macaron.malware_analyzer.pypi_heuristics.metadata package
Submodules
macaron.malware_analyzer.pypi_heuristics.metadata.closer_release_join_date module
Analyzer checks whether the maintainers’ join date closer to latest package’s release date.
- class macaron.malware_analyzer.pypi_heuristics.metadata.closer_release_join_date.CloserReleaseJoinDateAnalyzer
Bases:
BaseHeuristicAnalyzer
Analyzer checks the heuristic.
If any maintainer’s date duration is larger than threshold, we consider it as “PASS”.
- __init__()
- analyze(pypi_package_json)
Check whether the maintainers’ join date closer to package’s latest release date.
- Parameters:
pypi_package_json (PyPIPackageJsonAsset) – The PyPI package JSON asset object.
- Returns:
The result and related information collected during the analysis.
- Return type:
tuple[HeuristicResult, dict[str, JsonType]]
macaron.malware_analyzer.pypi_heuristics.metadata.empty_project_link module
Analyzer checks there is no project link of the package.
- class macaron.malware_analyzer.pypi_heuristics.metadata.empty_project_link.EmptyProjectLinkAnalyzer
Bases:
BaseHeuristicAnalyzer
Analyzer checks heuristic.
- __init__()
- analyze(pypi_package_json)
Check whether the PyPI package has no project link.
- Parameters:
pypi_package_json (PyPIPackageJsonAsset) – The PyPI package JSON asset object.
- Returns:
The result and related information collected during the analysis.
- Return type:
tuple[HeuristicResult, dict[str, JsonType]]
macaron.malware_analyzer.pypi_heuristics.metadata.high_release_frequency module
Analyzer checks the frequent release heuristic.
- class macaron.malware_analyzer.pypi_heuristics.metadata.high_release_frequency.HighReleaseFrequencyAnalyzer
Bases:
BaseHeuristicAnalyzer
Analyzer checks heuristic.
- __init__()
- analyze(pypi_package_json)
Check whether the release frequency is high.
- Parameters:
pypi_package_json (PyPIPackageJsonAsset) – The PyPI package JSON asset object.
- Returns:
The result and related information collected during the analysis.
- Return type:
tuple[HeuristicResult, dict[str, JsonType]]
macaron.malware_analyzer.pypi_heuristics.metadata.one_release module
Analyzer checks the packages contain one release.
- class macaron.malware_analyzer.pypi_heuristics.metadata.one_release.OneReleaseAnalyzer
Bases:
BaseHeuristicAnalyzer
Analyzer checks heuristic.
- __init__()
- analyze(pypi_package_json)
Check the releases’ total is one.
- Parameters:
pypi_package_json (PyPIPackageJsonAsset) – The PyPI package JSON asset object.
- Returns:
The result and related information collected during the analysis.
- Return type:
tuple[HeuristicResult, dict[str, JsonType]]
macaron.malware_analyzer.pypi_heuristics.metadata.unchanged_release module
Heuristics analyzer to check unchanged content in multiple releases.
- class macaron.malware_analyzer.pypi_heuristics.metadata.unchanged_release.UnchangedReleaseAnalyzer
Bases:
BaseHeuristicAnalyzer
Analyze whether the content of the package is updated by the maintainer.
- __init__()
- analyze(pypi_package_json)
Check the content of releases keep updating.
- Parameters:
pypi_package_json (PyPIPackageJsonAsset) – The PyPI package JSON asset object.
- Returns:
The result and related information collected during the analysis.
- Return type:
tuple[HeuristicResult, dict[str, JsonType]]
macaron.malware_analyzer.pypi_heuristics.metadata.unreachable_project_links module
The heuristic analyzer to check the project links.
- class macaron.malware_analyzer.pypi_heuristics.metadata.unreachable_project_links.UnreachableProjectLinksAnalyzer
Bases:
BaseHeuristicAnalyzer
Analyze the accessibility of the project links.
If >= 1 project links are reachable, the analyzer consider the package as benign.
- __init__()
- analyze(pypi_package_json)
Analyze the package.
- Parameters:
pypi_package_json (PyPIPackageJsonAsset) – The PyPI package JSON asset object.
- Returns:
The result and related information collected during the analysis.
- Return type:
tuple[HeuristicResult, dict[str, JsonType]]