Package Metadata

Author: —
Email: Liv Stark <[email protected]>
PyPI: auditry
Python: >=3.9
Versions: 14 releases
First release: 28 Oct 2025, 16:41 UTC
Analysed: 07 Jun 2026, 21:45 UTC
Source files: 23 .py files scanned

Project Links

Classifiers

Development Status :: 4 - BetaFramework :: AsyncIOFramework :: FastAPIIntended Audience :: DevelopersProgramming Language :: Python :: 3Programming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.9Topic :: Software Development :: Libraries :: Python Modules

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package shows minimal risks in terms of network, shell execution, obfuscation, and credential handling. However, the metadata risk score is moderately high due to the lack of detailed maintainer information, suggesting potential issues with the package's provenance.

Metadata risk due to missing or short maintainer name
Maintainer appears to be new or inactive

Per-check LLM notes

Network: No network calls detected, which is normal unless the package requires external services.
Shell: No shell execution patterns detected, indicating no immediate signs of malicious shell command execution.
Obfuscation: No obfuscation patterns detected, indicating low risk of malicious intent.
Credentials: No credential harvesting patterns detected, indicating safe handling of secrets and credentials.
Metadata: The maintainer's author name is missing or very short and appears to be new or inactive, which raises some concerns.

📦 Package Quality Overall: Medium (6.2/10)

✦ High Test Suite 9.0

Test suite present — 6 test file(s) found

6 test file(s) detected (e.g. test_fastapi_middleware.py)

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (14249 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 5.0

Partial type annotation coverage

65 type-annotated function signatures detected in source

✦ High Multiple Contributors 8.0

Active multi-contributor project

4 unique contributor(s) across 30 commits in lst4rk/auditry
Small but multi-author team (3–4 contributors)

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository lst4rk/auditry appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with auditry

Create a mini-application using Python and the 'auditry' package to demonstrate observability middleware capabilities for FastAPI. Your application will be a simple book management system where users can add, update, delete, and retrieve books. The application should leverage the 'auditry' package to log all incoming requests and their responses, generate unique request IDs for each operation, and ensure that any sensitive data (such as passwords or credit card numbers) is redacted from logs.

Steps to create the application:
1. Set up a new FastAPI project and install the necessary dependencies including 'auditry', 'fastapi', 'uvicorn', and 'sqlalchemy'.
2. Define a model for the Book entity using SQLAlchemy ORM, which includes fields like title, author, publication_date, and price.
3. Create a database connection and configure SQLAlchemy to interact with your chosen database (SQLite, PostgreSQL, etc.).
4. Implement CRUD operations for the Book model within your FastAPI application. Each endpoint should use the 'auditry' package to log the request details and response status.
5. Ensure that the 'auditry' package is properly configured to generate unique request IDs for every API call. This ID should be visible in both request and response logs.
6. Introduce a field in the Book model for storing user passwords. Configure 'auditry' to automatically redact this field from logs whenever it appears in a request or response payload.
7. Test the application thoroughly to verify that all CRUD operations work as expected, and that the 'auditry' package correctly handles logging, request IDs, and data redaction.
8. Document your setup process, including dependency installation, database configuration, and 'auditry' integration. Provide instructions on how to run the application locally using Uvicorn.

Suggested Features:
- Add support for pagination when listing books.
- Implement rate limiting on the API endpoints to prevent abuse.
- Extend the application to include user authentication and authorization using FastAPI's built-in security features. Ensure that sensitive information in JWT tokens is redacted from logs.
- Integrate with an external logging service (e.g., Loggly, Papertrail) to send audit logs to a centralized location.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (6.2/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue