{"id":23892200,"url":"https://github.com/wapiti08/osptrack","last_synced_at":"2026-02-12T08:04:03.188Z","repository":{"id":263994878,"uuid":"677001279","full_name":"Wapiti08/OSPTrack","owner":"Wapiti08","description":"labelled dataset for simulated package execution with package-analysis","archived":false,"fork":false,"pushed_at":"2025-01-15T14:59:59.000Z","size":21008,"stargazers_count":2,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-15T03:46:11.810Z","etag":null,"topics":["dataset","dynamic-features","open-source","supply-chain-security"],"latest_commit_sha":null,"homepage":"","language":"Jupyter Notebook","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Wapiti08.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":"CITATION.cff","codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2023-08-10T14:01:48.000Z","updated_at":"2025-02-18T02:31:16.000Z","dependencies_parsed_at":"2024-11-21T12:36:39.458Z","dependency_job_id":"55f279a2-f477-4f3f-b78a-a203198ea42b","html_url":"https://github.com/Wapiti08/OSPTrack","commit_stats":null,"previous_names":["wapiti08/osptrack"],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Wapiti08%2FOSPTrack","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Wapiti08%2FOSPTrack/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Wapiti08%2FOSPTrack/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Wapiti08%2FOSPTrack/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Wapiti08","download_url":"https://codeload.github.com/Wapiti08/OSPTrack/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":249003939,"owners_count":21196794,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dataset","dynamic-features","open-source","supply-chain-security"],"created_at":"2025-01-04T13:39:36.846Z","updated_at":"2026-02-12T08:03:58.169Z","avatar_url":"https://github.com/Wapiti08.png","language":"Jupyter Notebook","funding_links":[],"categories":[],"sub_categories":[],"readme":"# OSPTrack\nlabelled dataset for simulated package execution with package-analysis\n\n**This work has been accepted at MSR 2025 Data and Tool Showcase Track, will present on 28th, April, 2025**\n\n![Python](https://img.shields.io/badge/Python3-3.10-brightgreen.svg) \n![License](https://img.shields.io/badge/license-MIT3.0-green.svg)\n![Testing Environment](https://img.shields.io/badge/Ubuntu-22.04.5-golden.svg)\n[![DOI](https://zenodo.org/badge/677001279.svg)](https://doi.org/10.5281/zenodo.14197321)\n\n\n## Structure (core)\n\n- ana:\n\n    - stastical analysis for [BKC Dataset](https://dasfreak.github.io/Backstabbers-Knife-Collection/) and also [malicious-packages](https://github.com/ossf/malicious-packages/tree/main/osv/malicious)\n\n    - the code to extract metrics.csv and iocs.csv files\n    \n    - label distribution analysis for labeled dataset\n\n- data:\n\n    - collection from BKC and also malicious-packages\n\n    - places to save bkc_mal.csv and pkg_mal.csv\n\n    - places to save extracted data also final labeled dataset\n\n- data_create:\n\n    - code to query BigQuery\n\n    - code to run simulation\n\n- ext:\n\n    - code to parse reports (json and csv) \n    \n    - code to extract features and generate final dataset\n\n- run_analysis.sh:\n\n    custom shell script to run package-analysis to save results locally and avoid repetitions\n\n\n## Preparation (Environment Setting Up)\n\n- For BigQuqry:\n```\n# download bigquery key from google cloud\n# activate the key\nexport GOOGLE_APPLICATION_CREDENTIALS=\"path/to/your/service-account-file.json\"\n# the key needs to be loaded when querying BigQuery\n\n```\n\n- For running [Package-Analysis](https://github.com/ossf/package-analysis) (only feasible on Ubuntu)\n\n```\n# git download\nsudo apt-get install git\n# docker\nsudo apt-get install -y docker.io\n# start the docker service\nsudo systemctl start docker\n# golang download\nsudo apt-get install golang\n\n# direct running --- check whether this tool works locally\n# how to run local instance\n## local instance\nscripts/run_analysis.sh -ecosystem pypi -package test -local /path/to/test.whl\n## live instance\nscripts/run_analysis.sh -ecosystem pypi -package Django -version 4.1.3\n\n\n## after successfully running one instance\n## replace the run_analysis.sh with the one provided in this resp --- give 755 \n```\n\n\n## Running Instructions\n\n```\n# virtual environment setting up\neval \"$(pyenv init -)\"\neval \"$(pyenv virtualenv-init -)\"\n\n## query data from BigQuery\npython3 data_bigquery.py\n\n# run simulation by calling package-analysis\nsudo python3 simu_run.py\n\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwapiti08%2Fosptrack","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwapiti08%2Fosptrack","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwapiti08%2Fosptrack/lists"}