Package Metadata

Author: Microsoft Corporation
Email: [email protected]
PyPI: azure-mgmt-maintenance
Python: >=3.7
Versions: 10 releases
First release: 04 Dec 2019, 06:12 UTC
Analysed: 08 Jun 2026, 18:46 UTC
Source files: 29 .py files scanned

Project Links

Classifiers

Development Status :: 5 - Production/StableLicense :: OSI Approved :: MIT LicenseProgramming Language :: PythonProgramming Language :: Python :: 3Programming Language :: Python :: 3 :: OnlyProgramming Language :: Python :: 3.10Programming Language :: Python :: 3.11Programming Language :: Python :: 3.7Programming Language :: Python :: 3.8Programming Language :: Python :: 3.9

🤖 AI Analysis

Final verdict: SAFE

The package azure-mgmt-maintenance v2.1.0 from Microsoft Azure is deemed safe despite the use of eval(), as it includes a security bypass comment (nosec). There are no signs of network, shell, credential, or metadata risks.

Use of eval() with nosec
No network or shell execution detected
No credential harvesting patterns found

Per-check LLM notes

Network: No network calls detected, which is normal for a package that does not require external API interactions.
Shell: No shell execution patterns detected, which is expected for a legitimate Python package.
Obfuscation: The use of eval() function with no security bypass (nosec) suggests potential for code injection and obfuscation.
Credentials: No patterns indicative of credential harvesting were found.
Metadata: The author has only one package on PyPI, which may indicate a new or less active account, but no other red flags are present.

📦 Package Quality Overall: Medium (5.4/10)

○ Low Test Suite 1.0

No test suite detected

No test files or test-runner configuration detected

◈ Medium Documentation 5.0

Some documentation present

Detailed PyPI description (6564 chars)

○ Low Contributing Guide 4.0

No contributing guide or governance files found

Development Status classifier >= Beta

◈ Medium Type Annotations 7.0

Partial type annotation coverage

Type checker (mypy / pyright / pytype) referenced in project
65 type-annotated function signatures detected in source

✦ High Multiple Contributors 10.0

Active multi-contributor project

35 unique contributor(s) across 100 commits in Azure/azure-sdk-for-python
Active community — 5 or more distinct contributors

🔬 Heuristic Checks

✓ Outbound Network Calls

No suspicious network call patterns found

⚠ Code Obfuscation score 8.0

Found 4 obfuscation pattern(s)

_unicode(data) return eval(data_type)(data) # nosec @classmethod def serializ
_unicode(attr) return eval(data_type)(attr) # nosec @staticmethod def deseria
__path__ = __import__("pkgutil").extend_path(__path__, __name__) __path__ = __import__("pkg
path__, __name__) __path__ = __import__("pkgutil").extend_path(__path__, __name__) # coding=utf-8 # ---------

✓ Shell / Subprocess Execution

No shell execution patterns detected

✓ Credential Harvesting

No credential harvesting patterns detected

✓ Typosquatting

No typosquatting candidates detected

✓ Registered Email Domain

Email domain looks legitimate: microsoft.com

✓ Suspicious Page Links

All external links appear legitimate

✓ Git Repository History

Repository Azure/azure-sdk-for-python appears legitimate

⚠ Maintainer History score 2.0

1 maintainer concern(s) found

Author "Microsoft Corporation" appears to have only 1 package on PyPI (new or inactive account)

✓ Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with azure-mgmt-maintenance

Create a Python-based command-line tool that leverages the 'azure-mgmt-maintenance' library to manage maintenance scopes and schedules within Azure. This tool should allow users to perform the following operations:

1. List all available maintenance scopes in a given Azure subscription.
2. Create new maintenance scopes based on user-defined criteria such as resource ID, scope type, and tags.
3. Update existing maintenance scopes to modify their properties or associated resources.
4. Delete maintenance scopes when they are no longer needed.
5. Schedule maintenance activities for specific time periods, ensuring minimal impact on production workloads.
6. Retrieve details of scheduled maintenance activities, including start times, duration, and affected resources.
7. Cancel pending maintenance activities if necessary.

The tool should authenticate using Azure Active Directory credentials provided via environment variables or interactive login. It should also support configuration through a YAML file for ease of use and automation.

Incorporate error handling and logging mechanisms to ensure robustness and provide meaningful feedback to the user. Additionally, include documentation and examples in the form of Jupyter notebooks or README files to facilitate easy adoption by other developers.

💬 Discussion Feed

No discussion yet. Be the first to share your thoughts!

🤖 AI Analysis

📦 Package Quality Overall: Medium (5.4/10)

🔬 Heuristic Checks

💡 AI App Starter Prompt

💬 Discussion Feed

Leave a comment

Report Abuse / Security Issue