Security News
Research
Data Theft Repackaged: A Case Study in Malicious Wrapper Packages on npm
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Cardsort helps UX researchers quickly analyse data from open card sorting exercises using hierarchical cluster analysis. This task helps to understand how people organize information, and is frequently used to develop information architectures for websites. Click here to learn more about the card sorting method.
More precisely, cardsort helps you to:
$ pip install cardsort
cardsort
can be used to create dendrograms and extract user-generated category-labels:
from cardsort import analysis
import pandas as pd
path = "example-data.csv" # data with columns: card_id, card_label, category_id, category_label, user_id
df = pd.read_csv(path)
The data used in this example can be found under /docs/example-data.csv.
Create a dendrogram that summarizes user-generated clusters
analysis.create_dendrogram(df)
Output
Learn which category labels users gave to clusters
cards = ['Banana', 'Apple']
analysis.get_cluster_labels(df, cards)
Output
user_id cluster_label cards
0 2 Healthy snacks [Banana, Apple]
1 3 Snacks [Sandwich, Croissant, Banana, Mooncake, Apple]
2 4 Fruits [Apple, Banana]
3 5 Food [Banana, Croissant, Apple, Sandwich, Hot Dog, ...
Interpretation: In this case, the users with IDs 2 and 4 made clusters containing exactly the two cards of interest ('Banana' and 'Apple', as specified in the input variable 'cards'). User 2 labelled this cluster 'Healthy snacks', and user 4 'Fruits'. Users 3 and 5 also clustered these cards together, but they included additional other cards in the same cluster, and labelled the cluster 'Snacks' or 'Food'. User 1 does not appear in the output, because they did not cluster the cards together.
card_id, card_label, category_id, category_label, user_id
See documentation
cardsort
is licensed under the of the MIT license.
Interested in contributing? Check out the contributing guidelines. Please note that this project is released with a Code of Conduct. By contributing to this project, you agree to abide by its terms.
If you want to cite cardsort, please use the following DOI:
cardsort
was created with cookiecutter
and the py-pkgs-cookiecutter
template.
Thanks goes to these wonderful people (emoji key):
Katharina Kloppenborg 💻 🤔 📖 🎨 📆 🔬 | Bastian Greshake Tzovaras 🔍 💻 🤔 🧑🏫 | Alex Batisse 👀 🤔 | Semidán Robaina 👀 🤔 | khynder 👀 🤔 |
This project follows the all-contributors specification. Contributions of any kind welcome!
FAQs
Analyse data from open card sorting
We found that cardsort demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.