Package Metadata

Author: —
Email: Jerome Guibert <[email protected]>
PyPI: aws_terraform_registry
Python: <4,>=3.11
Versions: 9 releases
First release: 23 Jun 2023, 22:27 UTC
Analysed: 08 Jun 2026, 14:04 UTC
Source files: 21 .py files scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableIntended Audience :: DevelopersNatural Language :: EnglishProgramming Language :: PythonProgramming Language :: Python :: 3Programming Language :: Python :: 3.11Programming Language :: Python :: 3.12Programming Language :: Python :: 3.13Topic :: Software Development :: Libraries :: Python ModulesTyping :: Typed

🤖 AI Analysis

Final verdict: SAFE

The package is primarily interacting with expected AWS services without significant risks. The low scores across all categories indicate minimal potential for malicious activity.

No shell execution detected
Low credential risk
Expected network calls to S3

Per-check LLM notes

Network: The detected network call pattern suggests the package interacts with an S3 bucket, which is expected if it's related to AWS Terraform operations.
Shell: No shell execution patterns were detected.
Obfuscation: No obfuscation patterns detected.
Credentials: The code is likely retrieving AWS environment variables for configuration purposes rather than harvesting secrets.
Metadata: The maintainer has a new or inactive account and lacks a proper author name, which raises some suspicion but not enough to conclude malice.

📦 Package Quality Overall: Medium (6.6/10)

✦ High Test Suite 9.0

Test suite present — 8 test file(s) found

Test runner config found: pyproject.toml
Test runner config found: conftest.py
8 test file(s) detected (e.g. __init__.py)

◈ Medium Documentation 7.0

Some documentation present

Documentation URL: "documentation" -> https://geronimo-iia.github.io/terraform-aws-tf-registry-cli
Detailed PyPI description (7639 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 7.0

Partial type annotation coverage

Classifier: Typing :: Typed
22 type-annotated function signatures detected in source

◈ Medium Multiple Contributors 6.0

Limited contributor diversity

2 unique contributor(s) across 100 commits in geronimo-iia/terraform-aws-tf-registry-cli
Two distinct contributors found

🔬 Heuristic Checks

⚠ Outbound Network Calls score 1.5

Found 1 network call pattern(s)

r, s3_key: str): opener = urllib.request.build_opener() archive_file = Path.cwd() / BUCKET_FILE_N

✓ Code Obfuscation

No obfuscation patterns detected

✓ Shell / Subprocess Execution

No shell execution patterns detected

⚠ Credential Harvesting score 10.0

Found 6 credential access pattern(s)

RuntimeError: return os.environ.get("AWS_REGION", "eu-west-1") from logging import getLogger from .
amoDB client.""" region = os.environ.get("AWS_REGION") or os.environ.get("AWS_DEFAULT_REGION") return
.environ.get("AWS_REGION") or os.environ.get("AWS_DEFAULT_REGION") return client("dynamodb", region_name=r
ed S3 client.""" region = os.environ.get("AWS_REGION") or os.environ.get("AWS_DEFAULT_REGION") return
.environ.get("AWS_REGION") or os.environ.get("AWS_DEFAULT_REGION") return client("s3", region_name=region)
nager client.""" region = os.environ.get("AWS_REGION") or os.environ.get("AWS_DEFAULT_REGION") return

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: gmail.com>

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository geronimo-iia/terraform-aws-tf-registry-cli appears legitimate

⚠ Maintainer History score 4.0

2 maintainer concern(s) found

Author name is missing or very short
Author "" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with aws_terraform_registry

Create a Python-based mini-application named 'TerraformModuleManager' that leverages the 'aws_terraform_registry' package to manage modules stored in an AWS Private Terraform Registry. This application should provide users with the ability to discover, install, and update Terraform modules from the registry. Additionally, it should support basic authentication for accessing the registry and logging of actions performed on the modules.

**Steps to Develop the Application:**
1. **Setup Environment**: Begin by setting up a Python virtual environment and installing the necessary dependencies including 'aws_terraform_registry'. Ensure you have the required AWS credentials configured for access.
2. **Authentication Module**: Implement a module for handling user authentication to the AWS Private Terraform Registry. This includes reading AWS credentials from environment variables or a configuration file.
3. **Discovery Feature**: Develop a feature within the application that allows users to search for Terraform modules available in the registry based on keywords or specific attributes like author name.
4. **Installation Feature**: Create functionality that enables users to download and install selected Terraform modules into their local workspace. This process should include verifying the integrity of the downloaded files.
5. **Update Feature**: Add support for updating existing modules to their latest versions directly from the registry.
6. **Logging Mechanism**: Integrate a logging mechanism to record all actions performed through the application such as module installation, updates, and searches. Logs should be stored locally for auditing purposes.
7. **User Interface**: Design a simple command-line interface (CLI) for interacting with the application. The CLI should provide clear instructions and feedback to the user during each action.
8. **Testing**: Write unit tests to ensure each feature functions correctly under various scenarios, including edge cases like network failures or invalid input.
9. **Documentation**: Prepare comprehensive documentation for both end-users and developers, detailing how to use the application effectively and how to contribute to its development.

**Suggested Features**:
- Support for multiple AWS accounts by switching context within the application.
- Ability to filter search results by popularity or recent activity.
- Integration with CI/CD pipelines for automated module management.
- Enhanced security features such as role-based access control (RBAC).
- Support for offline mode where cached data can be used for quick lookups without internet access.

The 'aws_terraform_registry' package will be primarily utilized for interfacing with the AWS Private Terraform Registry API, handling authentication, and managing the lifecycle of Terraform modules. It simplifies interactions with the registry, allowing for efficient module discovery, retrieval, and versioning.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (6.6/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue