_i:]).encode("utf-8")).decode("utf-
item["conf"] = pickle.loads(item["conf"]) return items except (Inval

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: astronomer.io>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository astronomer/starship appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with astronomer-starship

Create a Python-based mini-application that serves as a personal astrological migration tracker. This application will utilize the 'astronomer-starship' package to manage and track migrations within an Astro environment, allowing users to visualize and manage their Astro projects' evolution over time. Here are the key steps and features for your project:

1. **Project Setup**: Initialize a new Astro project and install the 'astronomer-starship' package. Ensure that the application is set up to integrate seamlessly with Astro.
2. **User Interface**: Develop a simple yet intuitive user interface where users can input details of their Astro projects and view migration history.
3. **Migration Tracking**: Implement functionality using 'astronomer-starship' to automatically track changes and migrations made within the Astro project. This includes logging dates, types of migrations, and any relevant comments or notes.
4. **Visualization**: Create visual representations of the project's migration timeline, allowing users to see at a glance how their Astro project has evolved over time. Use charts or graphs to illustrate this data.
5. **Backup and Restore**: Incorporate features that allow users to back up their migration logs and restore them if needed, ensuring data integrity and recoverability.
6. **Notifications**: Set up notifications for upcoming migrations or when a migration fails, helping users stay informed about the status of their Astro project.
7. **Security Measures**: Implement basic security measures such as user authentication and data encryption to protect sensitive information related to migrations.
8. **Documentation**: Provide comprehensive documentation on how to use the application, including setup instructions, usage examples, and troubleshooting tips.

Your task is to design and develop this application from scratch, making sure to leverage the 'astronomer-starship' package effectively to handle the core functionalities related to tracking and managing Astro migrations.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (6.0/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue